--- # Copyright 2019 Red Hat, Inc. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. - name: Rotate passwords connection: "{{ (tripleo_target_host is defined) | ternary('ssh', 'local') }}" hosts: "{{ tripleo_target_host | default('undercloud') }}" remote_user: "{{ tripleo_target_user | default(lookup('env', 'USER')) }}" gather_facts: "{{ (tripleo_target_host is defined) | ternary(true, false) }}" any_errors_fatal: true vars: stack: overcloud password_list: [] hide_sensitive_logs: true tasks: - name: Set passwords_environment_path set_fact: passwords_environment_path: "{{ lookup('env', 'HOME')~'/rotated_passwords.yaml'}}" when: passwords_environment_path is not defined - name: Rotate passwords tripleo_passwords_rotate: container: "{{ container }}" password_list: "{{ password_list }}" no_log: "{{ hide_sensitive_logs | bool }}" register: rotated_passwords_result - name: Write password file no_log: "{{ hide_sensitive_logs | bool }}" block: - name: Create password parameter fact set_fact: passwords_params_env: "{{ {'parameter_defaults': (rotated_passwords_result['passwords'] | default({}))} }}" - name: Write password environment file copy: dest: "{{ passwords_environment_path }}" content: "{{ passwords_params_env | to_nice_yaml(indent=2) }}" when: - passwords_environment_path is defined - rotated_passwords_result is defined tags: - rotate-passwords