From b8281782723567a677cc090232e3c9f2d584bd92 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 29 Mar 2023 09:46:49 +0100 Subject: [PATCH 001/129] Update pre-commit (#557) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index bc9f9cc01..7bdc5d07b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.1.0 + rev: 23.3.0 hooks: - id: black name: black From 94a2f8634e03598d3ff431bcdbf1f840c98e1890 Mon Sep 17 00:00:00 2001 From: Klaas Demter Date: Fri, 31 Mar 2023 01:56:01 +0200 Subject: [PATCH 002/129] Update hosts readme to match actual behavior (#559) --- roles/hosts/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/hosts/README.md b/roles/hosts/README.md index a97a5684f..22120bae0 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -82,7 +82,7 @@ The role will strip the double space between the curly bracket in order to provi |`new_name`|""|yes|str|To use when changing a hosts's name.| |`description`|""|no|str|The description of the host.| |`inventory`|""|yes|str|The inventory the host applies against.| -|`enabled`|`True`|no|bool|If the host should be enabled.| +|`enabled`||no|bool|If the host should be enabled.| |`variables`|{}|no|str|The variables applicable to the host.| |`state`|`present`|no|str|Desired state of the resource.| From 5935234c105771cdddb792088163912e5adf79a5 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sun, 2 Apr 2023 10:46:32 -0400 Subject: [PATCH 003/129] Role updates (#556) * Fix incorrect required from no to yes inventory organization * update roles * update changes --------- Co-authored-by: Tony Kay Co-authored-by: David Danielsson --- .ansible-lint | 1 + .github/workflows/ci_standalone_versioned.yml | 2 +- changelogs/fragments/role_updates.yml | 9 ++ roles/applications/README.md | 1 + roles/applications/tasks/main.yml | 1 + roles/bulk_host_create/README.md | 142 ++++++++++++++++++ roles/bulk_host_create/defaults/main.yml | 5 + .../bulk_host_create/meta/argument_specs.yml | 49 ++++++ roles/bulk_host_create/meta/main.yml | 46 ++++++ roles/bulk_host_create/tasks/main.yml | 40 +++++ roles/bulk_job_launch/README.md | 141 +++++++++++++++++ roles/bulk_job_launch/defaults/main.yml | 5 + roles/bulk_job_launch/meta/argument_specs.yml | 54 +++++++ roles/bulk_job_launch/meta/main.yml | 46 ++++++ roles/bulk_job_launch/tasks/main.yml | 31 ++++ roles/credential_types/README.md | 1 + roles/credential_types/tasks/main.yml | 1 + roles/credentials/README.md | 2 +- roles/dispatch/defaults/main.yml | 1 + roles/execution_environments/README.md | 1 + roles/execution_environments/tasks/main.yml | 1 + roles/inventories/README.md | 1 + roles/inventories/tasks/main.yml | 1 + roles/inventory_sources/README.md | 3 +- roles/inventory_sources/tasks/main.yml | 1 + roles/license/README.md | 1 + roles/license/tasks/main.yml | 1 + roles/notification_templates/README.md | 2 +- roles/projects/README.md | 1 + roles/projects/tasks/main.yml | 1 + roles/users/README.md | 1 + roles/users/tasks/main.yml | 1 + roles/workflow_job_templates/README.md | 4 +- roles/workflow_job_templates/tasks/main.yml | 4 +- tests/configs/bulk_hosts.yml | 10 ++ tests/configs/bulk_jobs.yml | 8 + tests/configure_controller.yml | 29 ++++ tests/templated_role_example/README.md | 111 ++++++++++++++ .../templated_role_example/defaults/main.yml | 5 + tests/templated_role_example/meta/main.yml | 46 ++++++ tests/templated_role_example/tasks/main.yml | 43 ++++++ .../tests/config/extra_vars.yml | 8 + tests/templated_role_example/tests/test.yml | 23 +++ 43 files changed, 877 insertions(+), 8 deletions(-) create mode 100644 changelogs/fragments/role_updates.yml create mode 100644 roles/bulk_host_create/README.md create mode 100644 roles/bulk_host_create/defaults/main.yml create mode 100644 roles/bulk_host_create/meta/argument_specs.yml create mode 100644 roles/bulk_host_create/meta/main.yml create mode 100644 roles/bulk_host_create/tasks/main.yml create mode 100644 roles/bulk_job_launch/README.md create mode 100644 roles/bulk_job_launch/defaults/main.yml create mode 100644 roles/bulk_job_launch/meta/argument_specs.yml create mode 100644 roles/bulk_job_launch/meta/main.yml create mode 100644 roles/bulk_job_launch/tasks/main.yml create mode 100644 tests/configs/bulk_hosts.yml create mode 100644 tests/configs/bulk_jobs.yml create mode 100644 tests/templated_role_example/README.md create mode 100644 tests/templated_role_example/defaults/main.yml create mode 100644 tests/templated_role_example/meta/main.yml create mode 100644 tests/templated_role_example/tasks/main.yml create mode 100644 tests/templated_role_example/tests/config/extra_vars.yml create mode 100644 tests/templated_role_example/tests/test.yml diff --git a/.ansible-lint b/.ansible-lint index 78211f557..e1bc1fe78 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -8,6 +8,7 @@ exclude_paths: - '.github/' - 'roles/master_role_example/' - 'changelogs/' + - 'tests/templated_role_example' parseable: true use_default_rules: true # https://github.com/ansible/ansible-lint/issues/808 diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index db5f369a4..741c0d855 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -63,7 +63,7 @@ jobs: run: ansible-galaxy collection install -r .github/collections/requirements.yml - name: "Perform playbook tests" - run: ansible-playbook tests/configure_controller.yml -e controller_hostname=localhost:8043 -v + run: ansible-playbook tests/configure_controller.yml -e controller_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} - name: "Perform export model playbook tests" run: ansible-playbook tests/configure_controller_export_model.yml -e controller_hostname=localhost:8043 -v diff --git a/changelogs/fragments/role_updates.yml b/changelogs/fragments/role_updates.yml new file mode 100644 index 000000000..c1519fda4 --- /dev/null +++ b/changelogs/fragments/role_updates.yml @@ -0,0 +1,9 @@ +--- +minor_changes: + - Added new_name option to the roles applications, credential_types, execution_environments, inventories, projects, users. + - Added scm_branch option to inventory_sources role. + - Added new_username option to user role. + - Corrected various readmes. + - Added Roles bulk_host_create, bulk_job_launch. + - Updated workflow job template options to use non depreciated names for options. This should not affect any operations. +... diff --git a/roles/applications/README.md b/roles/applications/README.md index 9ec9c71fd..6a620acf1 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -59,6 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of application| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`organization`|""|yes|str|Name of the organization for the application| |`description`|""|no|str|Description to use for the application.| |`authorization_grant_type`|"password"|yes|str|Grant type for tokens in this application, "password" or "authorization-code"| diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 84b5972ea..7169d3830 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -3,6 +3,7 @@ - name: Add Controller Applications application: name: "{{ __application_item.name | mandatory }}" + new_name: "{{ __application_item.new_name | default(omit, true) }}" organization: "{{ __application_item.organization | mandatory }}" description: "{{ __application_item.description | default(omit, true) }}" authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" diff --git a/roles/bulk_host_create/README.md b/roles/bulk_host_create/README.md new file mode 100644 index 000000000..d122ee90f --- /dev/null +++ b/roles/bulk_host_create/README.md @@ -0,0 +1,142 @@ +# controller_configuration.bulk_host_create + +## Description + +An Ansible Role to create bulk hosts on Ansible Controller. + +## Requirements + +ansible-galaxy collection install -r tests/collections/requirements.yml to be installed +Currently: + awx.awx + or + ansible.controller + +## Variables + +### Authentication + +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| +|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_configuration_bulk_hosts_secure_logging`|`see below`|yes|Data structure describing your organization or organizations Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ******* task does not include sensitive information. +controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_bulk_hosts_secure_logging`|`False`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_bulk_hosts_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_bulk_hosts_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| + +## Data Structure + +### Bulk Host Variables + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`hosts`|""|yes|list|List of hosts and host options to add to inventory. Documented below| +|`inventory`|""|yes|str|Inventory name or ID the hosts should be made a member of.| + +### Bulk Host Sub Options + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|no|list|The name to use for the host.| +|`description`|""|no|str|The description to use for the host.| +|`enabled`|""|no|bool|If the host should be enabled.| +|`variables`|""|no|dict|Variables to use for the host.| +|`instance`|""|no|list|instance to use for the host.| + +### Standard Project Data Structure + +#### Json Example + +```json +{ + "controller_bulk_hosts": [ + { + "inventory": "localhost", + "hosts": [ + { + "name": "localhost" + }, + { + "name": "127.0.0.1", + "variables": { + "some_var": "some_val", + "ansible_connection": "local" + } + } + ] + } + ] +} +``` + +#### Yaml Example + +```yaml +--- +controller_bulk_hosts: + - inventory: localhost + hosts: + - name: localhost + - name: 127.0.0.1 + variables: + some_var: some_val + ansible_connection: local +``` + +## Playbook Examples + +### Standard Role Usage + +```yaml +--- +- name: Playbook to configure ansible controller post installation + hosts: localhost + connection: local + # Define following vars here, or in controller_configs/controller_auth.yml + # controller_hostname: ansible-controller-web-svc-test-project.example.com + # controller_username: admin + # controller_password: changeme + pre_tasks: + - name: Include vars from controller_configs directory + include_vars: + dir: ./yaml + ignore_files: [controller_config.yml.template] + extensions: ["yml"] + roles: + - {role: redhat_cop.controller_configuration.bulk_host_create, when: controller_bulk_hosts is defined} +``` + +## License + +[MIT](https://github.com/redhat-cop/controller_configuration#licensing) + +## Author + +[Sean Sullivan](https://github.com/sean-m-sullivan) diff --git a/roles/bulk_host_create/defaults/main.yml b/roles/bulk_host_create/defaults/main.yml new file mode 100644 index 000000000..4754a14c9 --- /dev/null +++ b/roles/bulk_host_create/defaults/main.yml @@ -0,0 +1,5 @@ +--- +controller_configuration_bulk_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_bulk_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" +controller_configuration_bulk_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +... diff --git a/roles/bulk_host_create/meta/argument_specs.yml b/roles/bulk_host_create/meta/argument_specs.yml new file mode 100644 index 000000000..43a6e9fcd --- /dev/null +++ b/roles/bulk_host_create/meta/argument_specs.yml @@ -0,0 +1,49 @@ +--- +argument_specs: + main: + short_description: An Ansible Role to run a list of ad hoc commands on Ansible Controller. + options: + controller_bulk_hosts: + description: Data structure describing a bulk of hosts to run + type: list + elements: dict + + # No_log variables + controller_configuration_bulk_hosts_secure_logging: + default: "{{ controller_configuration_secure_logging | default(false) }}" + required: false + type: bool + description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + controller_configuration_secure_logging: + default: false + required: false + type: bool + description: This variable enables secure logging across all roles as a default. + + # Generic across all roles + controller_hostname: + default: None + required: false + description: URL to the Ansible Controller Server. + type: str + controller_validate_certs: + default: true + required: false + description: Whether or not to validate the Ansible Controller Server's SSL certificate. + type: str + controller_username: + default: None + required: false + description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + type: str + controller_password: + default: None + required: false + description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + type: str + controller_oauthtoken: + default: None + required: false + description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + type: str +... diff --git a/roles/bulk_host_create/meta/main.yml b/roles/bulk_host_create/meta/main.yml new file mode 100644 index 000000000..8d753a2e1 --- /dev/null +++ b/roles/bulk_host_create/meta/main.yml @@ -0,0 +1,46 @@ +--- +galaxy_info: + role_name: bulk_host_create + author: "Sean Sullivan" + description: "An Ansible Role to create hosts in bulk in Ansible Controller." + company: "Red Hat" + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + license: "MIT" + + min_ansible_version: "2.8" + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + + # github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + platforms: + - name: "EL" + versions: + - "all" + + galaxy_tags: + - "controller" + - "aap" + - "awx" + - "host" + - "hosts" + +collections: + - ansible.controller + - awx.awx + +dependencies: [] +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +... diff --git a/roles/bulk_host_create/tasks/main.yml b/roles/bulk_host_create/tasks/main.yml new file mode 100644 index 000000000..4bc749803 --- /dev/null +++ b/roles/bulk_host_create/tasks/main.yml @@ -0,0 +1,40 @@ +--- +# Create Job Template +- name: Add Controller hosts in bulk + bulk_host_create: + hosts: "{{ __controller_bulk_hosts_item.hosts }}" + inventory: "{{ __controller_bulk_hosts_item.inventory }}" + + # Role Standard options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + loop: "{{ controller_bulk_hosts }}" + loop_control: + loop_var: __controller_bulk_hosts_item + no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" + async: 1000 + poll: 0 + register: __controller_bulk_hosts_job_async + changed_when: not __controller_bulk_hosts_job_async.changed + vars: + ansible_async_dir: '/tmp/.ansible_async' + +- name: "Configure bulk_hosts | Wait for finish the bulk_hosts creation" + ansible.builtin.async_status: + jid: "{{ __controller_bulk_hosts_job_async_results_item.ansible_job_id }}" + register: __controller_bulk_hosts_job_async_result + until: __controller_bulk_hosts_job_async_result.finished + retries: "{{ controller_configuration_bulk_hosts_async_retries }}" + delay: "{{ controller_configuration_bulk_hosts_async_delay }}" + loop: "{{ __controller_bulk_hosts_job_async.results }}" + loop_control: + loop_var: __controller_bulk_hosts_job_async_results_item + when: __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined + no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" + vars: + ansible_async_dir: '/tmp/.ansible_async' +... diff --git a/roles/bulk_job_launch/README.md b/roles/bulk_job_launch/README.md new file mode 100644 index 000000000..ca8656348 --- /dev/null +++ b/roles/bulk_job_launch/README.md @@ -0,0 +1,141 @@ +# controller_configuration.bulk_job_launch + +## Description + +An Ansible Role to launch bulk jobs on Ansible Controller. + +## Requirements + +ansible-galaxy collection install -r tests/collections/requirements.yml to be installed +Currently: + awx.awx + or + ansible.controller + +## Variables + +### Authentication + +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| +|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_bulk_launch_jobs`|`see below`|yes|Data structure describing your organization or organizations Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ******* task does not include sensitive information. +controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_bulk_job_launch_secure_logging`|`False`|no|Whether or not to include the sensitive bulk_job_launch role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_bulk_job_launch_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_bulk_job_launch_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| + +## Data Structure + +### Bulk Host Variables + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`jobs`|""|yes|list|List of jobs and job options to launch. Documented below| +|`description`|""|no|str|Optional description of this bulk job.| +|`organization`|""|no|str|Organization for the bulk job. Affects who can see the resulting bulk job. If not provided, will use the organization the user is in.| +|`inventory`|""|no|str|Inventory to use for the job, only used if prompt for inventory is set.| +|`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| +|`extra_vars`|""|no|dict|extra_vars to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module.| +|`limit`|""|no|str|Limit to use for the job_template.| +|`job_tags`|""|no|str|Specific tags to use for from playbook.| +|`skip_tags`|""|no|str|Specific tags to skip from the playbook.| +|`wait`|""|no|bool|Wait for the job to complete.| +|`interval`|2|no|float|The interval to request an update from controller.| + +### Bulk Job Launch Sub Options + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`unified_job_template`|""|yes|int|The ID of object that is to be launched. Example objects include projects, inventory sources, and templates. Required if state='present.| +|`inventory`|""|no|str|Inventory to use for the job, only used if prompt for inventory is set.| +|`execution_environment`|Job Template default|no|str|Execution Environment applied as a prompt. Job Template default used if not set. Only allowed if `ask_execution_environment_on_launch` set to true on Job Template| +|`instance_groups`|Job Template default|no|str| List of Instance Groups applied as a prompt. Job Template default used if not set. Only allowed if `ask_instance_groups_on_launch` set to true on Job Template| +|`credentials`|""|no|list|TCredential to use for job, only used if prompt for credential is set.| +|`labels`|Job Template default|no|list|List of labels to use in the job run. Job Template default used if not set. Only allowed if `ask_labels_on_launch` set to true on Job Template| +|`extra_data`|""|no|dict|extra_data to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module.| +|`diff_mode`|""|no|bool|Show the changes made by Ansible tasks where supported.| +|`verbosity`|""|no|int|Verbosity level for this job run.| +|`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| +|`job_type`|""|no|str|Job_type to use for the job, only used if prompt for job_type is set. Run or Check are the options.| +|`job_tags`|""|no|str|Specific tags to use for from playbook.| +|`skip_tags`|""|no|str|Specific tags to skip from the playbook.| +|`limit`|""|no|str|Limit to use for the job_template.| +|`forks`|Job Template default|no|int|Forks applied as a prompt. Job Template default used if not set. Only allowed if `ask_forks_on_launch` set to true on Job Template| +|`job_slice_count`|Job Template default|no|int|Job Slice Count to use in the job run. Job Template default used if not set. Only allowed if `ask_job_slice_count_on_launch` set to true on Job Template| +|`identifier`|""|yes|str|An identifier for the resulting workflow node that represents this job that is unique within its workflow. It is copied to workflow job nodes corresponding to this node. This functions the same as the name field for other resources, however if it is not set, it will be set to a random UUID4 value.| +|`timeout`|""|no|int|If waiting for the job to complete this will abort after this amount of seconds.| + +### Standard Project Data Structure + +#### Json Example + +```json +{ +} + +``` + +#### Yaml Example + +```yaml +--- +``` + +## Playbook Examples + +### Standard Role Usage + +```yaml +--- +- name: Playbook to configure ansible controller post installation + hosts: localhost + connection: local + # Define following vars here, or in controller_configs/controller_auth.yml + # controller_hostname: ansible-controller-web-svc-test-project.example.com + # controller_username: admin + # controller_password: changeme + pre_tasks: + - name: Include vars from controller_configs directory + include_vars: + dir: ./yaml + ignore_files: [controller_config.yml.template] + extensions: ["yml"] + roles: + - {role: redhat_cop.controller_configuration.license, when: controller_license is defined} +``` + +## License + +[MIT](https://github.com/redhat-cop/controller_configuration#licensing) + +## Author + +[Sean Sullivan](https://github.com/sean-m-sullivan) diff --git a/roles/bulk_job_launch/defaults/main.yml b/roles/bulk_job_launch/defaults/main.yml new file mode 100644 index 000000000..745cc4f7d --- /dev/null +++ b/roles/bulk_job_launch/defaults/main.yml @@ -0,0 +1,5 @@ +--- +controller_configuration_bulk_job_launch_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_bulk_job_launch_async_retries: "{{ controller_configuration_async_retries | default(30) }}" +controller_configuration_bulk_job_launch_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +... diff --git a/roles/bulk_job_launch/meta/argument_specs.yml b/roles/bulk_job_launch/meta/argument_specs.yml new file mode 100644 index 000000000..f85ee8b3e --- /dev/null +++ b/roles/bulk_job_launch/meta/argument_specs.yml @@ -0,0 +1,54 @@ +--- +argument_specs: + main: + short_description: An Ansible Role to run a list of ad hoc commands on Ansible Controller. + options: + controller_bulk_job_launch_commands: + description: Data structure describing your ad hoc commands to run + type: list + elements: dict + + # No_log variables + controller_configuration_bulk_job_launch_secure_logging: + default: "{{ controller_configuration_secure_logging | default(false) }}" + required: false + type: bool + description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + controller_configuration_secure_logging: + default: false + required: false + type: bool + description: This variable enables secure logging across all roles as a default. + + # Generic across all roles + controller_state: + default: present + required: false + description: The state all objects will take unless overridden by object default + type: str + controller_hostname: + default: None + required: false + description: URL to the Ansible Controller Server. + type: str + controller_validate_certs: + default: true + required: false + description: Whether or not to validate the Ansible Controller Server's SSL certificate. + type: str + controller_username: + default: None + required: false + description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + type: str + controller_password: + default: None + required: false + description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + type: str + controller_oauthtoken: + default: None + required: false + description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + type: str +... diff --git a/roles/bulk_job_launch/meta/main.yml b/roles/bulk_job_launch/meta/main.yml new file mode 100644 index 000000000..c757301ed --- /dev/null +++ b/roles/bulk_job_launch/meta/main.yml @@ -0,0 +1,46 @@ +--- +galaxy_info: + role_name: bulk_job_launch + author: "Sean Sullivan" + description: "An Ansible Role to launch bulk jobs in Ansible Controller." + company: "Red Hat" + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + license: "MIT" + + min_ansible_version: "2.8" + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + + # github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + platforms: + - name: "EL" + versions: + - "all" + + galaxy_tags: + - "controller" + - "aap" + - "awx" + - "job" + - "jobs" + +collections: + - ansible.controller + - awx.awx + +dependencies: [] +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +... diff --git a/roles/bulk_job_launch/tasks/main.yml b/roles/bulk_job_launch/tasks/main.yml new file mode 100644 index 000000000..fa9a07ec2 --- /dev/null +++ b/roles/bulk_job_launch/tasks/main.yml @@ -0,0 +1,31 @@ +--- +# Launch Controller Job +- name: Bulk Launch Controller Jobs + bulk_job_launch: + jobs: "{{ __bulk_job_launch_item.jobs | mandatory }}" + name: "{{ __bulk_job_launch_item.name | default(omit, true) }}" + description: "{{ __bulk_job_launch_item.description | default(omit, true) }}" + organization: "{{ __bulk_job_launch_item.organization | default(omit, true) }}" + inventory: "{{ __bulk_job_launch_item.inventory | default(omit, true) }}" + scm_branch: "{{ __bulk_job_launch_item.scm_branch | default(omit, true) }}" + extra_vars: "{{ __bulk_job_launch_item.extra_vars | default(omit, true) }}" + limit: "{{ __bulk_job_launch_item.limit | default(omit, true) }}" + job_tags: "{{ __bulk_job_launch_item.tags | default(omit, true) }}" + skip_tags: "{{ __bulk_job_launch_item.skip_tags | default(omit, true) }}" + wait: "{{ __bulk_job_launch_item.wait | default(omit) }}" + interval: "{{ __bulk_job_launch_item.interval | default(omit) }}" + + # Role Standard Options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + loop: "{{ controller_bulk_launch_jobs }}" + loop_control: + loop_var: "__bulk_job_launch_item" + no_log: "{{ controller_configuration_bulk_job_launch_secure_logging }}" + register: bulk_launched_controller_jobs + when: controller_bulk_launch_jobs is defined +... diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index 29b85821b..a4375b123 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -59,6 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`name`|""|yes|Name of Credential Type| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`description`|`False`|no|The description of the credential type to give more detail about it.| |`injectors`|""|no|Enter injectors using either JSON or YAML syntax. Refer to the Ansible controller documentation for example syntax. See below on proper formatting.| |`inputs`|""|no|Enter inputs using either JSON or YAML syntax. Refer to the Ansible controller documentation for example syntax.| diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index cb7eda3f1..e54298a0d 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -2,6 +2,7 @@ - name: Add Credential Types credential_type: name: "{{ __controller_credential_type_item.name | mandatory }}" + new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" description: "{{ __controller_credential_type_item.description | default(omit, true) }}" injectors: "{{ __controller_credential_type_item.injectors | default(omit, true) | regex_replace('[ ]{2,}', '') }}" inputs: "{{ __controller_credential_type_item.inputs | default(omit, true) }}" diff --git a/roles/credentials/README.md b/roles/credentials/README.md index c320bf656..e4fb867ca 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -59,7 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`name`|""|yes|Name of Credential| -|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field.| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|Name or id to copy the credential from. This will copy an existing credential and change any parameters supplied.| |`description`|`False`|no|Description of of Credential.| |`organization`|""|no|Organization this Credential belongs to. If provided on creation, do not give either user or team.| diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index 3f9a1dcdb..edb725e3d 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -19,6 +19,7 @@ controller_configuration_dispatcher_roles: - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - {role: project_update, var: controller_projects, tags: projects} - {role: hosts, var: controller_hosts, tags: hosts} + - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} - {role: groups, var: controller_groups, tags: inventories} - {role: job_templates, var: controller_templates, tags: job_templates} - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index 704a0ad7c..5fdbda74b 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -59,6 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of execution environment| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`description`|""|no|str|Description to use for the execution environment.| |`image`|""|yes|str|Container image to use for the execution environment| |`organization`|""|no|str|The organization the execution environment belongs to.| diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index 71e119895..f43d3d8c1 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -3,6 +3,7 @@ - name: Add Controller Execution Environments execution_environment: name: "{{ __execution_environments_item.name | mandatory }}" + new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" description: "{{ __execution_environments_item.description | default(omit, true) }}" image: "{{ __execution_environments_item.image | mandatory }}" organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(omit, true)) }}" diff --git a/roles/inventories/README.md b/roles/inventories/README.md index fcbed202c..67368a94a 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -79,6 +79,7 @@ The role will strip the double space between the curly bracket in order to provi |Variable Name|Default Value|Required|type|Description| |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of this inventory.| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|str|Name or id to copy the inventory from. This will copy an existing inventory and change any parameters supplied.| |`description`|""|no|str|Description of this inventory.| |`organization`|""|yes|str|Organization this inventory belongs to.| diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index 3bfca07ff..f06787f9b 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -2,6 +2,7 @@ - name: Create inventory inventory: name: "{{ __controller_inventory_item.name | mandatory }}" + new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" description: "{{ __controller_inventory_item.description | default(omit, true) }}" organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 575790b66..b90556242 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -98,7 +98,8 @@ The role will strip the double space between the curly bracket in order to provi |`verbosity`|""|no|The verbosity level to run this inventory source under.| |`update_on_launch`|""|no|Refresh inventory data from its source each time a job is run.| |`update_cache_timeout`|""|no|Time in seconds to consider an inventory sync to be current.| -|`source_project`|""|no|Project to use as source with scm option| +|`source_project`|""|no|Project to use as source with scm option.| +|`scm_branch`|""|no|Project scm branch to use as source with scm option. Project must have branch override enabled.| |`state`|`present`|no|Desired state of the resource.| |`notification_templates_started`|""|no|The notifications on started to use for this inventory source in a list.| |`notification_templates_success`|""|no|The notifications on success to use for this inventory source in a list.| diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index 5542cd4cf..769ff1274 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -22,6 +22,7 @@ update_on_launch: "{{ __controller_source_item.update_on_launch | default(omit) }}" update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(omit, true) }}" source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(omit, true)) }}" + scm_branch: "{{ __controller_source_item.scm_branch | default(omit) }}" state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" notification_templates_started: "{{ __controller_source_item.notification_templates_started | default(__controller_source_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" notification_templates_success: "{{ __controller_source_item.notification_templates_success | default(__controller_source_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" diff --git a/roles/license/README.md b/roles/license/README.md index 6775f1fd7..b1ef530e9 100644 --- a/roles/license/README.md +++ b/roles/license/README.md @@ -53,6 +53,7 @@ controller_configuration_license_secure_logging defaults to the value of control |`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to| |`eula_accepted`|""|yes|bool|DEPRECATED since Tower 3.8 - Whether to accept the End User License Agreement for Ansible controller| |`force`|`False`|no|bool|By default, the license manifest will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| +|`state`|`present`|no|str|Desired state of the resource.| For further details on fields see diff --git a/roles/license/tasks/main.yml b/roles/license/tasks/main.yml index fbe491826..22f446e87 100644 --- a/roles/license/tasks/main.yml +++ b/roles/license/tasks/main.yml @@ -43,6 +43,7 @@ eula_accepted: "{{ controller_license.eula_accepted | default(omit) }}" # Depreciated only for Tower 3.8.x or lower pool_id: "{{ controller_license.pool_id | default(omit) }}" force: "{{ controller_license.force | default(omit) }}" + state: "{{ controller_license.state | default(omit) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index 18de29298..d9131a743 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -59,7 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|The name of the notification.| -|`new_name`|""|yes|str|Setting this option will change the existing name (looked up via the name field.| +|`new_name`|""|yes|str|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|str|Name or id to copy the Notification template from. This will copy an existing notification and change any parameters supplied.| |`description`|""|no|str|The description of the notification.| |`organization`|""|no|str|The organization applicable to the notification.| diff --git a/roles/projects/README.md b/roles/projects/README.md index 5a0a85e69..ed6afde96 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -59,6 +59,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of Project| +|`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|str|Name or id to copy the project from. This will copy an existing project and change any parameters supplied.| |`description`|`False`|no|str|Description of the Project.| |`organization`|`False`|yes|str|Name of organization for project.| diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 2bd2d727a..bcb62ab83 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -2,6 +2,7 @@ - name: Add Projects project: name: "{{ __controller_project_item.name | mandatory }}" + new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" description: "{{ __controller_project_item.description | default(omit, true) }}" scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" diff --git a/roles/users/README.md b/roles/users/README.md index 579846700..fb0237a9a 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -60,6 +60,7 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`username`|""|yes|str|The username of the user| +|`new_username`|""|yes|str|Setting this option will change the existing username (looked up via the username field).| |`password`|"{{ controller_user_default_password }}"|no|str|The password of the user| |`email`|""|yes|str|The email of the user| |`first_name`|""|no|str|The first name of the user| diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index 835721785..31c18f353 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -4,6 +4,7 @@ - name: Add controller user # noqa fqcn[action-core] user: username: "{{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) | mandatory }}" + new_username: "{{ __controller_user_accounts_item.new_username | default(omit, true) }}" # the 'true' in the second default leads to no password being set if the default password is empty password: "{{ __controller_user_accounts_item.password | default(controller_user_default_password | default(omit, true)) }}" email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 79d7db395..273e34dff 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -83,8 +83,8 @@ This also speeds up the overall role. |`notification_templates_success`|""|no|list|The notifications on success to use for this organization in a list.| |`scm_branch`|""|no|str|SCM branch applied as a prompt, assuming job template prompts for SCM branch| |`state`|`present`|no|str|Desired state of the resource.| -|`schema`|""|no|dict|A json list of nodes and their corresponding options. The sub-options are in the module doc.| -|`destroy_current_schema`|""|no|dict|Set in order to destroy current schema on the workflow, used in cases where drastic changes to schema are happening.| +|`workflow_nodes`|""|no|dict|A json list of nodes and their corresponding options. The sub-options are in the module doc.| +|`destroy_current_nodes`|""|no|dict|Set in order to destroy current schema on the workflow, used in cases where drastic changes to schema are happening.| |`survey_enabled`|""|no|bool|Enable a survey on the job template.| |`survey_spec`|""|no|dict|JSON/YAML dict formatted survey definition.| |`survey`|""|no|dict|JSON/YAML dict formatted survey definition. Alias of survey_spec| diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index d2a05cd14..aa936388b 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -26,8 +26,8 @@ ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(omit)) }}" ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(omit) }}" ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(omit)) }}" - schema: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(omit, true)) }}" - destroy_current_schema: "{{ __workflow_loop_item.destroy_current_schema | default(omit) }}" + workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(omit, true)) }}" + destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(omit)) }}" state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" notification_templates_started: "{{ __workflow_loop_item.notification_templates_started | default(__workflow_loop_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" notification_templates_success: "{{ __workflow_loop_item.notification_templates_success | default(__workflow_loop_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" diff --git a/tests/configs/bulk_hosts.yml b/tests/configs/bulk_hosts.yml new file mode 100644 index 000000000..e3fea748a --- /dev/null +++ b/tests/configs/bulk_hosts.yml @@ -0,0 +1,10 @@ +--- +temp_controller_bulk_hosts: + - inventory: localhost + hosts: + - name: 10.0.0.1 + - name: 10.0.0.2 + variables: + some_var: some_val + ansible_connection: local +... diff --git a/tests/configs/bulk_jobs.yml b/tests/configs/bulk_jobs.yml new file mode 100644 index 000000000..3555f570c --- /dev/null +++ b/tests/configs/bulk_jobs.yml @@ -0,0 +1,8 @@ +--- +temp_controller_bulk_launch_jobs: + - name: My Bulk Job Launch + jobs: + - unified_job_template: 7 + - unified_job_template: 15 + organization: Default +... diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index efd00eea6..ffd8b821e 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -101,6 +101,15 @@ ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" when: controller_ad_hoc_commands is defined + - name: Launch Controller Bulk Hosts + ansible.builtin.include_role: + name: bulk_host_create + vars: + controller_bulk_hosts: "{{ temp_controller_bulk_hosts }}" + when: + - controller_bulk_launch_jobs is defined + - awx_version == "21.14.0" or awx_version == "devel" + - name: Launch Controller Jobs ansible.builtin.include_role: name: job_launch @@ -123,6 +132,26 @@ controller_cancel_jobs: "{{ tmp_jobs.results | map(attribute='ansible_facts.tmp_job') | list }}" when: launched_controller_jobs is defined + - name: Find Job ID's + ansible.builtin.debug: + var: __job_templates_job_async_result + + - name: Launch Controller Bulk Jobs + ansible.builtin.include_role: + name: bulk_job_launch + vars: + controller_bulk_hosts: "{{ temp_controller_bulk_hosts }}" + controller_bulk_launch_jobs: + - name: My Bulk Job Launch + jobs: + - unified_job_template: "{{ __job_templates_job_async_result.results[0].id }}" + - unified_job_template: "{{ __job_templates_job_async_result.results[1].id }}" + organization: Default + wait: false + when: + - controller_bulk_launch_jobs is defined + - awx_version == "21.14.0" or awx_version == "devel" + - name: Launch Controller workflows ansible.builtin.include_role: name: workflow_launch diff --git a/tests/templated_role_example/README.md b/tests/templated_role_example/README.md new file mode 100644 index 000000000..826943fe8 --- /dev/null +++ b/tests/templated_role_example/README.md @@ -0,0 +1,111 @@ +# controller_configuration.*********** + +## Description + +An Ansible Role to create******* on Ansible Controller. + +## Requirements + +ansible-galaxy collection install -r tests/collections/requirements.yml to be installed +Currently: + awx.awx + or + ansible.controller + +## Variables + +### Authentication + +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| +|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_************`|`see below`|yes|Data structure describing your organization or organizations Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ******* task does not include sensitive information. +controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_*******_secure_logging`|`False`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_*******_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_*******_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| + +## Data Structure + +### ************ Variables + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|yes|str|Name of Job Template| +|`new_name`|""|str|no|Setting this option will change the existing name (looked up via the name field).| +|`description`|`False`|no|str|Description to use for the job template.