kayobe/ansible/overcloud-ipa-images.yml
Nick Jones 5265993134
Don't assume user's primary group name is the same as username
In certain environments, a user's primary group doesn't necessarily
match that of their username.  This change updates various playbooks to
make use of the `ansible_user_gid` fact instead.

This change also makes ownership explicit by using `ansible_user_uid`
instead of `ansible_user` or `ansible_user_id`, where appropriate.

Change-Id: Ifc2ea7d95ec90e91791ccb10772b15d991379479
Story: 2002770
Task: 22636
2018-07-04 19:56:05 +01:00

102 lines
3.6 KiB
YAML

---
- name: Check whether Ironic is enabled
hosts: controllers
tags:
- ipa-images
tasks:
- name: Create controllers group with ironic enabled
group_by:
key: "controllers_for_ipa_images_{{ kolla_enable_ironic | bool }}"
- name: Ensure Ironic Python Agent (IPA) images are downloaded and registered
hosts: controllers_for_ipa_images_True[0]
gather_facts: False
tags:
- ipa-images
vars:
# These are the filenames generated by overcloud-ipa-build.yml.
ipa_image_name: "ipa"
ipa_images:
- "{{ ipa_image_name }}.vmlinuz"
- "{{ ipa_image_name }}.initramfs"
pre_tasks:
- name: Validate OpenStack password authentication parameters
fail:
msg: >
Required OpenStack authentication parameter {{ item }} is
{% if item in openstack_auth %}empty{% else %}not present{% endif %}
in openstack_auth. Have you sourced the environment file?
when:
- openstack_auth_type == 'password'
- item not in openstack_auth or not openstack_auth[item]
with_items: "{{ openstack_auth_password_required_params }}"
tags:
- config-validation
- block:
- name: Check for the presence of locally built Ironic Python Agent (IPA) images
stat:
path: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item }}"
get_md5: False
get_checksum: False
mime: False
with_items: "{{ ipa_images }}"
register: ipa_image_stat
- name: Validate the presence of locally built Ironic Python Agent (IPA) images
fail:
msg: >
Expected locally built Ironic Python Agent (IPA) image
{{ item.item }} was not present in {{ image_cache_path }}.
with_items: "{{ ipa_image_stat.results }}"
when: not item.stat.exists
when: ipa_build_images | bool
tags:
- config-validation
- name: Set fact containing the Ironic Python Agent (IPA) image URLs
set_fact:
# Don't pass the kernel and ramdisk image URLs if using built images.
ipa_images_kernel_url: "{{ ipa_kernel_upstream_url }}"
ipa_images_ramdisk_url: "{{ ipa_ramdisk_upstream_url }}"
when: not ipa_build_images | bool
- name: Check whether the image cache directory exists
stat:
path: "{{ image_cache_path }}"
get_md5: False
get_checksum: False
mime: False
register: image_cache_stat
- name: Ensure the image cache directory exists
file:
path: "{{ image_cache_path }}"
state: directory
owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}"
become: True
when: >-
not image_cache_stat.stat.exists or
not image_cache_stat.stat.writeable
- name: Ensure locally built Ironic Python Agent (IPA) images are copied
copy:
src: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item.src }}"
dest: "{{ image_cache_path }}/{{ ipa_image_name }}/{{ item.dest }}"
remote_src: True
with_items:
- src: "{{ ipa_images[0] }}"
dest: "{{ ipa_images_kernel_name }}"
- src: "{{ ipa_images[1] }}"
dest: "{{ ipa_images_ramdisk_name }}"
when:
- ipa_build_images | bool
- item.src != item.dest
roles:
- role: ipa-images
ipa_images_venv: "{{ virtualenv_path }}/shade"
ipa_images_openstack_auth_type: "{{ openstack_auth_type }}"
ipa_images_openstack_auth: "{{ openstack_auth }}"
ipa_images_cache_path: "{{ image_cache_path }}/{{ ipa_image_name }}"