From: Guillaume Abrioux <gabrioux@redhat.com>
Date: Wed, 13 Oct 2021 08:26:59 +0000 (+0200)
Subject: nfs/rgw: support enforcing keys
X-Git-Tag: v4.0.68
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=b8db1166c51f9398f0e4478d1782c77710ff20c7;p=ceph-ansible.git

nfs/rgw: support enforcing keys

if one sets `ceph_nfs_rgw_access_key` and/or `ceph_nfs_rgw_secret_key`,
the nfs/rgw user creation won't take those variables into account and it
will generate a user with automatically generated credentials.
It ends up with a mismatch between what will be set in ganesha.conf and
the created user.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2010754

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
---

diff --git a/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml b/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
index 06860798c..87fdb9fc4 100644
--- a/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
+++ b/roles/ceph-nfs/tasks/create_rgw_nfs_user.yml
@@ -14,7 +14,7 @@
   when: nfs_obj_gw | bool
 
 - name: create rgw nfs user "{{ ceph_nfs_rgw_user }}"
-  command: "{{ container_exec_cmd_nfs | default('') }} radosgw-admin --cluster {{ cluster }} user create --uid={{ ceph_nfs_rgw_user }} --display-name='RGW NFS User'"
+  command: "{{ container_exec_cmd_nfs | default('') }} radosgw-admin --cluster {{ cluster }} user create --uid={{ ceph_nfs_rgw_user }} --display-name='RGW NFS User' {{ '--access-key=' + ceph_nfs_rgw_access_key if ceph_nfs_rgw_access_key is defined else '' }} {{ '--secret-key=' + ceph_nfs_rgw_secret_key if ceph_nfs_rgw_secret_key is defined else '' }}"
   run_once: true
   register: rgwuser
   changed_when: false