Merge "Fix privilege escalation" into stable/train
This commit is contained in:
commit
77a6593749
|
@ -3,6 +3,7 @@
|
||||||
# TODO(emilien) convert this whole task in a module
|
# TODO(emilien) convert this whole task in a module
|
||||||
# https://bugs.launchpad.net/tripleo/+bug/1884577
|
# https://bugs.launchpad.net/tripleo/+bug/1884577
|
||||||
- name: "Remove old {{ item.0 }} container startup configs"
|
- name: "Remove old {{ item.0 }} container startup configs"
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: "/var/lib/tripleo-config/container-startup-config/{{ item.0 }}"
|
path: "/var/lib/tripleo-config/container-startup-config/{{ item.0 }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
@ -15,6 +16,7 @@
|
||||||
setype: svirt_sandbox_file_t
|
setype: svirt_sandbox_file_t
|
||||||
|
|
||||||
- name: "Creating container startup configs for {{ item.0 }}"
|
- name: "Creating container startup configs for {{ item.0 }}"
|
||||||
|
become: true
|
||||||
copy:
|
copy:
|
||||||
content: "{{ startup_data.value | to_nice_json }}"
|
content: "{{ startup_data.value | to_nice_json }}"
|
||||||
dest: "/var/lib/tripleo-config/container-startup-config/{{ item.0 }}/{{ startup_data.key }}.json"
|
dest: "/var/lib/tripleo-config/container-startup-config/{{ item.0 }}/{{ startup_data.key }}.json"
|
||||||
|
|
|
@ -33,6 +33,7 @@
|
||||||
|
|
||||||
- hosts: "{{ deploy_target_host }}"
|
- hosts: "{{ deploy_target_host }}"
|
||||||
name: Ensure /var/lib/config-data context
|
name: Ensure /var/lib/config-data context
|
||||||
|
become: true
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
tasks:
|
tasks:
|
||||||
|
|
|
@ -5,8 +5,10 @@
|
||||||
msg: Use --start-at-task 'Deploy step tasks for step 0' to resume from this task
|
msg: Use --start-at-task 'Deploy step tasks for step 0' to resume from this task
|
||||||
when: "tripleo_minor_update is not defined or tripleo_minor_update != 'true'"
|
when: "tripleo_minor_update is not defined or tripleo_minor_update != 'true'"
|
||||||
- name: Ensure /var/log/journal exists
|
- name: Ensure /var/log/journal exists
|
||||||
|
become: true
|
||||||
file: path=/var/log/journal state=directory mode=0750 owner=root group=root setype=var_log_t
|
file: path=/var/log/journal state=directory mode=0750 owner=root group=root setype=var_log_t
|
||||||
- name: Create /var/lib/container-puppet
|
- name: Create /var/lib/container-puppet
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
file: path=/var/lib/container-puppet state=directory setype=container_file_t selevel=s0 recurse=true
|
file: path=/var/lib/container-puppet state=directory setype=container_file_t selevel=s0 recurse=true
|
||||||
- name: Write container-puppet.py if Paunch is enabled
|
- name: Write container-puppet.py if Paunch is enabled
|
||||||
|
@ -22,6 +24,7 @@
|
||||||
when:
|
when:
|
||||||
- not (enable_paunch|bool)
|
- not (enable_paunch|bool)
|
||||||
- name: Write container-puppet.sh
|
- name: Write container-puppet.sh
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy: src=container_puppet_script.yaml dest=/var/lib/container-puppet/container-puppet.sh force=yes mode=0755 setype=container_file_t
|
copy: src=container_puppet_script.yaml dest=/var/lib/container-puppet/container-puppet.sh force=yes mode=0755 setype=container_file_t
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
- name: Write config data at the start of step 1
|
- name: Write config data at the start of step 1
|
||||||
block:
|
block:
|
||||||
