Move shade, openstackclient and projects roles to Ansible Galaxy

.gitignore

@@ -55,6 +55,9 @@ ansible/roles/mrlesmithjr.manage-lvm/
 ansible/roles/MichaelRigart.interfaces/
 ansible/roles/stackhpc.drac/
 ansible/roles/stackhpc.drac-facts/
+ansible/roles/stackhpc.os-openstackclient/
+ansible/roles/stackhpc.os-projects/
+ansible/roles/stackhpc.os-shade/
 ansible/roles/resmo.ntp/
 ansible/roles/yatesr.timezone/
 

ansible/compute-node-flavors.yml

@@ -10,8 +10,8 @@
     venv: "{{ ansible_env.PWD }}/shade-venv"
     flavor_base_name: baremetal-
   roles:
-    - role: openstackclient
-      openstackclient_venv: "{{ venv }}"
+    - role: stackhpc.os-openstackclient
+      os_openstackclient_venv: "{{ venv }}"
 
   tasks:
     - name: Get a list of ironic nodes

ansible/compute-node-provide.yml

@@ -8,8 +8,8 @@
   vars:
     venv: "{{ ansible_env.PWD }}/shade-venv"
   roles:
-    - role: openstackclient
-      openstackclient_venv: "{{ venv }}"
+    - role: stackhpc.os-openstackclient
+      os_openstackclient_venv: "{{ venv }}"
   tasks:
     - name: Get a list of ironic nodes
       shell: >

ansible/overcloud-introspection-rules.yml

@@ -19,8 +19,8 @@
         - config-validation
 
   roles:
-    - role: openstackclient
-      openstackclient_venv: "{{ venv }}"
+    - role: stackhpc.os-openstackclient
+      os_openstackclient_venv: "{{ venv }}"
 
 - name: Ensure introspection rules are registered in Ironic Inspector
   # Only required to run on a single host.

ansible/requirements.yml

@@ -10,4 +10,5 @@
 - src: resmo.ntp
 - src: stackhpc.drac
 - src: stackhpc.drac-facts
+- src: stackhpc.os-projects
 - src: yatesr.timezone

ansible/roles/ipa-images/meta/main.yml

@@ -1,4 +1,4 @@
 ---
 dependencies:
-  - role: shade
-    shade_venv: "{{ ipa_images_venv }}"
+  - role: stackhpc.os-shade
+    os_shade_venv: "{{ ipa_images_venv }}"

ansible/roles/ironic-inspector-rules/meta/main.yml

@@ -1,4 +1,4 @@
 ---
 dependencies:
-  - role: shade
-    shade_venv: "{{ ironic_inspector_venv }}"
+  - role: stackhpc.os-shade
+    os_shade_venv: "{{ ironic_inspector_venv }}"

ansible/roles/neutron-net/meta/main.yml

@@ -1,4 +1,4 @@
 ---
 dependencies:
-  - role: shade
-    shade_venv: "{{ neutron_net_venv }}"
+  - role: stackhpc.os-shade
+    os_shade_venv: "{{ neutron_net_venv }}"

ansible/roles/nova-flavors/meta/main.yml

@@ -1,4 +1,4 @@
 ---
 dependencies:
-  - role: shade
-    shade_venv: "{{ nova_flavors_venv }}"
+  - role: stackhpc.os-shade
+    os_shade_venv: "{{ nova_flavors_venv }}"

ansible/roles/openstackclient/defaults/main.yml

@@ -1,3 +0,0 @@
----
-# Path to a directory in which to create a virtualenv.
-openstackclient_venv:

ansible/roles/openstackclient/tasks/main.yml

@@ -1,36 +0,0 @@
----
-- name: Ensure EPEL repo is installed
-  yum:
-    name: epel-release
-    state: installed
-  become: True
-
-- name: Ensure required packages are installed
-  yum:
-    name: "{{ item }}"
-    state: installed
-  become: True
-  with_items:
-    - gcc
-    - libffi-devel
-    - openssl-devel
-    - python-devel
-    - python-pip
-    - python-virtualenv
-
-- name: Ensure the latest version of pip is installed
-  pip:
-    name: "{{ item.name }}"
-    state: latest
-    virtualenv: "{{ openstackclient_venv }}"
-  with_items:
-    - { name: pip }
-
-- name: Ensure required Python packages are installed
-  pip:
-    name: "{{ item.name }}"
-    version: "{{ item.version | default(omit) }}"
-    state: present
-    virtualenv: "{{ openstackclient_venv }}"
-  with_items:
-    - name: python-openstackclient

ansible/roles/projects/defaults/main.yml

@@ -1,34 +0,0 @@
----
-# Path to a directory in which to create a virtualenv.
-projects_venv:
-
-# Authentication type as used by os_* modules' 'auth_type' argument.
-projects_auth_type:
-
-# Authentication options for admin as used by os_* modules' 'auth' argument.
-projects_admin_auth: {}
-
-# Environment variables for use with os_* modules.
-projects_environment:
-  OS_IDENTITY_API_VERSION: 3
-
-# List of projects to create.
-# Each item should be a dict containing the following items:
-# 'name': The name of the project.
-# 'description': A description of the project.
-# 'project_domain': The domain in which to register the project.
-# 'user_domain': The domain in which to register users.
-# 'users': List of users to register. Each user should be a dict containing
-#          the following items:
-#          'name': The name of the user.
-#          'password': The user's password.
-#          'roles': A list of roles to assign to the user.
-#          'openrc_file': Path to an environment file to create.
-# 'keypairs': List of SSH key pairs to register with Nova. Each key pair
-#             should be a dict containing the following items:
-#             'name': The name of the keypair.
-#             'public_key': The SSH public key contents. Optional.
-#             'public_key_file': Path to the SSH public key on the control
-#                                host.
-# 'quotas': Dict mapping quota names to their values.
-projects: []

ansible/roles/projects/meta/main.yml

@@ -1,7 +0,0 @@
----
-dependencies:
-  - role: shade
-    shade_venv: "{{ projects_venv }}"
-
-  - role: openstackclient
-    openstackclient_venv: "{{ projects_venv }}"

