From 1f95cd900e741abcd91bea244a0432695e022a00 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Thu, 13 Jul 2023 16:25:27 +0200 Subject: [PATCH] Fix linters and metadata With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Change-Id: I4585a4aad7acf48080e6b2d73bf3e0c2e0dfbff7 --- defaults/main.yml | 40 +++++++++++++++++++++------------- meta/main.yml | 10 +++++---- tasks/barbican_install.yml | 1 + tasks/barbican_pre_install.yml | 6 ++--- tasks/main.yml | 29 ++++++++++++++---------- vars/distro_install.yml | 3 ++- vars/main.yml | 6 ++++- vars/source_install.yml | 2 +- 8 files changed, 61 insertions(+), 36 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e2149a8..4ac0e7c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -20,7 +20,11 @@ debug: False # for the service setup. The host must already have # clouds.yaml properly configured. barbican_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -barbican_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((barbican_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +barbican_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (barbican_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set the package install state for distribution packages # Options are 'present' and 'latest' @@ -41,7 +45,7 @@ barbican_system_user_shell: /bin/false barbican_system_user_home: "/var/lib/{{ barbican_system_user_name }}" barbican_etc_directory: /etc/barbican -#Barbican services info +# Barbican services info barbican_keystone_listener_enable: false barbican_worker_enable: false barbican_retry_enable: false @@ -98,14 +102,14 @@ barbican_services: # With `barbican_user_libraries` you can deploy libraries, needed for barbican # to interact with third party services like HSM -#barbican_user_libraries: -# - src: /etc/openstack_deploy/barbican/libdpod.plugin -# dest: /opt/barbican/libs/libCryptoki2.so -# owner: root -# group: "{{ barbican_system_group_name }}" -# - src: /etc/openstack_deploy/barbican/Chrystoki.conf -# dest: /opt/barbican/Chrystoki.conf -# link: /etc/Chrystoki.conf +# barbican_user_libraries: +# - src: /etc/openstack_deploy/barbican/libdpod.plugin +# dest: /opt/barbican/libs/libCryptoki2.so +# owner: root +# group: "{{ barbican_system_group_name }}" +# - src: /etc/openstack_deploy/barbican/Chrystoki.conf +# dest: /opt/barbican/Chrystoki.conf +# link: /etc/Chrystoki.conf barbican_user_libraries: [] @@ -149,7 +153,8 @@ barbican_vassals_api_overrides: {} ## The git source/branch barbican_git_repo: "https://opendev.org/openstack/barbican" barbican_git_install_branch: master -barbican_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +barbican_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} barbican_git_constraints: - "--constraint {{ barbican_upper_constraints_url }}" @@ -161,7 +166,11 @@ barbican_bin: "{{ _barbican_bin }}" # Database vars barbican_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" -barbican_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((barbican_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +barbican_db_setup_python_interpreter: >- + {{ + openstack_db_setup_python_interpreter | default( + (barbican_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} barbican_galera_address: "{{ galera_address | default('127.0.0.1') }}" barbican_galera_database: barbican barbican_galera_user: barbican @@ -213,7 +222,8 @@ barbican_service_project_name: service # uwsgi configuration vars barbican_wsgi_processes_max: 16 -barbican_wsgi_processes: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max *2, barbican_wsgi_processes_max] | min }}" +barbican_wsgi_processes: >- + {{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, barbican_wsgi_processes_max] | min }} barbican_wsgi_threads: 1 barbican_uwsgi_tls: crt: "{{ barbican_ssl_cert }}" @@ -282,5 +292,5 @@ barbican_pki_install_certificates: mode: "0600" # Define user-provided SSL certificates -#barbican_user_ssl_cert: -#barbican_user_ssl_key: +# barbican_user_ssl_cert: +# barbican_user_ssl_key: diff --git a/meta/main.yml b/meta/main.yml index 4d92fb4..5d32c3e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,18 +18,20 @@ galaxy_info: description: Deploy Barbican with OpenStack-Ansible company: OpenStack license: Apache-2.0 - min_ansible_version: 2.2 + role_name: os_barbican + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 + - "9" galaxy_tags: - cloud - openstack diff --git a/tasks/barbican_install.yml b/tasks/barbican_install.yml index eae5a8f..d26ea18 