- import_playbook: ../install-ansible.yaml vars: root_rsa_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa') }}" ansible_cron_disable_job: true cloud_launcher_disable_job: true - hosts: bridge.openstack.org become: true tasks: - name: Write inventory on bridge include_role: name: write-inventory vars: write_inventory_dest: /etc/ansible/hosts/inventory.yaml write_inventory_exclude_hostvars: - ansible_user - ansible_python_interpreter - name: Add groups config for test nodes template: src: "templates/gate-groups.yaml.j2" dest: "/etc/ansible/hosts/gate-groups.yaml" - name: Update ansible.cfg to use job inventory ini_file: path: /etc/ansible/ansible.cfg section: defaults option: inventory value: /etc/ansible/hosts/inventory.yaml,/etc/ansible/hosts/groups.yaml,/etc/ansible/hosts/gate-groups.yaml - name: Make host_vars directory file: path: "/etc/ansible/hosts/host_vars" state: directory - name: Make group_vars directory file: path: "/etc/ansible/hosts/group_vars" state: directory - name: Write hostvars files vars: bastion_ipv4: "{{ nodepool['public_ipv4'] }}" bastion_ipv6: "{{ nodepool['public_ipv6'] }}" bastion_public_key: "{{ lookup('file', zuul.executor.work_root + '/' + zuul.build + '_id_rsa.pub') }}" iptables_test_public_tcp_ports: [19885] template: src: "templates/{{ item }}.j2" dest: "/etc/ansible/hosts/{{ item }}" loop: - group_vars/all.yaml - group_vars/adns.yaml - group_vars/nodepool.yaml - group_vars/ns.yaml - group_vars/registry.yaml - group_vars/gitea.yaml - group_vars/gitea-lb.yaml - group_vars/letsencrypt.yaml - group_vars/registry.yaml - group_vars/review.yaml - group_vars/review-dev.yaml - group_vars/control-plane-clouds.yaml - group_vars/afs-client.yaml - host_vars/bridge.openstack.org.yaml - host_vars/etherpad01.opendev.org.yaml - host_vars/letsencrypt01.opendev.org.yaml - host_vars/letsencrypt02.opendev.org.yaml - host_vars/gitea99.opendev.org.yaml - host_vars/mirror01.openafs.provider.opendev.org.yaml - host_vars/mirror-update01.opendev.org.yaml - host_vars/backup-test01.opendev.org.yaml - host_vars/backup-test02.opendev.org.yaml - host_vars/nb01-test.opendev.org.yaml - name: Display group membership command: ansible localhost -m debug -a 'var=groups' # In prod, bridge installs a zuul user, but in zuul we already have a zuul user, so we really need # to not modify it. - name: Load bridge hostvars slurp: path: /home/zuul/src/opendev.org/opendev/system-config/playbooks/host_vars/bridge.openstack.org.yaml register: bridge_hostvar_content - name: Parse bridge_hostvars set_fact: bridge_hostvars: "{{ bridge_hostvar_content.content | b64decode | from_yaml }}" - name: Overwrite extra_users vars: new_config: extra_users: [] set_fact: bridge_hostvars: "{{ bridge_hostvars | combine(new_config) }}" - name: Save bridge hostvars copy: content: "{{ bridge_hostvars | to_nice_yaml }}" dest: /home/zuul/src/opendev.org/opendev/system-config/playbooks/host_vars/bridge.openstack.org.yaml become: true - name: Set hostname on host command: ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/set-hostnames.yaml - name: Run base.yaml command: ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/base.yaml - name: Run bridge service playbook command: ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/playbooks/service-bridge.yaml - name: Run playbook when: run_playbooks is defined loop: "{{ run_playbooks }}" command: "ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/{{ item }}" - name: Run test playbook when: run_test_playbook is defined shell: "ANSIBLE_ROLES_PATH=/home/zuul/src/opendev.org/opendev/system-config/playbooks/roles ansible-playbook -v /home/zuul/src/opendev.org/opendev/system-config/{{ run_test_playbook }}" - name: Run testinfra to validate configuration include_role: name: tox vars: tox_envlist: testinfra # This allows us to run from external projects (like testinfra # itself) zuul_work_dir: src/opendev.org/opendev/system-config