| + +|`state`|`present`|no|str|Desired state of the resource.| + +### Standard Project Data Structure + +#### Json Example + +```json +{ +} + +``` + +#### Yaml Example + +```yaml +--- + +``` + +## Playbook Examples + +### Standard Role Usage + +```yaml +--- +- name: Playbook to configure ansible controller post installation + hosts: localhost + connection: local + # Define following vars here, or in controller_configs/controller_auth.yml + # controller_hostname: ansible-controller-web-svc-test-project.example.com + # controller_username: admin + # controller_password: changeme + pre_tasks: + - name: Include vars from controller_configs directory + include_vars: + dir: ./yaml + ignore_files: [controller_config.yml.template] + extensions: ["yml"] + roles: + - {role: redhat_cop.controller_configuration.license, when: controller_license is defined} +``` + +## License + +[MIT](https://github.com/redhat-cop/controller_configuration#licensing) + +## Author diff --git a/tests/templated_role_example/defaults/main.yml b/tests/templated_role_example/defaults/main.yml new file mode 100644 index 000000000..485ba84ba --- /dev/null +++ b/tests/templated_role_example/defaults/main.yml @@ -0,0 +1,5 @@ +--- +controller_configuration_*******_secure_logging: "{{controller_configuration_secure_logging | default('false')}}" +controller_configuration_***********_async_retries: "{{ controller_configuration_async_retries | default(30) }}" +controller_configuration_***********_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +... diff --git a/tests/templated_role_example/meta/main.yml b/tests/templated_role_example/meta/main.yml new file mode 100644 index 000000000..a7b559add --- /dev/null +++ b/tests/templated_role_example/meta/main.yml @@ -0,0 +1,46 @@ +--- +galaxy_info: + role_name: "**************" + author: "************" + description: "An Ansible Role to create ************ in Ansible Controller." + company: "Red Hat" + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + license: "MIT" + + min_ansible_version: "2.8" + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + + # github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + platforms: + - name: "EL" + versions: + - "all" + + galaxy_tags: + - "controller" + - "aap" + - "awx" + - "***************" + - "***************s" + +collections: + - ansible.controller + - awx.awx + +dependencies: [] +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +... diff --git a/tests/templated_role_example/tasks/main.yml b/tests/templated_role_example/tasks/main.yml new file mode 100644 index 000000000..541c28b07 --- /dev/null +++ b/tests/templated_role_example/tasks/main.yml @@ -0,0 +1,43 @@ +--- +# Create Job Template +- name: Add Controller *********** + controller_***********: + name: "{{ ***********_item.name }}" + new_name: "{{ ***********_item.new_name | default(omit, true) }}" + description: "{{ ***********_item.description | default('') }}" + + # Role specific options + state: "{{ ***********_item.state | default(controller_state | default('present')) }}" + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + loop: "{{ controller_************ }}" + loop_control: + loop_var: "__controller_***********_item" + no_log: "{{ controller_configuration_*******_secure_logging }}" + when: controller_************ is defined + async: 1000 + poll: 0 + register: __controller_***********_job_async + changed_when: not __controller_***********_job_async.changed + vars: + ansible_async_dir: '/tmp/.ansible_async' + +- name: "Configure *********** | Wait for finish the *********** creation" + async_status: + jid: "{{ __controller_***********_job_async_results_item.ansible_job_id }}" + register: __controller_***********_job_async_result + until: __controller_***********_job_async_result.finished + retries: "{{ controller_configuration_***********_async_retries }}" + delay: "{{ controller_configuration_***********_async_delay }}" + loop: "{{ __controller_***********_job_async.results }}" + loop_control: + loop_var: __controller_***********_job_async_results_item + when: __controller_***********_job_async_results_item.ansible_job_id is defined + no_log: "{{ controller_configuration_*******_secure_logging }}" + vars: + ansible_async_dir: '/tmp/.ansible_async' +... diff --git a/tests/templated_role_example/tests/config/extra_vars.yml b/tests/templated_role_example/tests/config/extra_vars.yml new file mode 100644 index 000000000..17f4894ac --- /dev/null +++ b/tests/templated_role_example/tests/config/extra_vars.yml @@ -0,0 +1,8 @@ +--- +empty_master_vars: + empty_var: "nothing" + +survey_extra_vars: + example_a: 127.0.0.1 + example_b: "text" +... diff --git a/tests/templated_role_example/tests/test.yml b/tests/templated_role_example/tests/test.yml new file mode 100644 index 000000000..2040626c8 --- /dev/null +++ b/tests/templated_role_example/tests/test.yml @@ -0,0 +1,23 @@ +--- +- name: Add *********** to Controller + hosts: localhost + connection: local + gather_facts: false + vars: + controller_validate_certs: false + controller_hostname: controller.example.com + controller_username: admin + controller_password: changeme + + collections: + - awx.awx + + pre_tasks: + - name: Include vars from controller_configs directory + include_vars: + dir: ./configs + extensions: ["yml"] + + roles: + - {role: ../.., when: role_*********** is defined} +... From 9478b34cf212666dd9c5a324be97387da7ee5be5 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 4 Apr 2023 01:25:00 -0400 Subject: [PATCH 004/129] remove project update from dispatch (#560) --- changelogs/fragments/project_update.yml | 6 ++ docs/aap_config_as_code_public_meeting.ics | 78 +++++++++++----------- roles/dispatch/defaults/main.yml | 1 - roles/project_update/tasks/main.yml | 2 +- 4 files changed, 46 insertions(+), 41 deletions(-) create mode 100644 changelogs/fragments/project_update.yml diff --git a/changelogs/fragments/project_update.yml b/changelogs/fragments/project_update.yml new file mode 100644 index 000000000..413520c99 --- /dev/null +++ b/changelogs/fragments/project_update.yml @@ -0,0 +1,6 @@ +--- +bugfixes: + - Removed project_update from dispatch. This is because with bringing update_project option in line with the module options, it was running twice both in project and project update. Since both roles use the same variable controller_projects. + - If someone wants to have the old behavior, or only update projects with dispatch, the dispatch variable controller_configuration_dispatcher_roles can be overwritten and customized. + - Set the default behavior of project_update to run the update as true, unless the user explicitly sets the variable update_project to overide the default behavior. This is because if the user is specifically calling project_update it should by default update the project. +... diff --git a/docs/aap_config_as_code_public_meeting.ics b/docs/aap_config_as_code_public_meeting.ics index 8ae6c226e..037453de2 100644 --- a/docs/aap_config_as_code_public_meeting.ics +++ b/docs/aap_config_as_code_public_meeting.ics @@ -1,39 +1,39 @@ -BEGIN:VCALENDAR -CALSCALE:GREGORIAN -VERSION:2.0 -X-WR-CALNAME:AAP config as code Public meeting -METHOD:PUBLISH -PRODID:-//Apple Inc.//macOS 13.2.1//EN -BEGIN:VEVENT -TRANSP:OPAQUE -DTEND:20230412T160000Z -ORGANIZER;CN="ssulliva@redhat.com";EMAIL="ssulliva@redhat.com":mailto:ss - ulliva@redhat.com -UID:2k8fmfg2msr8lfi6k6g5upqt9a@google.com -DTSTAMP:20230316T155301Z -X-GOOGLE-CONFERENCE:https://meet.google.com/npj-fyzv-oyo -DESCRIPTION:https://github.com/redhat-cop/controller_configuration/i - ssues/475\n\n-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~ - :~:~:~:~:~:~:~:~:~:~:~:~::~:~::-\nJoin with Google Meet: https://meet.go - ogle.com/npj-fyzv-oyo\nOr dial: (US) +1 470-722-0265 PIN: 621302239#\n\n - Join using SIP\n1189446461569@gmeet.redhat.com (ID: 1189446461569)\nMore - joining options: https://tel.meet/npj-fyzv-oyo?pin=1189446461569&hs=7\n - \nLearn more about Meet at: https://support.google.com/a/users/answer/92 - 82720\n\nPlease do not edit this section.\n-::~:~::~:~:~:~:~:~:~:~:~:~:~ - :~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::- -STATUS:CONFIRMED -SEQUENCE:2 -SUMMARY:AAP config as code Public meeting -DTSTART:20230412T150000Z -LAST-MODIFIED:20230316T155150Z -CREATED:20230123T211213Z -BEGIN:VALARM -UID:4555EBDE-771F-420A-9ED8-CB6C7540E67D -X-WR-ALARMUID:4555EBDE-771F-420A-9ED8-CB6C7540E67D -TRIGGER:-PT10M -DESCRIPTION:This is an event reminder -ACTION:DISPLAY -END:VALARM -END:VEVENT -END:VCALENDAR +BEGIN:VCALENDAR +CALSCALE:GREGORIAN +VERSION:2.0 +X-WR-CALNAME:AAP config as code Public meeting +METHOD:PUBLISH +PRODID:-//Apple Inc.//macOS 13.2.1//EN +BEGIN:VEVENT +TRANSP:OPAQUE +DTEND:20230412T160000Z +ORGANIZER;CN="ssulliva@redhat.com";EMAIL="ssulliva@redhat.com":mailto:ss + ulliva@redhat.com +UID:2k8fmfg2msr8lfi6k6g5upqt9a@google.com +DTSTAMP:20230316T155301Z +X-GOOGLE-CONFERENCE:https://meet.google.com/npj-fyzv-oyo +DESCRIPTION:https://github.com/redhat-cop/controller_configuration/i + ssues/475\n\n-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~ + :~:~:~:~:~:~:~:~:~:~:~:~::~:~::-\nJoin with Google Meet: https://meet.go + ogle.com/npj-fyzv-oyo\nOr dial: (US) +1 470-722-0265 PIN: 621302239#\n\n + Join using SIP\n1189446461569@gmeet.redhat.com (ID: 1189446461569)\nMore + joining options: https://tel.meet/npj-fyzv-oyo?pin=1189446461569&hs=7\n + \nLearn more about Meet at: https://support.google.com/a/users/answer/92 + 82720\n\nPlease do not edit this section.\n-::~:~::~:~:~:~:~:~:~:~:~:~:~ + :~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::- +STATUS:CONFIRMED +SEQUENCE:2 +SUMMARY:AAP config as code Public meeting +DTSTART:20230412T150000Z +LAST-MODIFIED:20230316T155150Z +CREATED:20230123T211213Z +BEGIN:VALARM +UID:4555EBDE-771F-420A-9ED8-CB6C7540E67D +X-WR-ALARMUID:4555EBDE-771F-420A-9ED8-CB6C7540E67D +TRIGGER:-PT10M +DESCRIPTION:This is an event reminder +ACTION:DISPLAY +END:VALARM +END:VEVENT +END:VCALENDAR diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index edb725e3d..ead68ddaf 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -17,7 +17,6 @@ controller_configuration_dispatcher_roles: - {role: applications, var: controller_applications, tags: applications} - {role: instances, var: controller_instances, tags: instances} - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - - {role: project_update, var: controller_projects, tags: projects} - {role: hosts, var: controller_hosts, tags: hosts} - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} - {role: groups, var: controller_groups, tags: inventories} diff --git a/roles/project_update/tasks/main.yml b/roles/project_update/tasks/main.yml index dad71857d..f9ca2335a 100644 --- a/roles/project_update/tasks/main.yml +++ b/roles/project_update/tasks/main.yml @@ -21,7 +21,7 @@ no_log: "{{ controller_configuration_project_update_secure_logging }}" when: - controller_projects is defined - - __project_update_update_item.update_project | default(false) + - __project_update_update_item.update_project | default(true) - __project_update_update_item.state | default('present') != "absent" async: 1000 poll: 0 From 73522044312e378b551bb3e13e3d3d1d7d5d8e5d Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 4 Apr 2023 10:59:20 -0400 Subject: [PATCH 005/129] Update project change from bugfix to minor change (#564) --- changelogs/fragments/project_update.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/project_update.yml b/changelogs/fragments/project_update.yml index 413520c99..7de2e9af6 100644 --- a/changelogs/fragments/project_update.yml +++ b/changelogs/fragments/project_update.yml @@ -1,5 +1,5 @@ --- -bugfixes: +minor_changes: - Removed project_update from dispatch. This is because with bringing update_project option in line with the module options, it was running twice both in project and project update. Since both roles use the same variable controller_projects. - If someone wants to have the old behavior, or only update projects with dispatch, the dispatch variable controller_configuration_dispatcher_roles can be overwritten and customized. - Set the default behavior of project_update to run the update as true, unless the user explicitly sets the variable update_project to overide the default behavior. This is because if the user is specifically calling project_update it should by default update the project. From e576163af8d6d63f2c1284eeb017e07962709146 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 4 Apr 2023 11:02:20 -0400 Subject: [PATCH 006/129] Update pre-commit (#561) Co-authored-by: sean-m-sullivan Co-authored-by: Sean Sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7bdc5d07b..4a633e557 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.14.3 + rev: v6.14.4 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 04a2b58c99fba862477bbac9f559aa64df9351ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Fri, 7 Apr 2023 05:07:18 +0200 Subject: [PATCH 007/129] An inventory source is not ever assigned to an organization (#563) * an inventory source is not ever assigned to an organization * if no organization, no output for organization field --- roles/filetree_create/templates/current_inventory_sources.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/filetree_create/templates/current_inventory_sources.j2 b/roles/filetree_create/templates/current_inventory_sources.j2 index f6d8f258b..5c7887148 100644 --- a/roles/filetree_create/templates/current_inventory_sources.j2 +++ b/roles/filetree_create/templates/current_inventory_sources.j2 @@ -3,7 +3,9 @@ controller_inventory_sources: {% for inventory_source in current_inventory_sources_asset_value %} - name: "{{ inventory_source.name }}" description: "{{ inventory_source.description }}" +{% if inventory_source.summary_fields.organization %} organization: "{{ inventory_source.summary_fields.organization.name }}" +{% endif %} source: "{{ inventory_source.source | default('ToDo: The source of the inventory_source was originally missing and must be specified',true) }}" {% if inventory_source.source_project %} source_project: "{{ inventory_source.summary_fields.source_project.name }}" From d89cbe9ce9ebc81f49af9826cb6db0b3766c64d6 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sat, 8 Apr 2023 08:33:24 -0400 Subject: [PATCH 008/129] Add option for default ee from org export (#565) --- changelogs/fragments/filetree_inventory_org.yml | 4 ++++ changelogs/fragments/org_ee.yml | 4 ++++ roles/organizations/tasks/main.yml | 2 +- tests/configs_export_model/organizations_export.yml | 3 +++ 4 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/filetree_inventory_org.yml create mode 100644 changelogs/fragments/org_ee.yml diff --git a/changelogs/fragments/filetree_inventory_org.yml b/changelogs/fragments/filetree_inventory_org.yml new file mode 100644 index 000000000..646eb4811 --- /dev/null +++ b/changelogs/fragments/filetree_inventory_org.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - Fixed filetree read to error when organization not defined. +... diff --git a/changelogs/fragments/org_ee.yml b/changelogs/fragments/org_ee.yml new file mode 100644 index 000000000..be782877e --- /dev/null +++ b/changelogs/fragments/org_ee.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - added option for using the export form of default execution environment. +... diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 1ea03e7a1..478671f1f 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -6,7 +6,7 @@ custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" max_hosts: "{{ __controller_organizations_item.max_hosts | default(omit, true) }}" instance_groups: "{{ __controller_organizations_item.instance_groups | default(omit, true) }}" - default_environment: "{{ (__controller_organizations_item.default_environment | default(omit)) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" + default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(omit)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" notification_templates_approvals: "{{ __controller_organizations_item.notification_templates_approvals | default(__controller_organizations_item.related.notification_templates_approvals | default([]) | map(attribute='name') | list) | default(omit, true) }}" notification_templates_started: "{{ __controller_organizations_item.notification_templates_started | default(__controller_organizations_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" diff --git a/tests/configs_export_model/organizations_export.yml b/tests/configs_export_model/organizations_export.yml index dc85ca647..2fac75b38 100644 --- a/tests/configs_export_model/organizations_export.yml +++ b/tests/configs_export_model/organizations_export.yml @@ -13,6 +13,9 @@ controller_organizations: - name: Default description: Default max_hosts: 0 + default_environment: + name: My EE + type: execution_environment custom_virtualenv: null related: notification_templates_started: [] From 686d397930bb96339fbff730599771a708484eb0 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sat, 8 Apr 2023 10:22:59 -0400 Subject: [PATCH 009/129] update testing (#566) --- .github/workflows/ci_standalone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index a3722811b..778c63d0f 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,11 +19,11 @@ jobs: matrix: awx_version: - devel + - 22.0.0 + - 21.14.0 - 21.13.0 - 21.12.0 - 21.11.0 - # - 20.1.0 Diabled until working - # - 19.5.1 Diabled until working uses: "./.github/workflows/ci_standalone_versioned.yml" with: awx_version: ${{ matrix.awx_version }} From 1904d548ad03b24e07dcf3dfc56d32e225fcbac8 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Mon, 10 Apr 2023 16:07:50 -0400 Subject: [PATCH 010/129] Add option to roles to enforce defaults (#567) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * An inventory source is not ever assigned to an organization (#563) * an inventory source is not ever assigned to an organization * if no organization, no output for organization field * linting * update workflow --------- Co-authored-by: Ivan Aragonés Muniesa <26822043+ivarmu@users.noreply.github.com> --- .github/workflows/ci_standalone_versioned.yml | 8 ++ ansible.cfg | 2 +- changelogs/fragments/enforce_defaults.yml | 4 + plugins/lookup/enforce_defaults.py | 74 +++++++++++++++++++ roles/applications/README.md | 16 ++++ roles/applications/defaults/main.yml | 1 + roles/applications/tasks/main.yml | 4 +- roles/organizations/README.md | 16 ++++ roles/organizations/defaults/main.yml | 1 + roles/organizations/tasks/main.yml | 16 ++-- tests/configs/controller_auth.yml | 1 + 11 files changed, 132 insertions(+), 11 deletions(-) create mode 100644 changelogs/fragments/enforce_defaults.yml create mode 100644 plugins/lookup/enforce_defaults.py diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 741c0d855..226094999 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -59,6 +59,14 @@ jobs: - name: Display Versions run: which python && pip --version && ansible --version + - name: Build and install the collection + uses: redhat-cop/ansible_collections_tooling/actions/build_ansible_collection@main + with: + collection_namespace: infra + collection_name: controller_configuration + collection_version: 2.0.0 + collection_repo: https://github.com/redhat-cop/controller_configuration/ + - name: "Install Galaxy dependencies" run: ansible-galaxy collection install -r .github/collections/requirements.yml diff --git a/ansible.cfg b/ansible.cfg index d28da9a1c..1b81880fc 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,4 +1,4 @@ [defaults] -collections_paths=collections +collections_paths=collections:/home/runner/collections roles_path=roles/ lookup_plugins=plugins/lookup/ diff --git a/changelogs/fragments/enforce_defaults.yml b/changelogs/fragments/enforce_defaults.yml new file mode 100644 index 000000000..3c6319e55 --- /dev/null +++ b/changelogs/fragments/enforce_defaults.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. +... diff --git a/plugins/lookup/enforce_defaults.py b/plugins/lookup/enforce_defaults.py new file mode 100644 index 000000000..263968ccb --- /dev/null +++ b/plugins/lookup/enforce_defaults.py @@ -0,0 +1,74 @@ +# (c) 2020 Ansible Project +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +DOCUMENTATION = """ +name: enforce_defaults +author: "Sean Sullivan (@sean-m-sullivan)" +version_added: "2.4.0" +short_description: Return difference for objects from Controller API +requirements: + - None +description: + - This plugin is used to return what the default value should be depending on conditions. + - If enforce default is true, it will return the default value. Otherwise it will return the omit. + - This is so the value used for the default filter can be turned on and off. +options: + enforce_default: + description: Whether to enforce the default value or use omit. + type: bool + default: False + default_value: + description: + - Value to supply if enforce_default is True. + - This should be empty value or some form of string. + default: '' + omit_value: + description: + - the omit value + type: str + default: '' +""" + +EXAMPLES = """ +- name: Test Filter + ansible.builtin.debug: + msg: "{{ nothing | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=false , default_value='', omit_value=omit), false) }}" + +""" + +RETURN = """ +_raw: + description: + - Will either return the omit value, or the default value. +""" + +from ansible.plugins.lookup import LookupBase +from ansible.errors import AnsibleError +from ansible.module_utils._text import to_native +from ansible.utils.display import Display + + +class LookupModule(LookupBase): + display = Display() + + def handle_error(self, **kwargs): + raise AnsibleError(to_native(kwargs.get("msg"))) + + def warn_callback(self, warning): + self.display.warning(warning) + + def run(self, terms, variables=None, **kwargs): + self.set_options(direct=kwargs) + + # Set Variables for user input + enforce_default = self.get_option("enforce_default") + default_value = self.get_option("default_value") + omit_value = self.get_option("omit_value") + + if enforce_default: + return [default_value] + else: + return [omit_value] diff --git a/roles/applications/README.md b/roles/applications/README.md index 6a620acf1..f2947953c 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_applications`|`see below`|yes|Data structure describing your applications, described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_applications_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_applications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/applications/defaults/main.yml b/roles/applications/defaults/main.yml index 792d5240c..7eb310a7d 100644 --- a/roles/applications/defaults/main.yml +++ b/roles/applications/defaults/main.yml @@ -4,4 +4,5 @@ controller_applications: [] controller_configuration_applications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_applications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_applications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 7169d3830..313abff23 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -5,11 +5,11 @@ name: "{{ __application_item.name | mandatory }}" new_name: "{{ __application_item.new_name | default(omit, true) }}" organization: "{{ __application_item.organization | mandatory }}" - description: "{{ __application_item.description | default(omit, true) }}" + description: "{{ __application_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_applications_enforce_defaults , default_value='', omit_value=omit), true) }}" authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" client_type: "{{ __application_item.client_type | default('public') }}" redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" - skip_authorization: "{{ __application_item.skip_authorization | default(omit) }}" + skip_authorization: "{{ __application_item.skip_authorization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_applications_enforce_defaults , default_value=false, omit_value=omit), true) }}" state: "{{ __application_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/organizations/README.md b/roles/organizations/README.md index 9a43a43c1..9f3ed6a84 100644 --- a/roles/organizations/README.md +++ b/roles/organizations/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_organizations`|`see below`|yes|Data structure describing your organization or organizations Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_organizations_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_organizations_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/organizations/defaults/main.yml b/roles/organizations/defaults/main.yml index ab468ed1a..9da400e8c 100644 --- a/roles/organizations/defaults/main.yml +++ b/roles/organizations/defaults/main.yml @@ -3,6 +3,7 @@ controller_organizations: [] controller_configuration_organizations_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_organizations_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_organizations_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true ... diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 478671f1f..53ff7ff71 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -2,16 +2,16 @@ - name: Add organizations organization: name: "{{ __controller_organizations_item.name | mandatory }}" - description: "{{ __controller_organizations_item.description | default(omit, true) }}" + description: "{{ __controller_organizations_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value='', omit_value=omit), true) }}" custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" - max_hosts: "{{ __controller_organizations_item.max_hosts | default(omit, true) }}" - instance_groups: "{{ __controller_organizations_item.instance_groups | default(omit, true) }}" + max_hosts: "{{ __controller_organizations_item.max_hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=0, omit_value=omit), true) }}" + instance_groups: "{{ __controller_organizations_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" - galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(omit)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ __controller_organizations_item.notification_templates_approvals | default(__controller_organizations_item.related.notification_templates_approvals | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_started: "{{ __controller_organizations_item.notification_templates_started | default(__controller_organizations_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_success: "{{ __controller_organizations_item.notification_templates_success | default(__controller_organizations_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_error: "{{ __controller_organizations_item.notification_templates_error | default(__controller_organizations_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(omit, true) }}" + galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" + notification_templates_approvals: "{{ __controller_organizations_item.notification_templates_approvals | default(__controller_organizations_item.related.notification_templates_approvals | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ __controller_organizations_item.notification_templates_started | default(__controller_organizations_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ __controller_organizations_item.notification_templates_success | default(__controller_organizations_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ __controller_organizations_item.notification_templates_error | default(__controller_organizations_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/tests/configs/controller_auth.yml b/tests/configs/controller_auth.yml index 354e3050b..3df52670f 100644 --- a/tests/configs/controller_auth.yml +++ b/tests/configs/controller_auth.yml @@ -4,4 +4,5 @@ controller_username: admin controller_password: password controller_validate_certs: false +controller_configuration_enforce_defaults: true ... From 9569fd874339829de677ee03e365683a2c0ef0a9 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 11 Apr 2023 21:03:25 -0400 Subject: [PATCH 011/129] Update enforced defauilts (#569) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * An inventory source is not ever assigned to an organization (#563) * an inventory source is not ever assigned to an organization * if no organization, no output for organization field * linting * update workflow * update enforced defaults --------- Co-authored-by: Ivan Aragonés Muniesa <26822043+ivarmu@users.noreply.github.com> --- changelogs/fragments/enforce_defaults.yml | 3 ++- roles/credential_input_sources/README.md | 16 +++++++++++++++ .../defaults/main.yml | 1 + roles/credential_input_sources/tasks/main.yml | 4 ++-- roles/credential_types/README.md | 20 +++++++++++++++++-- roles/credential_types/defaults/main.yml | 1 + roles/credential_types/tasks/main.yml | 6 +++--- roles/credentials/README.md | 16 +++++++++++++++ roles/credentials/defaults/main.yml | 1 + roles/credentials/tasks/main.yml | 14 ++++++------- roles/execution_environments/README.md | 16 +++++++++++++++ .../execution_environments/defaults/main.yml | 1 + roles/execution_environments/tasks/main.yml | 8 ++++---- roles/groups/README.md | 16 +++++++++++++++ roles/groups/defaults/main.yml | 1 + roles/groups/tasks/main.yml | 12 +++++------ roles/groups/tests/configs/group.yml | 4 ++-- roles/hosts/README.md | 16 +++++++++++++++ roles/hosts/defaults/main.yml | 1 + roles/hosts/tasks/main.yml | 6 +++--- roles/hosts/tests/configs/host.yml | 4 ++-- roles/hosts/tests/test.yml | 2 +- 22 files changed, 136 insertions(+), 33 deletions(-) diff --git a/changelogs/fragments/enforce_defaults.yml b/changelogs/fragments/enforce_defaults.yml index 3c6319e55..efbf80d53 100644 --- a/changelogs/fragments/enforce_defaults.yml +++ b/changelogs/fragments/enforce_defaults.yml @@ -1,4 +1,5 @@ --- minor_changes: - - added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. + - Added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. + - Credentials role credential type set to mandatory. This would fail in the past if it was not set, this just codifies it. ... diff --git a/roles/credential_input_sources/README.md b/roles/credential_input_sources/README.md index cb76c5d45..429e4a161 100644 --- a/roles/credential_input_sources/README.md +++ b/roles/credential_input_sources/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_credential_input_sources`|`see below`|yes|Data structure describing your credential input sources Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_credential_input_sources_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_credential_input_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/credential_input_sources/defaults/main.yml b/roles/credential_input_sources/defaults/main.yml index c280593e8..bd6320041 100644 --- a/roles/credential_input_sources/defaults/main.yml +++ b/roles/credential_input_sources/defaults/main.yml @@ -4,4 +4,5 @@ controller_credential_input_sources: [] controller_configuration_credential_input_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_input_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_input_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index 607a6eff9..446ed0978 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -4,8 +4,8 @@ target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" - description: "{{ __cred_input_src_item.description | default(omit, true) }}" - metadata: "{{ __cred_input_src_item.metadata | default(omit, true) }}" + description: "{{ __cred_input_src_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_input_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + metadata: "{{ __cred_input_src_item.metadata | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_input_sources_enforce_defaults , default_value={}, omit_value=omit), true) }}" state: "{{ __cred_input_src_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index a4375b123..d393a8a90 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_credential_types`|`see below`|yes|Data structure describing your credential types Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_credential_types_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_credential_types_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. @@ -35,8 +51,8 @@ controller_configuration_credential_types_secure_logging defaults to the value o |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Credential Type role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_credential_types_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_credential_types_secure_logging`|`False`|no|Whether or not to include the sensitive Credential Type role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/credential_types/defaults/main.yml b/roles/credential_types/defaults/main.yml index b78362570..8cb2ea2c5 100644 --- a/roles/credential_types/defaults/main.yml +++ b/roles/credential_types/defaults/main.yml @@ -4,4 +4,5 @@ controller_credential_types: [] controller_configuration_credential_types_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_types_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_types_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index e54298a0d..862800ac2 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -3,9 +3,9 @@ credential_type: name: "{{ __controller_credential_type_item.name | mandatory }}" new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" - description: "{{ __controller_credential_type_item.description | default(omit, true) }}" - injectors: "{{ __controller_credential_type_item.injectors | default(omit, true) | regex_replace('[ ]{2,}', '') }}" - inputs: "{{ __controller_credential_type_item.inputs | default(omit, true) }}" + description: "{{ __controller_credential_type_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value='', omit_value=omit), true) }}" + injectors: "{{ __controller_credential_type_item.injectors | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + inputs: "{{ __controller_credential_type_item.inputs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value={}, omit_value=omit), true) }}" kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" state: "{{ __controller_credential_type_item.state | default(controller_state | default('present')) }}" diff --git a/roles/credentials/README.md b/roles/credentials/README.md index e4fb867ca..e00fedc5a 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_credentials`|`see below`|yes|Data structure describing your credentials Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_credentials_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_credentials_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/credentials/defaults/main.yml b/roles/credentials/defaults/main.yml index 95aad6486..2a5c3775b 100644 --- a/roles/credentials/defaults/main.yml +++ b/roles/credentials/defaults/main.yml @@ -4,4 +4,5 @@ controller_credentials: [] controller_configuration_credentials_secure_logging: "{{ controller_configuration_secure_logging | default(true) }}" controller_configuration_credentials_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credentials_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index a5c67c1a8..682ea09e0 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -4,13 +4,13 @@ name: "{{ __controller_credentials_item.name | mandatory }}" new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" - description: "{{ __controller_credentials_item.description | default(omit, true) }}" - organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(omit, true)) }}" - credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | default(omit, true)) }}" - inputs: "{{ __controller_credentials_item.inputs | default(omit, true) }}" - user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(omit, true)) }}" - team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(omit, true)) }}" - update_secrets: "{{ __controller_credentials_item.update_secrets | default(omit) }}" + description: "{{ __controller_credentials_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true) }}" + organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" + credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory ) }}" + inputs: "{{ __controller_credentials_item.inputs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value={}, omit_value=omit), true) }}" + user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" + team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" + update_secrets: "{{ __controller_credentials_item.update_secrets | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value=true, omit_value=omit), true) }}" state: "{{ __controller_credentials_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index 5fdbda74b..688f45f0d 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_execution_environments`|`see below`|yes|Data structure describing your organization or organizations Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_execution_environments_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_execution_environments_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/execution_environments/defaults/main.yml b/roles/execution_environments/defaults/main.yml index ca3a83513..2cba5cf17 100644 --- a/roles/execution_environments/defaults/main.yml +++ b/roles/execution_environments/defaults/main.yml @@ -3,4 +3,5 @@ controller_configuration_execution_environments_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_execution_environments_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_execution_environments_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index f43d3d8c1..532a9c9c9 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -4,11 +4,11 @@ execution_environment: name: "{{ __execution_environments_item.name | mandatory }}" new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" - description: "{{ __execution_environments_item.description | default(omit, true) }}" + description: "{{ __execution_environments_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true) }}" image: "{{ __execution_environments_item.image | mandatory }}" - organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(omit, true)) }}" - credential: "{{ __execution_environments_item.credential | default(omit, true) }}" - pull: "{{ __execution_environments_item.pull | default(omit, true) }}" + organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true)) }}" + credential: "{{ __execution_environments_item.credential | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true) }}" + pull: "{{ __execution_environments_item.pull | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='missing', omit_value=omit), true) }}" state: "{{ __execution_environments_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/groups/README.md b/roles/groups/README.md index 307f44027..44a70a9f2 100644 --- a/roles/groups/README.md +++ b/roles/groups/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_groups`|`see below`|yes|Data structure describing your group or groups Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_groups_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/groups/defaults/main.yml b/roles/groups/defaults/main.yml index 0bb75c6aa..c7ecb9447 100644 --- a/roles/groups/defaults/main.yml +++ b/roles/groups/defaults/main.yml @@ -4,4 +4,5 @@ controller_groups: [] controller_configuration_group_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_group_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_group_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index e93144cb3..b5eec183b 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -5,13 +5,13 @@ group: name: "{{ controller_groups_item.name | mandatory }}" new_name: "{{ controller_groups_item.new_name | default(omit, true) }}" - description: "{{ controller_groups_item.description | default(omit, true) }}" + description: "{{ controller_groups_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" inventory: "{{ controller_groups_item.inventory | mandatory }}" - variables: "{{ controller_groups_item.variables | default(omit, true) | regex_replace('[ ]{2,}', '') }}" - hosts: "{{ controller_groups_item.hosts | default(omit, true) }}" - children: "{{ controller_groups_item.children | default(omit, true) }}" - preserve_existing_hosts: "{{ controller_groups_item.preserve_existing_hosts | default(omit) }}" - preserve_existing_children: "{{ controller_groups_item.preserve_existing_children | default(omit) }}" + variables: "{{ controller_groups_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + hosts: "{{ controller_groups_item.hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" + children: "{{ controller_groups_item.children | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" + preserve_existing_hosts: "{{ controller_groups_item.preserve_existing_hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=false, omit_value=omit)) }}" + preserve_existing_children: "{{ controller_groups_item.preserve_existing_children | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=false, omit_value=omit)) }}" state: "{{ controller_groups_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/groups/tests/configs/group.yml b/roles/groups/tests/configs/group.yml index 366fa179c..bfe65cd8b 100644 --- a/roles/groups/tests/configs/group.yml +++ b/roles/groups/tests/configs/group.yml @@ -1,7 +1,7 @@ --- controller_groups: - - name: localhost - inventory: My Inv + - name: localhost_group + inventory: localhost variables: my_var: true ... diff --git a/roles/hosts/README.md b/roles/hosts/README.md index 22120bae0..c703cdb55 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_hosts`|`see below`|yes|Data structure describing