Initial commit

[ta/infra-ansible.git] / roles / access-management / tasks / fill_sqls.yaml

# Copyright 2019 Nokia

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Set fact for users
  set_fact:
    am_users:
      - "{{ keystone_admin_user_name }}"
  tags:
    - am_dbfiller

- name: Set fact for users 2
  set_fact:
    am_users:
      - keystone
      - ironic
      - restful
      - "{{ keystone_admin_user_name }}"
  when: '"controller" in hosts[installation_controller]["service_profiles"]'
  tags:
    - am_dbfiller

- name: Get UUID of users
  run_once: true
  keystone:
    command: "get_user"
    user_name: "{{ item }}"
    endpoint: "{{ keystone_service_adminurl }}"
    login_user: "{{ keystone_admin_user_name }}"
    login_password: "{{ keystone_auth_admin_password }}"
    login_project_name: "{{ keystone_admin_tenant_name }}"
  with_items: "{{ am_users }}"
  register: keystone_uuids
  tags:
    - am_dbfiller

- name: Create bash script to set service user special password policy options
  template:
    src: keystone_users_patch.sh.j2
    dest: "{{ am_server_temp_dir }}/keystone_users_patch.sh"
    owner: root
    group: root
    mode: 0500

- name: Run the bash script
  run_once: true
  shell: "{{ am_server_temp_dir }}/keystone_users_patch.sh >> {{ am_config.Logging.logdir }}/keystone_users_patch.log"