Browse Source

Make tls_everywhere validations compatible with ansible_facts

Via [1] we cannot rely on ansible_* vars anymore. So let's switch to
ansible_facts. This should fix the following error:

  2021-04-22 22:08:36,708 p=36100 u=mistral n=ansible | fatal:
  [undercloud]: FAILED! => {"msg": "The task includes an option with an
  undefined variable. The error was: {{ tls_everywhere_undercloud_fqdn |
  default(ansible_fqdn) }}: 'ansible_fqdn' is undefined\n\nThe error
  appears to be in
  '/usr/share/ansible/roles/tls_everywhere/tasks/ipa-server-check.yaml':
  line 59, column 7, but may\nbe elsewhere in the file depending on the
  exact syntax problem.\n\nThe offending line appears to be:\n\n\n    -
  name: kinit as the host entity\n      ^ here\n"}

Closes-Bug: #1925999

[1] 4e79336d69

Change-Id: If23c41d343678dcbbd0b4aae10ca6281a33e385f
changes/90/787990/1
Michele Baldessari 3 weeks ago
parent
commit
6ee98fbfba
2 changed files with 3 additions and 3 deletions
  1. +1
    -1
      roles/tls_everywhere/tasks/common.yaml
  2. +2
    -2
      roles/tls_everywhere/tasks/ipa-server-check.yaml

+ 1
- 1
roles/tls_everywhere/tasks/common.yaml View File

@ -133,7 +133,7 @@
- name: Set fact for IdM/FreeIPA host entry
set_fact:
host_entry: "{{ ansible_fqdn }}@{{ ipa_realm.value }}"
host_entry: "{{ ansible_facts['fqdn'] }}@{{ ipa_realm.value }}"
when: ipa_conf_stat.stat.exists
- name: Set fact for IdM/FreeIPA host principal


+ 2
- 2
roles/tls_everywhere/tasks/ipa-server-check.yaml View File

@ -23,7 +23,7 @@
# This playbook contains the following parameters
# - tls_everywhere_check_dns_aci - which determines if we want to check
# for the DNS ACI. This defaults to true.
# - tls_everywhere_undercloud_fqdn - which defaults to ansible_fqdn
# - tls_everywhere_undercloud_fqdn - which defaults to ansible_facts['fqdn']
- name: check if undercloud is an ipa client
stat:
@ -34,7 +34,7 @@
when: ipa_default_conf.stat.exists
vars:
check_dns_aci: "{{ tls_everywhere_check_dns_aci | default(True)}}"
undercloud_fqdn: "{{ tls_everywhere_undercloud_fqdn | default(ansible_fqdn) }}"
undercloud_fqdn: "{{ tls_everywhere_undercloud_fqdn | default(ansible_facts['fqdn']) }}"
ipa_server_aci_check_failures: []
fail_1: >-
The IPA server does not have the required ACI to allow host


Loading…
Cancel
Save