openstack/tripleo-common
Code Issues Proposed changes
Files
4490cc5a643471b3e7bf739412662bc209fb3124
tripleo-common/workbooks/fernet-key-rotate.yaml
T
Rabi Mishra b7f06883f4 Fix rotate_fernet_keys workflow to not use heat deployment 
We've disabled os-collect-config after config-download became
the default from rocky. However, this workflow is currently using
heat software deployment for deploy_ssh_key task. This changes to
use inventory generated by config-download and removes the
deploy_ssh_key task.

Also fixes swift_ring.v1.reblance to use the correct inventory.

Change-Id: Iab9d30e1b5b3008ef3130f64225b4f7fd4082214
Closes-Bug: #1803814
2018-11-17 19:20:51 +05:30

70 lines
2.0 KiB
YAML
Raw Blame History

---
version: '2.0'
name: tripleo.fernet_keys.v1
description: TripleO fernet key rotation workflows
workflows:
rotate_fernet_keys:
input:
- container
- work_dir: /var/lib/mistral
- queue_name: tripleo
- ansible_extra_env_variables:
ANSIBLE_HOST_KEY_CHECKING: 'False'
tags:
- tripleo-common-managed
tasks:
rotate_keys:
action: tripleo.parameters.rotate_fernet_keys container=<% $.container %>
on-success: get_privkey
on-error: send_message
publish-on-error:
status: FAILED
message: <% task().result %>
get_privkey:
action: tripleo.validations.get_privkey
on-success: deploy_keys
on-error: send_message
publish-on-error:
status: FAILED
message: <% task().result %>
deploy_keys:
action: tripleo.ansible-playbook
input:
hosts: keystone
inventory: <% $.get('work_dir') %>/<% $.get('container') %>/tripleo-ansible-inventory.yaml
ssh_private_key: <% task(get_privkey).result %>
extra_env_variables: <% $.ansible_extra_env_variables + dict(TRIPLEO_PLAN_NAME=>$.container) %>
verbosity: 0
remote_user: tripleo-admin
become: true
extra_vars:
fernet_keys: <% task(rotate_keys).result %>
use_openstack_credentials: true
playbook: /usr/share/tripleo-common/playbooks/rotate-keys.yaml
on-success: send_message
publish:
status: SUCCESS
message: <% task().result %>
on-error: send_message
publish-on-error:
status: FAILED
message: <% task().result %>
send_message:
workflow: tripleo.messaging.v1.send
input:
queue_name: <% $.queue_name %>
type: <% execution().name %>
status: <% $.status %>
message: <% $.get('message', '') %>
execution: <% execution() %>
plan_name: <% $.container %>
View Git Blame Copy Permalink