The provider_networks module returned the network_mappings in a random
order changing with every invocation. This returns the entries sorted
and adds a test to ensure the ordering is consistent between
invocations.
Change-Id: Iaec4534ebd8ff80cf7c7e3a1c8f187dd3990e4bc
Last test, that tries to delegate to a host that is not part of inventory
requires an SSH access to such host.
Since with latest changes to lxc_hosts repo [1] we do not install
SSH server nor provision SSH keys to containers by default.
As additional profit we now have a functional test of the ssh_keypairs
role.
[1] https://review.opendev.org/c/openstack/openstack-ansible-lxc_hosts/+/889945
Change-Id: Ia6b0f4406d0c2244327c2eb9fdee9a53462557c5
In CentOS Stream 9 we don't have /etc/hostname file. At the same time
hostnamectl provides expected output. Thus we switch to more modern
way of fetching hostname that works equally good for all distros.
Change-Id: If5212d5432cc49fb9745f77ebbef9525e2a3b393
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I4f0db0ab31e9d394d7f741aff88b53bc9129daa1
When the play context contains 'become' for ansible privilege
escalation, apply the configured become method (sudo) to the command
used to attach to a container. This allows for non-root users to use the
connection plugin to connect to containers.
Closes-Bug: 1645732
Change-Id: I485bd0aa850f39201654c808f0c61d26113f6390
Change from using variable manager to the var we already have for
the physical host. This saves nearly 50% time for re-running
playbooks/lxc-container-create.yml
Change-Id: Ic50763f9c74746ef94925a4dd52d16e1f313711b
pip_constraint_update, filtered_list,
git_link_parse, git_link_parse_name filters
have no reference inside OSA
hence removing these filters.
Change-Id: Id4bc4ab87ac4b60121290ad6cbbd143962357d39
Closes-Bug: #1826245
This change is to remove bit_length_power_of_2 from this repo since
it has been moved to openstack-ansible-openstack_hosts. This is
because it is only used by that repo.
Depends-On: I543328db49dc6b7bbb05878503dbb3d337a18558
Change-Id: I9e2b3e10ec42d246d203e363f0c737b8824ccd47
Closes-bug: #1826242
pip_requirement_names filter has no reference inside OSA
hence removing the same.
Change-Id: I3f7038f3add6a05c2b2fb038818aa92d370e2e81
Partial-Bug: 1826245
The ansible urlsplit filter added in 2.4 means that maintaining the
filters netloc, netloc_no_port and netorigin should no longer be
necessary.
All usages of these filters within other openstack repos have been
updated to use urlsplit and merged.
Change-Id: Ief1ec06e205bae7ec114fe0b9bd7d9c4973383dd
Closes-Bug: #1820830
The config_template action module has now been moved into its own git
repository (openstack/ansible-config_template). This has been done to
simplify the ability to use the plugin in other non OpenStack-Ansible
projects.
As part of this, we now need to remove the environment settings given
to ansible so that the common tests repo settings in ansible.cfg take
effect.
Related-Bug: 1791258
Depends-On: https://review.openstack.org/635841
Change-Id: I3a7d8c0c248febc4223029e076062ca68312b104
Update the netloc_no_port filter to parse a URL using the 'hostname'
attribute instead of splitting the netloc before the first colon, where
a username might be provided.
Change-Id: I9a0d01eac1e44de121fc7c6753cfa1bc2ed4318d
inventory_hostname is not reliable to be used as container_name. When
delegating in 2.6+, the inventory_hostname of the delegating host is
passed to the connection plugin, additionally when a host doesn't have
its own container_name variable a cached inventory_hostname is used in
its place.
To get the connection plugin working with Ansible 2.6 this change
essentially allows the container_check to fall through when delegating
to physical hosts or hosts not in the inventory by:
- removing inventory_hostname as a fallback for container_name
- unsetting container_name when delegating to a known physical host
- unsetting container_name when delegating to a host not mentioned in
the inventory
container_name can no longer be used as a group variable based on
inventory_hostname, it will need to be an inventory/host variable for
each individual host.
Also, when container_user is used the remote_tmp path needs to be set to
a system writable directory instead of the root user's home.
Change-Id: If2eb4c16273e19599f6ec3f0cba6b3573912c6a0
Commit I76af71ffe19b2a8afb18ed731f1362a4e399c613 broke the ability
to define physical_host in host_vars and group_vars. The physical_host
is only loaded from the ini inventory.
Change-Id: I3798529cf2bf73afbff2d2ef0f3fe17d91123fbc
With the more recent versions of ansible, we should now use
"is" instead of the "|" sign for the tests.
This should fix it.
Change-Id: I015f0687a24ab9727a6a43fa0c3da709ce72530d
On ansible 2.4+, when 'ansible_host' is defined in the inventory
ini file, the physical host mapping in the strategy plugin works as
expected. However, if the ansible_host setting is in host_vars/<host>.yml,
then the mapping does not work.
Change-Id: I22c09c4de86233329f337b535b709cd5320c40d3
This pattern is used in several openstack-ansible roles to control
if tasks are run on the deploy or target hosts, as chosen by the
deployer
Change-Id: I598353c8915762906459146daf4f5a2bbe74fba3
When using Ansible 2.5, delegation of a task from a container to a host
that is not mentioned in the inventory is currently broken.
The connection plugin works by comparing the host vars 'container_name'
and 'physical_host' to determine if a target host is a container. Both
of these variables are specific to hosts within an OSA generated
inventory. When delegating to a host outside of the inventory however,
the variables will remain cached from the originating host, so a task
wouldn't actually delegate at all.
This is fixed by checking that the 'inventory_hostname' is the same as
the 'container_name'.
Change-Id: I69f2eed35859bdc149e5ed21441eab7c8a8352cf
Now that run_tests.sh handles the tests repo clone, we can
remove the use of the older tests-repo-clone.sh script.
Change-Id: Id638de82323d45016b5f5c4b7f5c9711ec89c88f
Add a test to ensure container_user executes as the correct user
inside the container.
Change-Id: I0f8443ee4681af38fc09135668b12f852f2dcb31
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
As part of the ceph-ansible project, this change was put in:
ec042219e6
This was to handle the case where the config would change, initiating a
restart handler, even though no actual change happened.
We can juse use sorted() since we are passing back a list with .items()
which can then be sorted.
The above change didn't include a change to ensure the order of the
sections, which meant that although the individual items were sorted the
sections could change order causing unnecessary changes.
Additionally, this adds a test to retemplate the file 3 times, with a
lot more sections to ensure the order remains the same, this will fail
when the config template changes even though no changes have happened.
Change-Id: I7c7cd9ef1dd767a2a5d754ac4663cf8655dd60c2
config_template currently strips comments out from the INI files. This
commit adds support for comments.
The default ConfigParser supports reading comments but it doesn't writes
them back. There are other libraries that have better support for
comments, however, adopting another library would require a bigger
refactor of this code.
Change-Id: I376be69cd2cf34dc147f9ade716791125a424e2c
With the merge of https://review.openstack.org/520177 in the
tests repo some ansible-lint failures which previously were
not being picked up are now detected.
This adds the appropriate skip tags to the tasks so that they
are not evaluated by ansible-lint.
Change-Id: I820aa77ac097d4f3d043fb434255923847e3d650
This patch implements an initial set of jobs intended to match
the current job execution method. It does not intend to improve
how the jobs are executed - only to replicate what is currently
in openstack-infra/openstack-zuul-jobs and provide the platform
to iterate on.
Change-Id: Id5a41c4f09bfc63b373e83493dd85a53850bd71c
- Test the container awareness of the connection plugin (the lxc-attach
execution functionality when container_name is set on a host).
- Test delegation to containers
Depends-On: Idb186a061a396713a0e449d47ec262b30d5006ca
Change-Id: I2331d5d5c9cf3d4f8fc83639f6047092232f5887
Using AnsibleDumper adds support for dumping the internal ansible
data types that are used in hostvars.
