)]}'
{"playbooks/octavia-files.yaml":[{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":20,"context_line":""},{"line_number":21,"context_line":"- hosts: Controller"},{"line_number":22,"context_line":"  gather_facts: True"},{"line_number":23,"context_line":"  remote_user: heat-admin"},{"line_number":24,"context_line":"  become: true"},{"line_number":25,"context_line":"  become_user: root"},{"line_number":26,"context_line":"  vars:"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_1d1b9c1b","line":23,"updated":"2017-10-31 14:40:56.000000000","message":"The heat-admin user won\u0027t exist in the deployed server scenario so in order to make this playbook work in that scenario so you could use tripleo-admin user instead. You should be able to set up this user and get the key in mistral like this: \n\nhttps://github.com/openstack/tripleo-common/blob/master/workbooks/ceph-ansible.yaml#L26-L32","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"}],"requirements.txt":[{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":24,"context_line":"netifaces\u003e\u003d0.10.4 # MIT"},{"line_number":25,"context_line":"paramiko\u003e\u003d2.0.0 # LGPLv2.1+"},{"line_number":26,"context_line":"netaddr\u003e\u003d0.7.18 # BSD"},{"line_number":27,"context_line":"shade"}],"source_content_type":"text/plain","patch_set":5,"id":"3f4b6375_f00d6990","line":27,"updated":"2017-11-01 14:11:05.000000000","message":"Is a package available in RDO?","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"6c1695b802ffe0a3d90b09dd6255719de1e0b2dc","unresolved":false,"context_lines":[{"line_number":24,"context_line":"netifaces\u003e\u003d0.10.4 # MIT"},{"line_number":25,"context_line":"paramiko\u003e\u003d2.0.0 # LGPLv2.1+"},{"line_number":26,"context_line":"netaddr\u003e\u003d0.7.18 # BSD"},{"line_number":27,"context_line":"shade"}],"source_content_type":"text/plain","patch_set":5,"id":"3f4b6375_b65ec273","line":27,"in_reply_to":"3f4b6375_f00d6990","updated":"2017-11-01 21:46:54.000000000","message":"I think so, but I\u0027m removing this anyways as it isn\u0027t available on all supported distros yet.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"4e7e4f041df02f8aec50ace15ba361f8c8fd4eb1","unresolved":false,"context_lines":[{"line_number":24,"context_line":"netifaces\u003e\u003d0.10.4 # MIT"},{"line_number":25,"context_line":"paramiko\u003e\u003d2.0.0 # LGPLv2.1+"},{"line_number":26,"context_line":"netaddr\u003e\u003d0.7.18 # BSD"},{"line_number":27,"context_line":"shade"}],"source_content_type":"text/plain","patch_set":6,"id":"3f4b6375_0a90b449","line":27,"range":{"start_line":27,"start_character":0,"end_line":27,"end_character":5},"updated":"2017-11-02 12:17:12.000000000","message":"This should match global-requirements.\n\nshade\u003e\u003d1.17.0 # Apache-2.0\n\nHowever, after looking at the code I am not sure that it is needed here. We never import it in the Python code, so it is something that can be handled via the rpm packaging. We don\u0027t include ansible here either for example.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"}],"setup.cfg":[{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":137,"context_line":"    tripleo.ansible-playbook \u003d tripleo_common.actions.ansible:AnsiblePlaybookAction"},{"line_number":138,"context_line":"    tripleo.templates.upload_default \u003d tripleo_common.actions.templates:UploadTemplatesAction"},{"line_number":139,"context_line":"    tripleo.plan.migrate \u003d tripleo_common.actions.plan:MigratePlanAction"},{"line_number":140,"context_line":"    tripleo.openssl \u003d tripleo_common.actions.openssl:OpenSSLAction"}],"source_content_type":"text/x-ttcn-cfg","patch_set":3,"id":"3f4b6375_82b4cbd2","line":140,"range":{"start_line":140,"start_character":4,"end_line":140,"end_character":19},"updated":"2017-10-31 14:40:56.000000000","message":"Could the name for this be tripleo.openssl.create_certificate? \n\nThat way if other actions are added that involve openssl they can follow the same pattern: tripleo.openssl.*","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":137,"context_line":"    tripleo.ansible-playbook \u003d tripleo_common.actions.ansible:AnsiblePlaybookAction"},{"line_number":138,"context_line":"    tripleo.templates.upload_default \u003d tripleo_common.actions.templates:UploadTemplatesAction"},{"line_number":139,"context_line":"    tripleo.plan.migrate \u003d tripleo_common.actions.plan:MigratePlanAction"},{"line_number":140,"context_line":"    tripleo.openssl \u003d tripleo_common.actions.openssl:OpenSSLAction"}],"source_content_type":"text/x-ttcn-cfg","patch_set":5,"id":"3f4b6375_301421a0","line":140,"updated":"2017-11-01 14:11:05.000000000","message":"Not necessary if only for testing.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":137,"context_line":"    tripleo.ansible-playbook \u003d tripleo_common.actions.ansible:AnsiblePlaybookAction"},{"line_number":138,"context_line":"    tripleo.templates.upload_default \u003d tripleo_common.actions.templates:UploadTemplatesAction"},{"line_number":139,"context_line":"    tripleo.plan.migrate \u003d tripleo_common.actions.plan:MigratePlanAction"},{"line_number":140,"context_line":"    tripleo.openssl \u003d tripleo_common.actions.openssl:OpenSSLAction"}],"source_content_type":"text/x-ttcn-cfg","patch_set":6,"id":"3f4b6375_6f9bba72","line":140,"range":{"start_line":140,"start_character":4,"end_line":140,"end_character":19},"updated":"2017-11-02 12:15:10.000000000","message":"This should follow the convention used in the other action names.\n\ntripleo.NAMESPACE.ACTION_NAME\n\nI think \"openssl\" is the namespace, so try and add an action name that explains what it does.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"}],"tripleo_common/actions/openssl.py":[{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":27,"context_line":"from oslo_concurrency import processutils"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"class OpenSSLAction(actions.Action):"},{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_0268db84","line":30,"updated":"2017-10-31 14:40:56.000000000","message":"Perhaps a name like \"CreateOpenSSLCertificate\" would be better?","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":28,"context_line":""},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"class OpenSSLAction(actions.Action):"},{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"},{"line_number":34,"context_line":"\tpass"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_42d7f350","line":31,"updated":"2017-10-31 14:40:56.000000000","message":"Would you please add documentation here on what this new mistral action does? \n\nA user should be able to look up information about what your new action does using a command like the following: \n```\n(undercloud) [stack@undercloud ~]$ mistral action-get tripleo.files.file_exists\n+-------------+---------------------------------------------------------+\n| Field       | Value                                                   |\n+-------------+---------------------------------------------------------+\n| ID          | 6b5dd8bd-dc6d-4fec-95f9-b8e895efe3ea                    |\n| Name        | tripleo.files.file_exists                               |\n| Is system   | True                                                    |\n| Input       | path                                                    |\n| Description | Verifies if a path exists on the localhost (undercloud) |\n| Tags        | \u003cnone\u003e                                                  |\n| Created at  | 2017-10-30 01:48:37                                     |\n| Updated at  | None                                                    |\n+-------------+---------------------------------------------------------+\n(undercloud) [stack@undercloud ~]$ \n```\n\nwhich you can see matches line 27 of https://review.openstack.org/#/c/477541/8/tripleo_common/actions/files.py","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"},{"line_number":34,"context_line":"\tpass"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"    def run(self, context):"},{"line_number":37,"context_line":"\t   return create_certificates()"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_0768ed84","line":34,"updated":"2017-10-31 14:40:56.000000000","message":"This is failing [0] pep8 [1] because of the mix of tabs and spaces. Would you please change this tab to a space and make similar changes in the rest of the file so it is all spaces?\n\n[0] http://logs.openstack.org/02/515402/3/check/openstack-tox-pep8/f595000/job-output.txt.gz#_2017-10-31_00_20_25_777748\n\n[1] https://www.python.org/dev/peps/pep-0008/#tabs-or-spaces","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":42,"context_line":"\tif (p.returncode !\u003d 0):"},{"line_number":43,"context_line":"\t\traise Exception(\"stderr\u003d\" + p.stderr.read())"},{"line_number":44,"context_line":"\treturn (p.returncode, p.stdout.read(), p.stderr.read())"},{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_6797a192","line":45,"updated":"2017-10-31 14:40:56.000000000","message":"please remove extra whitespace","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_47670553","line":49,"updated":"2017-10-31 14:40:56.000000000","message":"Please indent this comment and consider switching it to using triple-quotes.","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_471f0570","line":52,"updated":"2017-10-31 14:40:56.000000000","message":"What do you think about not hard coding all these items into the command and making them variables instead which would be keys in a dictionary?\n\nIf so, they could default the dictionary to the values you choose, if the user passes no parameters, but also have the option so that a user could pass the params to override these defaults.","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":84,"context_line":"\tretval \u003d create_certificates()"},{"line_number":85,"context_line":"\tprint(retval[\"ca_key\"])"},{"line_number":86,"context_line":"        print(retval[\"ca_public\"])"},{"line_number":87,"context_line":"        print(retval[\"client_pem\"])\t"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4b6375_479265a1","line":87,"updated":"2017-10-31 14:40:56.000000000","message":"please remove extra whitespace","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":44,"context_line":"\treturn (p.returncode, p.stdout.read(), p.stderr.read())"},{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"}],"source_content_type":"text/x-python","patch_set":5,"id":"3f4b6375_70f3b99f","line":47,"updated":"2017-11-01 14:11:05.000000000","message":"If this is just for test, I don\u0027t think I even want it in the repo.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"6c1695b802ffe0a3d90b09dd6255719de1e0b2dc","unresolved":false,"context_lines":[{"line_number":44,"context_line":"\treturn (p.returncode, p.stdout.read(), p.stderr.read())"},{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"}],"source_content_type":"text/x-python","patch_set":5,"id":"3f4b6375_5680ae8b","line":47,"in_reply_to":"3f4b6375_70f3b99f","updated":"2017-11-01 21:46:54.000000000","message":"Saying this if for testing is a little misleading and should be reworded. Octavia requires certificates and the ability to generate certificates for amphora. This configuration is directed at configuring proof-of-concept and development environments where the deployer may not have or wish to access to all of the required CA data, etc. that production environment would use. I\u0027ll try and dredge up a SME on how octavia uses this stuff to try and make it a bit clearer.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":11085,"name":"Toure Dunnon","email":"toure@redhat.com","username":"Toure"},"change_message_id":"ca93bf9b200d58f8ac7a3d020895f78c45ede4b0","unresolved":false,"context_lines":[{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"},{"line_number":56,"context_line":"# system openssl.cnf in a different directory."},{"line_number":57,"context_line":"\tmy_run_process(\"cp /etc/pki/tls/openssl.cnf /tmp/octavia-ssl/\")"},{"line_number":58,"context_line":"\tmy_run_process(\u0027sed -i -e \"s/^dir\\\\s.*$/dir \u003d \\/tmp\\/octavia-ssl/\" -e \"s/cacert.pem/ca_01.pem/\" /tmp/octavia-ssl/openssl.cnf\u0027)"},{"line_number":59,"context_line":"\t#print(\"create ca private key\")"},{"line_number":60,"context_line":"\tmy_run_process(\u0027openssl genrsa  -passout pass:foobar -des3 -out /tmp/octavia-ssl/private/cakey.pem 2048\u0027)"},{"line_number":61,"context_line":"\t#print(\"create ca certificate\")"},{"line_number":62,"context_line":"\tmy_run_process(\u0027openssl req -x509 -passin pass:foobar -new -nodes -key /tmp/octavia-ssl/private/cakey.pem \\"},{"line_number":63,"context_line":"\t           -subj \"/C\u003dUS/ST\u003dDenial/L\u003dSpringfield/O\u003dDis/CN\u003dwww.example.com\" \\"},{"line_number":64,"context_line":"\t           -days 365 -config /tmp/octavia-ssl/openssl.cnf \\"},{"line_number":65,"context_line":"\t           -out /tmp/octavia-ssl/ca_01.pem\u0027)"},{"line_number":66,"context_line":"\t#print(\"create service key + certificate request\")"},{"line_number":67,"context_line":"\tmy_run_process(\u0027openssl req  -newkey rsa:2048 -nodes -config /tmp/octavia-ssl/openssl.cnf -keyout /tmp/octavia-ssl/client.key \\"},{"line_number":68,"context_line":"\t           -subj \"/C\u003dUS/ST\u003dDenial/L\u003dSpringfield/O\u003dDis/CN\u003dwww.example.com\" \\"},{"line_number":69,"context_line":"\t           -out /tmp/octavia-ssl/client.csr\u0027)"},{"line_number":70,"context_line":"        #print(\"sign service certificate\")"},{"line_number":71,"context_line":"\tmy_run_process(\u0027openssl ca -config /tmp/octavia-ssl/openssl.cnf -passin pass:foobar -in /tmp/octavia-ssl/client.csr \\"},{"line_number":72,"context_line":"\t           -days 365 -out /tmp/octavia-ssl/client-.pem -batch\u0027)"},{"line_number":73,"context_line":" \t#print(\"create pem file with service private key \u0026 public certificate\")"},{"line_number":74,"context_line":"\tmy_run_process(\u0027cat /tmp/octavia-ssl/client-.pem /tmp/octavia-ssl/client.key \u003e /tmp/octavia-ssl/client.pem\u0027)"},{"line_number":75,"context_line":"\twith open(\"/tmp/octavia-ssl/private/cakey.pem\") as f:"},{"line_number":76,"context_line":"\t\tca_key \u003d f.read()"},{"line_number":77,"context_line":"        with open(\"/tmp/octavia-ssl/ca_01.pem\") as f:"},{"line_number":78,"context_line":"\t\tca_public \u003d f.read()"},{"line_number":79,"context_line":"        with open(\"/tmp/octavia-ssl/client.pem\") as f:"},{"line_number":80,"context_line":"\t\tclient_pem \u003d f.read()"},{"line_number":81,"context_line":"\treturn { \"ca_key\" :  ca_key, \"ca_public\" : ca_public, \"client_pem\" : client_pem }"},{"line_number":82,"context_line":""},{"line_number":83,"context_line":"if __name__ \u003d\u003d \"__main__\":"},{"line_number":84,"context_line":"\tretval \u003d create_certificates()"}],"source_content_type":"text/x-python","patch_set":5,"id":"3f4b6375_3c763aa6","line":81,"range":{"start_line":48,"start_character":1,"end_line":81,"end_character":82},"updated":"2017-11-01 15:00:12.000000000","message":"Please make sure to use the native python libraries for OpenSSL (pyopenssl) as this will provide a much cleaner implementation. http://paste.openstack.org/show/625217/","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":27,"context_line":"from oslo_concurrency import processutils"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"class OpenSSLAction(actions.Action):"},{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_afd1b2fd","line":30,"range":{"start_line":30,"start_character":6,"end_line":30,"end_character":19},"updated":"2017-11-02 12:15:10.000000000","message":"I think we need to rename this action. I mentioned this in the setup.cfg, but I think the class name should change too.\n\n\"tripleo.openssl\" and \"OpenSSLAction\" don\u0027t tell me what it does, just that it is something to do with openssl. However, really it is something very specific to ocatavia?\n\nThis will essentially become part of our public API. So we need to tread carefully.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":28,"context_line":""},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"class OpenSSLAction(actions.Action):"},{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"},{"line_number":34,"context_line":"\tpass"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_af56525b","line":31,"updated":"2017-11-02 12:15:10.000000000","message":"This docstring should be either removed or updated.