openstack/tripleo-ansible
Code Issues Proposed changes
a930407217
tripleo-ansible/tripleo_ansible/playbooks/cli-update-deployment-plan.yaml
Kevin Carter 65e6e5b035 Ensure that the playbooks and roles can display debug data when enabled 
This change will enable or disable no_log and debug options whenever the
verbosity is set to an integer greater than 2. This will ensure operators and
deployers are best equipped to troubleshoot issues by dynamically providing
additional data in an expected way. To ensure we're able to differentiate
between output masking and security masking, two options were used to enable or
disable no_log across our roles and playbooks.

> All debug options, without security implications, will now react to the
  `ansible_verbosity` built in by default. Changes have been made to our
  skeleton role to ensure this is enforced on all new roles created going
  forward.

> An additional prefixed role option, `*_hide_sensitive_logs`, has been added to
  allow operators to easily toggle sensitive output when required. The role
  prefixed variables will respond to the global option `hide_sensitive_logs` as
  defined in THT which will ensure a consistent user experience.

Depends-On: I84f3982811ade59bac5ebaf3a124f9bfa6fa22a4
Change-Id: Ia6658110326899107a0e277f0d2574c79a8a820b
Signed-off-by: Kevin Carter <kecarter@redhat.com>
2020-05-23 15:04:10 +00:00

100 lines
3.2 KiB
YAML
Raw Blame History

---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Update Deployment Plan
connection: "{{ (tripleo_target_host is defined) | ternary('ssh', 'local') }}"
hosts: "{{ tripleo_target_host | default('localhost') }}"
remote_user: "{{ tripleo_target_user | default(lookup('env', 'USER')) }}"
gather_facts: "{{ (tripleo_target_host is defined) | ternary(true, false) }}"
any_errors_fatal: true
vars:
container: overcloud
source_url: null
generate_passwords: true
reset_passwords: false
validate_stack: true
hide_sensitive_logs: true
handlers:
- name: Cleanup temp directory
file:
path: "{{ temp_dir.path }}"
state: absent
when: temp_dir is defined
tasks:
- name: Clone repo and upload templates
block:
- name: Create temp directory
tempfile:
state: directory
suffix: "{{ '_' + container + '_import' }}"
register: temp_dir
notify:
- "Cleanup temp directory"
when: source_url is not none
- name: Git clone remote url
git:
repo: "{{ source_url }}"
dest: "{{ temp_dir }}"
when: source_url is not none
- name: Upload templates
tripleo_templates_upload:
container: "{{ container }}"
templates_dir: "{{ temp_dir.path }}"
when: source_url is not none
when: source_url is not none
- name: Generate passwords if does not exist and update plan
tripleo_passwords_rotate:
container: "{{ container }}"
rotate_passwords: "{{ reset_passwords }}"
when:
- (generate_passwords | bool) or (reset_passwords | bool)
no_log: "{{ hide_sensitive_logs | bool }}"
- name: Prepare Container images and update plan
tripleo_image_params_prepare:
container: "{{ container }}"
with_roledata: false
- name: Get backup tempurl for GET
tripleo_swift_tempurl:
container: "{{container + '-swift-rings' }}"
object: "swift-rings.tar.gz"
method: GET
register: backup_get_tempurl
- name: Get backup tempurl for POST
tripleo_swift_tempurl:
container: "{{container + '-swift-rings' }}"
object: "swift-rings.tar.gz"
method: PUT
register: backup_put_tempurl
- name: Update plan with root stack and backup tempurl parameters
tripleo_plan_parameters_update:
container: "{{ container }}"
parameters:
RootStackName: "{{ container }}"
SwiftRingGetTempurl: "{{ backup_get_tempurl.tempurl }}"
SwiftRingPutTempurl: "{{ backup_put_tempurl.tempurl }}"
parameter_key: parameter_defaults
validate: false
View Git Blame Copy Permalink