- name: Create and ensure setype for /var/log/containers directory
|
- name: Create and ensure setype for /var/log/containers directory
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/log/containers
|
path: /var/log/containers
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -10,6 +11,7 @@
|
||||||
tags:
|
tags:
|
||||||
- host_config
|
- host_config
|
||||||
- name: Create ContainerLogStdoutPath directory
|
- name: Create ContainerLogStdoutPath directory
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: "{{ container_log_stdout_path }}"
|
path: "{{ container_log_stdout_path }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -17,6 +19,7 @@
|
||||||
tags:
|
tags:
|
||||||
- host_config
|
- host_config
|
||||||
- name: Create /var/lib/tripleo-config directory
|
- name: Create /var/lib/tripleo-config directory
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/tripleo-config
|
path: /var/lib/tripleo-config
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -31,6 +34,7 @@
|
||||||
- container_startup_configs
|
- container_startup_configs
|
||||||
|
|
||||||
- name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode
|
- name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/tripleo-config/check-mode
|
path: /var/lib/tripleo-config/check-mode
|
||||||
state: absent
|
state: absent
|
||||||
|
@ -45,6 +49,7 @@
|
||||||
check_mode: no
|
check_mode: no
|
||||||
|
|
||||||
- name: Create /var/lib/tripleo-config/check-mode directory for check mode
|
- name: Create /var/lib/tripleo-config/check-mode directory for check mode
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/tripleo-config/check-mode
|
path: /var/lib/tripleo-config/check-mode
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -63,6 +68,7 @@
|
||||||
|
|
||||||
# Puppet manifest for baremetal host configuration
|
# Puppet manifest for baremetal host configuration
|
||||||
- name: Write the puppet step_config manifest
|
- name: Write the puppet step_config manifest
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}"
|
content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}"
|
||||||
|
@ -99,6 +105,7 @@
|
||||||
|
|
||||||
# Puppet Containers Config directory used to generate container configs
|
# Puppet Containers Config directory used to generate container configs
|
||||||
- name: Create /var/lib/container-puppet
|
- name: Create /var/lib/container-puppet
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-puppet
|
path: /var/lib/container-puppet
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -111,6 +118,7 @@
|
||||||
# For backward compatibility in Stein, so our operators have time
|
# For backward compatibility in Stein, so our operators have time
|
||||||
# to learn about the new directory.
|
# to learn about the new directory.
|
||||||
- name: Create /var/lib/docker-puppet for backward compatibility
|
- name: Create /var/lib/docker-puppet for backward compatibility
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/docker-puppet
|
path: /var/lib/docker-puppet
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -119,6 +127,7 @@
|
||||||
- container_config_tasks
|
- container_config_tasks
|
||||||
|
|
||||||
- name: Deprecation file about /var/lib/docker-puppet
|
- name: Deprecation file about /var/lib/docker-puppet
|
||||||
|
become: true
|
||||||
copy:
|
copy:
|
||||||
dest: /var/lib/docker-puppet/readme.txt
|
dest: /var/lib/docker-puppet/readme.txt
|
||||||
content: |
|
content: |
|
||||||
|
@ -127,6 +136,7 @@
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
