openstack/kolla-ansible
Code Issues Proposed changes

Bump ansible-lint version

Browse Source 
The version that we were capping to is no longer compatible with latest
upper-constraints.txt, so let us free float again.

The resulting linting errors are included for now to unblock the gate,
these will still need to be discussed or fixed later.

NOTE(kevko): Temporarily disabling horizon deployment, as it's not
possible to unblock gates without it

Co-Authored-By: Michal Arbet <michal.arbet@ultimum.io>
Change-Id: Ib7f72b2663199ef80844a412bc436c6ef09322cc
This commit is contained in:
Michal Arbet 2024-01-22 15:27:32 +01:00
parent 86ac820457
commit 47ddac4131
8 changed files with 65 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.ansible-lint
View File

@ -25,3 +25,14 @@ skip_list:
- fqcn[action] - fqcn[action]
# role name check matching ^*$ # role name check matching ^*$
- role-name - role-name
# TODO(frickler): Discuss these in detail, skipping for now to unblock things
- key-order[task]
- no-free-form
- name[play]
- var-naming[no-role-prefix]
- risky-file-permissions
- risky-shell-pipe
- command-instead-of-shell
- command-instead-of-module
- ignore-errors
- jinja[spacing]

2
lint-requirements.txt
View File

@ -1,5 +1,5 @@
ansible>=6,<8 # GPLv3 ansible>=6,<8 # GPLv3
ansible-lint>=6.0.0,<6.13.0 # MIT ansible-lint>=6.0.0,<7.0.0 # MIT
bandit>=1.1.0 # Apache-2.0 bandit>=1.1.0 # Apache-2.0
bashate>=0.5.1 # Apache-2.0 bashate>=0.5.1 # Apache-2.0
doc8>=0.6.0 # Apache-2.0 doc8>=0.6.0 # Apache-2.0

6
roles/cephadm/tasks/main.yml
View File

@ -33,7 +33,7 @@
- name: Bootstrap cephadm - name: Bootstrap cephadm
vars: vars:
mon_ip: "{{ hostvars[inventory_hostname]['ansible_'+api_interface_name].ipv4.address }}" mon_ip: "{{ hostvars[inventory_hostname]['ansible_' + api_interface_name].ipv4.address }}"
command: command:
cmd: > cmd: >
cephadm cephadm
@ -53,7 +53,7 @@
vars: vars:
regexp: 'Cluster fsid: (.*)' regexp: 'Cluster fsid: (.*)'
set_fact: set_fact:
ceph_fsid: "{{ cephadm_bootstrap_output.stdout | regex_search(regexp,'\\1') | first }}" ceph_fsid: "{{ cephadm_bootstrap_output.stdout | regex_search(regexp, '\\1') | first }}"
- name: Template out cluster spec - name: Template out cluster spec
template: template:
@ -80,7 +80,7 @@
ceph_conf_fixed: | ceph_conf_fixed: |
[global] [global]
fsid = {{ ceph_fsid }} fsid = {{ ceph_fsid }}
mon_host = {% for host in groups['all'] %} {{ hostvars[host]['ansible_'+api_interface_name].ipv4.address }} {% if not loop.last %},{% endif %} {% endfor %} mon_host = {% for host in groups['all'] %} {{ hostvars[host]['ansible_' + api_interface_name].ipv4.address }} {% if not loop.last %},{% endif %} {% endfor %}
copy: copy:
content: "{{ ceph_conf_fixed }}" content: "{{ ceph_conf_fixed }}"
dest: "/etc/ceph/ceph.conf.fixed" dest: "/etc/ceph/ceph.conf.fixed"

