)]}'
{"ansible/roles/octavia-certificates/defaults/main.yml":[{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"b4c407fef0d8f102241f4e78d9614c1ceb898063","unresolved":false,"context_lines":[{"line_number":20,"context_line":"# Common Name"},{"line_number":21,"context_line":"octavia_certs_common_name: example.org"},{"line_number":22,"context_line":""},{"line_number":23,"context_line":"# Server CA."},{"line_number":24,"context_line":"octavia_certs_server_ca_expiry: 3650"},{"line_number":25,"context_line":"octavia_certs_server_ca_country: \"{{ octavia_certs_country }}\""},{"line_number":26,"context_line":"octavia_certs_server_ca_state: \"{{ octavia_certs_state }}\""},{"line_number":27,"context_line":"octavia_certs_server_ca_organization: \"{{ octavia_certs_organization }}\""},{"line_number":28,"context_line":"octavia_certs_server_ca_organizational_unit: \"{{ octavia_certs_organizational_unit }}\""},{"line_number":29,"context_line":"octavia_certs_server_ca_common_name: \"{{ octavia_certs_common_name }}\""},{"line_number":30,"context_line":""},{"line_number":31,"context_line":"# Client CA."},{"line_number":32,"context_line":"octavia_certs_client_ca_expiry: 3650"},{"line_number":33,"context_line":"octavia_certs_client_ca_country: \"{{ octavia_certs_country }}\""},{"line_number":34,"context_line":"octavia_certs_client_ca_state: \"{{ octavia_certs_state }}\""},{"line_number":35,"context_line":"octavia_certs_client_ca_organization: \"{{ octavia_certs_organization }}\""},{"line_number":36,"context_line":"octavia_certs_client_ca_organizational_unit: \"{{ octavia_certs_organizational_unit }}\""},{"line_number":37,"context_line":"octavia_certs_client_ca_common_name: \"{{ octavia_certs_common_name }}\""},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"# Client req."},{"line_number":40,"context_line":"octavia_certs_client_expiry: 365"},{"line_number":41,"context_line":"octavia_certs_client_req_country: \"{{ octavia_certs_country }}\""},{"line_number":42,"context_line":"octavia_certs_client_req_state: \"{{ octavia_certs_state }}\""},{"line_number":43,"context_line":"octavia_certs_client_req_organization: \"{{ octavia_certs_organization }}\""},{"line_number":44,"context_line":"octavia_certs_client_req_organizational_unit: \"{{ octavia_certs_organizational_unit }}\""},{"line_number":45,"context_line":"octavia_certs_client_req_common_name: \"{{ octavia_certs_common_name }}\""}],"source_content_type":"text/x-yaml","patch_set":9,"id":"9f560f44_624e35c3","line":45,"range":{"start_line":23,"start_character":0,"end_line":45,"end_character":71},"updated":"2020-10-01 16:25:36.000000000","message":"nice ,it is more readable.","commit_id":"39fb759f7d596921aedf652a9c47e2f8d11d4cb9"}],"ansible/roles/octavia-certificates/files/openssl.cnf":[{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"199274c70d54d660d82f615c83fab931f11ddb85","unresolved":false,"context_lines":[{"line_number":1,"context_line":"# OpenSSL root CA configuration file."},{"line_number":2,"context_line":""},{"line_number":3,"context_line":"[ ca ]"},{"line_number":4,"context_line":"# `man ca`"}],"source_content_type":"application/octet-stream","patch_set":12,"id":"9f560f44_f23de18e","line":1,"updated":"2020-10-02 16:24:19.000000000","message":"we can mention the link to octavia docs here","commit_id":"47caf52290103e161f0fc16ac418587bc74e9a16"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"199274c70d54d660d82f615c83fab931f11ddb85","unresolved":false,"context_lines":[{"line_number":66,"context_line":"emailAddress                    \u003d Email Address"},{"line_number":67,"context_line":""},{"line_number":68,"context_line":"# Optionally, specify some defaults."