From f88eb51b71fb572300ab7f529f1ebc5340b2293a Mon Sep 17 00:00:00 2001
From: "James E. Blair" <jim@acmegating.com>
Date: Wed, 4 Dec 2024 13:47:20 -0800
Subject: [PATCH] Protect hostvars iterations from implicit localhost
Ansible-core 2.16.4 appears to have a behavior change where it
will include the implicit localhost in hostvars, which means that
any location we iterate over hostvars and assume it's a real host
could throw an exception. To avoid that, add checks that the
variables we are about to access on the host exist.
Change-Id: Iff89da761e5f6748b454610a64c2fdd4f5e56a77
---
roles/multi-node-firewall/tasks/main.yaml | 4 ++++
roles/multi-node-hosts-file/tasks/main.yaml | 2 ++
test-playbooks/multinode/multi-node-hosts-file.yaml | 2 ++
test-playbooks/multinode/multi-node-known-hosts.yaml | 2 ++
4 files changed, 10 insertions(+)
diff --git a/roles/multi-node-firewall/tasks/main.yaml b/roles/multi-node-firewall/tasks/main.yaml
index fc6f8eebd..ac99e8f12 100644
--- a/roles/multi-node-firewall/tasks/main.yaml
+++ b/roles/multi-node-firewall/tasks/main.yaml
@@ -17,20 +17,24 @@
ipv4_addresses: >
{% set hosts = [] -%}
{% for host, vars in hostvars.items() -%}
+ {% if 'nodepool' in vars -%}
{% if vars['nodepool']['private_ipv4'] -%}
{% set _ = hosts.append(vars['nodepool']['private_ipv4']) -%}
{% endif -%}
{% if vars['nodepool']['public_ipv4'] -%}
{% set _ = hosts.append(vars['nodepool']['public_ipv4']) -%}
{% endif -%}
+ {% endif -%}
{% endfor -%}
{{- hosts | sort | unique -}}
ipv6_addresses: >
{% set hosts = [] -%}
{% for host, vars in hostvars.items() -%}
+ {% if 'nodepool' in vars -%}
{% if vars['nodepool']['public_ipv6'] -%}
{% set _ = hosts.append(vars['nodepool']['public_ipv6']) -%}
{% endif -%}
+ {% endif -%}
{% endfor -%}
{{- hosts | sort | unique -}}
diff --git a/roles/multi-node-hosts-file/tasks/main.yaml b/roles/multi-node-hosts-file/tasks/main.yaml
index 1a630091c..d7bd23f70 100644
--- a/roles/multi-node-hosts-file/tasks/main.yaml
+++ b/roles/multi-node-hosts-file/tasks/main.yaml
@@ -3,8 +3,10 @@
host_addresses: >
{% set hosts = {} -%}
{% for host, vars in hostvars.items() -%}
+ {% if 'nodepool' in vars -%}
{% set _ = hosts.update({host: vars['nodepool']['private_ipv4']}) -%}
{% set _ = hosts.update({vars['ansible_hostname']: vars['nodepool']['private_ipv4']}) -%}
+ {% endif -%}
{% endfor -%}
{{- hosts -}}
diff --git a/test-playbooks/multinode/multi-node-hosts-file.yaml b/test-playbooks/multinode/multi-node-hosts-file.yaml
index 4334e534e..c58aeacc7 100644
--- a/test-playbooks/multinode/multi-node-hosts-file.yaml
+++ b/test-playbooks/multinode/multi-node-hosts-file.yaml
@@ -12,7 +12,9 @@
host_addresses: >
{% set hosts = [] -%}
{% for host, vars in hostvars.items() -%}
+ {% if 'nodepool' in vars -%}
{% set _ = hosts.append({'host': host, 'address': vars['nodepool']['private_ipv4']}) -%}
+ {% endif -%}
{% endfor -%}
{{- hosts -}}
diff --git a/test-playbooks/multinode/multi-node-known-hosts.yaml b/test-playbooks/multinode/multi-node-known-hosts.yaml
index cc19aa6bc..493b2fb23 100644
--- a/test-playbooks/multinode/multi-node-known-hosts.yaml
+++ b/test-playbooks/multinode/multi-node-known-hosts.yaml
@@ -12,6 +12,7 @@
host_addresses: >
{% set hosts = [] -%}
{% for host, vars in hostvars.items() -%}
+ {% if 'nodepool' in vars -%}
{% if vars['nodepool']['private_ipv4'] | length > 0 -%}
{% set _ = hosts.append(vars['nodepool']['private_ipv4']) -%}
{% endif -%}
@@ -21,6 +22,7 @@
{% if vars['nodepool']['public_ipv6'] | length > 0 -%}
{% set _ = hosts.append(vars['nodepool']['public_ipv6']) -%}
{% endif -%}
+ {% endif -%}
{% endfor -%}
{{- hosts | sort | unique -}}