{"id":104,"sha1":"1b773ad197eec750ff4302094792de555c024b38","playbook":{"id":2,"items":{"plays":18,"tasks":608,"results":2412,"hosts":15,"files":158,"records":0},"arguments":{"version":null,"verbosity":0,"private_key_file":null,"remote_user":null,"connection":"openstack.osa.ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":true,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/dynamic_inventory.py","/home/zuul/src/opendev.org/openstack/openstack-ansible/inventory/inventory.ini","/etc/openstack_deploy/inventory.ini"],"listhosts":false,"subset":null,"extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":4,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["setup-hosts.yml"]},"labels":[{"id":1,"name":"check:False"},{"id":2,"name":"tags:all"}],"started":"2025-12-08T13:40:18.992997Z","ended":"2025-12-08T13:50:25.791366Z","duration":"00:10:06.798369","name":null,"ansible_version":"2.18.6","client_version":"1.7.4","python_version":"3.12.11","server_version":"1.7.4","status":"completed","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible/playbooks/setup-hosts.yml","controller":"aio1.openstack.local","user":"root"},"content":"---\n# Copyright 2014, Rackspace US, Inc.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\");\n# you may not use this file except in compliance with the License.\n# You may obtain a copy of the License at\n#\n#     http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS,\n# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n# See the License for the specific language governing permissions and\n# limitations under the License.\n\n- name: Configure dnf fastestmirror\n  community.general.ini_file:\n    path: /etc/dnf/dnf.conf\n    section: main\n    option: fastestmirror\n    value: \"{{ (openstack_hosts_enable_yum_fastestmirror | bool) | ternary('True', 'False') }}\"\n    no_extra_spaces: true\n    mode: \"0644\"\n\n- name: Disable requiretty for root sudo on RHEL\n  ansible.builtin.template:\n    dest: /etc/sudoers.d/openstack-ansible\n    owner: root\n    group: root\n    mode: \"0440\"\n    src: sudoers.j2\n\n# Copy all factored-in GPG keys.\n# KeyID 764429E6 from https://raw.githubusercontent.com/rdo-infra/centos-release-openstack/ocata-rdo/RPM-GPG-KEY-CentOS-SIG-Cloud\n# KeyID 61E8806C from keyserver for rdo-qemu-ev\n- name: If a keyfile is provided, copy the gpg keyfile to the key location\n  ansible.builtin.copy:\n    src: \"{{ item.keyfile }}\"\n    dest: \"{{ item.key }}\"\n    mode: \"0644\"\n  with_items: \"{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}\"\n\n- name: Ensure GPG keys have the correct SELinux contexts applied\n  ansible.builtin.command: restorecon -Rv /etc/pki/rpm-gpg/\n  changed_when: false\n\n# Handle gpg keys manually\n- name: Install gpg keys\n  ansible.builtin.rpm_key:\n    key: \"{{ key.key }}\"\n    validate_certs: \"{{ key.validate_certs | default(omit) }}\"\n    state: \"{{ key.state | default('present') }}\"\n  with_items: \"{{ openstack_hosts_package_repos_keys }}\"\n  loop_control:\n    loop_var: key\n  register: _add_yum_keys\n  until: _add_yum_keys is success\n  retries: 5\n  delay: 2\n\n- name: Add requirement packages (repositories gpg keys packages, toolkits...)\n  ansible.builtin.package:\n    name: \"{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}\"\n    state: \"{{ openstack_hosts_package_state }}\"\n\n- name: Add dnf repositories if they do not exist\n  ansible.builtin.yum_repository:\n    name: \"{{ repo.name }}\"\n    file: \"{{ repo.file | default(omit) }}\"\n    description: \"{{ repo.description | default(omit) }}\"\n    baseurl: \"{{ repo.baseurl | default(omit) }}\"\n    mirrorlist: \"{{ repo.mirrorlist | default(omit) }}\"\n    gpgkey: \"{{ repo.gpgkey | default(omit) }}\"\n    gpgcheck: \"{{ repo.gpgcheck | default(omit) }}\"\n    enabled: \"{{ repo.enabled | default('yes') }}\"\n    exclude: \"{{ repo.exclude | default(omit) }}\"\n    priority: \"{{ repo.priority | default(99) }}\"\n    state: \"{{ repo.state | default(omit) }}\"\n    module_hotfixes: \"{{ repo.module_hotfixes | default(omit) }}\"\n  with_items: \"{{ openstack_hosts_package_repos }}\"\n  loop_control:\n    loop_var: repo\n  register: _adding_repo\n  until: _adding_repo is success\n  retries: 5\n  delay: 2\n\n- name: Add dnf extra conf\n  ansible.builtin.blockinfile:\n    block: \"{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}\"\n    path: /etc/dnf/dnf.conf\n    marker: \"# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK\"\n    create: true\n    mode: \"0644\"\n  when:\n    - openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0\n\n- name: Add rdo repositories via url for trunk based installation\n  ansible.builtin.get_url:\n    url: \"{{ openstack_hosts_rdo_repo_url }}/delorean.repo\"\n    dest: /etc/yum.repos.d/rdo.repo\n    mode: \"0640\"\n  register: _get_repo\n  until: _get_repo is success\n  retries: 5\n  delay: 2\n  when:\n    - (install_method | default('source')) == 'distro'\n    - openstack_hosts_rdo_repo_type == 'trunk'\n\n- name: Install centos-release-openstack package for cloudsig based installation\n  ansible.builtin.package:\n    name:\n      - centos-release-openstack-{{ openstack_distrib_code_name | lower }}\n  when:\n    - (install_method | default('source')) == 'distro'\n    - openstack_hosts_rdo_repo_type == 'cloudsig'\n\n- name: Enable CodeReady Builder repository\n  ansible.builtin.command: dnf config-manager --set-enabled \"crb\"\n  changed_when: false\n  when:\n    - openstack_hosts_power_tool_enable | bool\n    - ansible_facts['distribution_major_version'] | int >= 9\n\n- name: Create SSL certificate and key directories\n  ansible.builtin.file:\n    path: \"{{ item.path }}\"\n    state: directory\n    owner: \"{{ item.owner | default(root) }}\"\n    group: \"{{ item.group | default(root) }}\"\n    mode: \"{{ item.mode | default('0755') }}\"\n  with_items:\n    - { path: \"/etc/pki/tls/certs\", owner: \"root\", group: \"root\" }\n    - { path: \"/etc/pki/tls/private\", owner: \"root\", group: \"root\" }\n\n- name: Create SSL certificate and key directory symlinks\n  ansible.builtin.file:\n    src: \"{{ item.src }}\"\n    dest: \"{{ item.dest }}\"\n    state: \"link\"\n  with_items:\n    - { src: \"/etc/pki/tls/certs\", dest: \"/etc/ssl/certs\" }\n    - { src: \"/etc/pki/tls/private\", dest: \"/etc/ssl/private\" }\n","created":"2025-12-08T13:40:51.165604Z","updated":"2025-12-08T13:40:51.165617Z","path":"/home/zuul/src/opendev.org/openstack/openstack-ansible-openstack_hosts/tasks/openstack_hosts_configure_dnf.yml"}