Merge "Move variables defenition from playbook level for mcapi proxy"

2025-03-22 16:06:23 +00:00 · 2025-03-22 16:06:23 +00:00 · 3cbd720637
commit 3cbd720637
parent 2d796b96d6 c7b491d4c5
5 changed files with 55 additions and 36 deletions
--- a/mcapi_vexxhost/playbooks/mcapi_proxy.yml
+++ b/mcapi_vexxhost/playbooks/mcapi_proxy.yml
@ -20,19 +20,7 @@
 # OVN it must be installed to all computes. Override the target hosts
 # for this play as required
 - name: Install magnum-cluster-api-proxy
-  hosts: "{{ magnum_cluster_api_proxy_hosts | default('network_hosts') }}"
-  vars:
-    _venv_tag: "{{ venv_tag | default('untagged') }}"
-    _bin: "/openstack/venvs/magnum-cluster-api-proxy-{{ _venv_tag }}/bin"
-    magnum_cluster_api_proxy_system_group_name: 'capi_proxy'
-    magnum_cluster_api_proxy_system_user_name: 'capi_proxy'
-    magnum_cluster_api_proxy_system_user_comment: 'Magnum Cluster API Proxy System User'
-    magnum_cluster_api_proxy_system_user_home: '/var/lib/{{ magnum_cluster_api_proxy_system_user_name }}'
-    magnum_cluster_api_proxy_system_user_shell: '/bin/false'
-    magnum_cluster_api_proxy_etc_directory: '/etc/capi_proxy'
-
-    k8s_admin_conf_src: "/etc/kubernetes/admin.conf"
-    k8s_admin_conf_dest: "{{ magnum_cluster_api_proxy_system_user_home }}/.kube/config"
+  hosts: "{{ mcapi_vexxhost_proxy_hosts | default('network_hosts') }}"
  environment: "{{ deployment_environment_variables | default({}) }}"
  tasks:

--- a/mcapi_vexxhost/roles/proxy/defaults/main.yml
+++ b/mcapi_vexxhost/roles/proxy/defaults/main.yml
@ -13,6 +13,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

+mcapi_vexxhost_proxy_system_group_name: 'capi_proxy'
+mcapi_vexxhost_proxy_system_user_name: 'capi_proxy'
+mcapi_vexxhost_proxy_system_user_comment: 'Magnum Cluster API Proxy System User'
+mcapi_vexxhost_proxy_system_user_home: '/var/lib/{{ mcapi_vexxhost_proxy_system_user_name }}'
+mcapi_vexxhost_proxy_system_user_shell: '/bin/false'
+mcapi_vexxhost_proxy_etc_directory: '/etc/capi_proxy'
+
 mcapi_vexxhost_proxy_upper_constraints_url: >-
  {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}
 mcapi_vexxhost_proxy_git_constraints:
@ -24,3 +31,11 @@ mcapi_vexxhost_proxy_git_repo: >-

 mcapi_vexxhost_proxy_pip_packages:
  - "{{ 'git+' ~ mcapi_vexxhost_proxy_git_repo ~ '@' ~ mcapi_vexxhost_proxy_install_branch ~ '#egg=magnum-cluster-api' }}"
+
+mcapi_vexxhost_proxy_venv_tag: "{{ venv_tag | default('untagged') }}"
+mcapi_vexxhost_proxy_bin: "/openstack/venvs/magnum-cluster-api-proxy-{{ mcapi_vexxhost_proxy_venv_tag }}/bin"
+
+mcapi_vexxhost_k8s_conf_src: "{{ k8s_admin_conf_src | default('/etc/kubernetes/admin.conf') }}"
+mcapi_vexxhost_k8s_conf_dest: "{{ k8s_admin_conf_dest | default(mcapi_vexxhost_proxy_system_user_home ~ '/.kube/config') }}"
+
+mcapi_vexxhost_proxy_environment: {}
--- a/mcapi_vexxhost/roles/proxy/tasks/main.yml
+++ b/mcapi_vexxhost/roles/proxy/tasks/main.yml
@ -20,7 +20,7 @@
  vars:
    venv_python_executable: "{{ openstack_venv_python_executable | default('python3') }}"
    venv_build_constraints: "{{ mcapi_vexxhost_proxy_git_constraints }}"
-    venv_install_destination_path: "{{ _bin | dirname }}"
+    venv_install_destination_path: "{{ mcapi_vexxhost_proxy_bin | dirname }}"
    venv_install_distro_package_list:
      - haproxy
    venv_pip_install_args: "{{ pip_install_options | default('') }}"
@ -29,35 +29,35 @@
 # create user and group
 - name: Create the magnum_cluster_api_proxy system group
  group:
-   name: "{{ magnum_cluster_api_proxy_system_group_name }}"
+   name: "{{ mcapi_vexxhost_proxy_system_group_name }}"
   state: "present"
   system: "yes"

 - name: Create the magnum_cluster_api_proxy system user
  user:
-    name: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    group: "{{ magnum_cluster_api_proxy_system_group_name }}"
-    comment: "{{ magnum_cluster_api_proxy_system_user_comment }}"
-    shell: "{{ magnum_cluster_api_proxy_system_user_shell }}"
+    name: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    group: "{{ mcapi_vexxhost_proxy_system_group_name }}"
+    comment: "{{ mcapi_vexxhost_proxy_system_user_comment }}"
+    shell: "{{ mcapi_vexxhost_proxy_system_user_shell }}"
    system: "yes"
    createhome: "yes"
-    home: "{{ magnum_cluster_api_proxy_system_user_home }}"
+    home: "{{ mcapi_vexxhost_proxy_system_user_home }}"

