Stop templating secure.conf options
Simplify things by only passing the secure.conf file, not a template. If users need more dynamic options, they are free to template the file first then use us to copy the file in place. Also tests file mode for nodepool.yaml Change-Id: I4d2eba3292b2657ef9a607497056fa94cdd1bec8 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
bd36e3cb52
commit
354161295f
|
@ -30,25 +30,25 @@ nodepool_file_nodepool_yaml_mode: 0644
|
|||
nodepool_file_nodepool_yaml_owner: "{{ nodepool_user_name }}"
|
||||
nodepool_file_nodepool_yaml_src: etc/nodepool/nodepool.yaml
|
||||
|
||||
nodepool_file_secure_conf_dest: /etc/nodepool/secure.conf
|
||||
nodepool_file_secure_conf_group: "{{ nodepool_user_group }}"
|
||||
nodepool_file_secure_conf_mode: 0600
|
||||
nodepool_file_secure_conf_owner: "{{ nodepool_user_name }}"
|
||||
nodepool_file_secure_conf_src: etc/nodepool/secure.conf
|
||||
|
||||
nodepool_elements_dir: ""
|
||||
nodepool_elements_dir_dest: /etc/nodepool/elements
|
||||
|
||||
nodepool_scripts_dir: ""
|
||||
nodepool_scripts_dir_dest: /etc/nodepool/scripts
|
||||
|
||||
nodepool_config_database_dburi: "sqlite:///{{ nodepool_user_home }}/nodepool.db"
|
||||
nodepool_config_elements_dir: "{{ nodepool_elements_dir_dest }}"
|
||||
nodepool_config_images_dir: /opt/nodepool/images
|
||||
nodepool_config_log_config: /etc/nodepool/logging.conf
|
||||
nodepool_config_secure_config: /etc/nodepool/secure.conf
|
||||
nodepool_config_scripts_dir: "{{ nodepool_scripts_dir_dest }}"
|
||||
|
||||
nodepool_file_logging_conf: etc/nodepool/logging.conf
|
||||
|
||||
nodepool_template_secure_conf_contents: ""
|
||||
nodepool_template_secure_conf_dest: /etc/nodepool/secure.conf
|
||||
nodepool_template_secure_conf_src: etc/nodepool/secure.conf.j2
|
||||
|
||||
# tasks/install.yaml
|
||||
nodepool_git_dest: /opt/ansible-role-nodepool/git/openstack-infra/nodepool
|
||||
nodepool_git_uri: https://git.openstack.org/openstack-infra/nodepool
|
||||
|
|
|
@ -2,6 +2,4 @@
|
|||
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
|
||||
#
|
||||
[database]
|
||||
dburi = {{ nodepool_config_database_dburi }}
|
||||
|
||||
{{ nodepool_template_secure_conf_contents }}
|
||||
dburi = sqlite:////var/lib/nodepool/nodepool.db
|
|
@ -25,12 +25,6 @@
|
|||
- "{{ nodepool_user_home }}/.config/openstack"
|
||||
- /var/log/nodepool
|
||||
|
||||
- name: Template secure configuration file.
|
||||
become: yes
|
||||
template:
|
||||
dest: "{{ nodepool_template_secure_conf_dest }}"
|
||||
src: "{{ nodepool_template_secure_conf_src }}"
|
||||
|
||||
- name: Copy nodepool configuration.
|
||||
become: yes
|
||||
copy:
|
||||
|
@ -40,6 +34,15 @@
|
|||
owner: "{{nodepool_file_nodepool_yaml_owner }}"
|
||||
src: "{{ nodepool_file_nodepool_yaml_src }}"
|
||||
|
||||
- name: Copy nodepool secure configuration.
|
||||
become: yes
|
||||
copy:
|
||||
dest: "{{ nodepool_file_secure_conf_dest }}"
|
||||
group: "{{ nodepool_file_secure_conf_group }}"
|
||||
mode: "{{ nodepool_file_secure_conf_mode }}"
|
||||
owner: "{{nodepool_file_secure_conf_owner }}"
|
||||
src: "{{ nodepool_file_secure_conf_src }}"
|
||||
|
||||
- name: Copy logging configuration file.
|
||||
become: yes
|
||||
copy:
|
||||
|
|
|
@ -57,6 +57,21 @@
|
|||
- nodepool_yaml_stat.stat.isreg
|
||||
- nodepool_yaml_stat.stat.pw_name == 'nodepool'
|
||||
- nodepool_yaml_stat.stat.gr_name == 'nodepool'
|
||||
- nodepool_yaml_stat.stat.mode == '0644'
|
||||
|
||||
- name: Register /etc/nodepool/secure.conf
|
||||
stat:
|
||||
path: /etc/nodepool/secure.conf
|
||||
register: secure_conf_stat
|
||||
|
||||
- name: Assert secure_conf_stat tests.
|
||||
assert:
|
||||
that:
|
||||
- secure_conf_stat.stat.exists
|
||||
- secure_conf_stat.stat.isreg
|
||||
- secure_conf_stat.stat.pw_name == 'nodepool'
|
||||
- secure_conf_stat.stat.gr_name == 'nodepool'
|
||||
- secure_conf_stat.stat.mode == '0600'
|
||||
|
||||
- name: Register nodepool_elements_dir_dest_stat.
|
||||
stat:
|
||||
|
|
Loading…
Reference in New Issue