|
||||||
- name: Delete existing /var/lib/container-puppet/check-mode for check mode
|
- name: Delete existing /var/lib/container-puppet/check-mode for check mode
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-puppet/check-mode
|
path: /var/lib/container-puppet/check-mode
|
||||||
state: absent
|
state: absent
|
||||||
|
@ -137,6 +147,7 @@
|
||||||
- ansible_check_mode|bool
|
- ansible_check_mode|bool
|
||||||
|
|
||||||
- name: Create /var/lib/container-puppet/check-mode for check mode
|
- name: Create /var/lib/container-puppet/check-mode for check mode
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-puppet/check-mode
|
path: /var/lib/container-puppet/check-mode
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -149,6 +160,7 @@
|
||||||
- ansible_check_mode|bool
|
- ansible_check_mode|bool
|
||||||
|
|
||||||
- name: Write container-puppet.json file
|
- name: Write container-puppet.json file
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
|
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
|
||||||
|
@ -184,6 +196,7 @@
|
||||||
- container_config
|
- container_config
|
||||||
|
|
||||||
- name: Create /var/lib/container-config-scripts
|
- name: Create /var/lib/container-config-scripts
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-config-scripts
|
path: /var/lib/container-config-scripts
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -195,6 +208,7 @@
|
||||||
# /var/lib/container-startup-configs.json is removed as we now write
|
# /var/lib/container-startup-configs.json is removed as we now write
|
||||||
# per-step files instead
|
# per-step files instead
|
||||||
- name: Clean old /var/lib/container-startup-configs.json file
|
- name: Clean old /var/lib/container-startup-configs.json file
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-startup-configs.json
|
path: /var/lib/container-startup-configs.json
|
||||||
state: absent
|
state: absent
|
||||||
|
@ -203,6 +217,7 @@
|
||||||
|
|
||||||
# For legacy, can be removed in Train cycle
|
# For legacy, can be removed in Train cycle
|
||||||
- name: Clean old /var/lib/docker-container-startup-configs.json file
|
- name: Clean old /var/lib/docker-container-startup-configs.json file
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/docker-container-startup-configs.json
|
path: /var/lib/docker-container-startup-configs.json
|
||||||
state: absent
|
state: absent
|
||||||
|
@ -212,6 +227,7 @@
|
||||||
|
|
||||||
- name: Write container config scripts
|
- name: Write container config scripts
|
||||||
no_log: True
|
no_log: True
|
||||||
|
become: true
|
||||||
copy:
|
copy:
|
||||||
content: "{{ item[1].content }}"
|
content: "{{ item[1].content }}"
|
||||||
dest: "/var/lib/container-config-scripts/{{ item[0] }}"
|
dest: "/var/lib/container-config-scripts/{{ item[0] }}"
|
||||||
|
@ -250,6 +266,7 @@
|
||||||
# /var/lib/tripleo-config/container-startup-config/step_X/<container_name>.json
|
# /var/lib/tripleo-config/container-startup-config/step_X/<container_name>.json
|
||||||
# Can be removed in V cycle
|
# Can be removed in V cycle
|
||||||
- name: Write /var/lib/tripleo-config/container-startup-config-readme.txt
|
- name: Write /var/lib/tripleo-config/container-startup-config-readme.txt
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "Container startup configs moved to /var/lib/tripleo-config/container-startup-config"
|
content: "Container startup configs moved to /var/lib/tripleo-config/container-startup-config"
