From 58a9d310d5651171214dc2a621cf2ba197229951 Mon Sep 17 00:00:00 2001
From: Dimitri Savineau <dsavinea@redhat.com>
Date: Wed, 27 Feb 2019 11:40:36 -0500
Subject: [PATCH] mon: Move client admin variable to defaults

There's no need to set the client_admin_ceph_authtool_cap variable
via a set_fact task.
Instead we can set this in the role defaults.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
---
 group_vars/mons.yml.sample               |  5 +++++
 roles/ceph-mon/defaults/main.yml         |  5 +++++
 roles/ceph-mon/tasks/deploy_monitors.yml | 11 -----------
 3 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/group_vars/mons.yml.sample b/group_vars/mons.yml.sample
index 89f75fe1b..8e19b1037 100644
--- a/group_vars/mons.yml.sample
+++ b/group_vars/mons.yml.sample
@@ -31,6 +31,11 @@ dummy:
 #  - nodelete
 #  - nosizechange
 
+#client_admin_ceph_authtool_cap:
+#  mon: allow *
+#  osd: allow *
+#  mds: allow *
+#  mgr: allow *
 
 ###############
 # CRUSH RULES #
diff --git a/roles/ceph-mon/defaults/main.yml b/roles/ceph-mon/defaults/main.yml
index 47f7d7104..e0edb2bb8 100644
--- a/roles/ceph-mon/defaults/main.yml
+++ b/roles/ceph-mon/defaults/main.yml
@@ -23,6 +23,11 @@ secure_cluster_flags:
   - nodelete
   - nosizechange
 
+client_admin_ceph_authtool_cap:
+  mon: allow *
+  osd: allow *
+  mds: allow *
+  mgr: allow *
 
 ###############
 # CRUSH RULES #
diff --git a/roles/ceph-mon/tasks/deploy_monitors.yml b/roles/ceph-mon/tasks/deploy_monitors.yml
index 25d8a19f6..c92de2a92 100644
--- a/roles/ceph-mon/tasks/deploy_monitors.yml
+++ b/roles/ceph-mon/tasks/deploy_monitors.yml
@@ -46,17 +46,6 @@
     mode: "u=rwX,g=rX,o=rX"
     recurse: true
 
-- name: set_fact client_admin_ceph_authtool_cap
-  set_fact:
-    client_admin_ceph_authtool_cap:
-      mon: allow *
-      osd: allow *
-      mds: allow *
-      mgr: allow *
-  when:
-    - cephx
-    - admin_secret != 'admin_secret'
-
 - name: create custom admin keyring
   ceph_key:
     name: client.admin
-- 
2.39.5