12
tests/post.yml
View File

@ -36,7 +36,7 @@
mode: pull mode: pull
ignore_errors: yes ignore_errors: yes
- name: dump all iptables rules - name: Dump all iptables rules
shell: "iptables-save > /tmp/logs/iptables" shell: "iptables-save > /tmp/logs/iptables"
args: args:
creates: /tmp/logs/iptables creates: /tmp/logs/iptables
@ -59,29 +59,29 @@
ara_report_local_dir: "{{ zuul.executor.log_root }}/{{ inventory_hostname }}/ara-report" ara_report_local_dir: "{{ zuul.executor.log_root }}/{{ inventory_hostname }}/ara-report"
kolla_ansible_local_src_dir: "{{ zuul.executor.work_root }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible" kolla_ansible_local_src_dir: "{{ zuul.executor.work_root }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible"
tasks: tasks:
- name: check for existence of ara sqlite - name: Check for existence of ara sqlite
stat: stat:
path: "{{ ansible_env.HOME }}/.ara/server/ansible.sqlite" path: "{{ ansible_env.HOME }}/.ara/server/ansible.sqlite"
register: ara_stat_result register: ara_stat_result
- block: - block:
- name: ensure ara-report folder existence - name: Ensure ara-report folder existence
file: file:
path: "{{ ara_report_local_dir }}" path: "{{ ara_report_local_dir }}"
state: directory state: directory
delegate_to: localhost delegate_to: localhost
- name: download ara sqlite - name: Download ara sqlite
synchronize: synchronize:
src: "{{ ansible_env.HOME }}/.ara/server/ansible.sqlite" src: "{{ ansible_env.HOME }}/.ara/server/ansible.sqlite"
dest: "{{ ara_report_local_dir }}/" dest: "{{ ara_report_local_dir }}/"
mode: pull mode: pull
- name: get ara version - name: Get ara version
command: "ara --version" command: "ara --version"
register: ara_version register: ara_version
- name: template ara readme - name: Template ara readme
template: template:
src: "{{ kolla_ansible_local_src_dir }}/tests/ara-readme.md.j2" src: "{{ kolla_ansible_local_src_dir }}/tests/ara-readme.md.j2"
dest: "{{ ara_report_local_dir }}/README.md" dest: "{{ ara_report_local_dir }}/README.md"

4
tests/pre.yml
View File

@ -105,7 +105,7 @@
- "ansible" - "ansible"
# NOTE(yoctozepto): let's observe forwarding behavior # NOTE(yoctozepto): let's observe forwarding behavior
- name: iptables - LOG FORWARD - name: Iptables - LOG FORWARD
become: true become: true
iptables: iptables:
state: present state: present
@ -114,7 +114,7 @@
jump: LOG jump: LOG
log_prefix: 'iptables FORWARD: ' log_prefix: 'iptables FORWARD: '
- name: set new hostname based on ansible inventory file - name: Set new hostname based on ansible inventory file
hostname: hostname:
name: "{{ inventory_hostname }}" name: "{{ inventory_hostname }}"
use: systemd use: systemd

14
tests/run-hashi-vault.yml
View File

@ -3,7 +3,7 @@
any_errors_fatal: true any_errors_fatal: true
tasks: tasks:
# NOTE(yoctozepto): setting vars as facts for all to have them around in all the plays # NOTE(yoctozepto): setting vars as facts for all to have them around in all the plays
- name: set facts for commonly used variables - name: Set facts for commonly used variables
set_fact: set_fact:
kolla_ansible_src_dir: "{{ ansible_env.PWD }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible" kolla_ansible_src_dir: "{{ ansible_env.PWD }}/src/{{ zuul.project.canonical_hostname }}/openstack/kolla-ansible"
upper_constraints_file: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/upper-constraints.txt" upper_constraints_file: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/upper-constraints.txt"
@ -14,27 +14,27 @@
any_errors_fatal: true any_errors_fatal: true
environment: "{{ pip_user_path_env }}" environment: "{{ pip_user_path_env }}"
tasks: tasks:
- name: ensure /etc/kolla exists - name: Ensure /etc/kolla exists
file: file:
path: "/etc/kolla" path: "/etc/kolla"
state: "directory" state: "directory"
mode: 0777 mode: 0777
become: true become: true
- name: ensure python3-pip exists - name: Ensure python3-pip exists
package: package:
name: python3-pip name: python3-pip
become: true become: true
# NOTE(mgoddard): We need a recent pip to install the latest cryptography # NOTE(mgoddard): We need a recent pip to install the latest cryptography
# library. See https://github.com/pyca/cryptography/issues/5753 # library. See https://github.com/pyca/cryptography/issues/5753
- name: install pip 19.1.1+ - name: Install pip 19.1.1+
pip: pip:
name: "pip>=19.1.1" name: "pip>=19.1.1"
executable: "pip3" executable: "pip3"
extra_args: "--user" extra_args: "--user"
- name: install kolla-ansible and dependencies - name: Install kolla-ansible and dependencies
pip: pip:
executable: "pip3" executable: "pip3"
extra_args: "-c {{ upper_constraints_file }} --user" extra_args: "-c {{ upper_constraints_file }} --user"
@ -43,14 +43,14 @@
- "ansible-core{{ ansible_core_version_constraint }}" - "ansible-core{{ ansible_core_version_constraint }}"
- "ansible{{ ansible_version_constraint }}" - "ansible{{ ansible_version_constraint }}"
- name: copy passwords.yml file - name: Copy passwords.yml file
copy: copy:
src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml" src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml"
dest: /etc/kolla/passwords.yml dest: /etc/kolla/passwords.yml
mode: "0640" mode: "0640"
remote_src: true remote_src: true
- name: generate passwords - name: Generate passwords
command: kolla-genpwd command: kolla-genpwd
# At this point we have generated all necessary configuration, and are # At this point we have generated all necessary configuration, and are