},{"line_number":69,"context_line":"countryName_default             \u003d US"},{"line_number":70,"context_line":"stateOrProvinceName_default     \u003d Oregon"},{"line_number":71,"context_line":"localityName_default            \u003d"},{"line_number":72,"context_line":"0.organizationName_default      \u003d OpenStack"},{"line_number":73,"context_line":"organizationalUnitName_default  \u003d Octavia"},{"line_number":74,"context_line":"emailAddress_default            \u003d"},{"line_number":75,"context_line":"commonName_default              \u003d example.org"},{"line_number":76,"context_line":""},{"line_number":77,"context_line":"[ v3_ca ]"},{"line_number":78,"context_line":"# Extensions for a typical CA (`man x509v3_config`)."}],"source_content_type":"application/octet-stream","patch_set":12,"id":"9f560f44_32e3d908","line":75,"range":{"start_line":69,"start_character":0,"end_line":75,"end_character":45},"updated":"2020-10-02 16:24:19.000000000","message":"we could template out the defaults in here","commit_id":"47caf52290103e161f0fc16ac418587bc74e9a16"},{"author":{"_account_id":14826,"name":"Mark Goddard","email":"markgoddard86@gmail.com","username":"mgoddard"},"change_message_id":"3dae22957402610407bd11c31b3d9eb8028b4958","unresolved":false,"context_lines":[{"line_number":1,"context_line":"[ client_ca ]"},{"line_number":2,"context_line":"new_certs_dir     \u003d ."},{"line_number":3,"context_line":"database          \u003d index.txt"},{"line_number":4,"context_line":"serial            \u003d serial"}],"source_content_type":"application/octet-stream","patch_set":22,"id":"9f560f44_4ad15fcc","line":1,"updated":"2020-10-05 17:01:01.000000000","message":"I hope you are more familiar with openssl configuration than I am.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"63b11b74a29eda25190f5a00f29068b6e608d5f0","unresolved":false,"context_lines":[{"line_number":1,"context_line":"[ client_ca ]"},{"line_number":2,"context_line":"new_certs_dir     \u003d ."},{"line_number":3,"context_line":"database          \u003d index.txt"},{"line_number":4,"context_line":"serial            \u003d serial"}],"source_content_type":"application/octet-stream","patch_set":22,"id":"9f560f44_d51990d1","line":1,"in_reply_to":"9f560f44_4ad15fcc","updated":"2020-10-05 17:32:05.000000000","message":"Yes, sir. I went with some good practices and pretty sane defaults.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"}],"ansible/roles/octavia-certificates/tasks/client_cert.yml":[{"author":{"_account_id":22165,"name":"caoyuan","email":"cao.yingjunz@gmail.com","username":"caoyuan"},"change_message_id":"f86b6fbd4124d3c71e571ba0436d0b774d98db9c","unresolved":false,"context_lines":[{"line_number":19,"context_line":"      OU: \"{{ octavia_certs_client_req_organizational_unit }}\""},{"line_number":20,"context_line":"      CN: \"{{ octavia_certs_client_req_common_name }}\""},{"line_number":21,"context_line":"  command: \u003e"},{"line_number":22,"context_line":"    openssl req -new -config ../openssl.cnf"},{"line_number":23,"context_line":"    -key client.key.pem"},{"line_number":24,"context_line":"    -out client.csr.pem"},{"line_number":25,"context_line":"    -subj \"/{{ client_req_subject.items() | map(\u0027join\u0027, \u0027\u003d\u0027) | join(\u0027/\u0027) }}\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_73123bff","line":22,"range":{"start_line":22,"start_character":4,"end_line":22,"end_character":11},"updated":"2020-10-07 15:57:32.000000000","message":"do we need to ensure the openssl command is installed?","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":14826,"name":"Mark Goddard","email":"markgoddard86@gmail.com","username":"mgoddard"},"change_message_id":"6a9d1bb20b911cf204cfda921e5ec7920e2d3826","unresolved":false,"context_lines":[{"line_number":19,"context_line":"      OU: \"{{ octavia_certs_client_req_organizational_unit }}\""},{"line_number":20,"context_line":"      CN: \"{{ octavia_certs_client_req_common_name }}\""},{"line_number":21,"context_line":"  command: \u003e"},{"line_number":22,"context_line":"    openssl req -new -config ../openssl.cnf"},{"line_number":23,"context_line":"    -key client.key.pem"},{"line_number":24,"context_line":"    -out client.csr.pem"},{"line_number":25,"context_line":"    -subj \"/{{ client_req_subject.items() | map(\u0027join\u0027, \u0027\u003d\u0027) | join(\u0027/\u0027) }}\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_af73a8e7","line":22,"range":{"start_line":22,"start_character":4,"end_line":22,"end_character":11},"in_reply_to":"9f560f44_5301f738","updated":"2020-10-09 07:59:10.000000000","message":"We should do this as a follow up.