From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 420E916A95B for ; Mon, 28 Jul 2025 01:14:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.137.202.133 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753665281; cv=none; b=uHf9/Ovr+WbTOWGyeOE3J8hdvRVKAGYEJyAAKcMXNM8VWe02tJ+ImWuTchWyDwZ4DWqiJ1YB7evFpERfKU6SBy8w+nI4Vs2c0wJD8wBZUGNQngY4+4PKGFb/6BsCPrJOfv5N4oILIBVNK0fVMV/Zs9XA4EqfJQNEiOBrripnsuw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753665281; c=relaxed/simple; bh=SxB7NTwnqKcDeaGBjSDdn9214twlQ8Dmh3alqYz9kT8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ulIltyxk8UmQ8HfUfpALxmYX3S3jel/UrbIlFLPPuC20ayAtB1hDxM/tnYBkRhmY1OtL76f4gjYqQnb+C4rEA46BhXfUjLMK3hdYzfDiYqSBbLw0yoevarcrOYl1z9GrZmU841LH4a4dHTGLKIGyUUiI+KYkHXCEfF7SLYhGHOA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=kernel.org; spf=none smtp.mailfrom=infradead.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b=TmdYzBHn; arc=none smtp.client-ip=198.137.202.133 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=kernel.org Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=infradead.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="TmdYzBHn" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description; bh=SqxhQNXs5bnnSsf8FxJ7vp9weQB5tp2vVZbsF98+Lng=; b=TmdYzBHnj71dN9i+uKSuJU+vvb THzJlSZKfAi4oaB8eKXUgb01HbagL7winAP7I5wlKmTZKHYMpItQHEoKyqiOCXMKG8bbzmcu8nIFF WjaHUfJsoMhHxf/xmeHnoiNo1ffrkwzMYRMwvvvB0a/YPhLxy9zwkNKdWhpjEPy5Lk80C4cvqB9Dm hy+OJcX57c8Xc2BET8UhzUYr6wrqnSRl8hLTRDMuZjFCgdxhEzC81zv3HGZ+tzZfz7rQJ1odawdtV aY2ZsXqAhLzjbGYGH97XqJyzDwFe1goYQdgIRgUUBXsRy599Q+iQWbTEBBdtQBHFPdcRiUNqXj088 78RnQxzw==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.98.2 #2 (Red Hat Linux)) id 1ugCRn-0000000DPjP-3YYU; Mon, 28 Jul 2025 01:14:35 +0000 From: Luis Chamberlain To: Chuck Lever , Daniel Gomez , kdevops@lists.linux.dev Cc: Chuck Lever Subject: [PATCH v2 10/33] terraform: Make use of the new "terraform_output" module Date: Sun, 27 Jul 2025 18:14:10 -0700 Message-ID: <20250728011434.3197091-11-mcgrof@kernel.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250728011434.3197091-1-mcgrof@kernel.org> References: <20250728011434.3197091-1-mcgrof@kernel.org> Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: Luis Chamberlain From: Chuck Lever The cloud.terraform collection has a terraform_output module that can replace the invocation of the terraform command. This has two main benefits: 1. It simplifies the loop over the IP map. 2. It prepares for the possibility of using OpenTofu instead of the terraform module. Signed-off-by: Chuck Lever --- playbooks/roles/terraform/tasks/main.yml | 21 +++++++------------ .../roles/terraform/templates/ssh_config.j2 | 4 ++-- 2 files changed, 9 insertions(+), 16 deletions(-) diff --git a/playbooks/roles/terraform/tasks/main.yml b/playbooks/roles/terraform/tasks/main.yml index dd478a04..942efb7e 100644 --- a/playbooks/roles/terraform/tasks/main.yml +++ b/playbooks/roles/terraform/tasks/main.yml @@ -10,32 +10,25 @@ - name: Retrieve the controller_ip_map from terraform delegate_to: localhost run_once: true - ansible.builtin.command: - chdir: "{{ topdir_path }}/terraform/{{ kdevops_terraform_provider }}" - cmd: "terraform output -json controller_ip_map" + cloud.terraform.terraform_output: + format: json + name: controller_ip_map + project_path: "{{ topdir_path }}/terraform/{{ kdevops_terraform_provider }}" register: terraform_output - changed_when: false - tags: - - ssh - -- name: Convert the retrieved controller_ip_map into a dictionary - delegate_to: localhost - run_once: true - ansible.builtin.set_fact: - controller_ip_map: "{{ terraform_output.stdout | from_json }}" tags: - ssh - name: Add each target node's ssh Host entry on the control host delegate_to: localhost - throttle: 1 + run_once: true ansible.builtin.blockinfile: block: "{{ lookup('template', 'ssh_config.j2') }}" create: true dest: "{{ kdevops_ssh_config }}" insertafter: "EOF" - marker: "# {mark} host configuration for {{ inventory_hostname }}" + marker: "# {mark} host configuration for {{ item.key }}" mode: "u=rw,g=r,o=r" + loop: "{{ terraform_output.value | dict2items }}" tags: - ssh diff --git a/playbooks/roles/terraform/templates/ssh_config.j2 b/playbooks/roles/terraform/templates/ssh_config.j2 index 3f6d6191..5e8adf02 100644 --- a/playbooks/roles/terraform/templates/ssh_config.j2 +++ b/playbooks/roles/terraform/templates/ssh_config.j2 @@ -1,5 +1,5 @@ -Host {{ inventory_hostname }} {{ controller_ip_map[inventory_hostname] }} - HostName {{ controller_ip_map[inventory_hostname] }} +Host {{ item.key }} {{ item.value }} + HostName {{ item.value }} User {{ kdevops_terraform_ssh_config_user }} Port 22 IdentityFile {{ kdevops_terraform_ssh_config_privkey_file }} -- 2.47.2