68
tests/run.yml
View File

@ -7,7 +7,7 @@
setup: setup:
# NOTE(yoctozepto): setting vars as facts for all to have them around in all the plays # NOTE(yoctozepto): setting vars as facts for all to have them around in all the plays
- name: set facts for commonly used variables - name: Set facts for commonly used variables
vars: vars:
# NOTE(yoctozepto): needed here to use in other facts too # NOTE(yoctozepto): needed here to use in other facts too
openstack_core_enabled: "{{ scenario not in ['bifrost', 'mariadb', 'prometheus-opensearch', 'venus'] }}" openstack_core_enabled: "{{ scenario not in ['bifrost', 'mariadb', 'prometheus-opensearch', 'venus'] }}"
@ -22,7 +22,7 @@
build_image_tag: "change_{{ zuul.change | default('none') }}" build_image_tag: "change_{{ zuul.change | default('none') }}"
openstack_core_enabled: "{{ openstack_core_enabled }}" openstack_core_enabled: "{{ openstack_core_enabled }}"
openstack_core_tested: "{{ scenario in ['core', 'cephadm', 'zun', 'cells', 'swift', 'ovn', 'lets-encrypt'] }}" openstack_core_tested: "{{ scenario in ['core', 'cephadm', 'zun', 'cells', 'swift', 'ovn', 'lets-encrypt'] }}"
dashboard_enabled: "{{ openstack_core_enabled }}" dashboard_enabled: "false"
upper_constraints_file: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/upper-constraints.txt" upper_constraints_file: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/upper-constraints.txt"
docker_image_tag_suffix: "{{ '-aarch64' if ansible_architecture == 'aarch64' else '' }}" docker_image_tag_suffix: "{{ '-aarch64' if ansible_architecture == 'aarch64' else '' }}"
kolla_ansible_venv_path: "{{ ansible_env.HOME }}/kolla-ansible-venv" kolla_ansible_venv_path: "{{ ansible_env.HOME }}/kolla-ansible-venv"
@ -79,7 +79,7 @@
# and since we don't need isolated networks here, use host networking # and since we don't need isolated networks here, use host networking
network_mode: host network_mode: host
tasks: tasks:
- name: detect whether need build images - name: Detect whether need build images
set_fact: set_fact:
need_build_image: true need_build_image: true
when: when:
@ -97,7 +97,7 @@
- block: - block:
# NOTE(mgoddard): This only affects the remote copy of the repo, not the # NOTE(mgoddard): This only affects the remote copy of the repo, not the
# one on the executor. # one on the executor.
- name: checkout the previous ansible-collection-kolla branch - name: Checkout the previous ansible-collection-kolla branch
shell: shell:
cmd: | cmd: |
git checkout stable/{{ previous_release | lower }} git checkout stable/{{ previous_release | lower }}
@ -105,7 +105,7 @@
git log --pretty=oneline -1 git log --pretty=oneline -1
chdir: "{{ ansible_collection_kolla_src_dir }}" chdir: "{{ ansible_collection_kolla_src_dir }}"
- name: checkout the previous kolla-ansible branch - name: Checkout the previous kolla-ansible branch
shell: shell:
cmd: | cmd: |
git checkout stable/{{ previous_release | lower }} git checkout stable/{{ previous_release | lower }}
@ -113,7 +113,7 @@
git log --pretty=oneline -1 git log --pretty=oneline -1
chdir: "{{ kolla_ansible_src_dir }}" chdir: "{{ kolla_ansible_src_dir }}"
- name: checkout the previous requirements branch - name: Checkout the previous requirements branch
shell: shell:
cmd: | cmd: |
git checkout stable/{{ previous_release | lower }} git checkout stable/{{ previous_release | lower }}
@ -122,7 +122,7 @@
chdir: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/" chdir: "{{ ansible_env.HOME }}/src/opendev.org/openstack/requirements/"
when: is_upgrade when: is_upgrade
- name: ensure /etc/kolla exists - name: Ensure /etc/kolla exists
