Add ansible hieradata file

Currently there isn't a good way to pass dynamic information from
ansible to puppet to end up in the configuration. This change adds an
ansible_managed hierafile that can be updated via ansible to pass
dynamic variables into a future puppet execution.

An example playbook would be:

  - name: Set my data
    set_fact:
      my_data: foo
  - name: Add my_data to hieradata
    include_role:
      name: tripleo_hieradata
      tasks_from: ansible_hierdata.yml
    vars:
      hieradata_ansible_data:
        my_magical_var: "{{ my_data }}"

The puppet code that would be executed later would just be:

  class myclass(
    $my_data = lookup('my_magical_var', 'bar')
  ) {
    file { '/var/tmp/data':
      ensure  = present,
      content = $my_data
    }
  }

Change-Id: I52ba520dbdd97b25cb093f7e09609e6e1797e3a1
This commit is contained in:
Alex Schultz 2020-04-23 15:35:34 -06:00
parent 0b9c6839ad
commit f8f74e11ce
6 changed files with 453 additions and 0 deletions

View File

@ -56,3 +56,5 @@ hieradata_templates_list:
# loopback device the local address will be set to "localhost" otherwise
# the local address will be defined as "127.0.0.1".
hieradata_localhost_address: "{{ ('ipv6' in (ansible_lo | default({}))) | ternary('localhost', '127.0.0.1') }}"
# file included in hieradata hierarchy for ansible to pass data to puppet
hieradata_ansible_file: /etc/puppet/hieradata/ansible_managed.json

View File

@ -0,0 +1,37 @@
# Molecule managed
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

View File

@ -0,0 +1,89 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
pre_tasks:
- name: Create puppet hieradata directory
file:
path: /etc/puppet/hieradata
state: directory
tasks:
- name: Create ansible_managed.json
include_role:
name: tripleo_hieradata
tasks_from: ansible_hieradata.yml
- name: Check file exists
when:
- not ansible_check_mode|bool
block:
- name: Stat file
stat:
path: /etc/puppet/hieradata/ansible_managed.json
become: true
register: _managed_file
- name: Assert file exists
assert:
that:
- _managed_file.stat.exists
- name: Check file contents
when:
- not ansible_check_mode|bool
block:
- name: Get contents
slurp:
src: /etc/puppet/hieradata/ansible_managed.json
become: true
register: _managed_file
- name: Set contents fact
set_fact:
_data: "{{ _managed_file['content'] | b64decode }}"
- name: Assert file contents
assert:
that:
- _data == {}
- name: Configure data
include_role:
name: tripleo_hieradata
tasks_from: ansible_hieradata.yml
vars:
hieradata_ansible_data:
my_var: foo
- name: Check file contents
when:
- not ansible_check_mode|bool
block:
- name: Get contents
slurp:
src: /etc/puppet/hieradata/ansible_managed.json
become: true
register: _managed_file
- name: Set contents fact
set_fact:
_data: "{{ _managed_file['content'] | b64decode }}"
- name: Set expected
set_fact:
expected:
my_var: foo
- name: Assert file contents
assert:
that:
- _data == expected