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":30,"context_line":"class OpenSSLAction(actions.Action):"},{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"},{"line_number":34,"context_line":"\tpass"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"    def run(self, context):"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_2fc82220","line":33,"updated":"2017-11-02 12:15:10.000000000","message":"This function can be removed. empty __ini__ methods are not needed anymore (I fixed this bug in mistral-lib)","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":31,"context_line":"    \"\"\"Executes ansible module\"\"\""},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def __init__(self, **kwargs):"},{"line_number":34,"context_line":"\tpass"},{"line_number":35,"context_line":""},{"line_number":36,"context_line":"    def run(self, context):"},{"line_number":37,"context_line":"\t   return create_certificates()"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_af7e5216","line":34,"range":{"start_line":34,"start_character":0,"end_line":34,"end_character":1},"updated":"2017-11-02 12:15:10.000000000","message":"Each of these lines with the red character (not sure what it is called) has a tab that needs to be converted into spaces. I would suggest configuring your editor to do this.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":36,"context_line":"    def run(self, context):"},{"line_number":37,"context_line":"\t   return create_certificates()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"def my_run_process(cmd):"},{"line_number":40,"context_line":"\tp \u003d Popen(cmd, stdin\u003dPIPE, stdout\u003dPIPE, stderr\u003dPIPE, shell\u003dTrue, close_fds\u003dTrue)"},{"line_number":41,"context_line":"\tp.wait()"},{"line_number":42,"context_line":"\tif (p.returncode !\u003d 0):"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_ef31ea5a","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":18},"updated":"2017-11-02 12:15:10.000000000","message":"I am really not comfortable will all the bash we are running in here. However, if we find out that we do need some of it, consider renaming this. run_shell might be more descriptive. or even just remove \"my_\" - it doesn\u0027t add anything IMO","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":42,"context_line":"\tif (p.returncode !\u003d 0):"},{"line_number":43,"context_line":"\t\traise Exception(\"stderr\u003d\" + p.stderr.read())"},{"line_number":44,"context_line":"\treturn (p.returncode, p.stdout.read(), p.stderr.read())"},{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_2fdee210","line":45,"range":{"start_line":45,"start_character":0,"end_line":45,"end_character":1},"updated":"2017-11-02 12:15:10.000000000","message":"trailing whitespace","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"4851a7d799adadba56c8a9543ae3a0738929a4c3","unresolved":false,"context_lines":[{"line_number":44,"context_line":"\treturn (p.returncode, p.stdout.read(), p.stderr.read())"},{"line_number":45,"context_line":"\t"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"def create_certificates():"},{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_caa61c10","line":47,"updated":"2017-11-02 12:07:09.000000000","message":"Is there some reason this can\u0027t be done via ansible?","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":48,"context_line":"    # Create the certificate files"},{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_afdbf2ea","line":51,"updated":"2017-11-02 12:15:10.000000000","message":"https://docs.python.org/2/library/shutil.html#shutil.rmtree","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":49,"context_line":"# WARNING! For testing a development ONLY! Do not use certificates"},{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_6f8f3acd","line":52,"updated":"2017-11-02 12:15:10.000000000","message":"https://docs.python.org/2/library/os.html#os.makedirs","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":50,"context_line":"# generated by this script in production!"},{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"},{"line_number":56,"context_line":"# system openssl.cnf in a different directory."}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_0fc446f4","line":53,"updated":"2017-11-02 12:15:10.000000000","message":"https://stackoverflow.com/questions/1158076/implement-touch-using-python","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":51,"context_line":"\tmy_run_process(\"rm -Rf /tmp/octavia-ssl\")"},{"line_number":52,"context_line":"\tmy_run_process(\"mkdir -p /tmp/octavia-ssl/private /tmp/octavia-ssl/newcerts\")"},{"line_number":53,"context_line":"\tmy_run_process(\"touch /tmp/octavia-ssl/index.txt\")"},{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"},{"line_number":56,"context_line":"# system openssl.cnf in a different directory."},{"line_number":57,"context_line":"\tmy_run_process(\"cp /etc/pki/tls/openssl.cnf /tmp/octavia-ssl/\")"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_cf6e2eff","line":54,"updated":"2017-11-02 12:15:10.000000000","message":"open file and write?","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":54,"context_line":"\tmy_run_process(\"echo 01 \u003e /tmp/octavia-ssl/serial\")"},{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"},{"line_number":56,"context_line":"# system openssl.cnf in a different directory."},{"line_number":57,"context_line":"\tmy_run_process(\"cp /etc/pki/tls/openssl.cnf /tmp/octavia-ssl/\")"},{"line_number":58,"context_line":"\tmy_run_process(\u0027sed -i -e \"s/^dir\\\\s.*$/dir \u003d \\/tmp\\/octavia-ssl/\" -e \"s/cacert.pem/ca_01.pem/\" /tmp/octavia-ssl/openssl.cnf\u0027)"},{"line_number":59,"context_line":"\t#print(\"create ca private key\")"},{"line_number":60,"context_line":"\tmy_run_process(\u0027openssl genrsa  -passout pass:foobar -des3 -out /tmp/octavia-ssl/private/cakey.pem 2048\u0027)"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_0f69e6f7","line":57,"updated":"2017-11-02 12:15:10.000000000","message":"Either just copy https://docs.python.org/2/library/shutil.html#shutil.copy or make a temp directory and put files in it. https://docs.python.org/2/library/tempfile.html#tempfile.mkdtemp","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":55,"context_line":"# You may need to modify this line if your distribution puts the"},{"line_number":56,"context_line":"# system openssl.cnf in a different directory."},{"line_number":57,"context_line":"\tmy_run_process(\"cp /etc/pki/tls/openssl.cnf /tmp/octavia-ssl/\")"},{"line_number":58,"context_line":"\tmy_run_process(\u0027sed -i -e \"s/^dir\\\\s.*$/dir \u003d \\/tmp\\/octavia-ssl/\" -e \"s/cacert.pem/ca_01.pem/\" /tmp/octavia-ssl/openssl.cnf\u0027)"},{"line_number":59,"context_line":"\t#print(\"create ca private key\")"},{"line_number":60,"context_line":"\tmy_run_process(\u0027openssl genrsa  -passout pass:foobar -des3 -out /tmp/octavia-ssl/private/cakey.pem 2048\u0027)"},{"line_number":61,"context_line":"\t#print(\"create ca certificate\")"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_2f64a221","line":58,"updated":"2017-11-02 12:15:10.000000000","message":"I don\u0027t know what this does, but I am sure there is a clearer way to do it in Python.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":56,"context_line":"# system openssl.cnf in a different directory."},{"line_number":57,"context_line":"\tmy_run_process(\"cp /etc/pki/tls/openssl.cnf /tmp/octavia-ssl/\")"},{"line_number":58,"context_line":"\tmy_run_process(\u0027sed -i -e \"s/^dir\\\\s.*$/dir \u003d \\/tmp\\/octavia-ssl/\" -e \"s/cacert.pem/ca_01.pem/\" /tmp/octavia-ssl/openssl.cnf\u0027)"},{"line_number":59,"context_line":"\t#print(\"create ca private key\")"},{"line_number":60,"context_line":"\tmy_run_process(\u0027openssl genrsa  -passout pass:foobar -des3 -out /tmp/octavia-ssl/private/cakey.pem 2048\u0027)"},{"line_number":61,"context_line":"\t#print(\"create ca certificate\")"},{"line_number":62,"context_line":"\tmy_run_process(\u0027openssl req -x509 -passin pass:foobar -new -nodes -key /tmp/octavia-ssl/private/cakey.pem \\"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_8ff7168c","line":59,"updated":"2017-11-02 12:15:10.000000000","message":"all these commented prints should be removed.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":72,"context_line":"\t           -days 365 -out /tmp/octavia-ssl/client-.pem -batch\u0027)"},{"line_number":73,"context_line":" \t#print(\"create pem file with service private key \u0026 public certificate\")"},{"line_number":74,"context_line":"\tmy_run_process(\u0027cat /tmp/octavia-ssl/client-.pem /tmp/octavia-ssl/client.key \u003e /tmp/octavia-ssl/client.pem\u0027)"},{"line_number":75,"context_line":"\twith open(\"/tmp/octavia-ssl/private/cakey.pem\") as f:"},{"line_number":76,"context_line":"\t\tca_key \u003d f.read()"},{"line_number":77,"context_line":"        with open(\"/tmp/octavia-ssl/ca_01.pem\") as f:"},{"line_number":78,"context_line":"\t\tca_public \u003d f.read()"},{"line_number":79,"context_line":"        with open(\"/tmp/octavia-ssl/client.pem\") as f:"},{"line_number":80,"context_line":"\t\tclient_pem \u003d f.read()"},{"line_number":81,"context_line":"\treturn { \"ca_key\" :  ca_key, \"ca_public\" : ca_public, \"client_pem\" : client_pem }"},{"line_number":82,"context_line":""},{"line_number":83,"context_line":"if __name__ \u003d\u003d \"__main__\":"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_cf84eed5","line":80,"range":{"start_line":75,"start_character":0,"end_line":80,"end_character":23},"updated":"2017-11-02 12:15:10.000000000","message":"The indenting here is wacky due to inconsistent tab usage.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":78,"context_line":"\t\tca_public \u003d f.read()"},{"line_number":79,"context_line":"        with open(\"/tmp/octavia-ssl/client.pem\") as f:"},{"line_number":80,"context_line":"\t\tclient_pem \u003d f.read()"},{"line_number":81,"context_line":"\treturn { \"ca_key\" :  ca_key, \"ca_public\" : ca_public, \"client_pem\" : client_pem }"},{"line_number":82,"context_line":""},{"line_number":83,"context_line":"if __name__ \u003d\u003d \"__main__\":"},{"line_number":84,"context_line":"\tretval \u003d create_certificates()"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_4f1b5ec9","line":81,"updated":"2017-11-02 12:15:10.000000000","message":"I agree with Toure\u0027s comment about pyopenssl on the previous patch set.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":80,"context_line":"\t\tclient_pem \u003d f.read()"},{"line_number":81,"context_line":"\treturn { \"ca_key\" :  ca_key, \"ca_public\" : ca_public, \"client_pem\" : client_pem }"},{"line_number":82,"context_line":""},{"line_number":83,"context_line":"if __name__ \u003d\u003d \"__main__\":"},{"line_number":84,"context_line":"\tretval \u003d create_certificates()"},{"line_number":85,"context_line":"\tprint(retval[\"ca_key\"])"},{"line_number":86,"context_line":"        print(retval[\"ca_public\"])"},{"line_number":87,"context_line":"        print(retval[\"client_pem\"])\t"}],"source_content_type":"text/x-python","patch_set":6,"id":"3f4b6375_afa3f29d","line":87,"range":{"start_line":83,"start_character":0,"end_line":87,"end_character":36},"updated":"2017-11-02 12:15:10.000000000","message":"this should be removed.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"}],"workbooks/octavia_post.yaml":[{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"e787d8572936b70a1a4a5fed7ed53c6f26188161","unresolved":false,"context_lines":[{"line_number":7,"context_line":""},{"line_number":8,"context_line":"  octavia_post_deploy:"},{"line_number":9,"context_line":"    description: Octavia post deployment"},{"line_number":10,"context_line":"    type: direct"},{"line_number":11,"context_line":"    input:"},{"line_number":12,"context_line":"      - amp_flavor_id: 65"},{"line_number":13,"context_line":"      - amp_flavor_name: \u0027m1.amphora\u0027"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_265ad24f","line":10,"range":{"start_line":10,"start_character":4,"end_line":10,"end_character":16},"updated":"2017-10-31 10:19:56.000000000","message":"This can safely be deleted. It is the default workflow type.","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":37,"context_line":"      - tripleo-common-managed"},{"line_number":38,"context_line":"    tasks:"},{"line_number":39,"context_line":"      generate_ssl:"},{"line_number":40,"context_line":"        action: tripleo.openssl"},{"line_number":41,"context_line":"        on-success: get_overcloud_stack_id"},{"line_number":42,"context_line":""},{"line_number":43,"context_line":"      get_overcloud_stack_id:"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_1d915c9a","line":40,"updated":"2017-10-31 14:40:56.000000000","message":"So this new action creates ca_key, ca_public, client_pem and they\u0027re on the file system of the undercloud. Do you need to publish these variables so you can reference them in this workbook or pass them to ansible? How does ansible know to use those variables?","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"1df0ef4301a1479c2f7d4c3bbc078079703da336","unresolved":false,"context_lines":[{"line_number":37,"context_line":"      - tripleo-common-managed"},{"line_number":38,"context_line":"    tasks:"},{"line_number":39,"context_line":"      generate_ssl:"},{"line_number":40,"context_line":"        action: tripleo.openssl"},{"line_number":41,"context_line":"        on-success: get_overcloud_stack_id"},{"line_number":42,"context_line":""},{"line_number":43,"context_line":"      get_overcloud_stack_id:"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_927ad2b7","line":40,"in_reply_to":"3f4b6375_1d915c9a","updated":"2017-10-31 19:15:56.000000000","message":"Good point. Ansible is currently just copying those files in assuming the names - not good. The intent was always to provide names or strings so they user could provide their own certs via heat parameters. We were going to address in a followup patch but I think it makes sense to address this now.","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"7ff248131eba61a963de8af53b1c243f4821bc30","unresolved":false,"context_lines":[{"line_number":82,"context_line":"          # ssh_private_key through the tripleo.ansible action causes problems"},{"line_number":83,"context_line":"          # with being able to access the undercloud node to deal with the"},{"line_number":84,"context_line":"          # amphora creation related operations, etc. This might be solvable by"},{"line_number":85,"context_line":"          # creating temporary files for the relevant keys and populating the"},{"line_number":86,"context_line":"          # inventory appropriately."},{"line_number":87,"context_line":"          #"},{"line_number":88,"context_line":"          become: true"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_5ddc7473","line":85,"updated":"2017-10-31 14:40:56.000000000","message":"It\u0027s easy to create temporary directories in mistral (to keep your keys from interfering with eachother). See these actions: mistral action-list | grep tripleo.files\n\nHere\u0027s an example of using existing mistral actions to ensure the tripleo-admin user exists on the overcloud and getting the private key of that user. You could add lines like that to this workbook. \n\nhttps://github.com/openstack/tripleo-common/blob/master/workbooks/ceph-ansible.yaml#L26-L32","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"1df0ef4301a1479c2f7d4c3bbc078079703da336","unresolved":false,"context_lines":[{"line_number":82,"context_line":"          # ssh_private_key through the tripleo.ansible action causes problems"},{"line_number":83,"context_line":"          # with being able to access the undercloud node to deal with the"},{"line_number":84,"context_line":"          # amphora creation related operations, etc. This might be solvable by"},{"line_number":85,"context_line":"          # creating temporary files for the relevant keys and populating the"},{"line_number":86,"context_line":"          # inventory appropriately."},{"line_number":87,"context_line":"          #"},{"line_number":88,"context_line":"          become: true"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4b6375_b2582e56","line":85,"in_reply_to":"3f4b6375_5ddc7473","updated":"2017-10-31 19:15:56.000000000","message":"The most recent update uses tripleo-admin for accessing the undercloud. So we should be good there I think.","commit_id":"c64cb0cbc9497534849c26bb139b4686c00a612a"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":43,"context_line":"        publish:"},{"line_number":44,"context_line":"          private_key: \u003c% task(get_private_key).result %\u003e"},{"line_number":45,"context_line":"        on-success: generate_ssl"},{"line_number":46,"context_line":"      generate_ssl:"},{"line_number":47,"context_line":"        action: tripleo.openssl"},{"line_number":48,"context_line":"        on-success: get_overcloud_stack_id"},{"line_number":49,"context_line":""}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_f034494c","line":46,"updated":"2017-11-01 14:11:05.000000000","message":"The action says it is for testing only. Is that the case? If so, this needs to be removed.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":50,"context_line":"      get_overcloud_stack_id:"},{"line_number":51,"context_line":"        action: heat.stacks_list"},{"line_number":52,"context_line":"        publish:"},{"line_number":53,"context_line":"          overcloud_id: \u003c% task(get_overcloud_stack_id).result.first().id %\u003e"},{"line_number":54,"context_line":"        on-success: get_overcloud_stack_details"},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"      get_overcloud_stack_details:"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_3079c1fb","line":53,"updated":"2017-11-01 14:11:05.000000000","message":"task()","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":58,"context_line":"        input:"},{"line_number":59,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_702179fb","line":61,"updated":"2017-11-01 14:11:05.000000000","message":"You can just use \"task()\" here (and below).","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"6c1695b802ffe0a3d90b09dd6255719de1e0b2dc","unresolved":false,"context_lines":[{"line_number":58,"context_line":"        input:"},{"line_number":59,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_5ff43e87","line":61,"in_reply_to":"3f4b6375_702179fb","updated":"2017-11-01 21:46:54.000000000","message":"Ah cool, will fix!","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":59,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"},{"line_number":65,"context_line":"          octavia_auth_url: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"KeystoneURL\").single().output_value %\u003e"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_907195e1","line":62,"updated":"2017-11-01 14:11:05.000000000","message":"Is single() truly necessary?","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"c63e217f561db2711c2e0c6f0efc3c1146d6af5b","unresolved":false,"context_lines":[{"line_number":59,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"},{"line_number":65,"context_line":"          octavia_auth_url: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"KeystoneURL\").single().output_value %\u003e"}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_e058d78a","line":62,"in_reply_to":"3f4b6375_907195e1","updated":"2017-11-02 13:30:48.000000000","message":"Yes, because the where filter returns an array, although the result will be a single element. so we need to strip it down to a value.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"3f8a87bd717b6370fad0737feeb85db55ff34471","unresolved":false,"context_lines":[{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"},{"line_number":65,"context_line":"          octavia_auth_url: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"KeystoneURL\").single().output_value %\u003e"},{"line_number":66,"context_line":""}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_104fe592","line":63,"updated":"2017-11-01 14:11:05.000000000","message":"You might want to publish an intermediate value that just publishes the RoleData output, and then use that in subsequent publishes, in order to just shorten these a bit. I think you can do that all in the same task.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"6c1695b802ffe0a3d90b09dd6255719de1e0b2dc","unresolved":false,"context_lines":[{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"},{"line_number":65,"context_line":"          octavia_auth_url: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"KeystoneURL\").single().output_value %\u003e"},{"line_number":66,"context_line":""}],"source_content_type":"text/x-yaml","patch_set":5,"id":"3f4b6375_3ff3c2a0","line":63,"in_reply_to":"3f4b6375_104fe592","updated":"2017-11-01 21:46:54.000000000","message":"Good idea, will do.","commit_id":"76ddd3a88bebb8b4012d5736a0b683d544da1bc1"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":26,"context_line":"      - lb_mgmt_subnet_pool_end: \u0027192.168.199.200\u0027"},{"line_number":27,"context_line":"      - octavia_ansible_playbook: /usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"    output:"},{"line_number":30,"context_line":"       overcloud_password: \u003c% $.overcloud_password %\u003e"},{"line_number":31,"context_line":"       overcloud_admin: \u003c% $.overcloud_admin %\u003e"},{"line_number":32,"context_line":"       overcloud_project: \u003c% $.overcloud_project %\u003e"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_2ad4901f","line":29,"updated":"2017-11-02 12:15:10.000000000","message":"Where are these outputs used?","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3c830d7447c1e1988d160837ca1d2e49d2c262c3","unresolved":false,"context_lines":[{"line_number":26,"context_line":"      - lb_mgmt_subnet_pool_end: \u0027192.168.199.200\u0027"},{"line_number":27,"context_line":"      - octavia_ansible_playbook: /usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"    output:"},{"line_number":30,"context_line":"       overcloud_password: \u003c% $.overcloud_password %\u003e"},{"line_number":31,"context_line":"       overcloud_admin: \u003c% $.overcloud_admin %\u003e"},{"line_number":32,"context_line":"       overcloud_project: \u003c% $.overcloud_project %\u003e"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_56c05ce1","line":29,"in_reply_to":"3f4b6375_2ad4901f","updated":"2017-11-06 20:00:50.000000000","message":"In the Ansible code. it runs basically with undercloud connection details and we need to update the environment variables so we would be able to connect to the overcloud.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":41,"context_line":"      get_private_key:"},{"line_number":42,"context_line":"        action: tripleo.validations.get_privkey"},{"line_number":43,"context_line":"        publish:"},{"line_number":44,"context_line":"          private_key: \u003c% task(get_private_key).result %\u003e"},{"line_number":45,"context_line":"        on-success: generate_ssl"},{"line_number":46,"context_line":"      generate_ssl:"},{"line_number":47,"context_line":"        action: tripleo.openssl"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_ea531815","line":44,"range":{"start_line":44,"start_character":31,"end_line":44,"end_character":46},"updated":"2017-11-02 12:15:10.000000000","message":"the task name isn\u0027t needed when it refers to the current task.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":50,"context_line":"      get_overcloud_stack_id:"},{"line_number":51,"context_line":"        action: heat.stacks_list"},{"line_number":52,"context_line":"        publish:"},{"line_number":53,"context_line":"          overcloud_id: \u003c% task(get_overcloud_stack_id).result.first().id %\u003e"},{"line_number":54,"context_line":"        on-success: get_overcloud_stack_details"},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"      get_overcloud_stack_details:"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_ea7af874","line":53,"range":{"start_line":53,"start_character":32,"end_line":53,"end_character":54},"updated":"2017-11-02 12:15:10.000000000","message":"task name not needed. \n\nIs it really safe to assume we have only one stack and that is the one we want?","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":7065,"name":"Brad P. Crochet","email":"brad@redhat.com","username":"bcrochet"},"change_message_id":"77b76be318d3552dac3409fed9b0b65f02b0013c","unresolved":false,"context_lines":[{"line_number":50,"context_line":"      get_overcloud_stack_id:"},{"line_number":51,"context_line":"        action: heat.stacks_list"},{"line_number":52,"context_line":"        publish:"},{"line_number":53,"context_line":"          overcloud_id: \u003c% task(get_overcloud_stack_id).result.first().id %\u003e"},{"line_number":54,"context_line":"        on-success: get_overcloud_stack_details"},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"      get_overcloud_stack_details:"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_30c993ab","line":53,"range":{"start_line":53,"start_character":32,"end_line":53,"end_character":54},"in_reply_to":"3f4b6375_ea7af874","updated":"2017-11-02 17:59:48.000000000","message":"agreed... stack should be passed in. Then you don\u0027t even need this call.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":58,"context_line":"        input:"},{"line_number":59,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":60,"context_line":"        publish:"},{"line_number":61,"context_line":"          overcloud_password: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":62,"context_line":"          overcloud_admin: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":"          overcloud_auth_uri: \u003c% task(get_overcloud_stack_details).result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings.get(\"heat::keystone::authtoken::auth_url\") %\u003e"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_8a95c489","line":61,"range":{"start_line":61,"start_character":38,"end_line":61,"end_character":65},"updated":"2017-11-02 12:15:10.000000000","message":"task name not needed - helps make this a bit shorter!","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":148,"context_line":"            lb_mgmt_subnet_pool_end: \u003c% $.lb_mgmt_subnet_pool_end %\u003e"},{"line_number":149,"context_line":""},{"line_number":150,"context_line":"        publish:"},{"line_number":151,"context_line":"          anstest: \u003c% task(config_octavia).result %\u003e"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_eab2f805","line":151,"range":{"start_line":151,"start_character":10,"end_line":151,"end_character":17},"updated":"2017-11-02 12:15:10.000000000","message":"does anstest mean something? if it is \"ansible test\" a better name would be good. config_octavia_output?","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":9712,"name":"Dougal Matthews","email":"dougal.matthews@canonical.com","username":"dougal"},"change_message_id":"33860b937c15b7145080a827967b6d80ea737b51","unresolved":false,"context_lines":[{"line_number":148,"context_line":"            lb_mgmt_subnet_pool_end: \u003c% $.lb_mgmt_subnet_pool_end %\u003e"},{"line_number":149,"context_line":""},{"line_number":150,"context_line":"        publish:"},{"line_number":151,"context_line":"          anstest: \u003c% task(config_octavia).result %\u003e"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3f4b6375_ead9d855","line":151,"range":{"start_line":151,"start_character":27,"end_line":151,"end_character":41},"updated":"2017-11-02 12:15:10.000000000","message":"not needed.","commit_id":"54bd6a9f89c3a0627724f07cf929a51f9fbb35be"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3c830d7447c1e1988d160837ca1d2e49d2c262c3","unresolved":false,"context_lines":[{"line_number":80,"context_line":"            ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"},{"line_number":81,"context_line":"          extra_vars:"},{"line_number":82,"context_line":"            OS_PASSWORD: \u003c% $.overcloud_password %\u003e"},{"line_number":83,"context_line":"            OS_USERNAME: \u0027admin\u0027"},{"line_number":84,"context_line":"            OS_PROJECT_NAME: \u003c% $.overcloud_project %\u003e"},{"line_number":85,"context_line":"            OS_AUTH_URL: \u003c% $.overcloud_auth_uri %\u003e"},{"line_number":86,"context_line":"            OS_AUTH_TYPE: \"password\""}],"source_content_type":"text/x-yaml","patch_set":9,"id":"3f4b6375_e432dd5d","line":83,"range":{"start_line":83,"start_character":11,"end_line":83,"end_character":32},"updated":"2017-11-06 20:00:50.000000000","message":"why hard coded?","commit_id":"101a09e8d926455de03fbf0cd2c820c7fdb245e6"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"fd53b3322e272d7a923104444970b47e5fcc69dd","unresolved":false,"context_lines":[{"line_number":28,"context_line":"      - octavia_base_url: \u0027http://127.0.0.1:9876\u0027"},{"line_number":29,"context_line":"      - octavia_ansible_playbook: /usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml"},{"line_number":30,"context_line":"      - overcloud_admin: \u0027admin\u0027"},{"line_number":31,"context_line":"      - ansible_extra_env_variables:"},{"line_number":32,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"},{"line_number":33,"context_line":"      - ansible_local_connection_variables:"},{"line_number":34,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"}],"source_content_type":"text/x-yaml","patch_set":12,"id":"3f4b6375_75f0c4fd","line":31,"updated":"2017-11-07 15:47:59.000000000","message":"You might find these extra vars handy: \n\nhttps://github.com/openstack/tripleo-common/blob/master/workbooks/ceph-ansible.yaml#L12-L20","commit_id":"b9950ba49d6746c05a2666ac9dfd408131a1c1ce"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"fd53b3322e272d7a923104444970b47e5fcc69dd","unresolved":false,"context_lines":[{"line_number":32,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"},{"line_number":33,"context_line":"      - ansible_local_connection_variables:"},{"line_number":34,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"},{"line_number":35,"context_line":"          ANSIBLE_REMOTE_TEMP: \u0027/tmp\u0027"},{"line_number":36,"context_line":"          ANSIBLE_LOCAL_TEMP: \u0027/tmp\u0027"},{"line_number":37,"context_line":"    tags:"},{"line_number":38,"context_line":"      - tripleo-common-managed"}],"source_content_type":"text/x-yaml","patch_set":12,"id":"3f4b6375_f58ef476","line":35,"updated":"2017-11-07 15:47:59.000000000","message":"You might want to use the temp file actions here, one for REMOTE and one for LOCAL\n\nhttps://github.com/openstack/tripleo-common/blob/master/workbooks/ceph-ansible.yaml#L46-L49","commit_id":"b9950ba49d6746c05a2666ac9dfd408131a1c1ce"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3bf4345731cd471d0c801de18659d6bdb057dba3","unresolved":false,"context_lines":[{"line_number":27,"context_line":"      - lb_mgmt_subnet_pool_end: \u0027192.168.199.200\u0027"},{"line_number":28,"context_line":"      - octavia_base_url: \u0027http://127.0.0.1:9876\u0027"},{"line_number":29,"context_line":"      - octavia_keystone_version: \u00272\u0027"},{"line_number":30,"context_line":"      - octavia_ansible_playbook: /usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml"},{"line_number":31,"context_line":"      - overcloud_admin: \u0027admin\u0027"},{"line_number":32,"context_line":"      - ansible_extra_env_variables:"},{"line_number":33,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"}],"source_content_type":"text/x-yaml","patch_set":14,"id":"1f485f77_53cc8b88","line":30,"range":{"start_line":30,"start_character":34,"end_line":30,"end_character":98},"updated":"2017-11-12 08:42:22.000000000","message":"is there a way we can complete the path for the playbook dynamically?","commit_id":"7c2dcd2065520685ea125554ef6d70d0a81d990a"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3bf4345731cd471d0c801de18659d6bdb057dba3","unresolved":false,"context_lines":[{"line_number":28,"context_line":"      - octavia_base_url: \u0027http://127.0.0.1:9876\u0027"},{"line_number":29,"context_line":"      - octavia_keystone_version: \u00272\u0027"},{"line_number":30,"context_line":"      - octavia_ansible_playbook: /usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml"},{"line_number":31,"context_line":"      - overcloud_admin: \u0027admin\u0027"},{"line_number":32,"context_line":"      - ansible_extra_env_variables:"},{"line_number":33,"context_line":"          ANSIBLE_HOST_KEY_CHECKING: \u0027False\u0027"},{"line_number":34,"context_line":"          ANSIBLE_SSH_RETRIES: \u00273\u0027"}],"source_content_type":"text/x-yaml","patch_set":14,"id":"1f485f77_33c90f78","line":31,"range":{"start_line":31,"start_character":25,"end_line":31,"end_character":32},"updated":"2017-11-12 08:42:22.000000000","message":"can we query this value from heat stack?","commit_id":"7c2dcd2065520685ea125554ef6d70d0a81d990a"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3bf4345731cd471d0c801de18659d6bdb057dba3","unresolved":false,"context_lines":[{"line_number":45,"context_line":"          private_key: \u003c% task().result %\u003e"},{"line_number":46,"context_line":"        on-success: get_controller_data"},{"line_number":47,"context_line":""},{"line_number":48,"context_line":"      get_controller_data:"},{"line_number":49,"context_line":"        action: heat.stacks_get stack_id\u003d\u003c% $.stack %\u003e"},{"line_number":50,"context_line":"        input:"},{"line_number":51,"context_line":"          stack_id: \u003c% $.overcloud_id %\u003e"},{"line_number":52,"context_line":"        publish:"},{"line_number":53,"context_line":"          controller_settings: \u003c% task().result.outputs.where($.output_key \u003d \"RoleData\").single().output_value.Controller.merged_config_settings %\u003e"},{"line_number":54,"context_line":"          octavia_auth_url: \u003c% task().result.outputs.where($.output_key \u003d \"KeystoneURL\").single().output_value %\u003e"},{"line_number":55,"context_line":"        on-success: get_overcloud_stack_details"},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"      get_overcloud_stack_details:"},{"line_number":58,"context_line":"        publish:"}],"source_content_type":"text/x-yaml","patch_set":14,"id":"1f485f77_d3a51bb7","line":55,"range":{"start_line":48,"start_character":0,"end_line":55,"end_character":47},"updated":"2017-11-12 08:42:22.000000000","message":"we should get this data now as an input parameter and query this at heat stack stage.","commit_id":"7c2dcd2065520685ea125554ef6d70d0a81d990a"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3bf4345731cd471d0c801de18659d6bdb057dba3","unresolved":false,"context_lines":[{"line_number":86,"context_line":"          ansible_local_connection_variables: \u003c% dict(\u0027ANSIBLE_REMOTE_TEMP\u0027 \u003d\u003e $.undercloud_remote_dir, \u0027ANSIBLE_LOCAL_TEMP\u0027 \u003d\u003e $.undercloud_local_dir) + $.ansible_extra_env_variables %\u003e"},{"line_number":87,"context_line":"        on-success: upload_amphora"},{"line_number":88,"context_line":""},{"line_number":89,"context_line":"      upload_amphora:"},{"line_number":90,"context_line":"        action: tripleo.ansible-playbook"},{"line_number":91,"context_line":"        input:"},{"line_number":92,"context_line":"          inventory:"},{"line_number":93,"context_line":"            undercloud:"},{"line_number":94,"context_line":"              hosts:"},{"line_number":95,"context_line":"                localhost:"},{"line_number":96,"context_line":"                  ansible_connection: local"},{"line_number":97,"context_line":""},{"line_number":98,"context_line":"          playbook: \u003c% $.octavia_ansible_playbook %\u003e"},{"line_number":99,"context_line":"          remote_user: stack"}],"source_content_type":"text/x-yaml","patch_set":14,"id":"1f485f77_139bb372","line":96,"range":{"start_line":89,"start_character":0,"end_line":96,"end_character":43},"updated":"2017-11-12 08:42:22.000000000","message":"maybe it\u0027s better to use tags in the playbook and keep sending the same inventory.\nit looks better.","commit_id":"7c2dcd2065520685ea125554ef6d70d0a81d990a"},{"author":{"_account_id":25899,"name":"Or Idgar","email":"oidgar@redhat.com","username":"oidgar"},"change_message_id":"3bf4345731cd471d0c801de18659d6bdb057dba3","unresolved":false,"context_lines":[{"line_number":113,"context_line":"      config_octavia:"},{"line_number":114,"context_line":"        action: tripleo.ansible-playbook"},{"line_number":115,"context_line":"        input:"},{"line_number":116,"context_line":"          inventory:"},{"line_number":117,"context_line":"            Controller:"},{"line_number":118,"context_line":"              hosts: \u003c% $.octavia_controller_ips.toDict($, {}) %\u003e"},{"line_number":119,"context_line":"          verbosity: 0"},{"line_number":120,"context_line":"          playbook: \u003c% $.octavia_ansible_playbook %\u003e"},{"line_number":121,"context_line":"          remote_user: tripleo-admin"}],"source_content_type":"text/x-yaml","patch_set":14,"id":"1f485f77_d38e3b2d","line":118,"range":{"start_line":116,"start_character":0,"end_line":118,"end_character":65},"updated":"2017-11-12 08:42:22.000000000","message":"the same in here about the tags thing.","commit_id":"7c2dcd2065520685ea125554ef6d70d0a81d990a"},{"author":{"_account_id":18002,"name":"John Fulton","email":"fulton@redhat.com","username":"fultonj"},"change_message_id":"cc3b1847f5fa2c9997de886f79250613b373c5f2","unresolved":false,"context_lines":[{"line_number":15,"context_line":"      - amp_flavor_ram: 1024"},{"line_number":16,"context_line":"      - amp_flavor_cpus: 1"},{"line_number":17,"context_line":"      - amp_image_name: \u0027octavia-amphora\u0027"},{"line_number":18,"context_line":"      - amp_image_filename: \u0027/usr/share/openstack-octavia-amphora-images/amphora-x64-haproxy.qcow2\u0027"},{"line_number":19,"context_line":"      - amp_image_tag: \u0027amphora-image\u0027"},{"line_number":20,"context_line":"      - ssh_key_name: \u0027octavia-ssh-key\u0027"},{"line_number":21,"context_line":"      - lb_mgmt_net_name: \u0027lb-mgmt-net\u0027"}],"source_content_type":"text/x-yaml","patch_set":20,"id":"ff82abbf_18d092f7","line":18,"updated":"2017-11-20 13:44:06.000000000","message":"What ensures this file will exist? Do you want keep this default but add a task to check that it exists and fail with a meaningful message that it was not found? Or does the octavia playbook already do that?","commit_id":"ed3f3209ab9891a8554061f926a81c0e2c6704d1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"059c87bc88f1940c6284d4998de484b9af088411","unresolved":false,"context_lines":[{"line_number":15,"context_line":"      - amp_flavor_ram: 1024"},{"line_number":16,"context_line":"      - amp_flavor_cpus: 1"},{"line_number":17,"context_line":"      - amp_image_name: \u0027octavia-amphora\u0027"},{"line_number":18,"context_line":"      - amp_image_filename: \u0027/usr/share/openstack-octavia-amphora-images/amphora-x64-haproxy.qcow2\u0027"},{"line_number":19,"context_line":"      - amp_image_tag: \u0027amphora-image\u0027"},{"line_number":20,"context_line":"      - ssh_key_name: \u0027octavia-ssh-key\u0027"},{"line_number":21,"context_line":"      - lb_mgmt_net_name: \u0027lb-mgmt-net\u0027"}],"source_content_type":"text/x-yaml","patch_set":20,"id":"ff82abbf_a7f47ed0","line":18,"in_reply_to":"ff82abbf_18d092f7","updated":"2017-11-23 13:35:59.000000000","message":"The playbook does (or should!) check if this exists. This default is actually the proposed target for a \"from packaging\" installation location","commit_id":"ed3f3209ab9891a8554061f926a81c0e2c6704d1"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"7cfffdd74e54c27530e519b8d12addc9ee6426f5","unresolved":false,"context_lines":[{"line_number":115,"context_line":"        action: tripleo.ansible-playbook"},{"line_number":116,"context_line":"        input:"},{"line_number":117,"context_line":"          inventory:"},{"line_number":118,"context_line":"            Controller:"},{"line_number":119,"context_line":"              hosts: \u003c% $.octavia_controller_ips.toDict($, {}) %\u003e"},{"line_number":120,"context_line":"          verbosity: 0"},{"line_number":121,"context_line":"          playbook: \u003c% $.octavia_ansible_playbook %\u003e"}],"source_content_type":"text/x-yaml","patch_set":26,"id":"df87a7cf_73437ab0","line":118,"range":{"start_line":118,"start_character":12,"end_line":118,"end_character":22},"updated":"2018-01-19 14:43:19.000000000","message":"octavia_controller_nodes","commit_id":"4f78c068b42c2060fe5dd436ae10ced0b416dd27"},{"author":{"_account_id":4328,"name":"Steven Hardy","email":"steven.hardy@suse.com","username":"shardy"},"change_message_id":"a10873f7163426bda74dd53fc88405948183a775","unresolved":false,"context_lines":[{"line_number":23,"context_line":"      - lb_mgmt_subnet_cidr: \u0027192.168.199.0/24\u0027"},{"line_number":24,"context_line":"      - lb_mgmt_subnet_gateway: \u0027192.168.199.1\u0027"},{"line_number":25,"context_line":"      - lb_mgmt_subnet_pool_start: \u0027192.168.199.50\u0027"},{"line_number":26,"context_line":"      - lb_mgmt_subnet_pool_end: \u0027192.168.199.200\u0027"},{"line_number":27,"context_line":"      - generate_certs: \u0027False\u0027"},{"line_number":28,"context_line":"      - octavia_ansible_playbook: \u0027/usr/share/openstack-tripleo-common/playbooks/octavia-files.yaml\u0027"},{"line_number":29,"context_line":"      - overcloud_admin: \u0027admin\u0027"}],"source_content_type":"text/x-yaml","patch_set":35,"id":"7f96bb07_2bcb571e","line":26,"range":{"start_line":26,"start_character":38,"end_line":26,"end_character":41},"updated":"2018-01-15 16:49:09.000000000","message":"Where are these IP ranges configured?  