{"id":877,"sha1":"51db2faaedddd9d7e9762a9a9bc5cece6be10a90","playbook":{"id":4,"items":{"plays":107,"tasks":2438,"results":2413,"hosts":13,"files":511,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-openstack.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-14T10:21:40.790759Z","ended":"2025-12-14T11:05:36.775743Z","duration":"00:43:55.984984","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.13.5","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-openstack.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2025, Cleura AB\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n- name: Slurp up server certificate from pki setup host ({{ pki_setup_host }})\n  vars:\n    # location for the certificates on the PKI host\n    cert_dir: \"{{ pki_dir }}/certs\"\n\n    # construct the path to the source when \"name\" is specified\n    _source_files:\n      \"certificate\": \"{{ cert_dir ~ '/certs/' ~ install_cert.name ~ '.crt' }}\"\n      \"certificate_chain\": \"{{ cert_dir ~ '/certs/' ~ install_cert.name ~ '-chain.crt' }}\"\n      \"ca_bundle\": \"{{ cert_dir ~ '/certs/' ~ install_cert.name ~ '-ca_bundle.crt' }}\"\n      \"private_key\": \"{{ cert_dir ~ '/private/' ~ install_cert.name ~ '.key.pem' }}\"\n\n    # pick the source based on the type\n    _source: \"{{ _source_files[install_cert.type | default('certificate')] }}\"\n\n    # detect a valid value of \"src\"\n    _use_src: \"{{ install_cert.src is defined and install_cert.src is truthy }}\"\n  delegate_to: \"{{ pki_setup_host }}\"\n  ansible.builtin.slurp:\n    src: \"{{ _use_src | ternary(install_cert.src, _source) }}\"\n  register: _cert_slurp\n  ignore_errors: \"{{ ansible_check_mode }}\"\n\n- name: Create certificate destination directory ({{ install_cert.dest }})\n  ansible.builtin.file:\n    path: \"{{ install_cert.dest | dirname }}\"\n    state: directory\n    mode: \"{{ pki_cert_dir_mode }}\"\n\n- name: Install Server certificate to targets ({{ install_cert.dest }})\n  vars:\n    _mode : \"{{ install_cert.mode | d(pki_file_mode[install_cert.type | d('certificate')]) }}\"\n    _owner: \"{{ install_cert.owner | default(pki_install_owner) }}\"\n    _group: \"{{ install_cert.group | default(pki_install_group) }}\"\n  ansible.builtin.copy:\n    content: \"{{ _cert_slurp.content | b64decode }}\"\n    dest: \"{{ install_cert.dest }}\"\n    owner: \"{{ _owner }}\"\n    group: \"{{ _group }}\"\n    mode: \"{{ _mode }}\"\n  ignore_errors: \"{{ ansible_check_mode }}\"\n  notify:\n    - \"{{ pki_handler_cert_installed }}\"\n","created":"2025-12-14T10:40:43.035597Z","updated":"2025-12-14T10:40:43.035609Z","path":"/home/zuul/src/opendev.org/openstack/ansible-role-pki/tasks/standalone/install_cert.yml"}