46 lines
1.6 KiB
YAML
46 lines
1.6 KiB
YAML
---
|
|
# Copy the Bifrost clouds.yaml file and CA certificate (if one is in use) to
|
|
# the host. This allows us to access the Ironic and Inspector APIs outside of
|
|
# the Bifrost container.
|
|
- name: Ensure credentials are available on the host
|
|
hosts: seed
|
|
tags:
|
|
- seed-credentials
|
|
vars:
|
|
openstack_config_dir: "{{ ansible_facts.env.HOME }}/.config/openstack"
|
|
tasks:
|
|
- name: Ensure OpenStack config directory exists
|
|
file:
|
|
path: "{{ openstack_config_dir }}"
|
|
state: directory
|
|
mode: 0700
|
|
|
|
- name: Get clouds.yaml from Bifrost container
|
|
command:
|
|
cmd: docker exec bifrost_deploy cat /root/.config/openstack/clouds.yaml
|
|
changed_when: false
|
|
register: clouds_yaml
|
|
no_log: true
|
|
|
|
- name: Write clouds.yaml
|
|
copy:
|
|
content: |
|
|
{%- set clouds = clouds_yaml.stdout | from_yaml -%}
|
|
{%- for cloud in clouds.clouds.keys() | list -%}
|
|
{%- if 'cacert' in clouds.clouds[cloud] -%}
|
|
{%- set _ = clouds.clouds[cloud].update({'cacert': openstack_config_dir ~ '/bifrost.crt'}) -%}
|
|
{%- endif -%}
|
|
{%- endfor -%}
|
|
{{ clouds | to_nice_yaml }}
|
|
dest: "{{ openstack_config_dir }}/clouds.yaml"
|
|
mode: 0600
|
|
|
|
- name: Copy CA certificate from Bifrost container
|
|
vars:
|
|
clouds: "{{ clouds_yaml.stdout | from_yaml }}"
|
|
cacerts: "{{ clouds.clouds.values() | selectattr('cacert', 'defined') | map(attribute='cacert') | list }}"
|
|
command:
|
|
cmd: docker cp bifrost_deploy:{{ cacerts[0] }} {{ openstack_config_dir }}/bifrost.crt
|
|
changed_when: false
|
|
when: cacerts | length > 0
|