inspector: Add support for copying known_devices.yaml

See [1]. [1]: 0b9b175666 Change-Id: I8866cdab396b805ec75bc4ccccdc5c1909e63bcf
2024-07-11 12:35:33 +02:00 · 2024-07-11 12:35:33 +02:00 · 48ebb4e6c8
commit 48ebb4e6c8
parent c5a941dc91
3 changed files with 37 additions and 0 deletions
--- a/ansible/roles/ironic/tasks/config.yml
+++ b/ansible/roles/ironic/tasks/config.yml
@ -47,6 +47,32 @@
  when:
    - ironic_inspector_policy.results

+- name: Check if Ironic Inspector known_devices.yaml shall be overwritten
+  stat:
+    path: "{{ node_custom_config }}/ironic-inspector/known_devices.yaml"
+  delegate_to: localhost
+  run_once: True
+  register: ironic_inspector_known_devices
+
+- name: Set known_devices file path
+  set_fact:
+    ironic_inspector_known_devices_file_path: "{{ ironic_inspector_known_devices.stat.path }}"
+  when:
+    - ironic_inspector_known_devices.stat.exists
+
+- name: Copying over known_devices.yaml
+  template:
+    src: "{{ ironic_inspector_known_devices_file_path }}"
+    dest: "{{ node_config_directory }}/ironic-inspector/known_devices.yaml"
+    mode: "0660"
+  become: true
+  when:
+    - ironic_inspector_known_devices_file_path is defined
+    - inventory_hostname in groups["ironic-inspector"]
+    - ironic_services["ironic-inspector"].enabled | bool
+  notify:
+    - "Restart ironic-inspector container"
+
 - include_tasks: copy-certs.yml
  when:
    - kolla_copy_ca_into_containers | bool or ironic_enable_tls_backend | bool
--- a/ansible/roles/ironic/templates/ironic-inspector.conf.j2
+++ b/ansible/roles/ironic/templates/ironic-inspector.conf.j2
@ -93,3 +93,8 @@ backend_url = {{ redis_connection_string }}
 # tooz defaults to a newer version, we should explicitly specify `v3`
 backend_url = etcd3+{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ etcd_client_port }}?api_version=v3{% if openstack_cacert %}?ca_cert={{ openstack_cacert }}{% endif %}
 {% endif %}
+
+{% if ironic_inspector_known_devices_file_path is defined %}
+[accelerators]
+known_devices = /etc/ironic-inspector/known_devices.yaml
+{% endif %}
--- a/ansible/roles/ironic/templates/ironic-inspector.json.j2
+++ b/ansible/roles/ironic/templates/ironic-inspector.json.j2
@ -12,6 +12,12 @@
            "dest": "/etc/ironic-inspector/{{ ironic_inspector_policy_file }}",
            "owner": "ironic-inspector",
            "perm": "0600"
+        }{% endif %}{% if ironic_inspector_known_devices_file_path is defined %},
+        {
+            "source": "{{ container_config_directory }}/known_devices.yaml",
+            "dest": "/etc/ironic-inspector/known_devices.yaml",
+            "owner": "ironic-inspector",
+            "perm": "0600"
        }{% endif %}
    ]
 }