zuul-jobs/roles/upload-logs-gcs/tasks/main.yaml
James E. Blair 622baa65bf Add no_log to all log upload tasks
Some log upload tasks were missing no_log instructions and might
write out credentials to the job-output.json file.  Update these
tasks to include no_log.

Change-Id: I1f18cec117d9205945644ce19d5584f5d676e8d8
2022-11-16 09:11:12 -08:00

41 lines
1.4 KiB
YAML

- name: Set zuul-log-path fact
include_role:
name: set-zuul-log-path-fact
when: zuul_log_path is not defined
# Always upload (true), never upload (false) or only on failure ('failure')
- name: Upload logs
when: zuul_site_upload_logs | default(true) | bool or
(zuul_site_upload_logs == 'failure' and not zuul_success | bool)
block:
# Use chmod instead of file because ansible 2.5 file with recurse and
# follow can't really handle symlinks to .
- name: Ensure logs are readable before uploading
delegate_to: localhost
command: "chmod -R u=rwX,g=rX,o=rX {{ zuul.executor.log_root }}/"
# ANSIBLE0007 chmod used in place of argument mode to file
tags:
- skip_ansible_lint
- name: Upload logs to Google Cloud Storage
delegate_to: localhost
no_log: true
zuul_google_storage_upload:
partition: "{{ zuul_log_partition }}"
container: "{{ zuul_log_container }}"
prefix: "{{ zuul_log_path }}"
indexes: "{{ zuul_log_create_indexes }}"
credentials_file: "{{ zuul_log_credentials_file }}"
project: "{{ zuul_log_project }}"
files:
- "{{ zuul.executor.log_root }}/"
register: upload_results
- name: Return log URL to Zuul
delegate_to: localhost
zuul_return:
data:
zuul:
log_url: "{{ upload_results.url }}/"
when: upload_results is defined