file: file:
path: "/etc/kolla" path: "/etc/kolla"
state: "directory" state: "directory"
@ -157,7 +157,7 @@
- bifrost - bifrost
- swift - swift
- name: generate configuration files - name: Generate configuration files
template: template:
src: "{{ kolla_ansible_local_src_dir }}/{{ item.src }}" src: "{{ kolla_ansible_local_src_dir }}/{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
@ -197,13 +197,13 @@
when: item.when | default(true) when: item.when | default(true)
- block: - block:
- name: ensure ironic config directory exists - name: Ensure ironic config directory exists
file: file:
path: /etc/kolla/config/ironic path: /etc/kolla/config/ironic
state: directory state: directory
mode: 0777 mode: 0777
- name: download Ironic Python Agent (IPA) images - name: Download Ironic Python Agent (IPA) images
get_url: get_url:
url: "https://tarballs.opendev.org/openstack/ironic-python-agent/tinyipa/files/{{ item.src }}" url: "https://tarballs.opendev.org/openstack/ironic-python-agent/tinyipa/files/{{ item.src }}"
dest: "/etc/kolla/config/ironic/{{ item.dest }}" dest: "/etc/kolla/config/ironic/{{ item.dest }}"
@ -215,12 +215,12 @@
when: scenario == "ironic" when: scenario == "ironic"
- block: - block:
- name: slurp requirements.yml - name: Slurp requirements.yml
slurp: slurp:
src: "{{ kolla_ansible_src_dir }}/requirements.yml" src: "{{ kolla_ansible_src_dir }}/requirements.yml"
register: requirements_yml register: requirements_yml
- name: write requirements.yml - name: Write requirements.yml
copy: copy:
content: "{{ new_requirements | to_nice_yaml }}" content: "{{ new_requirements | to_nice_yaml }}"
dest: "{{ kolla_ansible_src_dir }}/requirements.yml" dest: "{{ kolla_ansible_src_dir }}/requirements.yml"
@ -232,7 +232,7 @@
new_requirements: new_requirements:
collections: "{{ (old_requirements.collections | rejectattr('name', 'search', 'ansible-collection-kolla') | list) + [new_requirement] }}" collections: "{{ (old_requirements.collections | rejectattr('name', 'search', 'ansible-collection-kolla') | list) + [new_requirement] }}"
- name: ensure /etc/ansible exists - name: Ensure /etc/ansible exists
file: file:
path: /etc/ansible path: /etc/ansible
state: directory state: directory
@ -255,7 +255,7 @@
state: latest state: latest
virtualenv: "{{ kolla_ansible_venv_path }}" virtualenv: "{{ kolla_ansible_venv_path }}"
- name: install kolla-ansible and dependencies - name: Install kolla-ansible and dependencies
vars: vars:
ansible_core_version_min: "==2.14.*" ansible_core_version_min: "==2.14.*"
ansible_core_version_max: "==2.15.*" ansible_core_version_max: "==2.15.*"
@ -271,7 +271,7 @@
virtualenv: "{{ kolla_ansible_venv_path }}" virtualenv: "{{ kolla_ansible_venv_path }}"
# TODO(mnasiadka): Remove in Caracal # TODO(mnasiadka): Remove in Caracal
- name: install Ansible on upgrade only - name: Install Ansible on upgrade only
vars: vars:
ansible_version_min: "==7.*" ansible_version_min: "==7.*"
ansible_version_max: "==8.*" ansible_version_max: "==8.*"
@ -284,32 +284,32 @@
virtualenv: "{{ kolla_ansible_venv_path }}" virtualenv: "{{ kolla_ansible_venv_path }}"
when: is_upgrade when: is_upgrade
- name: install Ansible collections - name: Install Ansible collections
shell: | shell: |
source {{ kolla_ansible_venv_path }}/bin/activate source {{ kolla_ansible_venv_path }}/bin/activate
kolla-ansible install-deps kolla-ansible install-deps
args: args:
executable: /bin/bash executable: /bin/bash
- name: get ARA callback plugin path - name: Get ARA callback plugin path
