Introduce new HideSensitiveLogs parameter
This one toggles the no_log parameter. Directly related to #1873770 in
order to allow a deeper debug within CI.
Change-Id: I27f677467263c0e6cc78d775edff55b3811fec1f
Related-Bug: #1873770
(cherry picked from commit cabed543fa
)
This commit is contained in:
parent
8f3617044d
commit
d2def42c53
|
@ -60,6 +60,12 @@ parameters:
|
||||||
default: false
|
default: false
|
||||||
description: Whether to run config management (e.g. Puppet) in debug mode.
|
description: Whether to run config management (e.g. Puppet) in debug mode.
|
||||||
type: boolean
|
type: boolean
|
||||||
|
HideSensitiveLogs:
|
||||||
|
default: true
|
||||||
|
type: boolean
|
||||||
|
description: >
|
||||||
|
Set it to false if you don't want to activate the no_log feature within
|
||||||
|
ansible modules.
|
||||||
EnablePuppet:
|
EnablePuppet:
|
||||||
default: true
|
default: true
|
||||||
description: Whether to run the puppet (baremetal) deployment tasks.
|
description: Whether to run the puppet (baremetal) deployment tasks.
|
||||||
|
@ -357,6 +363,7 @@ outputs:
|
||||||
enabled_networks: {get_param: EnabledNetworks}
|
enabled_networks: {get_param: EnabledNetworks}
|
||||||
net_vip_map: {get_param: NetVipMap}
|
net_vip_map: {get_param: NetVipMap}
|
||||||
nova_additional_cell: {get_param: NovaAdditionalCell}
|
nova_additional_cell: {get_param: NovaAdditionalCell}
|
||||||
|
hide_sensitive_logs: {get_param: HideSensitiveLogs}
|
||||||
{%- for network in networks if network.enabled|default(true) %}
|
{%- for network in networks if network.enabled|default(true) %}
|
||||||
{{network.name_lower}}_net_name: {get_param: {{network.name}}NetName}
|
{{network.name_lower}}_net_name: {get_param: {{network.name}}NetName}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
|
@ -70,7 +70,7 @@ outputs:
|
||||||
cert_content: {get_param: SSLCertificate}
|
cert_content: {get_param: SSLCertificate}
|
||||||
chain_content: {get_param: SSLIntermediateCertificate}
|
chain_content: {get_param: SSLIntermediateCertificate}
|
||||||
key_content: {get_param: SSLKey}
|
key_content: {get_param: SSLKey}
|
||||||
no_log: true
|
no_log: "{{ hide_sensitive_logs | bool }}"
|
||||||
|
|
||||||
# We want to ensure we run all this block IFF we have
|
# We want to ensure we run all this block IFF we have
|
||||||
# a certificate content.
|
# a certificate content.
|
||||||
|
@ -135,7 +135,7 @@ outputs:
|
||||||
# We hence need to do this file creation in two distinct steps
|
# We hence need to do this file creation in two distinct steps
|
||||||
# and ignore failure on the ownership change.
|
# and ignore failure on the ownership change.
|
||||||
- name: push certificate content
|
- name: push certificate content
|
||||||
no_log: true
|
no_log: "{{ hide_sensitive_logs | bool }}"
|
||||||
copy:
|
copy:
|
||||||
dest: "{{cert_path}}"
|
dest: "{{cert_path}}"
|
||||||
mode: 0440
|
mode: 0440
|
||||||
|
|
|
@ -87,13 +87,13 @@ outputs:
|
||||||
- name: Generate PSK
|
- name: Generate PSK
|
||||||
command: openssl rand -base64 48
|
command: openssl rand -base64 48
|
||||||
register: generated_psk
|
register: generated_psk
|
||||||
no_log: true
|
no_log: "{{ hide_sensitive_logs | bool }}"
|
||||||
- name: generate ipsec global vars
|
- name: generate ipsec global vars
|
||||||
set_fact:
|
set_fact:
|
||||||
ipsec_psk: "{{ generated_psk.stdout }}"
|
ipsec_psk: "{{ generated_psk.stdout }}"
|
||||||
delegate_to: "{{item}}"
|
delegate_to: "{{item}}"
|
||||||
delegate_facts: true
|
delegate_facts: true
|
||||||
no_log: true
|
no_log: "{{ hide_sensitive_logs | bool }}"
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ groups.ipsec }}"
|
- "{{ groups.ipsec }}"
|
||||||
deploy_steps_tasks:
|
deploy_steps_tasks:
|
||||||
|
|
|
@ -250,7 +250,7 @@ outputs:
|
||||||
- name: Set FreeIPA OTP fact
|
- name: Set FreeIPA OTP fact
|
||||||
set_fact:
|
set_fact:
|
||||||
ipa_otp: {get_param: NovajoinIpaOtp}
|
ipa_otp: {get_param: NovajoinIpaOtp}
|
||||||
no_log: true
|
no_log: "{{ hide_sensitive_logs | bool }}"
|
||||||
- name: create persistent directories
|
- name: create persistent directories
|
||||||
file:
|
file:
|
||||||
path: "{{ item.path }}"
|
path: "{{ item.path }}"
|
||||||
|
|
Loading…
Reference in New Issue