View File

@ -0,0 +1,279 @@
---
driver:
name: docker
log: true
platforms:
- name: centos7
hostname: centos7
image: centos:7
dockerfile: Dockerfile
pkg_extras: python-setuptools
volumes:
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
easy_install:
- pip
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
- name: centos8
hostname: centos8
image: centos:8
dockerfile: Dockerfile
pkg_extras: python*-setuptools
volumes:
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
environment:
<<: *env
provisioner:
name: ansible
inventory:
hosts:
all:
vars:
all_nodes_extra_map_data: {}
cloud_domain: localdomain
cloud_names:
cloud_name_ctlplane: standalone.ctlplane.localdomain
container_cli: podman
control_virtual_ip: 192.168.24.1
ctlplane_ip: 192.168.24.2
ctlplane_subnet_cidr: 24
deploy_artifact_urls: ''
deploy_identifier: '1564455089'
deploy_steps_max: 6
enable_internal_tls: false
enabled_networks: []
enabled_services:
- keystone_admin_api
- keystone_public_api
- ca_certs
- ceph_client
- ceph_mds
- ceph_mgr
- ceph_mon
- ceph_rgw
- ceph_osd
- certmonger_user
- clustercheck
- container_image_prepare
- logrotate_crond
- docker
- docker_registry
- glance_api
- haproxy
- iscsid
- kernel
- keystone
- manila_api
- manila_backend_cephfs
- manila_scheduler
- manila_share
- memcached
- mysql
- mysql_client
- neutron_api
- neutron_plugin_ml2_ovn
- nova_api
- nova_compute
- nova_conductor
- nova_libvirt
- nova_metadata
- nova_migration_target
- nova_scheduler
- nova_vnc_proxy
- ovn_controller
- ovn_dbs
- ovn_metadata
- openstack_clients
- oslo_messaging_notify
- oslo_messaging_rpc
- pacemaker
- placement
- podman
- snmp
- sshd
- chrony
- timezone
- logrotate_tmpwatch
- tripleo_firewall
- tripleo_packages
- tuned
extraconfig:
foo: bar1
foo2: bar2
hosts_entry: '
192.168.24.1 standalone.localdomain standalone
192.168.24.1 standalone.ctlplane.localdomain standalone.ctlplane
'
net_vip_map:
ctlplane: 192.168.24.1
ctlplane_subnet: 192.168.24.1/24
ctlplane_uri: 192.168.24.1
redis: 192.168.24.1
ovn_dbs: 192.168.24.1
network_virtual_ips:
ctlplane:
index: 1
ip_address: 192.168.24.1
network_cidrs:
External_cidr: 192.168.24.2/24
networks: null
nova_additional_cell: false
ping_test_ips:
Standalone: 192.168.24.1
primary_role_name: Standalone
role_networks:
- Internal
service_configs:
foo: bar3
service_names:
- ca_certs
- ceph_client
- ceph_mds
- ceph_mgr
- ceph_mon
- ceph_rgw
- ceph_osd
- certmonger_user
- clustercheck
- container_image_prepare
- logrotate_crond
- docker
- docker_registry
- glance_api
- haproxy
- iscsid
- kernel
- keystone
- manila_api
- manila_backend_cephfs
- manila_scheduler
- manila_share
- memcached
- mysql
- mysql_client
- neutron_api
- neutron_plugin_ml2_ovn
- nova_api
- nova_compute
- nova_conductor
- nova_libvirt
- nova_metadata
- nova_migration_target
- nova_scheduler
- nova_vnc_proxy
- ovn_controller
- ovn_dbs
- ovn_metadata
- openstack_clients
- oslo_messaging_notify
- oslo_messaging_rpc
- pacemaker
- placement
- podman
- snmp
- sshd
- chrony
- timezone
- logrotate_tmpwatch
- tripleo_firewall
- tripleo_packages
- tuned
service_net_map:
aodh_api_network: ctlplane
apache_network: ctlplane
barbican_api_network: ctlplane
bindnetwork: ctlplane
ceph_cluster_network: ctlplane
ceph_grafana_network: ctlplane
ceph_mon_network: ctlplane
ceph_rgw_network: ctlplane
cinder_api_network: ctlplane
cinder_iscsi_network: ctlplane
designate_api_network: ctlplane
docker_registry_network: ctlplane
ec2_api_metadata_network: ctlplane
ec2_api_network: ctlplane
etcd_network: ctlplane
ganesha_network: ctlplane
glance_api_network: ctlplane
gnocchi_api_network: ctlplane
haproxy_network: ctlplane
heat_api_cfn_network: ctlplane
heat_api_cloudwatch_network: ctlplane
heat_api_network: ctlplane
horizon_network: ctlplane
ironic_api_network: ctlplane
ironic_inspector_network: ctlplane
ironic_network: ctlplane
keystone_admin_api_network: ctlplane
keystone_public_api_network: ctlplane
manila_api_network: ctlplane
memcached_network: ctlplane
metrics_qdr_network: ctlplane
mistral_api_network: ctlplane
mongodb_network: ctlplane
mysql_network: ctlplane
neutron_api_network: ctlplane
neutron_tenant_network: ctlplane
nova_api_network: ctlplane
nova_libvirt_network: ctlplane
nova_metadata_network: ctlplane
nova_vnc_proxy_network: ctlplane
novajoin_network: ctlplane
octavia_api_network: ctlplane
opendaylight_api_network: ctlplane
openshift_infra_network: ctlplane
openshift_master_network: ctlplane
oslo_messaging_notify_network: ctlplane
oslo_messaging_rpc_network: ctlplane
ovn_dbs_network: ctlplane
pacemaker_network: ctlplane
pacemaker_remote_network: ctlplane
panko_api_network: ctlplane
placement_network: ctlplane
public_network: ctlplane
qdr_network: ctlplane
rabbitmq_network: ctlplane
redis_network: ctlplane
sahara_api_network: ctlplane
snmpd_network: ctlplane
standalone_hostname_resolve_network: ctlplane
swift_proxy_network: ctlplane
swift_storage_network: ctlplane
tacker_api_network: ctlplane
zaqar_api_network: ctlplane
stack_action: CREATE
stack_update_type: ''
tripleo_role_name: Standalone
validate_controllers_icmp: true
validate_fqdn: false
validate_gateways_icmp: true
validate_ntp: true
Standalone:
hosts:
centos8: {}
centos7: {}
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- check
- verify
- destroy
verifier:
name: testinfra

View File

@ -0,0 +1,21 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
roles:
- role: test_deps

View File

@ -0,0 +1,25 @@
---
- name: Check for hieradata file
stat:
path:
src: "{{ hieradata_ansible_file }}"
register: _hiera_file
- block:
- name: Get existing data
slurp: "{{ hieradata_ansible_file }}"
register: _file_data
become: true
- name: Set data fact
set_fact:
heradata_content: "{{ _file_data['content'] | b64decode }}"
when:
- _hiera_file.stat is defined
- _hiera_file.stat.exists
- name: Write ansible hieradata file
copy:
dest: "{{ hieradata_ansible_file }}"
content: "{{ hieradata_content | default({}) | combine(hieradata_ansible_data | default({})) | to_json }}"
owner: root
group: root
mode: '0644'
become: true