your host entries described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_host_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_host_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/hosts/defaults/main.yml b/roles/hosts/defaults/main.yml index 6decfba10..7604e025c 100644 --- a/roles/hosts/defaults/main.yml +++ b/roles/hosts/defaults/main.yml @@ -4,4 +4,5 @@ controller_hosts: [] controller_configuration_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index 99dcfcea8..07f0ee048 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -3,11 +3,11 @@ host: name: "{{ __controller_host_item.name | mandatory }}" new_name: "{{ __controller_host_item.new_name | default(omit, true) }}" - description: "{{ __controller_host_item.description | default(omit, true) }}" + description: "{{ __controller_host_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value='', omit_value=omit), true) }}" inventory: "{{ __controller_host_item.inventory | mandatory }}" - enabled: "{{ __controller_host_item.enabled | default(omit) }}" + enabled: "{{ __controller_host_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value=true, omit_value=omit), true) }}" state: "{{ __controller_host_item.state | default(controller_state | default('present')) }}" - variables: "{{ __controller_host_item.variables | default(omit, true) | regex_replace('[ ]{2,}', '') }}" + variables: "{{ __controller_host_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" # Role Standard Options controller_host: "{{ controller_hostname | default(omit, true) }}" diff --git a/roles/hosts/tests/configs/host.yml b/roles/hosts/tests/configs/host.yml index 34b7aab70..c6a59a032 100644 --- a/roles/hosts/tests/configs/host.yml +++ b/roles/hosts/tests/configs/host.yml @@ -1,7 +1,7 @@ --- -controller_host: +controller_hosts: - name: localhost - inventory: My Inv + inventory: localhost variables: my_var: true ... diff --git a/roles/hosts/tests/test.yml b/roles/hosts/tests/test.yml index b7a00793d..e99a56994 100644 --- a/roles/hosts/tests/test.yml +++ b/roles/hosts/tests/test.yml @@ -19,5 +19,5 @@ extensions: ["yml"] roles: - - {role: ../.., when: controller_host is defined} + - {role: ../.., when: controller_hosts is defined} ... From 9c203742249bffee0272cf6c6555e6692aac1229 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 13 Apr 2023 10:31:20 +0100 Subject: [PATCH 012/129] Update pre-commit (#570) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4a633e557..2d0d9e3b1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.14.4 + rev: v6.14.5 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 6bc33249bc383044ae435c0f558ed319d6e0e183 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 14 Apr 2023 11:38:09 +0100 Subject: [PATCH 013/129] Update pre-commit (#571) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2d0d9e3b1..2842a89a3 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.14.5 + rev: v6.14.6 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 94d71e82629bc34b432f0ca47b46efd110493d0b Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Mon, 17 Apr 2023 09:20:52 -0400 Subject: [PATCH 014/129] Default options (#572) * update org export * update org export * rebase * update remaning enforced defaults --- changelogs/fragments/enforce_defaults.yml | 3 + roles/instance_groups/README.md | 16 ++++ roles/instance_groups/defaults/main.yml | 1 + roles/instance_groups/tasks/main.yml | 18 ++-- roles/instances/README.md | 16 ++++ roles/instances/defaults/main.yml | 1 + roles/instances/tasks/main.yml | 12 +-- roles/inventories/README.md | 19 +++- roles/inventories/defaults/main.yml | 1 + roles/inventories/tasks/main.yml | 13 +-- .../inventories/tests/configs/inventories.yml | 2 + roles/inventory_sources/README.md | 17 ++++ roles/inventory_sources/defaults/main.yml | 1 + roles/inventory_sources/tasks/main.yml | 41 ++++----- roles/job_templates/README.md | 16 ++++ roles/job_templates/defaults/main.yml | 1 + roles/job_templates/tasks/main.yml | 88 +++++++++---------- roles/notification_templates/README.md | 16 ++++ .../notification_templates/defaults/main.yml | 1 + roles/notification_templates/tasks/main.yml | 10 +-- .../tests/configs/notifications.yml | 8 +- roles/notification_templates/tests/test.yml | 2 +- roles/organizations/tasks/main.yml | 8 +- roles/projects/README.md | 16 ++++ roles/projects/defaults/main.yml | 1 + roles/projects/tasks/main.yml | 38 ++++---- roles/roles/README.md | 16 ++++ roles/roles/defaults/main.yml | 1 + roles/roles/tasks/main.yml | 14 +-- roles/schedules/README.md | 16 ++++ roles/schedules/defaults/main.yml | 1 + roles/schedules/tasks/main.yml | 32 +++---- roles/teams/README.md | 16 ++++ roles/teams/defaults/main.yml | 1 + roles/teams/tasks/main.yml | 2 +- roles/users/README.md | 16 ++++ roles/users/defaults/main.yml | 1 + roles/users/tasks/main.yml | 6 +- roles/workflow_job_templates/README.md | 16 ++++ .../workflow_job_templates/defaults/main.yml | 1 + roles/workflow_job_templates/tasks/main.yml | 50 +++++------ 41 files changed, 385 insertions(+), 170 deletions(-) diff --git a/changelogs/fragments/enforce_defaults.yml b/changelogs/fragments/enforce_defaults.yml index efbf80d53..ecdb5e414 100644 --- a/changelogs/fragments/enforce_defaults.yml +++ b/changelogs/fragments/enforce_defaults.yml @@ -2,4 +2,7 @@ minor_changes: - Added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. - Credentials role credential type set to mandatory. This would fail in the past if it was not set, this just codifies it. + - Instances role - changed default of node_type and node_state to omit, as generally these cannot be changed on existing instances unless deploying new instances. + - Inventory role - added input_inventories option for constructed inventories. + - Schedule role - rrule set to mandatory. This would fail in the past if it was not set, this just codifies it. ... diff --git a/roles/instance_groups/README.md b/roles/instance_groups/README.md index 421f83184..95c53b2a0 100644 --- a/roles/instance_groups/README.md +++ b/roles/instance_groups/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_instance_groups`|`see below`|yes|Data structure describing your instance groups Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_instance_groups_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_instance_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/instance_groups/defaults/main.yml b/roles/instance_groups/defaults/main.yml index d7039ef73..ec0116294 100644 --- a/roles/instance_groups/defaults/main.yml +++ b/roles/instance_groups/defaults/main.yml @@ -3,4 +3,5 @@ controller_instance_groups: [] controller_configuration_instance_groups_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instance_groups_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instance_groups_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index 38bf14270..3731b3633 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -4,15 +4,15 @@ instance_group: name: "{{ __controller_instance_group_item.name | mandatory }}" new_name: "{{ __controller_instance_group_item.new_name | default(omit, true) }}" - credential: "{{ __controller_instance_group_item.credential | default(omit, true) }}" - is_container_group: "{{ __controller_instance_group_item.is_container_group | default(omit, true) }}" - policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(omit, true) }}" - policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(omit, true) }}" - policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(omit, true) }}" - max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(omit, true) }}" - max_forks: "{{ __controller_instance_group_item.max_forks | default(omit, true) }}" - pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(omit, true) }}" - instances: "{{ __controller_instance_group_item.instances | default(omit, true) }}" + credential: "{{ __controller_instance_group_item.credential | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" + is_container_group: "{{ __controller_instance_group_item.is_container_group | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=false, omit_value=omit), true) }}" + policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" + policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" + policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" + max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" + max_forks: "{{ __controller_instance_group_item.max_forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" + pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" + instances: "{{ __controller_instance_group_item.instances | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" state: "{{ __controller_instance_group_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/instances/README.md b/roles/instances/README.md index eca33da09..14f5e284f 100644 --- a/roles/instances/README.md +++ b/roles/instances/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_instances`|`see below`|yes|Data structure describing your instances Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_instances_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_instances_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/instances/defaults/main.yml b/roles/instances/defaults/main.yml index 53d5af675..2773eb8ca 100644 --- a/roles/instances/defaults/main.yml +++ b/roles/instances/defaults/main.yml @@ -3,4 +3,5 @@ controller_instances: [] controller_configuration_instances_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instances_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instances_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 3347ad0c2..768c60dce 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -3,12 +3,12 @@ - name: Add Controller Instance instance: hostname: "{{ __controller_instance_item.hostname | mandatory }}" - capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default(omit, true) }}" - enabled: "{{ __controller_instance_item.enabled | default(omit, true) }}" - managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default(omit, true) }}" - node_type: "{{ __controller_instance_item.node_type | default('execution') }}" - node_state: "{{ __controller_instance_item.node_state | default('installed') }}" - listener_port: "{{ __controller_instance_item.listener_port | default(omit, true) }}" + capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=1.0, omit_value=omit), true) }}" + enabled: "{{ __controller_instance_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=true, omit_value=omit), true) }}" + managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=true, omit_value=omit), true) }}" + node_type: "{{ __controller_instance_item.node_type | default(omit, true) }}" + node_state: "{{ __controller_instance_item.node_state | default(omit, true) }}" + listener_port: "{{ __controller_instance_item.listener_port | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=27199, omit_value=omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/inventories/README.md b/roles/inventories/README.md index 67368a94a..c523dc2ed 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_inventories`|`see below`|yes|Data structure describing your inventories described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_inventories_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_inventories_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. @@ -83,7 +99,8 @@ The role will strip the double space between the curly bracket in order to provi |`copy_from`|""|no|str|Name or id to copy the inventory from. This will copy an existing inventory and change any parameters supplied.| |`description`|""|no|str|Description of this inventory.| |`organization`|""|yes|str|Organization this inventory belongs to.| -|`instance_groups`|""|no|list|list of Instance Groups for this Inventory to run on.| +|`instance_groups`|""|no|list|List of Instance Groups for this Inventory to run on.| +|`input_inventories`|""|no|list|List of Inventories to use as input for Constructed Inventory.| |`variables`|`{}`|no|dict|Variables for the inventory.| |`kind`|""|no|str|The kind of inventory. Currently choices are '' and 'smart'| |`host_filter`|""|no|str|The host filter field, useful only when 'kind=smart'| diff --git a/roles/inventories/defaults/main.yml b/roles/inventories/defaults/main.yml index c0dd7a1ea..a5510f43c 100644 --- a/roles/inventories/defaults/main.yml +++ b/roles/inventories/defaults/main.yml @@ -4,4 +4,5 @@ controller_inventories: [] controller_configuration_inventories_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventories_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventories_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index f06787f9b..bfaa0ed3d 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -4,13 +4,14 @@ name: "{{ __controller_inventory_item.name | mandatory }}" new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" - description: "{{ __controller_inventory_item.description | default(omit, true) }}" + description: "{{ __controller_inventory_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" - instance_groups: "{{ __controller_inventory_item.instance_groups | default(omit, true) }}" - variables: "{{ __controller_inventory_item.variables | default(omit, true) | regex_replace('[ ]{2,}', '') }}" - kind: "{{ __controller_inventory_item.kind | default(omit, true) }}" - host_filter: "{{ __controller_inventory_item.host_filter | default(omit, true) }}" - prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default(omit, true) }}" + instance_groups: "{{ __controller_inventory_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=[], omit_value=omit), true) }}" + input_inventories: "{{ __controller_inventory_item.input_inventories | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=[], omit_value=omit), true) }}" + variables: "{{ __controller_inventory_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + kind: "{{ __controller_inventory_item.kind | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" + host_filter: "{{ __controller_inventory_item.host_filter | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" + prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=false, omit_value=omit), true) }}" state: "{{ __controller_inventory_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/inventories/tests/configs/inventories.yml b/roles/inventories/tests/configs/inventories.yml index 7e98e8710..bca330803 100644 --- a/roles/inventories/tests/configs/inventories.yml +++ b/roles/inventories/tests/configs/inventories.yml @@ -2,7 +2,9 @@ controller_inventories: - name: test1 description: test inventory + organization: Default - name: test2 + organization: Default kind: smart host_filter: "name__icontains=test" variables: '{"key1":"val1", "key2":"val2"}' diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index b90556242..3b815c9d9 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_inventory_sources`|`see below`|yes|Data structure describing your inventory sources Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_inventory_sources_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_inventory_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. @@ -89,6 +105,7 @@ The role will strip the double space between the curly bracket in order to provi |`enabled_var`|""|no|The variable to use to determine enabled state e.g., "status.power_state".