From 69adb23c59e991ddcabf5cfce415fd8b638dbc1a Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Thu, 1 Mar 2018 21:15:50 +0100
Subject: Improve handling of filesystem permissions and other fixes

---
 roles/ands_kaas/tasks/do_project.yml | 2 +-
 roles/ands_kaas/tasks/file.yml       | 8 ++++----
 roles/ands_kaas/tasks/project.yml    | 7 +++++--
 roles/ands_kaas/tasks/sync.yml       | 2 +-
 roles/ands_kaas/tasks/templates.yml  | 2 +-
 roles/ands_kaas/tasks/volume.yml     | 2 +-
 6 files changed, 13 insertions(+), 10 deletions(-)

(limited to 'roles/ands_kaas/tasks')

diff --git a/roles/ands_kaas/tasks/do_project.yml b/roles/ands_kaas/tasks/do_project.yml
index 4fac6c6..5cafe25 100644
--- a/roles/ands_kaas/tasks/do_project.yml
+++ b/roles/ands_kaas/tasks/do_project.yml
@@ -43,7 +43,7 @@
   include_tasks: keys.yml
 #  delegate_to: "{{ groups.masters[0] }}"
   run_once: true
-  with_dict: "{{ kaas_project_config.pods | default({}) }}"
+  with_dict: "{{ kaas_project_pods }}"
   loop_control:
     loop_var: pod
 
diff --git a/roles/ands_kaas/tasks/file.yml b/roles/ands_kaas/tasks/file.yml
index a839473..488823b 100644
--- a/roles/ands_kaas/tasks/file.yml
+++ b/roles/ands_kaas/tasks/file.yml
@@ -3,15 +3,15 @@
   set_fact: group="{{ file.group | default(kaas_project_config.file_group | default(ands_default_file_group)) }}"
 
 - name : Resolve project groups
-  set_fact: group="{{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}"
-  when: group in ( kaas_project_config.gids | default(kaas_openshift_gids) )
+  set_fact: group="{{ kaas_project_gids[group].id }}"
+  when: group in kaas_project_gids
 
 - name: Set owner
   set_fact: owner="{{ file.owner | default(kaas_project_config.file_owner | default(ands_default_file_owner)) }}"
 
 - name : Resolve project uids
-  set_fact: owner="{{ (kaas_project_config.uids | default(kaas_openshift_uids) )[owner].id }}"
-  when: owner in ( kaas_project_config.uids | default(kaas_openshift_uids) )
+  set_fact: owner="{{ kaas_project_uids[owner].id }}"
+  when: owner in kaas_project_uids
 
 - name: "Setting up files in {{ path }}"
   file: 
diff --git a/roles/ands_kaas/tasks/project.yml b/roles/ands_kaas/tasks/project.yml
index f7eb1df..b8574cf 100644
--- a/roles/ands_kaas/tasks/project.yml
+++ b/roles/ands_kaas/tasks/project.yml
@@ -28,5 +28,8 @@
 - include_tasks: do_project.yml 
   vars:
     var_name: "var_{{kaas_project}}_config"
-    kaas_project_config: "{{ hostvars[inventory_hostname][var_name] }}"
-    kaas_project_volumes: "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}"
\ No newline at end of file
+    kaas_project_config:      "{{ hostvars[inventory_hostname][var_name] }}"
+    kaas_project_volumes:     "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}"
+    kaas_project_pods:        "{{ kaas_project_config.pods | default({}) }}"
+    kaas_project_gids:        "{{ kaas_project_config.gids | default(kaas_openshift_gids) }}"
+    kaas_project_uids:        "{{ kaas_project_config.uids | default(kaas_openshift_uids) }}"
diff --git a/roles/ands_kaas/tasks/sync.yml b/roles/ands_kaas/tasks/sync.yml
index a4febe7..8caefe9 100644
--- a/roles/ands_kaas/tasks/sync.yml
+++ b/roles/ands_kaas/tasks/sync.yml
@@ -11,7 +11,7 @@
 - name: "Ensure the data is writeable by project pods"
   vars: 
     grp: "{{ kaas_project_config.sync_set_gid }}"
-    gid: "{{ ((kaas_project_config.gids | default(kaas_openshift_gids))[grp] is defined) | ternary((kaas_project_config.gids | default(kaas_openshift_gids))[grp].id, grp) }}"
+    gid: "{{ (kaas_project_gids[grp] is defined) | ternary(kaas_project_gids[grp].id, grp) }}"
   file: 
     path: "{{ remote_path }}" 
     state: "directory" 
diff --git a/roles/ands_kaas/tasks/templates.yml b/roles/ands_kaas/tasks/templates.yml
index 2de4fad..9fc378f 100644
--- a/roles/ands_kaas/tasks/templates.yml
+++ b/roles/ands_kaas/tasks/templates.yml
@@ -4,7 +4,7 @@
   command: "echo {{ item | quote }}"
   register: results
   changed_when: false
-  when: (kaas_project_config.pods | default([]) | length > 0) or not (item | regex_search('kaas-pods')) 
+  when: (kaas_project_pods | length > 0) or not (item | regex_search('kaas-pods')) 
   with_fileglob:
     - "{{ role_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
     - "{{ kaas_project_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml
index ff51fb0..783654a 100644
--- a/roles/ands_kaas/tasks/volume.yml
+++ b/roles/ands_kaas/tasks/volume.yml
@@ -16,7 +16,7 @@
     path: "{{ path }}" 
     state: "directory" 
     recurse: "no"
-    mode: "{{ volume.mode | default(0775) }}" 
+    mode: "{{ volume.mode | default(02775) }}" 
     owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" 
     group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}"
   register: chmod
-- 
cgit v1.2.3