This allow the master playbook used for update to set
tripleo_redhat_enforce to false on a per role basis on Red Hat
The default in defaults/main.yml is now "true" so that it keeps its
behavior of being run by default if nothing is changed in the role
We then avoid running it on other plateform than Red Hat by adding an
explicit test in that tasks/main.yml file.
Overall the behavior is as follows:
| Red Hat Env | tripleo_enforced | Test run |
| True | Unset | Yes |
| True | Set to true in role | Yes |
| True | Set to false in role | No |
| False | Doesn't matter | No |
OSP, the downstream version of tripleo have to enforce some policies
for rhel version and subscribed channel.
This module hosts hoses requirements, so that we prevent update to
wrong rhel release or subscription to wrong channels.
Currently it only implements a basic check to the subscribed rhel
This check has some fail-safe logic to avoid crashing the update on
temporary network issue when running subscription-manager.
We are avoiding the validation framework as this can be easily
disabled and we want this enforcement to be mandatory as this could
lead user to unsupported combination of OSP/RHEL.
For upstream that change is transparent as the tasks are skipped if
the ansible_distribution is not Red Hat.
For Red Hat, there will be a mechanism in THT to avoid the check
altogether, for instance for CI purposes.
For this first check (RHEL/OSP version), downstream patches will add
the required values in vars/redhat.yml.