Add Swift RGW configuration playbook for post-adoption setup

This commit adds support for configuring Swift object storage to use
Ceph RGW after adoption is complete. The configuration requires the
adopted OpenShift environment to be running with Keystone
services available.

Changes:
- Add configure_swift_rgw.yaml playbook with three phases:
  1. Extract Swift password and Keystone endpoint from OpenShift
  2. Configure Ceph RGW with Keystone integration settings
  3. Configure Swift endpoints to use RGW backend

- Add test-configure-object Makefile target to invoke the playbook

- Playbook uses variables extracted at runtime from the live OpenShift
  environment (ceph_keystone_ep, ceph_keystone_swift_pwd, and
  ceph_rgw_virtual_ips_list) which are passed to the ceph_migrate role

Author: katarimanojk

Makefile

@@ -95,6 +95,11 @@ test-with-ironic: ## Launch test suite with Ironic
 	mkdir -p tests/logs
 	ANSIBLE_CONFIG=$(TEST_CONFIG) ansible-playbook -v -i $(TEST_INVENTORY) -e @$(TEST_SECRETS) -e @$(TEST_VARS) $(TEST_ARGS) tests/playbooks/test_with_ironic.yaml 2>&1 | tee $(TEST_OUTFILE)
 
+test-configure-object: TEST_OUTFILE ?= tests/logs/test_configure_object_out_$(shell date +%FT%T%Z).log
+test-configure-object: ## Configure Swift object store to use Ceph RGW
+	mkdir -p tests/logs
+	ANSIBLE_CONFIG=$(TEST_CONFIG) ansible-playbook -v -i $(TEST_INVENTORY) -e @$(TEST_SECRETS) -e @$(TEST_VARS) $(TEST_ARGS) tests/playbooks/configure_swift_rgw.yaml 2>&1 | tee $(TEST_OUTFILE)
+
 ##@ DOCS
 
 docs-dependencies: .bundle

tests/playbooks/configure_swift_rgw.yaml

@@ -0,0 +1,57 @@
+---
+- name: Build Ceph RGW overrides for configure_object
+  hosts: localhost
+  gather_facts: false
+  tasks:
+    - name: Extract Swift password from OpenShift secret
+      ansible.builtin.shell: |
+        oc get secret osp-secret -o json | jq -r '.data.SwiftPassword' | base64 -d
+      register: swift_password_result
+      changed_when: false
+
+    - name: Get keystone-internal service details
+      ansible.builtin.shell: "oc get svc keystone-internal -o json | jq -r '.status.loadBalancer.ingress[0].ip'"
+      register: keystone_svc_lb_ip
+      changed_when: false
+
+    - name: Construct Keystone service URL
+      ansible.builtin.set_fact:
+        keystone_url: "{{ keystone_protocol | default('http') }}://{{ keystone_svc_lb_ip.stdout | ansible.utils.ipwrap }}:5000"
+      when: keystone_svc_lb_ip.stdout | length > 0
+
+    - name: Set variables for Ceph RGW configuration
+      ansible.builtin.set_fact:
+        ceph_keystone_ep: "{{ keystone_url }}"
+        ceph_keystone_swift_pwd: "{{ swift_password_result.stdout }}"
+
+- name: Configure Ceph RGW Keystone settings
+  hosts: "{{ groups['ceph'][0] | default([]) }}"
+  gather_facts: true
+  vars:
+    ceph_keystone_ep: "{{ hostvars['localhost']['ceph_keystone_ep'] }}"
+    ceph_keystone_swift_pwd: "{{ hostvars['localhost']['ceph_keystone_swift_pwd'] }}"
+  tasks:
+    - name: Configure Ceph RGW Keystone settings
+      ansible.builtin.shell: |
+        sudo cephadm shell -- ceph config set global rgw_keystone_url {{ ceph_keystone_ep }}
+        sudo cephadm shell -- ceph config set global rgw_keystone_admin_password {{ ceph_keystone_swift_pwd }}
+        # refresh rgw after updating keystone rgw config
+        sudo cephadm shell -- ceph orch redeploy rgw.rgw
+      changed_when: true
+
+- name: Configure swift object store
+  hosts: localhost
+  gather_facts: true
+  vars:
+    shell_header: "set -euo pipefail"
+    #ceph_rgw_vip: "2620:cf:cf:cccc::2/64" (ipv6) or "172.18.0.2/24" (ipv4)
+  tasks:
+    - name: Set Ceph RGW virtual IPs list
+      ansible.builtin.set_fact:
+        ceph_rgw_virtual_ips_list:
+          - "{{ ceph_rgw_vip }}"
+
+    - name: Configure swift endpoints to use rgw
+      ansible.builtin.import_role:
+        name: ceph_migrate
+        tasks_from: configure_object