2829bf89f7
This change adds support for the kayobe_control_host_become variable to CI jobs. This variable will cause any uses of become on localhost to fail. This allows us to test that the kayobe_control_host_become configuration variable has successfully removed all uses of become. I've enabled this on a subset of jobs to get good test coverage. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/949758 Change-Id: I6da98e055714f75112cf08ff8aa53dd84de2e425
194 lines
7.4 KiB
YAML
194 lines
7.4 KiB
YAML
---
|
|
- hosts: primary
|
|
vars:
|
|
ansible_cfg: |
|
|
[defaults]
|
|
# Ensure that facts are referenced via ansible_facts.<fact>.
|
|
inject_facts_as_vars = False
|
|
|
|
# Test with fact caching enabled
|
|
gathering = smart
|
|
fact_caching = jsonfile
|
|
fact_caching_connection = /tmp/kayobe-facts
|
|
|
|
# Add timing information to output
|
|
callbacks_enabled = ansible.posix.profile_tasks
|
|
|
|
# Improve readability of ansible output.
|
|
stdout_callback = yaml
|
|
|
|
[ssh_connection]
|
|
# NOTE(wszusmki): Disable pipelining due to:
|
|
# https://github.com/ansible/ansible/issues/81777
|
|
pipelining = False
|
|
retries = 3
|
|
ansible_cfg_kolla: |
|
|
[defaults]
|
|
# Ensure that facts are referenced via ansible_facts.<fact>.
|
|
inject_facts_as_vars = False
|
|
|
|
# Test with fact caching enabled
|
|
gathering = smart
|
|
fact_caching = jsonfile
|
|
fact_caching_connection = /tmp/kolla-ansible-facts
|
|
|
|
# Add timing information to output
|
|
callbacks_enabled = ansible.posix.profile_tasks
|
|
|
|
# Improve readability of ansible output.
|
|
stdout_callback = yaml
|
|
|
|
[ssh_connection]
|
|
# NOTE(wszusmki): Disable pipelining due to:
|
|
# https://github.com/ansible/ansible/issues/81777
|
|
pipelining = False
|
|
retries = 3
|
|
roles:
|
|
- role: kayobe-diagnostics
|
|
kayobe_diagnostics_phase: "pre"
|
|
kayobe_diagnostics_log_dir: "{{ logs_dir }}"
|
|
|
|
- role: kayobe-ci-prep
|
|
tasks:
|
|
# NOTE(mgoddard): Copying upper constraints to somewhere accessible by both
|
|
# the zuul and stack users.
|
|
- name: Ensure upper-constraints.txt exists
|
|
copy:
|
|
src: "{{ requirements_src_dir }}/upper-constraints.txt"
|
|
dest: "/tmp"
|
|
mode: 0644
|
|
remote_src: true
|
|
|
|
- name: Ensure kayobe is executed in verbose mode
|
|
lineinfile:
|
|
path: "{{ kayobe_src_dir }}/dev/config.sh"
|
|
line: "export KAYOBE_EXTRA_ARGS=-vvv"
|
|
regexp: "^#export KAYOBE_EXTRA_ARGS=$"
|
|
|
|
- name: Ensure ansible.cfg exists for Kayobe
|
|
copy:
|
|
content: "{{ ansible_cfg }}"
|
|
dest: "{{ kayobe_config_src_dir }}/etc/kayobe/ansible.cfg"
|
|
|
|
- name: Ensure ansible.cfg exists for Kolla Ansible
|
|
copy:
|
|
content: "{{ ansible_cfg_kolla }}"
|
|
dest: "{{ kayobe_config_src_dir }}/etc/kayobe/kolla/ansible.cfg"
|
|
|
|
- name: Update kayobe requirements.yml
|
|
include_role:
|
|
name: kayobe-galaxy-requirements
|
|
vars:
|
|
kayobe_galaxy_requirements_src_dir: "{{ kayobe_src_dir }}"
|
|
|
|
- name: Update kolla-ansible requirements.yml
|
|
include_role:
|
|
name: kayobe-galaxy-requirements
|
|
vars:
|
|
kayobe_galaxy_requirements_src_dir: "{{ kolla_ansible_src_dir }}"
|
|
kayobe_galaxy_requirements_dest_path: "/tmp/kolla-ansible-requirements.yml"
|
|
|
|
# NOTE(wszumski): I explored running as an unprivileged user, but it looked like
|
|
# a world of pain, so I've gone for this simpler approach (for now).
|
|
- block:
|
|
- name: Ensure inventory host_vars directories exist
|
|
file:
|
|
state: directory
|
|
path: "{{ item }}"
|
|
loop:
|
|
- "{{ kayobe_config_src_dir }}/etc/kayobe/inventory/host_vars/"
|
|
- "{{ kayobe_config_src_dir }}/etc/kayobe/kolla/inventory/host_vars/"
|
|
|
|
- name: Configure the become checker for localhost (kayobe)