|
||||||
|
@ -263,6 +280,7 @@
|
||||||
# However, container_puppet.py won't create their hashed version if
|
# However, container_puppet.py won't create their hashed version if
|
||||||
# config changed.
|
# config changed.
|
||||||
- name: Write per-step container startup configs for backward compatibility
|
- name: Write per-step container startup configs for backward compatibility
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "{{ item[1] | to_nice_json }}"
|
content: "{{ item[1] | to_nice_json }}"
|
||||||
|
@ -289,6 +307,7 @@
|
||||||
- container_startup_configs
|
- container_startup_configs
|
||||||
|
|
||||||
- name: Create /var/lib/kolla/config_files directory
|
- name: Create /var/lib/kolla/config_files directory
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/kolla/config_files
|
path: /var/lib/kolla/config_files
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -299,6 +318,7 @@
|
||||||
- container_startup_configs
|
- container_startup_configs
|
||||||
|
|
||||||
- name: Create /var/lib/config-data directory
|
- name: Create /var/lib/config-data directory
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/config-data
|
path: /var/lib/config-data
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -306,6 +326,7 @@
|
||||||
selevel: s0
|
selevel: s0
|
||||||
|
|
||||||
- name: Write kolla config json files
|
- name: Write kolla config json files
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "{{ item[1] | to_nice_json }}"
|
content: "{{ item[1] | to_nice_json }}"
|
||||||
|
@ -353,6 +374,7 @@
|
||||||
- container_config
|
- container_config
|
||||||
|
|
||||||
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
|
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /etc/puppet/check-mode/hieradata
|
path: /etc/puppet/check-mode/hieradata
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -368,6 +390,7 @@
|
||||||
- container_config
|
- container_config
|
||||||
|
|
||||||
- name: Create puppet check-mode files if they don't exist for check mode
|
- name: Create puppet check-mode files if they don't exist for check mode
|
||||||
|
become: true
|
||||||
shell: |
|
shell: |
|
||||||
cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
|
cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
|
||||||
cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
|
cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
#####################################################
|
#####################################################
|
||||||
|
|
||||||
- name: Write the config_step hieradata
|
- name: Write the config_step hieradata
|
||||||
|
become: true
|
||||||
no_log: True
|
no_log: True
|
||||||
copy:
|
copy:
|
||||||
content: "{{ dict(step=step|int) | to_json }}"
|
content: "{{ dict(step=step|int) | to_json }}"
|
||||||
|
@ -14,6 +15,7 @@
|
||||||
- host_config
|
- host_config
|
||||||
|
|
||||||
- name: Run puppet host configuration for step {{ step }}
|
- name: Run puppet host configuration for step {{ step }}
|
||||||
|
become: true
|
||||||
async: 3600
|
async: 3600
|
||||||
poll: 0
|
poll: 0
|
||||||
when: enable_puppet|bool
|
when: enable_puppet|bool
|
||||||
|
@ -197,6 +199,7 @@
|
||||||
|
|
||||||
- name: Per step starting of the containers using tripleo-ansible
|
- name: Per step starting of the containers using tripleo-ansible
|
||||||
when: not (enable_paunch|bool)
|
when: not (enable_paunch|bool)
|
||||||
|
become: true
|
||||||
environment:
|
environment:
|
||||||
TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
|
TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
|
||||||
block:
|
block:
|
||||||
|
@ -223,6 +226,7 @@
|
||||||
########################################################
|
########################################################
|
||||||
|
|
||||||
- name: "Clean container_puppet_tasks for {{ansible_hostname | lower}} step {{step}}"
|
- name: "Clean container_puppet_tasks for {{ansible_hostname | lower}} step {{step}}"
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
path: /var/lib/container-puppet/container-puppet-tasks{{step}}.json
|
path: /var/lib/container-puppet/container-puppet-tasks{{step}}.json
|
||||||
state: absent
|
state: absent
|
||||||
|
|
|
@ -437,6 +437,7 @@ outputs:
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
tasks:
|
tasks:
|
||||||
- name: Set selinux state
