Cobbler: update CM repos before running ansible

Signed-off-by: Zack Cerza <zack@redhat.com>

diff --git a/roles/cobbler/defaults/main.yml b/roles/cobbler/defaults/main.yml
index 41475d6d0073ed91ee81b52523dd68c4705c6d3c..658c42964d8849b9f0b6af3f3f6d0976bf6840ea 100644 (file)
--- a/roles/cobbler/defaults/main.yml
+++ b/roles/cobbler/defaults/main.yml
@@ -1,4 +1,11 @@
 ---
+# These defaults are present to allow certain tasks to no-op if a secrets repo
+# hasn't been defined. If you want to override these, do so in the secrets repo
+# itself. We override these in  $repo/ansible/inventory/group_vars/cobbler.yml
+secrets_repo:
+  name: UNDEFINED
+  url: null
+
 # Where to download ISOs
 iso_dir: /var/lib/cobbler/isos
 # Mount point to use for ISOs during import

diff --git a/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh b/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh
index a884e301d4432cdc5748b0c10e88d5dc4b247072..f1cee1c50261d2ffdfb8ffd1da9fe37952417be1 100644 (file)
--- a/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh
+++ b/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh
@@ -5,6 +5,7 @@ name=$2
 export USER=root
 export HOME=/root
 ANSIBLE_CM_PATH=/root/ceph-cm-ansible
+SECRETS_REPO_NAME={{ secrets_repo.name }}
 
 # Bail if the ssh port isn't open, as will be the case when this is run 
 # while the installer is still running. When this is triggered by 
@@ -13,7 +14,15 @@ nmap -sT -oG - -p 22 $name | grep 22/open
 
 mkdir -p /var/log/ansible
 
+if [ $SECRETS_REPO_NAME != 'UNDEFINED' ]
+then
+    ANSIBLE_SECRETS_PATH=/root/$SECRETS_REPO_NAME
+    pushd $ANSIBLE_SECRETS_PATH
+    git pull
+    popd
+fi
 pushd $ANSIBLE_CM_PATH
+git pull
 export ANSIBLE_SSH_PIPELINING=1
 export ANSIBLE_HOST_KEY_CHECKING=False
 # Tell ansible to create users and populate authorized_keys