|
|
# NOTE(wszumski): This will cause all uses of become to fail when running
|
|
# kayobe playbooks against localhost. This should not happen since we
|
|
# have disabled escalation of privileges with kayobe_control_host_become.
|
|
# If you hit this error you will need to change your task to respect
|
|
# that variable.
|
|
copy:
|
|
content: |
|
|
ansible_become_exe: "{{ kayobe_src_dir }}/dev/kayobe-control-host-become-sudo-checker"
|
|
dest: "{{ kayobe_config_src_dir }}/etc/kayobe/inventory/host_vars/localhost"
|
|
|
|
- name: Configure the become checker for localhost (kolla)
|
|
# NOTE(wszumski): This will cause all uses of become to fail when running
|
|
# kolla playbooks against localhost. This should not happen since we
|
|
# have disabled escalation of privileges with kayobe_control_host_become.
|
|
# If you hit this error you will need to change kolla-ansible to not use
|
|
# become unless necessary.
|
|
copy:
|
|
content: |
|
|
ansible_become_exe: "{{ kayobe_src_dir }}/dev/kolla-control-host-become-sudo-checker"
|
|
dest: "{{ kayobe_config_src_dir }}/etc/kayobe/kolla/inventory/host_vars/localhost"
|
|
|
|
when: not kayobe_control_host_become | bool
|
|
|
|
# NOTE(wszumski): Use the name zz-10-overrides.yml to ensure this takes
|
|
# precedence over the standard config files, but can control order with the
|
|
# priority (number after zz).
|
|
- name: Ensure kayobe-config override config file exists
|
|
template:
|
|
src: overrides.yml.j2
|
|
dest: "{{ kayobe_config_src_dir }}/etc/kayobe/zz-10-overrides.yml"
|
|
|
|
- block:
|
|
- name: Ensure previous kayobe directory exists
|
|
file:
|
|
path: "{{ previous_kayobe_src_dir }}"
|
|
state: directory
|
|
|
|
- name: Ensure previous kayobe repository is cloned
|
|
command: >-
|
|
git clone {{ kayobe_src_dir }} {{ previous_kayobe_src_dir }} -b stable/{{ previous_release | lower }}
|
|
|
|
- name: Ensure previous kayobe-config directory exists
|
|
file:
|
|
path: "{{ previous_kayobe_config_src_dir }}"
|
|
state: directory
|
|
|
|
- name: Ensure kayobe-config repository is cloned
|
|
command: >-
|
|
git clone {{ kayobe_config_src_dir }} {{ previous_kayobe_config_src_dir }} -b stable/{{ previous_release | lower }}
|
|
|
|
- name: Ensure previous kolla-ansible directory exists
|
|
file:
|
|
path: "{{ previous_kolla_ansible_src_dir }}"
|
|
state: directory
|
|
|
|
- name: Ensure previous kolla-ansible repository is cloned
|
|
command: >-
|
|
git clone {{ kolla_ansible_src_dir }} {{ previous_kolla_ansible_src_dir }} -b stable/{{ previous_release | lower }}
|
|
|
|
- name: Ensure previous kayobe is executed in verbose mode
|
|
lineinfile:
|
|
path: "{{ previous_kayobe_src_dir }}/dev/config.sh"
|
|
line: "export KAYOBE_EXTRA_ARGS=-vvv"
|
|
regexp: "^#export KAYOBE_EXTRA_ARGS=$"
|
|
|
|
- name: Ensure ansible.cfg exists for previous Kayobe
|
|
copy:
|
|
content: "{{ ansible_cfg }}"
|
|
dest: "{{ previous_kayobe_config_src_dir }}/etc/kayobe/ansible.cfg"
|
|
|
|
- name: Ensure ansible.cfg exists for previous Kolla Ansible
|
|
copy:
|
|
content: "{{ ansible_cfg_kolla }}"
|
|
dest: "{{ previous_kayobe_config_src_dir }}/etc/kayobe/kolla/ansible.cfg"
|
|
|
|
- name: Update kayobe requirements.yml
|
|
include_role:
|
|
name: kayobe-galaxy-requirements
|
|
vars:
|
|
kayobe_galaxy_requirements_src_dir: "{{ previous_kayobe_src_dir }}"
|
|
kayobe_galaxy_requirements_branch: "stable/{{ previous_release | lower }}"
|
|
|
|
- name: Update kolla-ansible requirements.yml
|
|
include_role:
|
|
name: kayobe-galaxy-requirements
|
|
vars:
|
|
kayobe_galaxy_requirements_src_dir: "{{ previous_kolla_ansible_src_dir }}"
|
|
kayobe_galaxy_requirements_branch: "stable/{{ previous_release | lower }}"
|
|
kayobe_galaxy_requirements_dest_path: "/tmp/previous-kolla-ansible-requirements.yml"
|
|
|
|
when: is_upgrade
|