From d1e80761c48c86897d4d023488af3c81e2666f87 Mon Sep 17 00:00:00 2001
From: Alex Schultz <aschultz@redhat.com>
Date: Tue, 16 Jun 2020 14:47:26 -0600
Subject: [PATCH] Fix tripleo_hierdata permissions

Add become: true to the tasks that need to be able to write to /etc/

Change-Id: I24b118220ce2371f651cad6b8dfbbf5d031ee118
Related-Bug: #1883609
(cherry picked from commit c8d8e9adaf62f1b3e6a274fbb5ec17dae4dc8449)
---
 .../roles/tripleo-hieradata/tasks/ansible_hieradata.yml         | 1 +
 .../roles/tripleo-hieradata/tasks/hieradata_vars.yaml           | 2 ++
 tripleo_ansible/roles/tripleo-hieradata/tasks/main.yml          | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/tripleo_ansible/roles/tripleo-hieradata/tasks/ansible_hieradata.yml b/tripleo_ansible/roles/tripleo-hieradata/tasks/ansible_hieradata.yml
index 90d7de53a..5e65875e3 100644
--- a/tripleo_ansible/roles/tripleo-hieradata/tasks/ansible_hieradata.yml
+++ b/tripleo_ansible/roles/tripleo-hieradata/tasks/ansible_hieradata.yml
@@ -1,5 +1,6 @@
 ---
 - name: Check for hieradata file
+  become: true
   stat:
     path:
       src: "{{ hieradata_ansible_file }}"
diff --git a/tripleo_ansible/roles/tripleo-hieradata/tasks/hieradata_vars.yaml b/tripleo_ansible/roles/tripleo-hieradata/tasks/hieradata_vars.yaml
index 88acdd78e..0e086b973 100644
--- a/tripleo_ansible/roles/tripleo-hieradata/tasks/hieradata_vars.yaml
+++ b/tripleo_ansible/roles/tripleo-hieradata/tasks/hieradata_vars.yaml
@@ -15,11 +15,13 @@
 # under the License.
 
 - name: Copy overcloud.json to all_nodes.json
+  become: true
   copy:
     src: "{{ playbook_dir }}/group_vars/overcloud.json"
     dest: "{{ dest_path | default('/etc/puppet/hieradata/all_nodes.json') }}"
 
 - name: Render hieradata from template
+  become: true
   template:
     src: templates/{{ item }}.j2
     dest: "{{ dest_path | default('/etc/puppet/hieradata/' ~ item ~ '.json') }}"
diff --git a/tripleo_ansible/roles/tripleo-hieradata/tasks/main.yml b/tripleo_ansible/roles/tripleo-hieradata/tasks/main.yml
index 651ad8b79..ae250763e 100644
--- a/tripleo_ansible/roles/tripleo-hieradata/tasks/main.yml
+++ b/tripleo_ansible/roles/tripleo-hieradata/tasks/main.yml
@@ -15,12 +15,14 @@
 # under the License.
 
 - name: Create /etc/puppet/hieradata
+  become: true
   file:
     path: /etc/puppet/hieradata
     state: directory
     mode: 0700
 
 - name: Write hiera config
+  become: true
   when:
     - (hieradata_files | length) > 0
   copy: