roles/head-prep/tasks/main.yml

---
# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# file: head-prep/tasks/main.yml

- name:  Install prerequisites for using PPA repos
  apt:
    name: "{{ item }}"
    update_cache: yes
    cache_valid_time: 3600
  with_items:
    - python-pycurl
    - software-properties-common

- name: Add Ansible PPA
  apt_repository:
    repo={{ item }}
  with_items:
    - "{{ ansible_apt_repo | default('ppa:ansible/ansible') }}"
  register: result
  until: result is success
  retries: 3
  delay: 10

- name: Install packages
  apt:
    name: "{{ item }}"
    update_cache: yes
    cache_valid_time: 3600
  with_items:
    - bridge-utils
    - dnsutils
    - git
    - libssl-dev
    - python-dev
    - python-dnspython
    - python-lxml
    - python-netaddr
    - python-pip
    - sshpass

- name: Install juju and openstack related packages
  when: use_openstack
  apt:
    name: "{{ item }}"
    update_cache: yes
    cache_valid_time: 3600
  with_items:
    - juju-core
    - libvirt-bin
    - python-glanceclient
    - python-keystoneclient
    - python-neutronclient
    - python-novaclient
    - virt-top

- name: Make sure Ansible is newest version
  apt:
    name: "ansible"
    state: latest
    update_cache: yes
    cache_valid_time: 3600
  tags:
    - skip_ansible_lint # ansible-lint complains about latest, need this as distro provided 1.5.x version may be used if already installed.

- name: Install Python packages
  pip:
    name: "{{ item }}"
  with_items:
    - ndg-httpsclient
    - passlib
    - pyasn1
    - pyopenssl
    - urllib3
    - gitpython
    - graphviz

- name: Add pod ssh private key to head node user
  copy:
    src: "{{ ssh_pki_dir }}/client_certs/{{ pod_sshkey_name }}_sshkey"
    dest: "{{ ansible_user_dir }}/.ssh/id_{{ ssh_keytype }}"
    owner: "{{ ansible_user_id }}"
    group: "{{ ansible_user_gid }}"
    mode: 0600

- name: Add pod ssh public key to head user
  copy:
    src: "{{ ssh_pki_dir }}/client_certs/{{ pod_sshkey_name }}_sshkey.pub"
    dest: "{{ ansible_user_dir }}/.ssh/id_{{ ssh_keytype }}.pub"
    owner: "{{ ansible_user_id }}"
    group: "{{ ansible_user_gid }}"
    mode: 0644

- name: Add pod ssh signed public key to head node user
  copy:
    src: "{{ ssh_pki_dir }}/client_certs/{{ pod_sshkey_name }}_sshkey-cert.pub"
    dest: "{{ ansible_user_dir }}/.ssh/id_{{ ssh_keytype }}-cert.pub"
    owner: "{{ ansible_user_id }}"
    group: "{{ ansible_user_gid }}"
    mode: 0644

- name: Disable host key checking in ~/.ssh/config
  lineinfile:
    dest: "{{ ansible_user_dir }}/.ssh/config"
    line: "StrictHostKeyChecking no"
    create: yes
    owner: "{{ ansible_user_id }}"
    group: "{{ ansible_user_gid }}"
    mode: 0600

- name: Disable host key checking in ~/.ansible.cfg
  copy:
    src: ansible.cfg
    dest: "{{ ansible_user_dir }}/.ansible.cfg"
    owner: "{{ ansible_user_id }}"
    group: "{{ ansible_user_gid }}"
    mode: 0644