openstack/openstack-ansible-ops
Code Issues Proposed changes

Run security hardening when leaping a deployment

Browse Source 
The security hardening playbook was not being executed. This change adds
the security hardning playbook to the defeault re-deployment process. If
a deployer wishes to opt-out of the default security hardening they can
disable it using the `apply_security_hardening` option.

Change-Id: I69baa1d2cb209cf3686ca2da00e698ed5dbf92f9
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2017-10-25 10:47:48 -05:00
parent 0690bb6085
commit 676d574623
No known key found for this signature in database
GPG Key ID: 69FEFFC5E2D9273F
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
leap-upgrades/re-deploy.sh
View File

@ -51,6 +51,10 @@ fi
# Setup Hosts # Setup Hosts
RUN_TASKS+=("openstack-hosts-setup.yml -e redeploy_rerun=true") RUN_TASKS+=("openstack-hosts-setup.yml -e redeploy_rerun=true")
# Run the security-hardening playbook in redeployment
RUN_TASKS+=("security-hardening.yml")
# Ensure the same pip everywhere, even if requirement met or above # Ensure the same pip everywhere, even if requirement met or above
RUN_TASKS+=("${UPGRADE_UTILS}/pip-unify.yml -e release_version=\"${NEWTON_RELEASE}\"") RUN_TASKS+=("${UPGRADE_UTILS}/pip-unify.yml -e release_version=\"${NEWTON_RELEASE}\"")