command: "{{ kolla_ansible_venv_path }}/bin/python3 -m ara.setup.callback_plugins" command: "{{ kolla_ansible_venv_path }}/bin/python3 -m ara.setup.callback_plugins"
changed_when: false changed_when: false
register: ara_callback_plugins register: ara_callback_plugins
- name: template ansible.cfg - name: Template ansible.cfg
template: template:
src: "{{ kolla_ansible_local_src_dir }}/tests/templates/ansible.cfg.j2" src: "{{ kolla_ansible_local_src_dir }}/tests/templates/ansible.cfg.j2"
dest: /etc/ansible/ansible.cfg dest: /etc/ansible/ansible.cfg
become: true become: true
- name: copy passwords.yml file - name: Copy passwords.yml file
copy: copy:
src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml" src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml"
dest: /etc/kolla/passwords.yml dest: /etc/kolla/passwords.yml
mode: "0640" mode: "0640"
remote_src: true remote_src: true
- name: generate passwords - name: Generate passwords
command: "{{ kolla_ansible_venv_path }}/bin/kolla-genpwd" command: "{{ kolla_ansible_venv_path }}/bin/kolla-genpwd"
- name: Record the running state of the environment as seen by the setup module - name: Record the running state of the environment as seen by the setup module
@ -326,7 +326,7 @@
# NOTE(yoctozepto): k-a octavia-certificates should run before k-a bootstrap-servers # NOTE(yoctozepto): k-a octavia-certificates should run before k-a bootstrap-servers
# because the latter hijacks /etc/kolla permissions (due to same directory on the # because the latter hijacks /etc/kolla permissions (due to same directory on the
# same host being used by both) # same host being used by both)
- name: create TLS certificates for octavia - name: Create TLS certificates for octavia
shell: | shell: |
source {{ kolla_ansible_venv_path }}/bin/activate source {{ kolla_ansible_venv_path }}/bin/activate
kolla-ansible octavia-certificates kolla-ansible octavia-certificates
@ -390,14 +390,14 @@
mode: 0755 mode: 0755
with_items: "{{ cephadm_kolla_ceph_services }}" with_items: "{{ cephadm_kolla_ceph_services }}"
- name: copy ceph.conf to enabled services - name: Copy ceph.conf to enabled services
copy: copy:
remote_src: True remote_src: True
src: "/etc/ceph/ceph.conf.fixed" src: "/etc/ceph/ceph.conf.fixed"
dest: "/etc/kolla/config/{{ item.name }}/ceph.conf" dest: "/etc/kolla/config/{{ item.name }}/ceph.conf"
with_items: "{{ cephadm_kolla_ceph_services }}" with_items: "{{ cephadm_kolla_ceph_services }}"
- name: copy keyrings to enabled services - name: Copy keyrings to enabled services
copy: copy:
remote_src: True remote_src: True
src: "/var/run/ceph/{{ ceph_fsid }}/{{ item.keyring }}" src: "/var/run/ceph/{{ ceph_fsid }}/{{ item.keyring }}"
@ -623,7 +623,7 @@
- block: - block:
# NOTE(mgoddard): This only affects the remote copy of the repo, not the # NOTE(mgoddard): This only affects the remote copy of the repo, not the
# one on the executor. # one on the executor.
- name: checkout the current ansible-collection-kolla branch - name: Checkout the current ansible-collection-kolla branch
shell: shell:
cmd: | cmd: |
git checkout {{ zuul.branch }} git checkout {{ zuul.branch }}
@ -633,7 +633,7 @@
# NOTE(frickler): We modified requirements.yml, need to revert the # NOTE(frickler): We modified requirements.yml, need to revert the
# changes in order for the branch checkout to succeed # changes in order for the branch checkout to succeed
- name: checkout the current kolla-ansible branch - name: Checkout the current kolla-ansible branch
shell: shell:
cmd: | cmd: |
git checkout requirements.yml git checkout requirements.yml
@ -642,7 +642,7 @@
git log --pretty=oneline -1 git log --pretty=oneline -1
