Run certificate init playbook as admin user

Previously, the generated certificate files were owned by root which
prevented it from being easily removed later.  This change adds the
capability of setting the --become-user flag to ansible-playbook which
allows the certificate generation playbook to run as the admin user so
that the resulting certificate files are owned by the admin user.

Change-Id: I3c5cf1894b88474f6fd89a27c52bd2d1257e3ebe

kolla_cli/common/ansible/actions.py

@@ -23,6 +23,7 @@ from kolla_cli.common.ansible.playbook import AnsiblePlaybook
 from kolla_cli.common.inventory import Inventory
 from kolla_cli.common.passwords import get_empty_password_values
 from kolla_cli.common.properties import AnsibleProperties
+from kolla_cli.common.utils import get_admin_user
 from kolla_cli.common.utils import get_kolla_ansible_home
 from kolla_cli.common.utils import get_kolla_etc
 from kolla_cli.common.utils import is_string_true
@@ -40,6 +41,7 @@ def certificate_init(verbose_level=1):
                                           'ansible/' + playbook_name)
     playbook.verbose_level = verbose_level
     playbook.local_only = True
+    playbook.become_user = get_admin_user()
 
     job = playbook.run()
     return job

kolla_cli/common/ansible/playbook.py

@@ -43,6 +43,7 @@ class AnsiblePlaybook(object):
     deploy_id = None  # type: str
     inventory = None  # type: Inventory
     local_only = False
+    become_user = None  # type: str
 
     def run(self):
         try:
@@ -120,6 +121,10 @@ class AnsiblePlaybook(object):
 
         if self.flush_cache:
             cmd += ' --flush-cache'
+
+        if self.become_user:
+            cmd += ' --become-user %s' % self.become_user
+
         return cmd
 
     def _make_temp_inventory(self):