From b72123e91be0584d3a69f2a26a9b9100c6e86441 Mon Sep 17 00:00:00 2001 From: Dmitry Tantsur Date: Fri, 8 Jul 2022 15:55:42 +0200 Subject: [PATCH] Reduce the usage of no_log in keystone code Ansible is smart enough not to log auth and password fields. Using no_log makes debugging of the tasks impossible. Change-Id: I8c3fbc39866a20dcb48572b4b7a24196873d7832 --- .../bifrost-ironic-install/tasks/keystone_setup.yml | 12 ------------ .../tasks/keystone_setup_inspector.yml | 8 -------- 2 files changed, 20 deletions(-) diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml index b1a2918dc..a574e2fbd 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup.yml @@ -55,7 +55,6 @@ auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create service user for ironic" openstack.cloud.identity_user: @@ -69,7 +68,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Associate ironic user to admin role" openstack.cloud.role_assignment: @@ -80,7 +78,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create keystone service record for ironic" openstack.cloud.catalog_service: @@ -93,7 +90,6 @@ ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" register: baremetal_catalog_service - no_log: true - name: "Create ironic admin endpoint" openstack.cloud.endpoint: @@ -104,7 +100,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Setting external Ironic public URL" @@ -121,7 +116,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Setting internal Ironic URL" @@ -138,7 +132,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Create baremetal_admin role" @@ -148,7 +141,6 @@ auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create baremetal_observer role" openstack.cloud.identity_role: @@ -157,7 +149,6 @@ auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create baremetal project" os_project: @@ -169,7 +160,6 @@ auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create bifrost user" openstack.cloud.identity_user: @@ -181,7 +171,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Associate bifrost user with baremetal_admin" openstack.cloud.role_assignment: @@ -192,4 +181,3 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true diff --git a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml index acd635ca3..f8a098a8e 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/keystone_setup_inspector.yml @@ -55,7 +55,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Associate ironic_inspector user to admin role" openstack.cloud.role_assignment: @@ -66,7 +65,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Create keystone service record for ironic-inspector" openstack.cloud.catalog_service: @@ -79,7 +77,6 @@ ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" register: introspection_catalog_service - no_log: true - name: "Create ironic-inspector admin endpoint" openstack.cloud.endpoint: @@ -90,7 +87,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Setting external ironic-inspector public URL" @@ -107,7 +103,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Setting internal ironic-inspector URL" @@ -124,7 +119,6 @@ region: "{{ keystone.bootstrap.region_name | default('RegionOne') }}" auth: "{{ keystone_auth }}" ca_cert: "{{ tls_certificate_path | default(omit) }}" - no_log: true environment: "{{ bifrost_venv_env }}" - name: "Create inspector_user user" @@ -138,7 +132,6 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true - name: "Associate inspector_user with baremetal_admin" openstack.cloud.role_assignment: @@ -149,4 +142,3 @@ wait: yes ca_cert: "{{ tls_certificate_path | default(omit) }}" environment: "{{ bifrost_venv_env }}" - no_log: true