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":14826,"name":"Mark Goddard","email":"markgoddard86@gmail.com","username":"mgoddard"},"change_message_id":"b23dd5f1e8b7dd110ce8975fd9711c6d8ecafffd","unresolved":false,"context_lines":[{"line_number":19,"context_line":"      OU: \"{{ octavia_certs_client_req_organizational_unit }}\""},{"line_number":20,"context_line":"      CN: \"{{ octavia_certs_client_req_common_name }}\""},{"line_number":21,"context_line":"  command: \u003e"},{"line_number":22,"context_line":"    openssl req -new -config ../openssl.cnf"},{"line_number":23,"context_line":"    -key client.key.pem"},{"line_number":24,"context_line":"    -out client.csr.pem"},{"line_number":25,"context_line":"    -subj \"/{{ client_req_subject.items() | map(\u0027join\u0027, \u0027\u003d\u0027) | join(\u0027/\u0027) }}\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_5301f738","line":22,"range":{"start_line":22,"start_character":4,"end_line":22,"end_character":11},"in_reply_to":"9f560f44_73123bff","updated":"2020-10-07 16:21:29.000000000","message":"Good question.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"13cec5174e055f78c95f27a064517a6252946a5e","unresolved":false,"context_lines":[{"line_number":19,"context_line":"      OU: \"{{ octavia_certs_client_req_organizational_unit }}\""},{"line_number":20,"context_line":"      CN: \"{{ octavia_certs_client_req_common_name }}\""},{"line_number":21,"context_line":"  command: \u003e"},{"line_number":22,"context_line":"    openssl req -new -config ../openssl.cnf"},{"line_number":23,"context_line":"    -key client.key.pem"},{"line_number":24,"context_line":"    -out client.csr.pem"},{"line_number":25,"context_line":"    -subj \"/{{ client_req_subject.items() | map(\u0027join\u0027, \u0027\u003d\u0027) | join(\u0027/\u0027) }}\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_02df0b0c","line":22,"range":{"start_line":22,"start_character":4,"end_line":22,"end_character":11},"in_reply_to":"9f560f44_af73a8e7","updated":"2020-10-09 08:44:33.000000000","message":"Yup, possibly also for the `certificates`.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":14826,"name":"Mark Goddard","email":"markgoddard86@gmail.com","username":"mgoddard"},"change_message_id":"3dae22957402610407bd11c31b3d9eb8028b4958","unresolved":false,"context_lines":[{"line_number":43,"context_line":"    creates: \"{{ octavia_certs_work_dir }}/client_ca/client.cert.pem\""},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"- name: Create a concatenated client certificate and key file"},{"line_number":46,"context_line":"  shell: \u003e"},{"line_number":47,"context_line":"    cat client.cert.pem client.key.pem \u003e client.cert-and-key.pem"},{"line_number":48,"context_line":"  args:"},{"line_number":49,"context_line":"    chdir: \"{{ octavia_certs_work_dir }}/client_ca\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_eaa83321","line":46,"range":{"start_line":46,"start_character":2,"end_line":46,"end_character":7},"updated":"2020-10-05 17:01:01.000000000","message":"We used https://docs.ansible.com/ansible/latest/collections/ansible/builtin/assemble_module.html with a regex in the certificates role.","commit_id":"114207e596452153187cbf712f1730612ab9c0de"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"9def197088a2a870ee3f5a07a9242ef53ebfd603","unresolved":false,"context_lines":[{"line_number":43,"context_line":"    creates: \"{{ octavia_certs_work_dir }}/client_ca/client.cert.pem\""},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"- name: Create a concatenated client certificate and key file"},{"line_number":46,"context_line":"  shell: \u003e"},{"line_number":47,"context_line":"    cat client.cert.pem client.key.pem \u003e client.cert-and-key.pem"},{"line_number":48,"context_line":"  args:"},{"line_number":49,"context_line":"    chdir: \"{{ octavia_certs_work_dir }}/client_ca\""}],"source_content_type":"text/x-yaml","patch_set":22,"id":"9f560f44_9564384f","line":46,"range":{"start_line":46,"start_character":2,"end_line":46,"end_character":7},"in_reply_to":"9f560f44_eaa83321","updated":"2020-10-05 17:33:05.000000000","message":"Hah, I missed that. Let\u0027s see the results first, then we can iterate (in here or follow).","commit_id":"114207e596452153187cbf712f1730612ab9c0de"}],"ansible/roles/octavia-certificates/tasks/main.yml":[{"author":{"_account_id":26285,"name":"wu.chunyang","email":"wchy1001@gmail.com","username":"wu.chunyang"},"change_message_id":"c99fdf3f25ffd953f793fb63548c7660339cc1d7","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"- name: Ensuring octavia custom config directory exist"},{"line_number":3,"context_line":"  file:"},{"line_number":4,"context_line":"    path: \"{{ node_custom_config }}/octavia/\""},{"line_number":5,"context_line":"    state: \"directory\""},{"line_number":6,"context_line":"    mode: \"0770\""},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"- name: Ensure octavia certificates exist"},{"line_number":9,"context_line":"  stat:"},{"line_number":10,"context_line":"    path: \"{{ node_custom_config }}/octavia/{{ item }}\""},{"line_number":11,"context_line":"  loop:"},{"line_number":12,"context_line":"    - client_ca.cert.pem"},{"line_number":13,"context_line":"    - client.cert-and-key.pem"},{"line_number":14,"context_line":"    - server_ca.cert.pem"},{"line_number":15,"context_line":"    - server_ca.key.pem"},{"line_number":16,"context_line":"  register: cert_info"},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"- import_tasks: generate_certificates.yml"},{"line_number":19,"context_line":"  when: (cert_info.results | selectattr(\u0027stat.exists\u0027, \u0027equalto\u0027, true) | list | length) !\u003d 4"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"9f560f44_b7cc29bc","line":16,"range":{"start_line":1,"start_character":0,"end_line":16,"end_character":21},"updated":"2020-09-30 05:36:28.000000000","message":"only there is no pems in directroy , we will create pems. in case that /tmp/certs is deleted but user run this command.","commit_id":"0d57412d9382ff34e984d1c9acbef706d38c418d"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"199274c70d54d660d82f615c83fab931f11ddb85","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"- name: Create server_ca and client_ca directory"},{"line_number":3,"context_line":"  file:"},{"line_number":4,"context_line":"    path: \"{{ octavia_certs_work_dir }}/{{ item }}\""}],"source_content_type":"text/x-yaml","patch_set":12,"id":"9f560f44_52b76d22","line":1,"range":{"start_line":1,"start_character":2,"end_line":1,"end_character":3},"updated":"2020-10-02 16:24:19.000000000","message":"we can mention the link to octavia docs here","commit_id":"47caf52290103e161f0fc16ac418587bc74e9a16"},{"author":{"_account_id":30491,"name":"Radosław Piliszek","display_name":"Radek","email":"radek@piliszek.it","username":"yoctozepto","status":"self-employed techologist, collaborating mostly with 7bulls.com"},"change_message_id":"199274c70d54d660d82f615c83fab931f11ddb85","unresolved":false,"context_lines":[{"line_number":39,"context_line":"    chdir: \"{{ octavia_certs_work_dir }}/server_ca\""},{"line_number":40,"context_line":"    creates: \"{{ octavia_certs_work_dir }}/server_ca/server_ca.key.pem\""},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"# copy openssl.cnf which copied from octavia