Move variables defenition from playbook level for mcapi proxy

Spreading variables across multiple places with a different naming convention adds confusing about their origin and default values. This patch aims to align naming convention as well as defaults defenition on role level rather then partially in playbook and partially in role. Change-Id: I8a665a485cb8028ce7aee62cb9107cd6a482e2e4
2025-01-26 15:40:50 +01:00 · 2025-01-26 15:40:50 +01:00 · c7b491d4c5
commit c7b491d4c5
parent 8c1c2c6c94
5 changed files with 55 additions and 36 deletions
--- a/mcapi_vexxhost/playbooks/mcapi_proxy.yml
+++ b/mcapi_vexxhost/playbooks/mcapi_proxy.yml
@ -20,19 +20,7 @@
 # OVN it must be installed to all computes. Override the target hosts
 # for this play as required
 - name: Install magnum-cluster-api-proxy
-  hosts: "{{ magnum_cluster_api_proxy_hosts | default('network_hosts') }}"
-  vars:
-    _venv_tag: "{{ venv_tag | default('untagged') }}"
-    _bin: "/openstack/venvs/magnum-cluster-api-proxy-{{ _venv_tag }}/bin"
-    magnum_cluster_api_proxy_system_group_name: 'capi_proxy'
-    magnum_cluster_api_proxy_system_user_name: 'capi_proxy'
-    magnum_cluster_api_proxy_system_user_comment: 'Magnum Cluster API Proxy System User'
-    magnum_cluster_api_proxy_system_user_home: '/var/lib/{{ magnum_cluster_api_proxy_system_user_name }}'
-    magnum_cluster_api_proxy_system_user_shell: '/bin/false'
-    magnum_cluster_api_proxy_etc_directory: '/etc/capi_proxy'
-
-    k8s_admin_conf_src: "/etc/kubernetes/admin.conf"
-    k8s_admin_conf_dest: "{{ magnum_cluster_api_proxy_system_user_home }}/.kube/config"
+  hosts: "{{ mcapi_vexxhost_proxy_hosts | default('network_hosts') }}"
  environment: "{{ deployment_environment_variables | default({}) }}"
  tasks:

--- a/mcapi_vexxhost/roles/proxy/defaults/main.yml
+++ b/mcapi_vexxhost/roles/proxy/defaults/main.yml
@ -13,6 +13,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

+mcapi_vexxhost_proxy_system_group_name: 'capi_proxy'
+mcapi_vexxhost_proxy_system_user_name: 'capi_proxy'
+mcapi_vexxhost_proxy_system_user_comment: 'Magnum Cluster API Proxy System User'
+mcapi_vexxhost_proxy_system_user_home: '/var/lib/{{ mcapi_vexxhost_proxy_system_user_name }}'
+mcapi_vexxhost_proxy_system_user_shell: '/bin/false'
+mcapi_vexxhost_proxy_etc_directory: '/etc/capi_proxy'
+
 mcapi_vexxhost_proxy_upper_constraints_url: >-
  {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}
 mcapi_vexxhost_proxy_git_constraints:
@ -24,3 +31,11 @@ mcapi_vexxhost_proxy_git_repo: >-

 mcapi_vexxhost_proxy_pip_packages:
  - "{{ 'git+' ~ mcapi_vexxhost_proxy_git_repo ~ '@' ~ mcapi_vexxhost_proxy_install_branch ~ '#egg=magnum-cluster-api' }}"
+
+mcapi_vexxhost_proxy_venv_tag: "{{ venv_tag | default('untagged') }}"
+mcapi_vexxhost_proxy_bin: "/openstack/venvs/magnum-cluster-api-proxy-{{ mcapi_vexxhost_proxy_venv_tag }}/bin"
+
+mcapi_vexxhost_k8s_conf_src: "{{ k8s_admin_conf_src | default('/etc/kubernetes/admin.conf') }}"
+mcapi_vexxhost_k8s_conf_dest: "{{ k8s_admin_conf_dest | default(mcapi_vexxhost_proxy_system_user_home ~ '/.kube/config') }}"
+
+mcapi_vexxhost_proxy_environment: {}
--- a/mcapi_vexxhost/roles/proxy/tasks/main.yml
+++ b/mcapi_vexxhost/roles/proxy/tasks/main.yml
@ -20,7 +20,7 @@
  vars:
    venv_python_executable: "{{ openstack_venv_python_executable | default('python3') }}"
    venv_build_constraints: "{{ mcapi_vexxhost_proxy_git_constraints }}"
-    venv_install_destination_path: "{{ _bin | dirname }}"
+    venv_install_destination_path: "{{ mcapi_vexxhost_proxy_bin | dirname }}"
    venv_install_distro_package_list:
      - haproxy
    venv_pip_install_args: "{{ pip_install_options | default('') }}"
@ -29,35 +29,35 @@
 # create user and group
 - name: Create the magnum_cluster_api_proxy system group
  group:
-   name: "{{ magnum_cluster_api_proxy_system_group_name }}"
+   name: "{{ mcapi_vexxhost_proxy_system_group_name }}"
   state: "present"
   system: "yes"

 - name: Create the magnum_cluster_api_proxy system user
  user:
-    name: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    group: "{{ magnum_cluster_api_proxy_system_group_name }}"
-    comment: "{{ magnum_cluster_api_proxy_system_user_comment }}"
-    shell: "{{ magnum_cluster_api_proxy_system_user_shell }}"
+    name: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    group: "{{ mcapi_vexxhost_proxy_system_group_name }}"
+    comment: "{{ mcapi_vexxhost_proxy_system_user_comment }}"
+    shell: "{{ mcapi_vexxhost_proxy_system_user_shell }}"
    system: "yes"
    createhome: "yes"
-    home: "{{ magnum_cluster_api_proxy_system_user_home }}"
+    home: "{{ mcapi_vexxhost_proxy_system_user_home }}"