ansible/roles/projects/tasks/main.yml

@@ -1,115 +0,0 @@
----
-- name: Set a fact to ensure Ansible uses the python interpreter in the virtualenv
-  set_fact:
-    ansible_python_interpreter: "{{ projects_venv }}/bin/python"
-
-- name: Ensure the test project exists
-  os_project:
-    auth_type: "{{ projects_auth_type }}"
-    auth: "{{ projects_admin_auth }}"
-    name: "{{ item.name }}"
-    description: "{{ item.description }}"
-    domain_id: "{{ item.project_domain }}"
-    state: present
-    enabled: True
-    wait: yes
-  with_items: "{{ projects }}"
-  environment: "{{ projects_environment }}"
-
-- name: Ensure test project users exist
-  os_user:
-    auth_type: "{{ projects_auth_type }}"
-    auth: "{{ projects_admin_auth }}"
-    name: "{{ item.1.name }}"
-    password: "{{ item.1.password }}"
-    default_project: "{{ item.0.name }}"
-    domain: "{{ item.0.project_domain }}"
-    state: present
-    enabled: True
-    wait: yes
-  with_subelements:
-    - "{{ projects }}"
-    - users
-  environment: "{{ projects_environment }}"
-
-- name: Initiliase a fact containing flattened user roles
-  set_fact:
-    projects_user_roles: []
-
-- name: Update a fact containing flattened user roles
-  set_fact:
-    projects_user_roles: >
-      {{ projects_user_roles +
-         [{'project': item.0.name,
-           'name': item.1.name,
-           'roles': item.1.roles}] }}
-  with_subelements:
-    - "{{ projects }}"
-    - users
-        
-- name: Ensure test project users have required roles
-  os_user_role:
-    auth_type: "{{ projects_auth_type }}"
-    auth: "{{ projects_admin_auth }}"
-    user: "{{ item.0.name }}"
-    project: "{{ item.0.project }}"
-    role: "{{ item.1 }}"
-    state: present
-  with_subelements:
-    - "{{ projects_user_roles }}"
-    - roles
-  environment: "{{ projects_environment }}"
-
-- name: Ensure SSH keypairs are registered
-  os_keypair:
-    auth_type: "{{ projects_auth_type }}"
-    auth: "{{ projects_admin_auth | combine(projects_user_auth_overrides) }}"
-    name: "{{ item.1.name }}"
-    public_key_file: "{{ item.1.public_key_file | default(omit) }}"
-    public_key: "{{ item.1.public_key | default(omit) }}"
-    state: present
-  with_subelements:
-    - "{{ projects }}"
-    - keypairs
-  environment: "{{ projects_environment }}"
-  vars:
-    # Authentication option overrides for non-admin user as used by os_*
-    # modules' 'auth' argument.
-    projects_user_auth_overrides:
-      project_domain_name: "{{ item.0.project_domain }}"
-      user_domain_name: "{{ item.0.user_domain }}"
-      project_name: "{{ item.0.name }}"
-      username: "{{ item.0.users[0].name }}"
-      password: "{{ item.0.users[0].password }}"
-
-# This variable is unset before we set it, and it does not appear to be
-# possible to unset a variable in Ansible.
-- name: Set a fact to reset the Ansible python interpreter
-  set_fact:
-    ansible_python_interpreter: /usr/bin/python
-
-# The os_quota module is not available in Ansible 2.2. It will be added in
-# Ansible 2.3, at which point we should use it here.
-- name: Ensure quotas are set
-  shell: >
-    source {{ projects_venv }}/bin/activate &&
-    openstack
-    {% for auth_name, auth_value in projects_admin_auth.items() %}
-    --os-{{ auth_name | replace('_', '-') }}='{{ auth_value }}'
-    {% endfor %}
-    quota set {{ item.name }}
-    {% for name, value in item.quotas.items() %} --{{ name | replace('_', '-') }}={{ value }}{% endfor %}
-  when: "{{ item.quotas }}"
-  with_items: "{{ projects }}"
-  environment: "{{ projects_environment }}"
-
-- name: Ensure openrc environment file exists
-  local_action:
-    module: template
-    src: openrc.j2
-    dest: "{{ item.1.openrc_file }}"
-    mode: 0600
-  with_subelements:
-    - "{{ projects }}"
-    - users
-  when: "{{ item.openrc_file is defined }}"

ansible/roles/projects/templates/openrc.j2

@@ -1,17 +0,0 @@
-# {{ ansible_managed }}
-# This is an openrc environment file for OpenStack user {{ item.1.name }} in
-# project {{ item.0.name }}.
-{% set projects_user_auth_overrides = {
-  "project_domain_name": "{{ item.0.project_domain }}",
-  "user_domain_name": "{{ item.0.user_domain }}",
-  "project_name": "{{ item.0.name }}",
-  "username": "{{ item.1.name }}",
-  "password": "{{ item.1.password }}",
-} %}
-{% set projects_auth = projects_admin_auth | combine(projects_user_auth_overrides) %}
-{% for name, value in projects_auth.items() %}
-export OS_{{ name | upper }}={{ value }}
-{% endfor %}
-{% for name, value in projects_environment.items() %}
-export {{ name }}={{ value }}
-{% endfor %}

ansible/roles/shade/defaults/main.yml

@@ -1,3 +0,0 @@
----
-# Path to a directory in which to create a virtualenv.
-shade_venv:

ansible/roles/shade/tasks/main.yml

@@ -1,36 +0,0 @@
----
-- name: Ensure EPEL repo is installed
-  yum:
-    name: epel-release
-    state: installed
-  become: True
-
-- name: Ensure required packages are installed
-  yum:
-    name: "{{ item }}"
-    state: installed
-  become: True
-  with_items:
-    - gcc
-    - libffi-devel
-    - openssl-devel
-    - python-devel
-    - python-pip
-    - python-virtualenv
-
-- name: Ensure the latest version of pip is installed
-  pip:
-    name: "{{ item.name }}"
-    state: latest
-    virtualenv: "{{ shade_venv }}"
-  with_items:
-    - { name: pip }
-
-- name: Ensure required Python packages are installed
-  pip:
-    name: "{{ item.name }}"
-    version: "{{ item.version | default(omit) }}"
-    state: present
-    virtualenv: "{{ shade_venv }}"
-  with_items:
-    - name: shade

ansible/test-image-centos-cloud.yml

@@ -2,9 +2,9 @@
 - name: Ensure CentOS cloud image is registered with Glance
   hosts: controllers[0]
   vars:
-    shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
+    os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
   roles:
-    - role: shade
+    - role: stackhpc.os-shade
   tasks:
     - name: Ensure image download directory exists
       file:
@@ -20,7 +20,7 @@
     # evaluate the Jinja variable reference, so we use set_fact.
     - name: Update the Ansible python interpreter fact to point to the shade virtualenv
       set_fact:
-        ansible_python_interpreter: "{{ shade_venv }}/bin/python"
+        ansible_python_interpreter: "{{ os_shade_venv }}/bin/python"
 
     - name: Ensure test deployment image is registered with Glance
       os_image:

ansible/test-image.yml

@@ -16,9 +16,9 @@
       - grub2
     image_extra_elements: []
     image_elements: "{{ image_base_elements + (image_whole_disk_elements if image_is_whole_disk|bool else image_partition_elements) + image_extra_elements }}"
-    shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
+    os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
   roles:
-    - role: shade
+    - role: stackhpc.os-shade
   tasks:
     - name: Ensure diskimage-builder package is installed
       yum:
@@ -49,7 +49,7 @@
     # evaluate the Jinja variable reference, so we use set_fact.
     - name: Update the Ansible python interpreter fact to point to the shade virtualenv
       set_fact:
-        ansible_python_interpreter: "{{ shade_venv }}/bin/python"
+        ansible_python_interpreter: "{{ os_shade_venv }}/bin/python"
 
     - name: Ensure test deployment ramdisk and kernel images are registered with Glance
       os_image:

ansible/test-keypair.yml

@@ -3,15 +3,15 @@
   hosts: controllers[0]
   vars:
     public_key_path: "{{ ssh_public_key_path }}"
-    shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
+    os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv"
   roles:
-    - role: shade
+    - role: stackhpc.os-shade
   tasks:
     # Note that setting this via a play or task variable seems to not
     # evaluate the Jinja variable reference, so we use set_fact.
     - name: Update the Ansible python interpreter fact to point to the shade virtualenv
       set_fact:
-        ansible_python_interpreter: "{{ shade_venv }}/bin/python"
+        ansible_python_interpreter: "{{ os_shade_venv }}/bin/python"
 
     - name: Ensure a test SSH key pair is registered with Nova
       os_keypair:

ansible/test-project.yml

@@ -48,11 +48,11 @@
       register: ssh_public_key
 
   roles:
-    - role: projects
-      projects_venv: "{{ venv }}"
-      projects_auth_type: "{{ openstack_auth_type }}"
-      projects_admin_auth: "{{ openstack_auth }}"
-      projects:
+    - role: stackhpc.os-projects
+      os_projects_venv: "{{ venv }}"
+      os_projects_auth_type: "{{ openstack_auth_type }}"
+      os_projects_admin_auth: "{{ openstack_auth }}"
+      os_projects:
         - name: test-project
           description: Kayobe test project
           project_domain: default