From 51177a65741dddd6b582e6ebcdf8742a091e19d1 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Wed, 10 Apr 2024 14:14:19 +0200
Subject: [PATCH] Enable deployers to force update cell mappings

Add variable nova_cell_force_update to enable deployers to ensure that
role execution will also update cell mappings whenever that is needed.
For instance, it could be password rotation or intention to update MySQL
address.

Change-Id: I5b99d58a5c4d27a363306361544c5d80759483fd
---
 defaults/main.yml                                          | 1 +
 releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml | 7 +++++++
 tasks/nova_db_setup.yml                                    | 6 ++++--
 3 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100644 releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 5b1a7896..ffba2990 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -128,6 +128,7 @@ nova_api_db_connection_recycle_time: "{{ openstack_db_connection_recycle_time |
 ## DB Cells
 nova_cell0_database: "nova_cell0"
 nova_cell1_name: "cell1"
+nova_cell_force_update: False
 
 ## Oslo Messaging
 
diff --git a/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml b/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml
new file mode 100644
index 00000000..66c2a87d
--- /dev/null
+++ b/releasenotes/notes/force_update_cell-efd821d2a5fa7ef0.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Added variable ``nova_cell_force_update`` that can be set to
+    True during runtime to force update cell records.
+    This might be useful in case of password rotation for DB users
+    for cell0 or any other changes in connection configuration.
diff --git a/tasks/nova_db_setup.yml b/tasks/nova_db_setup.yml
index 41e0115a..8e3fac16 100644
--- a/tasks/nova_db_setup.yml
+++ b/tasks/nova_db_setup.yml
@@ -61,7 +61,8 @@
   changed_when: false
   when:
     - _cell0_record | length > 0
-    - ('ssl_verify_cert' not in _cell0_record[0] and nova_galera_use_ssl) or
+    - nova_cell_force_update or
+      ('ssl_verify_cert' not in _cell0_record[0] and nova_galera_use_ssl) or
       ('ssl_verify_cert' in _cell0_record[0] and not nova_galera_use_ssl)
 
 - name: Synchronize the nova DB schema
@@ -105,7 +106,8 @@
   changed_when: false
   when:
     - _cell1_record | length > 0
-    - (nova_oslomsg_rpc_port ~ '/' ~ _nova_oslomsg_rpc_vhost_conf) not in _cell1_record[0]
+    - nova_cell_force_update or
+      (nova_oslomsg_rpc_port ~ '/' ~ _nova_oslomsg_rpc_vhost_conf) not in _cell1_record[0]
 
 # The nova-status upgrade check command is typically run after upgrading the
 # controller services to new code, but is also OK to run for a greenfield