{"id":749,"sha1":"9c478bf28f9816756910139f854e29b000fa75f1","playbook":{"id":4,"items":{"plays":107,"tasks":2438,"results":2413,"hosts":13,"files":511,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:21:40.790759Z","ended":"2025-12-14T11:05:36.775743Z","duration":"00:43:55.984984","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2019, VEXXHOST, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n- name: Setup the OS service\n  delegate_to: \"{{ _service_setup_host }}\"\n  vars:\n    ansible_python_interpreter: \"{{ _service_setup_host_python_interpreter }}\"\n    _service_cloud_name: \"{{ service_cloud_name | default('default') }}\"\n  block:\n    - name: Add keystone domain\n      openstack.cloud.identity_domain:\n        cloud: \"{{ _service_cloud_name }}\"\n        state: present\n        description: \"{{ _domain_name_description | default(omit) }}\"\n        name: \"{{ _domain_name }}\"\n        endpoint_type: admin\n        verify: \"{{ not (_service_adminuri_insecure | default(True) | bool) }}\"\n      register: add_domain\n      when: _domain_name is defined\n      until: add_domain is success\n      retries: 5\n      delay: 10\n\n    - name: Add service project\n      openstack.cloud.project:\n        cloud: \"{{ _service_cloud_name }}\"\n        state: present\n        name: \"{{ _project_name }}\"\n        description: \"{{ _project_description | default(omit) }}\"\n        domain_id: \"{{ _project_domain | default('default') }}\"\n        endpoint_type: admin\n        validate_certs: \"{{ not (_service_adminuri_insecure | default(True) | bool) }}\"\n      register: add_project\n      when:\n        - not (_service_in_ldap | default(False) | bool)\n        - _project_name is defined\n      until: add_project is success\n      retries: 5\n      delay: 10\n\n    - name: Add services to the keystone service catalog\n      openstack.cloud.catalog_service:\n        cloud: \"{{ _service_cloud_name }}\"\n        state: \"{{ item.state | default('present') }}\"\n        name: \"{{ item.name }}\"\n        service_type: \"{{ item.type }}\"\n        description: \"{{ item.description | default('') }}\"\n        endpoint_type: admin\n        validate_certs: \"{{ not (_service_adminuri_insecure | default(True) | bool) }}\"\n      register: add_service\n      with_items: \"{{ _service_catalog }}\"\n      when: _service_catalog is defined\n      until: add_service is success\n      retries: 5\n      delay: 10\n\n    - name: Add service users\n      vars:\n        default_project: \"{{ item.project | default(_service_project_name) }}\"\n      openstack.cloud.identity_user:\n        cloud: \"{{ _service_cloud_name }}\"\n        state: present\n        name: \"{{ item.name }}\"\n        password: \"{{ item.password }}\"\n        domain: \"{{ item.domain | default('default') }}\"\n        default_project: \"{{ (default_project is truthy) | ternary(default_project, omit) }}\"\n        endpoint_type: admin\n        validate_certs: \"{{ not (_service_adminuri_insecure | default(True) | bool) }}\"\n        update_password: \"{{ (service_update_password | default(False) | bool) | ternary('always', omit) }}\"\n      register: add_user\n      when:\n        - not (_service_in_ldap | default(False) | bool)\n        - _service_users is defined\n        - \"'name' in item\"\n        - \"'password' in item\"\n        - (item.condition | default(True)) | bool\n      until: add_user is success\n      with_items: \"{{ _service_users }}\"\n      retries: 5\n      delay: 10\n      no_log: \"{{ _service_setup_nolog | default(True) }}\"\n\n    - name: Include task for role assignment\n      ansible.builtin.include_tasks: setup_roles.yml\n      vars:\n        user_roles: \"{{ (user.role is not string and user.role is iterable) | ternary(user.role, [user.role]) }}\"\n      when:\n        - not (_service_in_ldap | default(False) | bool)\n        - _service_users is defined\n        - \"'role' in user\"\n        - (user.condition | default(True)) | bool\n      loop: \"{{ _service_users }}\"\n      no_log: \"{{ _service_setup_nolog | default(True) }}\"\n      loop_control:\n        loop_var: user\n\n    - name: Add endpoints to keystone endpoint catalog\n      openstack.cloud.endpoint:\n        cloud: \"{{ _service_cloud_name }}\"\n        state: \"{{ item.state | default('present') }}\"\n        service: \"{{ item.service }}\"\n        endpoint_interface: \"{{ item.interface }}\"\n        url: \"{{ item.url }}\"\n        region: \"{{ _service_region | default('RegionOne') }}\"\n        endpoint_type: admin\n        validate_certs: \"{{ not (_service_adminuri_insecure | default(True) | bool) }}\"\n      register: add_endpoint\n      until: add_endpoint is success\n      retries: 5\n      delay: 10\n      with_items: \"{{ _service_endpoints }}\"\n      when: _service_endpoints is defined\n","created":"2025-12-14T10:21:57.735721Z","updated":"2025-12-14T10:21:57.735732Z","path":"/etc/ansible/ansible_collections/openstack/osa/roles/service_setup/tasks/main.yml"}