diff --git a/releasenotes/notes/horizon_default_role_name_create-48fb556caa075665.yaml b/releasenotes/notes/horizon_default_role_name_create-48fb556caa075665.yaml new file mode 100644 index 00000000..17cd0037 --- /dev/null +++ b/releasenotes/notes/horizon_default_role_name_create-48fb556caa075665.yaml @@ -0,0 +1,12 @@ +--- + +deprecations: + - | + The ``horizon_default_role_name`` (default `member`) Keystone role existence + is no longer ensured by the Horizon role. + It is expected that the role defined by ``horizon_default_role_name`` + already exists in Keystone and was bootstrapped via ``keystone-bootstrap`` + command during ``os_keystone`` execution. + You can leverage ``opestack.osa.openstack_resources`` playbook to create + extra roles if you need/want to use non-default value for the + ``horizon_default_role_name`` variable \ No newline at end of file diff --git a/tasks/horizon_service_setup.yml b/tasks/horizon_service_setup.yml deleted file mode 100644 index 5cf6ec3b..00000000 --- a/tasks/horizon_service_setup.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# We set the python interpreter to the ansible runtime venv if -# the delegation is to localhost so that we get access to the -# appropriate python libraries in that venv. If the delegation -# is to another host, we assume that it is accessible by the -# system python instead. -- name: Setup the default member role - delegate_to: "{{ horizon_service_setup_host }}" - vars: - ansible_python_interpreter: "{{ horizon_service_setup_host_python_interpreter }}" - block: - - name: Add default member role - os_keystone_role: - cloud: default - state: present - name: "{{ horizon_default_role_name }}" - endpoint_type: admin - verify: "{{ not keystone_service_adminuri_insecure }}" - when: - - keystone_admin_user_name is defined - - keystone_auth_admin_password is defined - - keystone_admin_tenant_name is defined - - keystone_service_adminurl is defined - - keystone_service_adminuri_insecure is defined - register: add_member_role - until: add_member_role is success - retries: 5 - delay: 10 diff --git a/tasks/main.yml b/tasks/main.yml index 3bc78305..a47ce26e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -79,14 +79,6 @@ - horizon-config - post-install -- name: Importing horizon_service_setup tasks - ansible.builtin.import_tasks: horizon_service_setup.yml - when: - - ('horizon_all' in group_names) - - inventory_hostname == groups['horizon_all'][0] - tags: - - horizon-config - - name: Importing uwsgi/apache tasks ansible.builtin.import_tasks: "{{ (horizon_use_uwsgi | bool) | ternary('horizon_uwsgi.yml', 'horizon_apache.yml') }}" tags: