Comment 2 for bug 2040738

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/c/starlingx/ansible-playbooks/+/899317
Committed: https://opendev.org/starlingx/ansible-playbooks/commit/a71ba86833aa0da7817f1e918cbe3d20bc868d6e
Submitter: "Zuul (22348)"
Branch: master

commit a71ba86833aa0da7817f1e918cbe3d20bc868d6e
Author: Marcelo Loebens <email address hidden>
Date: Wed Oct 25 17:35:28 2023 -0400

    Avoid host key check in cert-manager migration

    Shell calls in cert-manager migration playbook were failing when
    called remotely after redeploying subclouds due to the change in the
    host keys in the sysadmin's known_hosts file.

    Considering that ansible is configured to ignore host keys in the
    other calls, added extra var to instruct ansible to ignore host keys
    and strict host key checking, allowing shell operations over SSH
    during cert-manager migration playbook's execution.

    Test plan:
    PASS: Deploy two subclouds. SSH to them and accept their host keys.
          Open the sysadmin's known_hosts file and change the subcloud's
          host keys to invalid ones.
          Try to SSH to the subclouds, observe that an error message
          regarding the host keys changing is returned.
          Perform cert-manager migration targeting the subclouds.
          Verify that the execution proceeded as expected (i.e., all the
          ssh calls were successful).

    Closes-Bug: 2040738

    Change-Id: I5d44ce53fee2098986fb5672eccd87bdae3f0d01
    Signed-off-by: Marcelo Loebens <email address hidden>