|
- name: Set selinux state
|
||||||
|
become: true
|
||||||
selinux:
|
selinux:
|
||||||
policy: targeted
|
policy: targeted
|
||||||
state: SELINUX_MODE
|
state: SELINUX_MODE
|
||||||
|
@ -476,6 +477,7 @@ outputs:
|
||||||
|
|
||||||
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
||||||
name: Overcloud deploy step tasks for step 0
|
name: Overcloud deploy step tasks for step 0
|
||||||
|
become: true
|
||||||
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
vars:
|
vars:
|
||||||
|
@ -547,6 +549,7 @@ outputs:
|
||||||
- "{{ tripleo_role_name ~ '/NetworkConfig' }}"
|
- "{{ tripleo_role_name ~ '/NetworkConfig' }}"
|
||||||
|
|
||||||
- name: NetworkConfig
|
- name: NetworkConfig
|
||||||
|
become: true
|
||||||
block:
|
block:
|
||||||
- name: Create /var/lib/tripleo-config/scripts directory
|
- name: Create /var/lib/tripleo-config/scripts directory
|
||||||
file:
|
file:
|
||||||
|
@ -635,6 +638,7 @@ outputs:
|
||||||
|
|
||||||
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
||||||
name: Host prep steps
|
name: Host prep steps
|
||||||
|
become: true
|
||||||
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
vars:
|
vars:
|
||||||
|
@ -700,6 +704,7 @@ outputs:
|
||||||
|
|
||||||
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
||||||
name: Overcloud deploy step tasks for {{step}}
|
name: Overcloud deploy step tasks for {{step}}
|
||||||
|
become: true
|
||||||
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
# FIXME(shardy) - it would be nice to use strategy: free to
|
# FIXME(shardy) - it would be nice to use strategy: free to
|
||||||
|
@ -781,6 +786,7 @@ outputs:
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
|
||||||
name: Server Post Deployments
|
name: Server Post Deployments
|
||||||
|
become: true
|
||||||
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
tasks:
|
tasks:
|
||||||
|
@ -991,6 +997,7 @@ outputs:
|
||||||
{%- for step in range(0,upgrade_steps_max) %}
|
{%- for step in range(0,upgrade_steps_max) %}
|
||||||
- hosts: DEPLOY_TARGET_HOST
|
- hosts: DEPLOY_TARGET_HOST
|
||||||
name: Upgrade tasks for step {{step}}
|
name: Upgrade tasks for step {{step}}
|
||||||
|
become: true
|
||||||
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
|
||||||
any_errors_fatal: yes
|
any_errors_fatal: yes
|
||||||
vars:
|
vars:
|
||||||
|
|
|
@ -45,6 +45,7 @@
|
||||||
- name: Block for container-puppet tasks (generate config) during step {{ step }} with tripleo-ansible
|
- name: Block for container-puppet tasks (generate config) during step {{ step }} with tripleo-ansible
|
||||||
when:
|
when:
|
||||||
- not (enable_paunch|bool)
|
- not (enable_paunch|bool)
|
||||||
|
become: true
|
||||||
tags:
|
tags:
|
||||||
- container_config
|
- container_config
|
||||||
block:
|
block:
|
||||||
|
@ -83,6 +84,7 @@
|
||||||
tripleo_container_manage_valid_exit_code: [0, 2]
|
tripleo_container_manage_valid_exit_code: [0, 2]
|
||||||
|
|
||||||
- name: Diff puppet-generated changes for check mode
|
- name: Diff puppet-generated changes for check mode
|
||||||
|
become: true
|
||||||
shell: |
|
shell: |
|
||||||
diff -ruN --no-dereference -q /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
diff -ruN --no-dereference -q /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
||||||
diff -ruN --no-dereference /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
diff -ruN --no-dereference /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
include_role:
|
include_role:
|
||||||
name: tripleo-hieradata
|
name: tripleo-hieradata
|
||||||
- name: Hiera symlink
|
- name: Hiera symlink
|
||||||
|
become: true
|
||||||
file:
|
file:
|
||||||
src: /etc/puppet/hiera.yaml
|
src: /etc/puppet/hiera.yaml
|
||||||
dest: /etc/hiera.yaml
|
dest: /etc/hiera.yaml
|
||||||
|
|
|
@ -36,9 +36,8 @@ outputs:
|
||||||
description: Role data for tmpwatch install
|
description: Role data for tmpwatch install
|
||||||
value:
|
value:
|
||||||
service_name: logrotate_tmpwatch
|
service_name: logrotate_tmpwatch
|
||||||
deploy_steps_tasks:
|
host_prep_tasks:
|
||||||
- name: install tmpwatch on the host
|
- name: install tmpwatch on the host
|
||||||
when: step|int == 1
|
|
||||||
package:
|
package:
|
||||||
name: tmpwatch
|
name: tmpwatch
|
||||||
state: installed
|
state: installed
|
||||||
|
|
Loading…
Reference in New Issue