 - name: Create magnum_cluster_api_proxy directories
  file:
    path: "{{ item.path }}"
    state: "directory"
-    owner: "{{ item.owner | default(magnum_cluster_api_proxy_system_user_name) }}"
-    group: "{{ item.group | default(magnum_cluster_api_proxy_system_group_name) }}"
+    owner: "{{ item.owner | default(mcapi_vexxhost_proxy_system_user_name) }}"
+    group: "{{ item.group | default(mcapi_vexxhost_proxy_system_group_name) }}"
    mode: "{{ item.mode | default('0750') }}"
  with_items:
-    - path: "{{ magnum_cluster_api_proxy_etc_directory }}"
-    - path: "{{ magnum_cluster_api_proxy_system_user_home }}"
-    - path: "{{ magnum_cluster_api_proxy_system_user_home }}/.kube"
+    - path: "{{ mcapi_vexxhost_proxy_etc_directory }}"
+    - path: "{{ mcapi_vexxhost_proxy_system_user_home }}"
+    - path: "{{ mcapi_vexxhost_proxy_system_user_home }}/.kube"

 - name: Collect admin config from k8s cluster
  slurp:
-    src: "{{ k8s_admin_conf_src }}"
+    src: "{{ mcapi_vexxhost_k8s_conf_src }}"
  register: k8s_admin_conf_slurp
  delegate_to: "{{ groups['k8s_all'][0] }}"
  run_once: true
@ -65,9 +65,9 @@
 - name: Write k8s admin config to capi_proxy home dir
  copy:
    content: "{{ k8s_admin_conf_slurp.content | b64decode }}"
-    dest: "{{ k8s_admin_conf_dest }}"
-    owner: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    group: "{{ magnum_cluster_api_proxy_system_group_name }}"
+    dest: "{{ mcapi_vexxhost_k8s_conf_dest }}"
+    owner: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    group: "{{ mcapi_vexxhost_proxy_system_group_name }}"
    mode: '0600'

 - name: Write capi_proxy sudoers config
@ -80,8 +80,8 @@
  import_role:
    name: systemd_service
  vars:
-    systemd_user_name: "{{ magnum_cluster_api_proxy_system_user_name }}"
-    systemd_group_name: "{{ magnum_cluster_api_proxy_system_group_name }}"
+    systemd_user_name: "{{ mcapi_vexxhost_proxy_system_user_name }}"
+    systemd_group_name: "{{ mcapi_vexxhost_proxy_system_group_name }}"
    systemd_tempd_prefix: openstack
    systemd_slice_name: magnum-cluster-api-proxy
    systemd_lock_path: /var/lock/magnum-cluster-api-proxy
@ -92,6 +92,6 @@
    systemd_services:
      - service_name: magnum-cluster-api-proxy
        execstarts:
-          - "{{ _bin ~ '/magnum-cluster-api-proxy' }}"
+          - "{{ mcapi_vexxhost_proxy_bin ~ '/magnum-cluster-api-proxy' }}"
        start_order: 1
-        environment: "{{ magnum_cluster_api_proxy_environment | default({}) }}"
+        environment: "{{ mcapi_vexxhost_proxy_environment }}"
--- a/mcapi_vexxhost/roles/proxy/templates/capi_sudoers.j2
+++ b/mcapi_vexxhost/roles/proxy/templates/capi_sudoers.j2
@ -1,6 +1,6 @@
 # {{ ansible_managed }}

-Defaults:{{ magnum_cluster_api_proxy_system_user_name }} !requiretty
-Defaults:{{ magnum_cluster_api_proxy_system_user_name }} secure_path="{{ _bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+Defaults:{{ mcapi_vexxhost_proxy_system_user_name }} !requiretty
+Defaults:{{ mcapi_vexxhost_proxy_system_user_name }} secure_path="{{ mcapi_vexxhost_proxy_bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

-{{ magnum_cluster_api_proxy_system_user_name }} ALL = (root) NOPASSWD: {{ _bin }}/privsep-helper
+{{ mcapi_vexxhost_proxy_system_user_name }} ALL = (root) NOPASSWD: {{ mcapi_vexxhost_proxy_bin }}/privsep-helper
--- a/releasenotes/notes/mcapi_vexxhost_variables_renamed-14d4f423b2db450d.yaml
+++ b/releasenotes/notes/mcapi_vexxhost_variables_renamed-14d4f423b2db450d.yaml
@ -0,0 +1,16 @@
+---
+upgrade:
+  - |
+    In order to align variable names for ``osa_ops.mcapi_vexxhost.proxy`` role,
+    following variables were renamed:
+
+    * _venv_tag -> mcapi_vexxhost_proxy_venv_tag
+    * _bin -> mcapi_vexxhost_proxy_bin
+    * magnum_cluster_api_proxy_hosts -> mcapi_vexxhost_proxy_hosts
+    * magnum_cluster_api_proxy_system_group_name -> mcapi_vexxhost_proxy_system_group_name
+    * magnum_cluster_api_proxy_system_user_name -> mcapi_vexxhost_proxy_system_user_name
+    * magnum_cluster_api_proxy_system_user_comment -> mcapi_vexxhost_proxy_system_user_comment
+    * magnum_cluster_api_proxy_system_user_home -> mcapi_vexxhost_proxy_system_user_home
+    * magnum_cluster_api_proxy_system_user_shell -> mcapi_vexxhost_proxy_system_user_shell
+    * magnum_cluster_api_proxy_etc_directory -> mcapi_vexxhost_proxy_etc_directory
+    * magnum_cluster_api_proxy_environment -> mcapi_vexxhost_proxy_environment