 - name: Create magnum_cluster_api_proxy directories
  file:
    path: "{{ item.path }}"
    state: "directory"
-    owner: "{{ item.owner | default(magnum_cluster_api_proxy_system_user_name) }}"
-    group: "{{ item.group | default(magnum_cluster_api_proxy_system_group_name) }}"
+    owner: "{{ item.owner | default(mcapi_vexxhost_proxy_system_user_name) }}"
+    group: "{{ item.group | default(mcapi_vexxhost_proxy_system_group_name) }}"
    mode: "{{ item.mode | default('0750') }}"
  with_items:
-    - path: "{{ magnum_cluster_api_proxy_etc_directory }}"
-    - path: "{{ magnum_cluster_api_proxy_system_user_home }}"
-    - path: "{{ magnum_cluster_api_proxy_system_user_home }}/.kube"
+    - path: "{{ mcapi_vexxhost_proxy_etc_directory }}"
+    - path: "{{ mcapi_vexxhost_proxy_system_user_home }}"
+    - path: "{{ mcapi_vexxhost_proxy_system_user_home }}/.kube"

 - name: Collect admin config from k8s cluster
  slurp:
-    src: "{{ k8s_admin_conf_src }}"
+    src: "{{ mcapi_vexxhost_k8s_conf_src }}"
  register: k8s_admin_conf_slurp
  delegate_to: "{{ groups['k8s_all'][0] }}"
  run_once: true
@ -65,9 +65,9 @@
 - name: Write k8s admin config to capi_proxy home dir
  copy:
    content: "{{ k8s_admin_conf_slurp.content | b64decode }}"
-    dest: "{{ k8s_admin_conf_dest }}"
-    owner: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    group: "{{ magnum_cluster_api_proxy_system_group_name }}"
+    dest: "{{ mcapi_vexxhost_k8s_conf_dest }}"
+    owner: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    group: "{{ mcapi_vexxhost_proxy_system_group_name }}"
    mode: '0600'

 - name: Write capi_proxy sudoers config
@ -80,8 +80,8 @@
  import_role:
    name: systemd_service
  vars:
-    systemd_user_name: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    systemd_group_name: "{{ magnum_cluster_api_proxy_system_group_name }}"
+    systemd_user_name: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    systemd_group_name: "{{ mcapi_vexxhost_proxy_system_group_name }}"
    systemd_tempd_prefix: openstack
    systemd_slice_name: magnum-cluster-api-proxy
    systemd_lock_path: /var/lock/magnum-cluster-api-proxy
@ -92,6 +92,6 @@
    systemd_services:
      - service_name: magnum-cluster-api-proxy
        execstarts:
-          - "{{ _bin ~ '/magnum-cluster-api-proxy' }}"
+          - "{{ mcapi_vexxhost_proxy_bin ~ '/magnum-cluster-api-proxy' }}"
        start_order: 1
-        environment: "{{ magnum_cluster_api_proxy_environment | default({}) }}"
+        environment: "{{ mcapi_vexxhost_proxy_environment }}"
--- a/mcapi_vexxhost/roles/proxy/templates/capi_sudoers.j2
+++ b/mcapi_vexxhost/roles/proxy/templates/capi_sudoers.j2
@ -1,6 +1,6 @@
 # {{ ansible_managed }}

-Defaults:{{ magnum_cluster_api_proxy_system_user_name }} !requiretty
-Defaults:{{ magnum_cluster_api_proxy_system_user_name }} secure_path="{{ _bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+Defaults:{{ mcapi_vexxhost_proxy_system_user_name }} !requiretty
+Defaults:{{ mcapi_vexxhost_proxy_system_user_name }} secure_path="{{ mcapi_vexxhost_proxy_bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

-{{ magnum_cluster_api_proxy_system_user_name }} ALL = (root) NOPASSWD: {{ _bin }}/privsep-helper
+{{ mcapi_vexxhost_proxy_system_user_name }} ALL = (root) NOPASSWD: {{ mcapi_vexxhost_proxy_bin }}/privsep-helper
--- a/releasenotes/notes/mcapi_vexxhost_variables_renamed-14d4f423b2db450d.yaml
+++ b/releasenotes/notes/mcapi_vexxhost_variables_renamed-14d4f423b2db450d.yaml
@ -0,0 +1,16 @@
+---
+upgrade:
+  - |
+    In order to align variable names for ``osa_ops.mcapi_vexxhost.proxy`` role,
+    following variables were renamed:
+
+    * _venv_tag -> mcapi_vexxhost_proxy_venv_tag
+    * _bin -> mcapi_vexxhost_proxy_bin
+    * magnum_cluster_api_proxy_hosts -> mcapi_vexxhost_proxy_hosts
+    * magnum_cluster_api_proxy_system_group_name -> mcapi_vexxhost_proxy_system_group_name
+    * magnum_cluster_api_proxy_system_user_name -> mcapi_vexxhost_proxy_system_user_name
+    * magnum_cluster_api_proxy_system_user_comment -> mcapi_vexxhost_proxy_system_user_comment
+    * magnum_cluster_api_proxy_system_user_home -> mcapi_vexxhost_proxy_system_user_home
+    * magnum_cluster_api_proxy_system_user_shell -> mcapi_vexxhost_proxy_system_user_shell
+    * magnum_cluster_api_proxy_etc_directory -> mcapi_vexxhost_proxy_etc_directory
+    * magnum_cluster_api_proxy_environment -> mcapi_vexxhost_proxy_environment