Merge branch 'devel' into patch-2

Signed-off-by: sujit-jadhav <sujit_jadhav@dell.com>

control_plane/roles/provision_idrac/tasks/check_prerequisites.yml

@@ -28,7 +28,7 @@
   run_once: true
   
 - name: Fetch management station ip from {{ management_station_ip_file }}
-  shell: cat {{ role_path }}/files/{{ management_station_ip_file }}
+  command: cat {{ role_path }}/files/{{ management_station_ip_file }}
   changed_when: false
   register: fetch_ip
   run_once: true
@@ -57,6 +57,8 @@
     job_wait: true
   register: nfs_check
   ignore_errors: true
+  until: not nfs_check.failed
+  retries: 3
 
 - name: Missing entries in nfs exports
   fail:
@@ -74,6 +76,7 @@
     enterprise_license: false
     datacenter_license: false
     provision_status: false
+    model_status: false
 
 - block:
     - name: Check tower_cli.cfg is encrypted

control_plane/roles/provision_idrac/tasks/update_firmware.yml

@@ -14,6 +14,12 @@
 ---
 
 - block:
+    - name: Set model status
+      set_fact:
+        model_status: true
+      when: item in idrac_info.system_info.System[0].Model
+      with_items: "{{ poweredge_model.split(',') | map('trim') }}"
+
     - name: Update firmware (This task will take time based on current firmware version)
       dellemc.openmanage.idrac_firmware:
         idrac_ip: "{{ inventory_hostname }}"
@@ -25,11 +31,13 @@
         apply_update: True
         catalog_file_name: "Catalog.xml"
       register: update_firmware
+      when: model_status
 
     - name: Wait for one minute to complete firmware update
       wait_for:
         timeout: 60
       run_once: true
+      when: model_status
 
     - name: Wait for iDRAC port to become active
       wait_for:
@@ -40,7 +48,14 @@
     - name: Firmware update status
       debug:
         msg: "{{ firmware_job_success_msg }}"
-      when: not update_firmware.failed
+      when:
+        - model_status
+        - not update_firmware.failed
+
+    - name: Firmware update skip status
+      debug:
+        msg: "{{ firmware_job_skip_msg }}"
+      when: not model_status
 
   rescue:
     - name: Firmware update job status

control_plane/roles/provision_idrac/vars/main.yml

@@ -25,6 +25,7 @@ idrac_system_profile_success_msg: "idrac_system_profile validated"
 idrac_system_profile_fail_msg: "Failed. Incorrect setting input for idrac_system_profile in idrac_vars.yml"
 firmware_update_success_msg: "firmware_update_required validated"
 firmware_update_fail_msg: "Failed. firmware_update_required accepts only true or false in idrac_vars.yml"
+firmware_job_skip_msg: "Firmware update task skipped due to missing updates in /var/nfs_repo"
 snmp_community_success_msg: "snmp_community_name validated"
 snmp_community_fail_msg: "Failed. snmp_community_name should not be empty in base_vars.yml"
 snmp_trap_dest_success_msg: "snmp_trap_destination validated"

control_plane/tools/roles/cluster_preperation/tasks/passwordless_ssh.yml

@@ -21,19 +21,23 @@
 - name: Refresh ssh-key if changed
   command: ssh-keygen -R {{ current_host }}
   changed_when: False
-  ignore_errors: yes
+  failed_when: false
   when: "'manager' in group_names"
 
 - name: Verify whether passwordless ssh is set on the remote host
-  command: ssh -o PasswordAuthentication=no root@"{{ current_host }}" 'hostname'
+  shell: sshpass ssh -o "PasswordAuthentication=no" root@{{ current_host }} 'hostname'
   register: ssh_output
-  ignore_errors: yes
-  changed_when: False
+  async: 30
+  poll: 5
+  failed_when: false
+  changed_when: false
 
 - name: Update ssh connection status
   set_fact:
     ssh_status: true
-  when: "'Permission denied' not in ssh_output.stderr"
+  when:
+    - "'Permission denied' not in ssh_output.stderr"
+    -  ssh_output.stdout | length > 2
 
 - name: Verify the public key file existence
   stat:

control_plane/tools/roles/fetch_password/tasks/main.yml

@@ -12,24 +12,25 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 ---
-- name: Include variables from common role
+
+- name: Include variables from control_plane_common role
   include_vars: "{{ role_path }}/../../../roles/control_plane_common/vars/main.yml"
   no_log: True
 
-- name: Check input config file is encrypted
-  command: cat {{ role_path }}/../../../{{ input_config_filename }}
+- name: Check login_vars.yml is encrypted
+  command: cat {{ role_path }}/../../../{{ login_vars_filename }}
   changed_when: false
   register: config_content
 
-- name: Decrpyt appliance_config.yml
+- name: Decrpyt login_vars.yml
   command: >-
-    ansible-vault decrypt {{ role_path }}/../../../{{ input_config_filename }}
+    ansible-vault decrypt {{ role_path }}/../../../{{ login_vars_filename }}
     --vault-password-file {{ role_path }}/../../../{{ vault_filename }}
   changed_when: false
   when: "'$ANSIBLE_VAULT;' in config_content.stdout"
 
 - name: Include variable file appliance_config.yml
-  include_vars: "{{ role_path }}/../../../{{ input_config_filename }}"
+  include_vars: "{{ role_path }}/../../../{{ login_vars_filename }}"
   no_log: true
 
 - name: Save input variables from file
@@ -37,8 +38,8 @@
     cobbler_password: "{{ provision_password }}"
   no_log: true
 
-- name: Encrypt input config file
+- name: Encrypt login_vars.yml
   command: >-
-    ansible-vault encrypt {{ role_path }}/../../../{{ input_config_filename }}
+    ansible-vault encrypt {{ role_path }}/../../../{{ login_vars_filename }}
     --vault-password-file {{ role_path }}/../../../{{ vault_filename }}
-  changed_when: false
+  changed_when: false