I suspect it\u0027s hard to ensure a good default here, would it be safer to not specify these rather than risk someone using the defaults and finding there\u0027s a conflict with some other network (since I guess this range isn\u0027t validated against all other networks?)","commit_id":"912babca39e1556237881e70c77837a24465ae1f"},{"author":{"_account_id":4328,"name":"Steven Hardy","email":"steven.hardy@suse.com","username":"shardy"},"change_message_id":"a10873f7163426bda74dd53fc88405948183a775","unresolved":false,"context_lines":[{"line_number":29,"context_line":"      - overcloud_admin: \u0027admin\u0027"},{"line_number":30,"context_line":"      - ca_cert_path: \u0027/etc/octavia/certs/ca_01.pem\u0027"},{"line_number":31,"context_line":"      - ca_private_key_path: \u0027/etc/octavia/certs/private/cakey.pem\u0027"},{"line_number":32,"context_line":"      - ca_passphrase: \u0027test_passphrase\u0027"},{"line_number":33,"context_line":"      - client_cert_path: \u0027/etc/octavia/certs/client.pem\u0027"},{"line_number":34,"context_line":"      - mgmt_port_dev: \u0027o-hm0\u0027"},{"line_number":35,"context_line":"      - ansible_extra_env_variables:"}],"source_content_type":"text/x-yaml","patch_set":35,"id":"7f96bb07_6b72bf13","line":32,"range":{"start_line":32,"start_character":24,"end_line":32,"end_character":39},"updated":"2018-01-15 16:49:09.000000000","message":"We shouldn\u0027t default potentially sensitive things like passwords/passphrases, otherwise when (invariably) someone forgets to pass it, or a bug causes it to not be passed, you have a vulnerability to deal with due to the predictable secret?","commit_id":"912babca39e1556237881e70c77837a24465ae1f"},{"author":{"_account_id":4328,"name":"Steven Hardy","email":"steven.hardy@suse.com","username":"shardy"},"change_message_id":"a10873f7163426bda74dd53fc88405948183a775","unresolved":false,"context_lines":[{"line_number":59,"context_line":""},{"line_number":60,"context_line":"      get_overcloud_stack_details:"},{"line_number":61,"context_line":"        publish:"},{"line_number":62,"context_line":"          overcloud_password: \u003c% $.controller_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% $.controller_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"          # TODO(beagles), we are making an assumption about the octavia heatlh manager and"}],"source_content_type":"text/x-yaml","patch_set":35,"id":"7f96bb07_cbeaf373","line":62,"range":{"start_line":62,"start_character":70,"end_line":62,"end_character":84},"updated":"2018-01-15 16:49:09.000000000","message":"This will fail if keystone isn\u0027t deployed on the controller won\u0027t it?  I\u0027d prefer to avoid this hidden coupling between the workflow and per-service hiera keys, could we pass a workflow input directly from a heat parameter instead?","commit_id":"912babca39e1556237881e70c77837a24465ae1f"},{"author":{"_account_id":4328,"name":"Steven Hardy","email":"steven.hardy@suse.com","username":"shardy"},"change_message_id":"a10873f7163426bda74dd53fc88405948183a775","unresolved":false,"context_lines":[{"line_number":60,"context_line":"      get_overcloud_stack_details:"},{"line_number":61,"context_line":"        publish:"},{"line_number":62,"context_line":"          overcloud_password: \u003c% $.controller_settings.get(\"keystone::admin_password\") %\u003e"},{"line_number":63,"context_line":"          overcloud_project: \u003c% $.controller_settings.get(\"keystone::roles::admin::admin_tenant\") %\u003e"},{"line_number":64,"context_line":""},{"line_number":65,"context_line":"          # TODO(beagles), we are making an assumption about the octavia heatlh manager and"},{"line_number":66,"context_line":"          # controller worker needing"}],"source_content_type":"text/x-yaml","patch_set":35,"id":"7f96bb07_4b9343fb","line":63,"range":{"start_line":63,"start_character":83,"end_line":63,"end_character":95},"updated":"2018-01-15 16:49:09.000000000","message":"Same here, like the puppet module will deprecate admin_tenant and move to admin_project or something, then this will break?","commit_id":"912babca39e1556237881e70c77837a24465ae1f"},{"author":{"_account_id":10873,"name":"Juan Antonio Osorio Robles","email":"jaosorior@redhat.com","username":"ejuaoso"},"change_message_id":"dde2890c5141790159b0809bf0d1baaf1cd480a8","unresolved":false,"context_lines":[{"line_number":19,"context_line":"      - lb_mgmt_subnet_pool_start"},{"line_number":20,"context_line":"      - lb_mgmt_subnet_pool_end"},{"line_number":21,"context_line":"      - generate_certs"},{"line_number":22,"context_line":"      - octavia_ansible_playbook"},{"line_number":23,"context_line":"      - overcloud_admin"},{"line_number":24,"context_line":"      - ca_cert_path"},{"line_number":25,"context_line":"      - ca_private_key_path"}],"source_content_type":"text/x-yaml","patch_set":37,"id":"7f96bb07_bb1f20b6","line":22,"updated":"2018-01-19 14:20:34.000000000","message":"this could have a default. Is this playbook somewhere in the undercloud scope and packaged?","commit_id":"2bcbddfa9c24284d25178d1c137719a48e0355db"},{"author":{"_account_id":10873,"name":"Juan Antonio Osorio Robles","email":"jaosorior@redhat.com","username":"ejuaoso"},"change_message_id":"dde2890c5141790159b0809bf0d1baaf1cd480a8","unresolved":false,"context_lines":[{"line_number":101,"context_line":"            octavia_nodes:"},{"line_number":102,"context_line":"              hosts: \u003c% $.octavia_controller_ips.toDict($, {}) %\u003e"},{"line_number":103,"context_line":"          verbosity: 0"},{"line_number":104,"context_line":"          playbook: \u003c% $.octavia_ansible_playbook %\u003e"},{"line_number":105,"context_line":"          remote_user: tripleo-admin"},{"line_number":106,"context_line":"          become: true"},{"line_number":107,"context_line":"          become_user: root"}],"source_content_type":"text/x-yaml","patch_set":37,"id":"7f96bb07_1b68941f","line":104,"updated":"2018-01-19 14:20:34.000000000","message":"you seem to be using this playbook in two steps. could it be just one?","commit_id":"2bcbddfa9c24284d25178d1c137719a48e0355db"},{"author":{"_account_id":6681,"name":"Brent Eagles","email":"beagles@redhat.com","username":"beagles"},"change_message_id":"7cfffdd74e54c27530e519b8d12addc9ee6426f5","unresolved":false,"context_lines":[{"line_number":101,"context_line":"            octavia_nodes:"},{"line_number":102,"context_line":"              hosts: \u003c% $.octavia_controller_ips.toDict($, {}) %\u003e"},{"line_number":103,"context_line":"          verbosity: 0"},{"line_number":104,"context_line":"          playbook: \u003c% $.octavia_ansible_playbook %\u003e"},{"line_number":105,"context_line":"          remote_user: tripleo-admin"},{"line_number":106,"context_line":"          become: true"},{"line_number":107,"context_line":"          become_user: root"}],"source_content_type":"text/x-yaml","patch_set":37,"id":"7f96bb07_1ec16281","line":104,"in_reply_to":"7f96bb07_1b68941f","updated":"2018-01-19 14:43:19.000000000","message":"This was split into two steps to avoid issues with using the tripleo-admin SSH user and private key and the local connection used with running ops on the undercloud.","commit_id":"2bcbddfa9c24284d25178d1c137719a48e0355db"}]}