Add a confirmation prompt to reboot.yml

MoteHue · MoteHue · commit dbb62f06de1c · 2025-03-14T13:23:16.000Z
This is a risky playbook to run without confirmation, especially as it
targets all hosts when not using a limit.
diff --git a/.github/workflows/package-build-ofed.yml b/.github/workflows/package-build-ofed.yml
@@ -230,7 +230,8 @@ jobs:
         run: |
           source venvs/kayobe/bin/activate &&
           source src/kayobe-config/kayobe-env --environment ci-doca-builder &&
-          kayobe playbook run src/kayobe-config/etc/kayobe/ansible/reboot.yml
+          kayobe playbook run src/kayobe-config/etc/kayobe/ansible/reboot.yml \
+          -e confirm_reboot=yes
         env:
           KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }}
 
diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml
@@ -291,7 +291,8 @@ jobs:
             -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \
             -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \
             ${{ steps.kayobe_image.outputs.kayobe_image }} \
-            /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/reboot.yml -e reboot_with_bootstrap_user=true
+            /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/reboot.yml \
+           -e reboot_with_bootstrap_user=true -e confirm_reboot=yes
         env:
           KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }}
 
diff --git a/etc/kayobe/ansible/fix-hostname.yml b/etc/kayobe/ansible/fix-hostname.yml
@@ -27,4 +27,5 @@
   vars:
     reboot_hosts: fix-hostname
     reboot_with_bootstrap_user: true
+    confirm_reboot: "yes"
   when: current_hostname.stdout != inventory_hostname
diff --git a/etc/kayobe/ansible/reboot.yml b/etc/kayobe/ansible/reboot.yml
@@ -9,9 +9,26 @@
     ansible_user: "{{ bootstrap_user if reboot_with_bootstrap_user | bool else kayobe_ansible_user }}"
     ansible_ssh_common_args: "{{ '-o StrictHostKeyChecking=no' if reboot_with_bootstrap_user | bool else '' }}"
     ansible_python_interpreter: /usr/bin/python3
+    confirm_reboot: False
   tags:
     - reboot
   tasks:
+    - name: Prompt to confirm reboot
+      ansible.builtin.pause:
+        prompt: >
+          The following hosts will be rebooted:
+          {{ play_hosts | join(', ') }}
+          If you want to proceed type: yes
+      register: pause_prompt
+      when: not confirm_reboot
+
+    - name: Fail if reboot is not confirmed
+      ansible.builtin.assert:
+        that: confirm_reboot == 'yes' or pause_prompt.user_input == 'yes'
+        msg: >
+          Reboot has not been confirmed. You must either type 'yes' when
+          prompted, or set ``confirm_reboot=yes``.
+
     - name: Reboot and wait
       become: true
       ansible.builtin.reboot:
diff --git a/releasenotes/notes/add-confirmation-prompt-to-reboot.yml-4fd1ae8e8d360e57.yaml b/releasenotes/notes/add-confirmation-prompt-to-reboot.yml-4fd1ae8e8d360e57.yaml
@@ -0,0 +1,11 @@
+---
+features:
+  - |
+    A confirmation prompt has been added to ``reboot.yml`` to help avoid
+    rebooting the wrong hosts by mistake. This check can be skipped by setting
+    ``confirm_reboot=yes``.
+upgrade:
+  - |
+    A confirmation prompt has been added to ``reboot.yml`` to help avoid
+    rebooting the wrong hosts by mistake. This check can be skipped by setting
+    ``confirm_reboot=yes``.
