From 3d9fd47e969eaed248f136bf3f8b4c3a7ec20131 Mon Sep 17 00:00:00 2001 From: Dai Dang Van Date: Mon, 8 Jan 2018 17:48:30 +0700 Subject: [PATCH] Support policy.yaml file [Final] - Ceilometer - Gnocchi - Rally This will copy only yaml or json policy file if they exist. Change-Id: I59f3376ab9fb6fb83577465a6c9096764b9f19c0 Implements: blueprint support-custom-policy-yaml Co-authored-By: Duong Ha-Quang --- ansible/roles/ceilometer/handlers/main.yml | 12 +++---- ansible/roles/ceilometer/tasks/config.yml | 32 +++++++++++++------ .../templates/ceilometer-central.json.j2 | 11 +++---- .../templates/ceilometer-compute.json.j2 | 11 +++---- .../templates/ceilometer-notification.json.j2 | 11 +++---- .../ceilometer/templates/ceilometer.conf.j2 | 5 +++ ansible/roles/gnocchi/handlers/main.yml | 12 +++---- ansible/roles/gnocchi/tasks/config.yml | 32 +++++++++++++------ .../gnocchi/templates/gnocchi-api.json.j2 | 11 +++---- .../gnocchi/templates/gnocchi-metricd.json.j2 | 11 +++---- .../gnocchi/templates/gnocchi-statsd.json.j2 | 11 +++---- .../roles/gnocchi/templates/gnocchi.conf.j2 | 5 +++ ansible/roles/rally/handlers/main.yml | 4 +-- ansible/roles/rally/tasks/config.yml | 32 +++++++++++++------ ansible/roles/rally/templates/rally.conf.j2 | 5 +++ ansible/roles/rally/templates/rally.json.j2 | 11 +++---- 16 files changed, 130 insertions(+), 86 deletions(-) diff --git a/ansible/roles/ceilometer/handlers/main.yml b/ansible/roles/ceilometer/handlers/main.yml index 54807b0106..598d89f7d7 100644 --- a/ansible/roles/ceilometer/handlers/main.yml +++ b/ansible/roles/ceilometer/handlers/main.yml @@ -6,7 +6,7 @@ config_json: "{{ ceilometer_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_conf: "{{ ceilometer_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_pipeline: "{{ ceilometer_pipelines.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ ceilometer_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ ceilometer_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_notification_container: "{{ check_ceilometer_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" panko_conf: "{{ panko_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: @@ -21,7 +21,7 @@ - service.enabled | bool - config_json.changed | bool or ceilometer_conf.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or ceilometer_events.changed | bool or ceilometer_pipeline.changed | bool or ceilometer_notification_container.changed | bool @@ -34,7 +34,7 @@ config_json: "{{ ceilometer_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_conf: "{{ ceilometer_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_pipeline: "{{ ceilometer_pipelines.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ ceilometer_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ ceilometer_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_central_container: "{{ check_ceilometer_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -49,7 +49,7 @@ - config_json.changed | bool or ceilometer_conf.changed | bool or ceilometer_pipeline.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or ceilometer_central_container.changed | bool - name: Restart ceilometer-compute container @@ -59,7 +59,7 @@ config_json: "{{ ceilometer_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_conf: "{{ ceilometer_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_pipeline: "{{ ceilometer_pipelines.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ ceilometer_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ ceilometer_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" ceilometer_compute_container: "{{ check_ceilometer_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -75,6 +75,6 @@ - config_json.changed | bool or ceilometer_conf.changed | bool or ceilometer_pipeline.