622baa65bf
Some log upload tasks were missing no_log instructions and might write out credentials to the job-output.json file. Update these tasks to include no_log. Change-Id: I1f18cec117d9205945644ce19d5584f5d676e8d8
47 lines
1.7 KiB
YAML
47 lines
1.7 KiB
YAML
- name: Set zuul-log-path fact
|
|
include_role:
|
|
name: set-zuul-log-path-fact
|
|
when: zuul_log_path is not defined
|
|
|
|
# Always upload (true), never upload (false) or only on failure ('failure')
|
|
- name: Upload logs
|
|
when: zuul_site_upload_logs | default(true) | bool or
|
|
(zuul_site_upload_logs == 'failure' and not zuul_success | bool)
|
|
block:
|
|
# Use chmod instead of file because ansible 2.5 file with recurse and
|
|
# follow can't really handle symlinks to .
|
|
- name: Debug log_root
|
|
debug:
|
|
msg: "log_root {{ zuul.executor.log_root }}"
|
|
|
|
- name: Ensure logs are readable before uploading
|
|
delegate_to: "{{ _undocumented_test_worker_node_ | default('localhost') }}"
|
|
command: "chmod -R u=rwX,g=rX,o=rX {{ zuul.executor.log_root }}/"
|
|
# ANSIBLE0007 chmod used in place of argument mode to file
|
|
tags:
|
|
- skip_ansible_lint
|
|
|
|
- name: Upload logs to S3
|
|
delegate_to: "{{ _undocumented_test_worker_node_ | default('localhost') }}"
|
|
no_log: true
|
|
zuul_s3_upload:
|
|
endpoint: "{{ upload_logs_s3_endpoint | default(omit) }}"
|
|
partition: "{{ zuul_log_partition }}"
|
|
bucket: "{{ zuul_log_bucket }}"
|
|
public: "{{ zuul_log_bucket_public }}"
|
|
prefix: "{{ zuul_log_path }}"
|
|
indexes: "{{ zuul_log_create_indexes }}"
|
|
aws_access_key: "{{ zuul_log_aws_access_key }}"
|
|
aws_secret_key: "{{ zuul_log_aws_secret_key }}"
|
|
files:
|
|
- "{{ zuul.executor.log_root }}/"
|
|
register: upload_results
|
|
|
|
- name: Return log URL to Zuul
|
|
delegate_to: localhost
|
|
zuul_return:
|
|
data:
|
|
zuul:
|
|
log_url: "{{ upload_results.url }}/"
|
|
when: upload_results is defined
|