openstack/tripleo-ansible
Code Issues Proposed changes
197ea933c4
tripleo-ansible/tripleo_ansible/roles/tripleo_puppet_cache/tasks/main.yml
Kevin Carter 65e6e5b035 Ensure that the playbooks and roles can display debug data when enabled 
This change will enable or disable no_log and debug options whenever the
verbosity is set to an integer greater than 2. This will ensure operators and
deployers are best equipped to troubleshoot issues by dynamically providing
additional data in an expected way. To ensure we're able to differentiate
between output masking and security masking, two options were used to enable or
disable no_log across our roles and playbooks.

> All debug options, without security implications, will now react to the
  `ansible_verbosity` built in by default. Changes have been made to our
  skeleton role to ensure this is enforced on all new roles created going
  forward.

> An additional prefixed role option, `*_hide_sensitive_logs`, has been added to
  allow operators to easily toggle sensitive output when required. The role
  prefixed variables will respond to the global option `hide_sensitive_logs` as
  defined in THT which will ensure a consistent user experience.

Depends-On: I84f3982811ade59bac5ebaf3a124f9bfa6fa22a4
Change-Id: Ia6658110326899107a0e277f0d2574c79a8a820b
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2020-05-23 15:04:10 +00:00

103 lines
3.0 KiB
YAML
Raw Blame History

---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# "tripleo_puppet_cache" will search for and load any operating system variable file
# found within the "vars/" path. If no OS files are found the task will skip.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- skip: true
files:
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ ansible_distribution | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
- "{{ ansible_os_family | lower }}.yml"
tags:
- always
- name: Create puppet caching structures
become: true
check_mode: false
file:
path: "{{ tripleo_puppet_cache_base_dir }}"
state: directory
setype: svirt_sandbox_file_t
selevel: s0
recurse: true
- name: Check for facter.conf
check_mode: false
stat:
path: "{{ tripleo_puppet_cache_base_dir }}/facter.conf"
register: _facter_conf_file
# See LP#1852606 for context
- name: Remove facter.conf if directory
check_mode: false
become: true
file:
path: "{{ tripleo_puppet_cache_base_dir }}/facter.conf"
state: absent
force: true
when:
- _facter_conf_file.stat.isdir is defined
- _facter_conf_file.stat.isdir
- name: Write facter cache config
become: true
check_mode: false
copy:
dest: "{{ tripleo_puppet_cache_base_dir }}/facter.conf"
content: "{{ tripleo_puppet_cache_config }}"
setype: svirt_sandbox_file_t
selevel: s0
- name: Cleanup facter cache if exists
become: true
check_mode: false
file:
path: /opt/puppetlabs/facter
state: absent
- name: Pre-cache facts
become: true
check_mode: false
shell: facter --config "{{ tripleo_puppet_cache_base_dir }}/facter.conf"
retries: 5
delay: 5
no_log: "{{ tripleo_puppet_hide_sensitive_logs | bool }}"
failed_when: false
register: _facter_cache_run
- name: Failed deployment if facter fails
check_mode: false
fail:
msg: "{{ _facter_cache_run.stderr }}"
when: _facter_cache_run.rc != 0
- name: Sync cached facts
become: true
check_mode: false
synchronize:
src: "/opt/puppetlabs/"
dest: "{{ tripleo_puppet_cache_base_dir }}/"
delegate_to: "{{ inventory_hostname }}"
when: _facter_cache_run.rc == 0
View Git Blame Copy Permalink