openstack/openstack-ansible-ops
Code Issues Proposed changes

Ability to skip security hardening tags in leap

Browse Source 
Add the ability to skip certain hardening tags during the leap
process if required.

Change-Id: If30c27d370e0bdf18bf71a4df895e89a40efbca7
This commit is contained in:
Antony Messerli 2018-02-05 16:50:07 -06:00
parent cb77f7e3d2
commit 788418634d
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
leap-upgrades/re-deploy.sh
View File

@ -53,7 +53,11 @@ fi
RUN_TASKS+=("openstack-hosts-setup.yml -e redeploy_rerun=true")
# Run the security-hardening playbook in redeployment
RUN_TASKS+=("security-hardening.yml")
if [[ -n "${SKIP_HARDENING_TAGS}" ]]; then
RUN_TASKS+=("security-hardening.yml --skip-tags=${SKIP_HARDENING_TAGS}")
else
RUN_TASKS+=("security-hardening.yml")
fi
# Ensure the same pip everywhere, even if requirement met or above
RUN_TASKS+=("${UPGRADE_UTILS}/pip-unify.yml -e release_version=\"${NEWTON_RELEASE}\"")