Fixes-Bug: #1707265
Change-Id: Ie59bbef31306cd3e99aa827db875922e17084e83
When accessing nested facts, such as in ansible_local sections, guard
statements in the when clause can get quite long, due to having to
repeate the 'in/not in' logic for every key at every level.
The get_nested filter attempts to instead to move the guard into a
single line, making the conditions easier to write and maintain.
As example,
('openstack_ansible' not in ansible_local or
'swift' not in ansible_local['openstack_ansible'] or
'venv_tag' not in ansible_local['openstack_ansible']['swift'] or
ansible_local['openstack_ansible']['swift']['venv_tag'] == swift_venv_tag)
could be rewritten as
get_nested(ansible_local, 'openstack_ansible.swift.venv_tag') == swift_venv_tag
Change-Id: I3b43c25c8783c43cf5285f2b3e7267b2c5712ea0
It is sometimes useful to tell ConfigTemplateParser to write
out options that are valueless and not suffixed with '=' or ':',
such as when overriding a my.cnf.
This commit adds the 'ignore_none_type' attribute to the config_template
module. If this attribute is set to false, then valueless options will be
written out to the resultant INI file as-is, without the '=' or ':' suffix.
Change-Id: I5c88b2019c01b44193a5d0df9299ecce6de52f01
Partial-Bug: #1693234
When users specificy the 'content' attribute when
using the config_template module, it's possible that
this input can be a dict. This commit handles
dictionary input, and dumps it accordingly based
on 'config_type'
Change-Id: I1f12810ad7ce5746f8938ec9d608c532ba530d58
When executing the tests repo clone in OpenStack-CI,
use zuul-cloner instead of git to enable cross-repo
testing. This ensures that if a dependent patch from
the tests repo is noted using 'Depends-On: <change-id>'
in the commit message, that patch will be included.
Depends-On: Idce7abebf32f24c356a27e099fbca954d917402b
Depends-On: I5da7802d61d2ab6b03908138e3a3ed2db22e3d29
Change-Id: Ib9e5f4c93529b6bf74e37ce9f2feb0faa87a3b81
This is a lookup in case you need to parse a ubuntu repo Packages file
for a list of packages. It's useful in osa if you want to have a mirror
of an ubuntu repo, and output a list of its packages, with their
location and checksum.
You can use the output dict to feed another tool (for example
downloading with aria).
Change-Id: I10ba72f0b64267ae6afe57317e135d782445e934
Renames the "artifacting" strategy to "tagfilter" and implements
a more generic tag skipping implementation that can be defined
from within the ansible vars structure dynamically on a per-host,
per-group, or per-playbook basis.
To use the tagfilter strategy, run the playbook with
strategy: tagfilter
and define a hostvar named "skip_tags". Skip tags can be a string
or a list, and any tag CONTAINING a skip tag (an exact match is not
needed) will be skipped.
Also added is a check for a var called "skip_handlers", defaulted
to True. When skip_handlers is enabled, no handlers will be run
regardless of whether the task is skipped or not. If set to False,
handlers will be allowed to run as normal except when tasks are
skipped by the skip_tags.
Change-Id: I649707e6744e03763c4e786d203716ebf657ab48
The default py yaml `safe_dumps` keeps to the yaml spec which states
incremental indentations are not required. Sadly, without the
indentations some consumers of yaml configurations files will break.
This commit adds an incremental indentation dumper to cater for all
yaml configuration consumers.
Change-Id: Ifa5bcc6ff9f0a9cb5e619e62d0356f5d6887ca6e
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Copy module can take content argument, I think we should introduce this
feature to config_template. It brings the possibility to use lookups for
inline passing of content to template.
Example, we could use:
config_template:
content: "{{ lookup('file',<file>) }}" to replace current behavior
or:
config_template:
content: "{{ lookup('url','<url>',wantlist=True) | join ('\n') }}"
to bring inline templating of external sources.
Change-Id: Id5b2743d309f0313603afbbf84279ce0b1e49cfb
Signed-off-by: Jean-Philippe Evrard <jean-philippe.evrard@rackspace.co.uk>