100644 --- a/tasks/barbican_install.yml +++ b/tasks/barbican_install.yml @@ -19,6 +19,7 @@ section: "barbican" option: "install_method" value: "{{ barbican_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the barbican section is present setup: diff --git a/tasks/barbican_pre_install.yml b/tasks/barbican_pre_install.yml index b39a965..8a9c447 100644 --- a/tasks/barbican_pre_install.yml +++ b/tasks/barbican_pre_install.yml @@ -33,9 +33,9 @@ file: path: "{{ item.path }}" state: "directory" - owner: "{{ item.owner |default(barbican_system_user_name) }}" - group: "{{ item.group |default(barbican_system_group_name) }}" - mode: "{{ item.mode |default('0750') }}" + owner: "{{ item.owner | default(barbican_system_user_name) }}" + group: "{{ item.group | default(barbican_system_group_name) }}" + mode: "{{ item.mode | default('0750') }}" with_items: - path: "/etc/barbican" - path: "{{ barbican_system_user_home }}" diff --git a/tasks/main.yml b/tasks/main.yml index 532d868..5e12a86 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -45,7 +45,8 @@ tags: - always -- include_role: +- name: Including osa.db_setup role + include_role: name: openstack.osa.db_setup apply: tags: @@ -66,7 +67,8 @@ tags: - always -- include_role: +- name: Including osa.mq_setup role + include_role: name: openstack.osa.mq_setup apply: tags: @@ -88,11 +90,13 @@ tags: - always -- import_tasks: barbican_pre_install.yml +- name: Importing barbican_pre_install tasks + import_tasks: barbican_pre_install.yml tags: - barbican-install -- import_tasks: barbican_install.yml +- name: Importing barbican_install tasks + import_tasks: barbican_install.yml tags: - barbican-install @@ -116,7 +120,8 @@ tags: - always -- import_tasks: barbican_post_install.yml +- name: Importing barbican_post_install tasks + import_tasks: barbican_post_install.yml tags: - barbican-config @@ -130,16 +135,17 @@ systemd_tempd_prefix: openstack systemd_slice_name: barbican systemd_lock_path: /var/lock/barbican - systemd_CPUAccounting: true - systemd_BlockIOAccounting: true - systemd_MemoryAccounting: true - systemd_TasksAccounting: true + systemd_service_cpu_accounting: true + systemd_service_block_io_accounting: true + systemd_service_memory_accounting: true + systemd_service_tasks_accounting: true systemd_services: "{{ filtered_barbican_services }}" tags: - barbican-config - systemd-service -- import_tasks: barbican_db_sync.yml +- name: Importing barbican_db_sync tasks + import_tasks: barbican_db_sync.yml when: - _barbican_is_first_play_host tags: @@ -155,7 +161,8 @@ - barbican-config - uwsgi -- include_role: +- name: Including osa.service_setup role + include_role: name: openstack.osa.service_setup apply: tags: diff --git a/vars/distro_install.yml b/vars/distro_install.yml index 1ae0dee..58ca2a0 100644 --- a/vars/distro_install.yml +++ b/vars/distro_install.yml @@ -14,9 +14,10 @@ # limitations under the License. barbican_package_list: |- - {% set packages = (barbican_distro_packages + barbican_service_distro_packages) %} + {% set packages = barbican_distro_packages + barbican_service_distro_packages %} {% if barbican_oslomsg_amqp1_enabled | bool %} {% set _ = packages.extend(barbican_oslomsg_amqp1_distro_packages) %} {% endif %} {{ packages }} + _barbican_bin: "/usr/bin" diff --git a/vars/main.yml b/vars/main.yml index 149d6fa..8606118 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -13,7 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -_barbican_is_first_play_host: "{{ (barbican_services['barbican-api']['group'] in group_names and inventory_hostname == (groups[barbican_services['barbican-api']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" +_barbican_is_first_play_host: >- + {{ + (barbican_services['barbican-api']['group'] in group_names and + inventory_hostname == (groups[barbican_services['barbican-api']['group']] | intersect(ansible_play_hosts)) | first) | bool + }} # # Compile a list of the services on a host based on whether diff --git a/vars/source_install.yml b/vars/source_install.yml index fa3fef2..1f04348 100644 --- a/vars/source_install.yml +++ b/vars/source_install.yml @@ -14,7 +14,7 @@ # limitations under the License. barbican_package_list: |- - {% set packages = (barbican_distro_packages + barbican_devel_distro_packages) %} + {% set packages = barbican_distro_packages + barbican_devel_distro_packages %} {% if barbican_oslomsg_amqp1_enabled | bool %} {% set _ = packages.extend(barbican_oslomsg_amqp1_distro_packages) %} {% endif %}