project"},{"line_number":43,"context_line":"- name: Copy openssl.cnf"},{"line_number":44,"context_line":"  copy:"},{"line_number":45,"context_line":"    src: \"{{ octavia_certs_openssl_cnf_path }}\""}],"source_content_type":"text/x-yaml","patch_set":12,"id":"9f560f44_d2cb7da1","line":42,"range":{"start_line":42,"start_character":0,"end_line":42,"end_character":52},"updated":"2020-10-02 16:24:19.000000000","message":"this is more confusing than helping","commit_id":"47caf52290103e161f0fc16ac418587bc74e9a16"}],"tools/kolla-ansible":[{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"0644da03d61425a76125077746e494bcffcdcdf3","unresolved":false,"context_lines":[{"line_number":120,"context_line":"Environment variables:"},{"line_number":121,"context_line":"    EXTRA_OPTS                         Additional arguments to pass to ansible-playbook"},{"line_number":122,"context_line":""},{"line_number":123,"context_line":"Commands:"},{"line_number":124,"context_line":"    prechecks            Do pre-deployment checks for hosts"},{"line_number":125,"context_line":"    check                Do post-deployment smoke tests"},{"line_number":126,"context_line":"    mariadb_recovery     Recover a completely stopped mariadb cluster"},{"line_number":127,"context_line":"    mariadb_backup       Take a backup of MariaDB databases"},{"line_number":128,"context_line":"                             --full (default)"},{"line_number":129,"context_line":"                             --incremental"},{"line_number":130,"context_line":"    bootstrap-servers    Bootstrap servers with kolla deploy dependencies"},{"line_number":131,"context_line":"    destroy              Destroy Kolla containers, volumes and host configuration"},{"line_number":132,"context_line":"                             --include-images to also destroy Kolla images"},{"line_number":133,"context_line":"                             --include-dev to also destroy dev mode repos"},{"line_number":134,"context_line":"    deploy               Deploy and start all kolla containers"},{"line_number":135,"context_line":"    deploy-bifrost       Deploy and start bifrost container"},{"line_number":136,"context_line":"    deploy-servers       Enroll and deploy servers with bifrost"},{"line_number":137,"context_line":"    deploy-containers    Only deploy and start containers (no config updates or bootstrapping)"},{"line_number":138,"context_line":"    post-deploy          Do post deploy on deploy node"},{"line_number":139,"context_line":"    pull                 Pull all images for containers (only pulls, no running container changes)"},{"line_number":140,"context_line":"    reconfigure          Reconfigure OpenStack service"},{"line_number":141,"context_line":"    stop                 Stop Kolla containers"},{"line_number":142,"context_line":"    certificates         Generate self-signed certificate for TLS *For Development Only*"},{"line_number":143,"context_line":"    octavia-certificates Generate certificates for octavia deployment"},{"line_number":144,"context_line":"    upgrade              Upgrades existing OpenStack Environment"},{"line_number":145,"context_line":"    upgrade-bifrost      Upgrades an existing bifrost container"},{"line_number":146,"context_line":"    genconfig            Generate configuration files for enabled OpenStack services"},{"line_number":147,"context_line":"    prune-images         Prune orphaned Kolla images"},{"line_number":148,"context_line":"EOF"},{"line_number":149,"context_line":"}"},{"line_number":150,"context_line":""}],"source_content_type":"application/x-shellscript","patch_set":24,"id":"9f560f44_0f2d74fc","line":147,"range":{"start_line":123,"start_character":0,"end_line":147,"end_character":52},"updated":"2020-10-09 07:34:45.000000000","message":"shouldn\u0027t we finally have this sorted or something? it looks weird, in this order :-)","commit_id":"894f4912acd635ddb1bfec171bcd4e3de610caaf"}]}
