Run certificate init playbook as admin user
Previously, the generated certificate files were owned by root which prevented it from being easily removed later. This change adds the capability of setting the --become-user flag to ansible-playbook which allows the certificate generation playbook to run as the admin user so that the resulting certificate files are owned by the admin user. Change-Id: I3c5cf1894b88474f6fd89a27c52bd2d1257e3ebe
This commit is contained in:
parent
502bb06d2f
commit
8bfacb084a
|
@ -23,6 +23,7 @@ from kolla_cli.common.ansible.playbook import AnsiblePlaybook
|
|||
from kolla_cli.common.inventory import Inventory
|
||||
from kolla_cli.common.passwords import get_empty_password_values
|
||||
from kolla_cli.common.properties import AnsibleProperties
|
||||
from kolla_cli.common.utils import get_admin_user
|
||||
from kolla_cli.common.utils import get_kolla_ansible_home
|
||||
from kolla_cli.common.utils import get_kolla_etc
|
||||
from kolla_cli.common.utils import is_string_true
|
||||
|
@ -40,6 +41,7 @@ def certificate_init(verbose_level=1):
|
|||
'ansible/' + playbook_name)
|
||||
playbook.verbose_level = verbose_level
|
||||
playbook.local_only = True
|
||||
playbook.become_user = get_admin_user()
|
||||
|
||||
job = playbook.run()
|
||||
return job
|
||||
|
|
|
@ -43,6 +43,7 @@ class AnsiblePlaybook(object):
|
|||
deploy_id = None # type: str
|
||||
inventory = None # type: Inventory
|
||||
local_only = False
|
||||
become_user = None # type: str
|
||||
|
||||
def run(self):
|
||||
try:
|
||||
|
@ -120,6 +121,10 @@ class AnsiblePlaybook(object):
|
|||
|
||||
if self.flush_cache:
|
||||
cmd += ' --flush-cache'
|
||||
|
||||
if self.become_user:
|
||||
cmd += ' --become-user %s' % self.become_user
|
||||
|
||||
return cmd
|
||||
|
||||
def _make_temp_inventory(self):
|
||||
|
|
Loading…
Reference in New Issue