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or vcenter_ca_file.changed | bool or ceilometer_compute_container.changed | bool diff --git a/ansible/roles/ceilometer/tasks/config.yml b/ansible/roles/ceilometer/tasks/config.yml index 23664fd6d6..64efe47ef9 100644 --- a/ansible/roles/ceilometer/tasks/config.yml +++ b/ansible/roles/ceilometer/tasks/config.yml @@ -9,6 +9,23 @@ - item.value.enabled | bool with_dict: "{{ ceilometer_services }}" +- name: Check if policies shall be overwritten + local_action: stat path="{{ item }}" + run_once: True + register: ceilometer_policy + with_first_found: + - files: "{{ supported_policy_format_list }}" + paths: + - "{{ node_custom_config }}/ceilometer/" + skip: true + +- name: Set ceilometer policy file + set_fact: + ceilometer_policy_file: "{{ ceilometer_policy.results.0.stat.path | basename }}" + ceilometer_policy_file_path: "{{ ceilometer_policy.results.0.stat.path }}" + when: + - ceilometer_policy.results + - name: Copying over config.json files for services template: src: "{{ item.key }}.json.j2" @@ -115,18 +132,13 @@ notify: - Restart ceilometer-compute container -- name: Check if policies shall be overwritten - local_action: stat path="{{ node_custom_config }}/ceilometer/policy.json" - run_once: True - register: ceilometer_policy - -- name: Copying over existing policy.json +- name: Copying over existing policy file template: - src: "{{ node_custom_config }}/ceilometer/policy.json" - dest: "{{ node_config_directory }}/{{ item.key }}/policy.json" - register: ceilometer_policy_jsons + src: "{{ ceilometer_policy_file_path }}" + dest: "{{ node_config_directory }}/{{ item.key }}/{{ ceilometer_policy_file }}" + register: policy_jsons when: - - ceilometer_policy.stat.exists + - ceilometer_policy_file is defined - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ ceilometer_services }}" diff --git a/ansible/roles/ceilometer/templates/ceilometer-central.json.j2 b/ansible/roles/ceilometer/templates/ceilometer-central.json.j2 index 260ad50497..277eae3baf 100644 --- a/ansible/roles/ceilometer/templates/ceilometer-central.json.j2 +++ b/ansible/roles/ceilometer/templates/ceilometer-central.json.j2 @@ -6,14 +6,13 @@ "dest": "/etc/ceilometer/ceilometer.conf", "owner": "ceilometer", "perm": "0600" - }, + }{% if ceilometer_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/ceilometer/policy.json", + "source": "{{ container_config_directory }}/{{ ceilometer_policy_file }}", + "dest": "/etc/ceilometer/{{ ceilometer_policy_file }}", "owner": "ceilometer", - "perm": "0600", - "optional": true - }, + "perm": "0600" + }{% endif %}, { "source": "{{ container_config_directory }}/pipeline.yaml", "dest": "/etc/ceilometer/pipeline.yaml", diff --git a/ansible/roles/ceilometer/templates/ceilometer-compute.json.j2 b/ansible/roles/ceilometer/templates/ceilometer-compute.json.j2 index 6ba32f5e47..9a27ae7a9d 100644 --- a/ansible/roles/ceilometer/templates/ceilometer-compute.json.j2 +++ b/ansible/roles/ceilometer/templates/ceilometer-compute.json.j2 @@ -6,14 +6,13 @@ "dest": "/etc/ceilometer/ceilometer.conf", "owner": "ceilometer", "perm": "0600" - }, + }{% if ceilometer_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/ceilometer/policy.json", + "source": "{{ container_config_directory }}/{{ ceilometer_policy_file }}", + "dest": "/etc/ceilometer/{{ ceilometer_policy_file }}", "owner": "ceilometer", - "perm": "0600", - "optional": true - }, + "perm": "0600" + }{% endif %}, { "source": "{{ container_config_directory }}/pipeline.yaml", "dest": "/etc/ceilometer/pipeline.yaml", diff --git a/ansible/roles/ceilometer/templates/ceilometer-notification.json.j2 b/ansible/roles/ceilometer/templates/ceilometer-notification.json.j2 index 98ccaec0b2..bad19d9777 100644 --- a/ansible/roles/ceilometer/templates/ceilometer-notification.json.j2 +++ b/ansible/roles/ceilometer/templates/ceilometer-notification.json.j2 @@ -24,14 +24,13 @@ "dest": "/etc/ceilometer/pipeline.yaml", "owner": "ceilometer", "perm": "0600" - }, + }{% if ceilometer_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/ceilometer/policy.json", + "source": "{{ container_config_directory }}/{{ ceilometer_policy_file }}", + "dest": "/etc/ceilometer/{{ ceilometer_policy_file }}", "owner": "ceilometer", - "perm": "0600", - "optional": true - }, + "perm": "0600" + }{% endif %}, { "source": "{{ container_config_directory }}/panko.conf", "dest": "/etc/panko/panko.conf", diff --git a/ansible/roles/ceilometer/templates/ceilometer.conf.j2 b/ansible/roles/ceilometer/templates/ceilometer.conf.j2 index 7b33363328..5f220546b4 100644 --- a/ansible/roles/ceilometer/templates/ceilometer.conf.j2 +++ b/ansible/roles/ceilometer/templates/ceilometer.conf.j2 @@ -52,3 +52,8 @@ ca_file = /etc/ceilometer/vmware_ca [oslo_messaging_notifications] transport_url = {{ notify_transport_url }} + +{% if ceilometer_policy_file is defined %} +[oslo_policy] +policy_file = {{ ceilometer_policy_file }} +{% endif %} diff --git a/ansible/roles/gnocchi/handlers/main.yml b/ansible/roles/gnocchi/handlers/main.yml index bb8df9430c..e6fca5eee2 100644 --- a/ansible/roles/gnocchi/handlers/main.yml +++ b/ansible/roles/gnocchi/handlers/main.yml @@ -5,7 +5,7 @@ service: "{{ gnocchi_services[service_name] }}" config_json: "{{ gnocchi_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_conf: "{{ gnocchi_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ gnocchi_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ gnocchi_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_api_container: "{{ check_gnocchi_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -19,7 +19,7 @@ - service.enabled | bool - config_json.changed | bool or gnocchi_conf.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or gnocchi_wsgi_conf.changed | bool or gnocchi_api_container.changed | bool @@ -29,7 +29,7 @@ service: "{{ gnocchi_services[service_name] }}" config_json: "{{ gnocchi_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_conf: "{{ gnocchi_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ gnocchi_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ gnocchi_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_metricd_container: "{{ check_gnocchi_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -43,7 +43,7 @@ - service.enabled | bool - config_json.changed | bool or gnocchi_conf.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or gnocchi_metricd_container.changed | bool - name: Restart gnocchi-statsd container @@ -52,7 +52,7 @@ service: "{{ gnocchi_services[service_name] }}" config_json: "{{ gnocchi_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_conf: "{{ gnocchi_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ gnocchi_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ gnocchi_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" gnocchi_statsd_container: "{{ check_gnocchi_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -66,5 +66,5 @@ - service.enabled | bool - config_json.changed | bool or gnocchi_conf.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or gnocchi_statsd_container.changed | bool diff --git a/ansible/roles/gnocchi/tasks/config.yml b/ansible/roles/gnocchi/tasks/config.yml index 5c49e3184f..1f6d47b788 100644 --- a/ansible/roles/gnocchi/tasks/config.yml +++ b/ansible/roles/gnocchi/tasks/config.yml @@ -9,6 +9,23 @@ - item.value.enabled | bool with_dict: "{{ gnocchi_services }}" +- name: Check if policies shall be overwritten + local_action: stat path="{{ item }}" + run_once: True + register: gnocchi_policy + with_first_found: + - files: "{{ supported_policy_format_list }}" + paths: + - "{{ node_custom_config }}/gnocchi/" + skip: true + +- name: Set gnocchi policy file + set_fact: + gnocchi_policy_file: "{{ gnocchi_policy.results.0.stat.path | basename }}" + gnocchi_policy_file_path: "{{ gnocchi_policy.results.0.stat.path }}" + when: + - gnocchi_policy.results + - name: Copying over config.json files for services template: src: "{{ item.key }}.json.j2" @@ -59,18 +76,13 @@ notify: - Restart gnocchi-api container -- name: Check if policies shall be overwritten - local_action: stat path="{{ node_custom_config }}/gnocchi/policy.json" - run_once: True - register: gnocchi_policy - -- name: Copying over existing policy.json +- name: Copying over existing policy file template: - src: "{{ node_custom_config }}/gnocchi/policy.json" - dest: "{{ node_config_directory }}/{{ item.key }}/policy.json" - register: gnocchi_policy_jsons + src: "{{ gnocchi_policy_file_path }}" + dest: "{{ node_config_directory }}/{{ item.key }}/{{ gnocchi_policy_file }}" + register: gnocchi_policy_overwriting when: - - gnocchi_policy.stat.exists + - gnocchi_policy_file is defined - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ gnocchi_services }}" diff --git a/ansible/roles/gnocchi/templates/gnocchi-api.json.j2 b/ansible/roles/gnocchi/templates/gnocchi-api.json.j2 index f7dc1a338c..0e7ce9baff 100644 --- a/ansible/roles/gnocchi/templates/gnocchi-api.json.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi-api.json.j2 @@ -14,14 +14,13 @@ "dest": "/etc/{{ gnocchi_dir }}/wsgi-gnocchi.conf", "owner": "gnocchi", "perm": "0600" - }, + }{% if gnocchi_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/gnocchi/policy.json", + "source": "{{ container_config_directory }}/{{ gnocchi_policy_file }}", + "dest": "/etc/gnocchi/{{ gnocchi_policy_file }}", "owner": "gnocchi", - "perm": "0600", - "optional": true - }{% if gnocchi_backend_storage == 'ceph' %}, + "perm": "0600" + }{% endif %}{% if gnocchi_backend_storage == 'ceph' %}, { "source": "{{ container_config_directory }}/ceph.conf", "dest": "/etc/ceph/ceph.conf", diff --git a/ansible/roles/gnocchi/templates/gnocchi-metricd.json.j2 b/ansible/roles/gnocchi/templates/gnocchi-metricd.json.j2 index 2285095816..6d97e2910b 100644 --- a/ansible/roles/gnocchi/templates/gnocchi-metricd.json.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi-metricd.json.j2 @@ -6,14 +6,13 @@ "dest": "/etc/gnocchi/gnocchi.conf", "owner": "gnocchi", "perm": "0600" - }, + }{% if gnocchi_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/gnocchi/policy.json", + "source": "{{ container_config_directory }}/{{ gnocchi_policy_file }}", + "dest": "/etc/gnocchi/{{ gnocchi_policy_file }}", "owner": "gnocchi", - "perm": "0600", - "optional": true - }{% if gnocchi_backend_storage == 'ceph' %}, + "perm": "0600" + }{% endif %}{% if gnocchi_backend_storage == 'ceph' %}, { "source": "{{ container_config_directory }}/ceph.conf", "dest": "/etc/ceph/ceph.conf", diff --git a/ansible/roles/gnocchi/templates/gnocchi-statsd.json.j2 b/ansible/roles/gnocchi/templates/gnocchi-statsd.json.j2 index 8613c343db..9f76af78f1 100644 --- a/ansible/roles/gnocchi/templates/gnocchi-statsd.json.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi-statsd.json.j2 @@ -6,14 +6,13 @@ "dest": "/etc/gnocchi/gnocchi.conf", "owner": "gnocchi", "perm": "0600" - }, + }{% if gnocchi_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/gnocchi/policy.json", + "source": "{{ container_config_directory }}/{{ gnocchi_policy_file }}", + "dest": "/etc/gnocchi/{{ gnocchi_policy_file }}", "owner": "gnocchi", - "perm": "0600", - "optional": true - }{% if gnocchi_backend_storage == 'ceph' %}, + "perm": "0600" + }{% endif %}{% if gnocchi_backend_storage == 'ceph' %}, { "source": "{{ container_config_directory }}/ceph.conf", "dest": "/etc/ceph/ceph.conf", diff --git a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 index 40955035be..1b6438b8e5 100644 --- a/ansible/roles/gnocchi/templates/gnocchi.conf.j2 +++ b/ansible/roles/gnocchi/templates/gnocchi.conf.j2 @@ -49,6 +49,11 @@ memcache_security_strategy = ENCRYPT memcache_secret_key = {{ memcache_secret_key }} memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} +{% if gnocchi_policy_file is defined %} +[oslo_policy] +policy_file = {{ gnocchi_policy_file }} +{% endif %} + [storage] {% if gnocchi_backend_storage == 'file' %} driver = file diff --git a/ansible/roles/rally/handlers/main.yml b/ansible/roles/rally/handlers/main.yml index 54fd3118fc..dfb5ab5072 100644 --- a/ansible/roles/rally/handlers/main.yml +++ b/ansible/roles/rally/handlers/main.yml @@ -5,7 +5,7 @@ service: "{{ rally_services[service_name] }}" config_json: "{{ rally_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" rally_conf: "{{ rally_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ rally_policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + policy_overwriting: "{{ rally_policy_overwriting.results|selectattr('item.key', 'equalto', service_name)|first }}" rally_container: "{{ check_rally_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" kolla_docker: action: "recreate_or_restart_container" @@ -19,5 +19,5 @@ - service.enabled | bool - config_json.changed | bool or rally_conf.changed | bool - or policy_json.changed | bool + or policy_overwriting.changed | bool or rally_container.changed | bool diff --git a/ansible/roles/rally/tasks/config.yml b/ansible/roles/rally/tasks/config.yml index c7daee602e..d82204f734 100644 --- a/ansible/roles/rally/tasks/config.yml +++ b/ansible/roles/rally/tasks/config.yml @@ -9,6 +9,23 @@ - item.value.enabled | bool with_dict: "{{ rally_services }}" +- name: Check if policies shall be overwritten + local_action: stat path="{{ item }}" + run_once: True + register: rally_policy + with_first_found: + - files: "{{ supported_policy_format_list }}" + paths: + - "{{ node_custom_config }}/rally/" + skip: true + +- name: Set rally policy file + set_fact: + rally_policy_file: "{{ rally_policy.results.0.stat.path | basename }}" + rally_policy_file_path: "{{ rally_policy.results.0.stat.path }}" + when: + - rally_policy.results + - name: Copying over config.json files for services template: src: "{{ item.key }}.json.j2" @@ -37,18 +54,13 @@ notify: - Restart rally container -- name: Check if policies shall be overwritten - local_action: stat path="{{ node_custom_config }}/rally/policy.json" - run_once: True - register: rally_policy - -- name: Copying over existing policy.json +- name: Copying over existing policy file template: - src: "{{ node_custom_config }}/rally/policy.json" - dest: "{{ node_config_directory }}/{{ item.key }}/policy.json" - register: rally_policy_jsons + src: "{{ rally_policy_file_path }}" + dest: "{{ node_config_directory }}/{{ item.key }}/{{ rally_policy_file }}" + register: rally_policy_overwriting when: - - rally_policy.stat.exists + - rally_policy_file is defined - inventory_hostname in groups[item.value.group] - item.value.enabled | bool with_dict: "{{ rally_services }}" diff --git a/ansible/roles/rally/templates/rally.conf.j2 b/ansible/roles/rally/templates/rally.conf.j2 index 853751871b..7a43d10406 100644 --- a/ansible/roles/rally/templates/rally.conf.j2 +++ b/ansible/roles/rally/templates/rally.conf.j2 @@ -7,3 +7,8 @@ log_dir = /var/log/kolla/rally/ [database] connection = mysql+pymysql://{{ rally_database_user }}:{{ rally_database_password }}@{{ rally_database_address }}/{{ rally_database_name }} max_retries = -1 + +{% if rally_policy_file is defined %} +[oslo_policy] +policy_file = {{ rally_policy_file }} +{% endif %} diff --git a/ansible/roles/rally/templates/rally.json.j2 b/ansible/roles/rally/templates/rally.json.j2 index 99cf576253..a8ba2df6db 100644 --- a/ansible/roles/rally/templates/rally.json.j2 +++ b/ansible/roles/rally/templates/rally.json.j2 @@ -6,14 +6,13 @@ "dest": "/etc/rally/rally.conf", "owner": "rally", "perm": "0600" - }, + }{% if rally_policy_file is defined %}, { - "source": "{{ container_config_directory }}/policy.json", - "dest": "/etc/rally/policy.json", + "source": "{{ container_config_directory }}/{{ rally_policy_file }}", + "dest": "/etc/rally/{{ rally_policy_file }}", "owner": "rally", - "perm": "0600", - "optional": true - } + "perm": "0600" + }{% endif %} ], "permissions": [ {