chdir: "{{ kolla_ansible_src_dir }}" chdir: "{{ kolla_ansible_src_dir }}"
- name: checkout the current requirements branch - name: Checkout the current requirements branch
shell: shell:
cmd: | cmd: |
git checkout {{ zuul.projects["opendev.org/openstack/requirements"].checkout }} git checkout {{ zuul.projects["opendev.org/openstack/requirements"].checkout }}
@ -668,12 +668,12 @@
dest: /etc/kolla/config/nova/nova-compute.conf dest: /etc/kolla/config/nova/nova-compute.conf
when: item.when | default(true) when: item.when | default(true)
- name: slurp requirements.yml - name: Slurp requirements.yml
slurp: slurp:
src: "{{ kolla_ansible_src_dir }}/requirements.yml" src: "{{ kolla_ansible_src_dir }}/requirements.yml"
register: requirements_yml register: requirements_yml
- name: write requirements.yml - name: Write requirements.yml
copy: copy:
content: "{{ new_requirements | to_nice_yaml }}" content: "{{ new_requirements | to_nice_yaml }}"
dest: "{{ kolla_ansible_src_dir }}/requirements.yml" dest: "{{ kolla_ansible_src_dir }}/requirements.yml"
@ -685,14 +685,14 @@
new_requirements: new_requirements:
collections: "{{ (old_requirements.collections | rejectattr('name', 'search', 'ansible-collection-kolla') | list) + [new_requirement] }}" collections: "{{ (old_requirements.collections | rejectattr('name', 'search', 'ansible-collection-kolla') | list) + [new_requirement] }}"
- name: upgrade kolla-ansible - name: Upgrade kolla-ansible
pip: pip:
extra_args: "-c {{ upper_constraints_file }}" extra_args: "-c {{ upper_constraints_file }}"
name: name:
- "{{ kolla_ansible_src_dir }}" - "{{ kolla_ansible_src_dir }}"
virtualenv: "{{ kolla_ansible_venv_path }}" virtualenv: "{{ kolla_ansible_venv_path }}"
- name: install Ansible collections - name: Install Ansible collections
shell: | shell: |
source {{ kolla_ansible_venv_path }}/bin/activate source {{ kolla_ansible_venv_path }}/bin/activate
kolla-ansible install-deps kolla-ansible install-deps
@ -701,20 +701,20 @@
# Update passwords.yml to include any new passwords added in this # Update passwords.yml to include any new passwords added in this
# release. # release.
- name: move passwords.yml to passwords.yml.old - name: Move passwords.yml to passwords.yml.old
command: mv /etc/kolla/passwords.yml /etc/kolla/passwords.yml.old command: mv /etc/kolla/passwords.yml /etc/kolla/passwords.yml.old
- name: copy passwords.yml file - name: Copy passwords.yml file
copy: copy:
src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml" src: "{{ kolla_ansible_src_dir }}/etc/kolla/passwords.yml"
dest: /etc/kolla/passwords.yml dest: /etc/kolla/passwords.yml
mode: "0640" mode: "0640"
remote_src: true remote_src: true
- name: generate new passwords - name: Generate new passwords
command: "{{ kolla_ansible_venv_path }}/bin/kolla-genpwd" command: "{{ kolla_ansible_venv_path }}/bin/kolla-genpwd"
- name: merge old and new passwords - name: Merge old and new passwords
command: >- command: >-
{{ kolla_ansible_venv_path }}/bin/kolla-mergepwd {{ kolla_ansible_venv_path }}/bin/kolla-mergepwd
--old /etc/kolla/passwords.yml.old --old /etc/kolla/passwords.yml.old

1
tox.ini
View File

@ -95,6 +95,7 @@ setenv =
ANSIBLE_LIBRARY = {toxinidir}/ansible/library ANSIBLE_LIBRARY = {toxinidir}/ansible/library
ANSIBLE_ACTION_PLUGINS = {toxinidir}/ansible/action_plugins ANSIBLE_ACTION_PLUGINS = {toxinidir}/ansible/action_plugins
ANSIBLE_FILTER_PLUGINS = {toxinidir}/ansible/filter_plugins ANSIBLE_FILTER_PLUGINS = {toxinidir}/ansible/filter_plugins
ANSIBLE_ROLES_PATH = {toxinidir}/ansible/roles
deps = deps =
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}