| |`enabled_value`|""|no|Value when the host is considered enabled, e.g., "powered_on".| |`host_filter`|""|no|If specified, controller will only import hosts that match this regular expression.| +|`limit`|""|no|Enter host, group or pattern match.| |`credential`|""|no|Credential to use for the source.| |`execution_environment`|""|no|Execution Environment to use for the source.| |`overwrite`|""|no|Delete child groups and hosts not found in source.| diff --git a/roles/inventory_sources/defaults/main.yml b/roles/inventory_sources/defaults/main.yml index d1865c26b..2bf3d01cf 100644 --- a/roles/inventory_sources/defaults/main.yml +++ b/roles/inventory_sources/defaults/main.yml @@ -3,4 +3,5 @@ controller_inventory_sources: [] controller_configuration_inventory_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventory_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventory_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index 769ff1274..0652e2aa0 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -3,30 +3,31 @@ inventory_source: name: "{{ __controller_source_item.name | mandatory }}" new_name: "{{ __controller_source_item.new_name | default(omit, true) }}" - description: "{{ __controller_source_item.description | default(omit, true) }}" + description: "{{ __controller_source_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" inventory: "{{ __controller_source_item.inventory.name | default(__controller_source_item.inventory) | mandatory }}" - organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(omit, true)) }}" - source: "{{ __controller_source_item.source | default(omit, true) }}" - source_path: "{{ __controller_source_item.source_path | default(omit, true) }}" - source_vars: "{{ __controller_source_item.source_vars | default(omit, true) | regex_replace('[ ]{2,}', '') }}" - enabled_var: "{{ __controller_source_item.enabled_var | default(omit, true) }}" - enabled_value: "{{ __controller_source_item.enabled_value | default(omit, true) }}" - host_filter: "{{ __controller_source_item.host_filter | default(omit, true) }}" + organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true)) }}" + source: "{{ __controller_source_item.source | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='scm', omit_value=omit), true) }}" + source_path: "{{ __controller_source_item.source_path | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + source_vars: "{{ __controller_source_item.source_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + enabled_var: "{{ __controller_source_item.enabled_var | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + enabled_value: "{{ __controller_source_item.enabled_value | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + host_filter: "{{ __controller_source_item.host_filter | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + limit: "{{ __controller_source_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" credential: "{{ __controller_source_item.credential | default(omit, true) }}" execution_environment: "{{ __controller_source_item.execution_environment | default(omit, true) }}" - overwrite: "{{ __controller_source_item.overwrite | default(omit) }}" - overwrite_vars: "{{ __controller_source_item.overwrite_vars | default(omit) }}" - custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(omit, true) }}" - timeout: "{{ __controller_source_item.timeout | default(omit, true) }}" - verbosity: "{{ __controller_source_item.verbosity | default(omit, true) }}" - update_on_launch: "{{ __controller_source_item.update_on_launch | default(omit) }}" - update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(omit, true) }}" - source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(omit, true)) }}" - scm_branch: "{{ __controller_source_item.scm_branch | default(omit) }}" + overwrite: "{{ __controller_source_item.overwrite | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" + overwrite_vars: "{{ __controller_source_item.overwrite_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" + custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + timeout: "{{ __controller_source_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=0, omit_value=omit), true) }}" + verbosity: "{{ __controller_source_item.verbosity | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=1, omit_value=omit), true) }}" + update_on_launch: "{{ __controller_source_item.update_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" + update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=0, omit_value=omit), true) }}" + source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true)) }}" + scm_branch: "{{ __controller_source_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit)) }}" state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ __controller_source_item.notification_templates_started | default(__controller_source_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_success: "{{ __controller_source_item.notification_templates_success | default(__controller_source_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_error: "{{ __controller_source_item.notification_templates_error | default(__controller_source_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(omit, true) }}" + notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined else '') | default(__controller_source_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined else '') | default(__controller_source_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined else '') | default(__controller_source_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" # Role Standard Options controller_config_file: "{{ controller_config_file | default(omit, true) }}" diff --git a/roles/job_templates/README.md b/roles/job_templates/README.md index a472d3e1e..a65b28370 100644 --- a/roles/job_templates/README.md +++ b/roles/job_templates/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_templates`|`see below`|yes|Data structure describing your job template or job templates Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_job_templates_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_job_templates_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/job_templates/defaults/main.yml b/roles/job_templates/defaults/main.yml index a9462458c..1cfd57374 100644 --- a/roles/job_templates/defaults/main.yml +++ b/roles/job_templates/defaults/main.yml @@ -4,4 +4,5 @@ controller_templates: [] controller_configuration_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_job_templates_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_job_templates_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index 3ac6f4292..98d6c3568 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -5,58 +5,58 @@ name: "{{ __controller_template_item.name | mandatory }}" new_name: "{{ __controller_template_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_template_item.copy_from | default(omit, true) }}" - description: "{{ __controller_template_item.description | default(omit, true) }}" + description: "{{ __controller_template_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" execution_environment: "{{ __controller_template_item.execution_environment.name | default(__controller_template_item.execution_environment | default(omit, true)) }}" + custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" job_type: "{{ __controller_template_item.job_type | default('run') }}" inventory: "{{ __controller_template_item.inventory.name | default(__controller_template_item.inventory | default(omit, true)) }}" - organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(omit, true)) }}" + organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true)) }}" project: "{{ __controller_template_item.project.name | default(__controller_template_item.project | default(omit, true)) }}" playbook: "{{ __controller_template_item.playbook | default(omit, true) }}" credentials: "{{ __controller_template_item.credentials | default(__controller_template_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" - forks: "{{ __controller_template_item.forks | default(omit, true) }}" - limit: "{{ __controller_template_item.limit | default(omit, true) }}" - verbosity: "{{ __controller_template_item.verbosity | default(omit, true) }}" - extra_vars: "{{ __controller_template_item.extra_vars | default(omit, true) }}" - job_tags: "{{ __controller_template_item.job_tags | default(omit, true) }}" - force_handlers: "{{ __controller_template_item.force_handlers | default(omit) }}" - skip_tags: "{{ __controller_template_item.skip_tags | default(omit, true) }}" - start_at_task: "{{ __controller_template_item.start_at_task | default(omit, true) }}" - diff_mode: "{{ __controller_template_item.diff_mode | default(omit) }}" - use_fact_cache: "{{ __controller_template_item.use_fact_cache | default(omit) }}" - host_config_key: "{{ __controller_template_item.host_config_key | default(omit, true) }}" - ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default(omit) }}" - ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default(omit) }}" - ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default(omit) }}" - ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default(omit) }}" - ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default(omit)) }}" - ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default(omit)) }}" - ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default(omit) }}" - ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default(omit) }}" - ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default(omit) }}" - ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default(omit) }}" - ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default(omit) }}" - ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default(omit) }}" - ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default(omit) }}" - ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default(omit) }}" - ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default(omit) }}" - ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default(omit) }}" - prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default(omit) }}" - survey_enabled: "{{ __controller_template_item.survey_enabled | default(omit) }}" - survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(omit, true))) }}" - become_enabled: "{{ __controller_template_item.become_enabled | default(omit) }}" - allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default(omit) }}" - timeout: "{{ __controller_template_item.timeout | default(omit, true) }}" - custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(omit, true) }}" - instance_groups: "{{ __controller_template_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __controller_template_item.job_slice_count | default(omit, true) }}" - webhook_service: "{{ __controller_template_item.webhook_service | default(omit, true) }}" + forks: "{{ __controller_template_item.forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" + limit: "{{ __controller_template_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + verbosity: "{{ __controller_template_item.verbosity | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" + extra_vars: "{{ __controller_template_item.extra_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value={}, omit_value=omit), true) }}" + job_tags: "{{ __controller_template_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + force_handlers: "{{ __controller_template_item.force_handlers | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + skip_tags: "{{ __controller_template_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + start_at_task: "{{ __controller_template_item.start_at_task | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + diff_mode: "{{ __controller_template_item.diff_mode | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + use_fact_cache: "{{ __controller_template_item.use_fact_cache | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + host_config_key: "{{ __controller_template_item.host_config_key | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit))) }}" + ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit))) }}" + ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + survey_enabled: "{{ __controller_template_item.survey_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value={}, omit_value=omit), true))) }}" + become_enabled: "{{ __controller_template_item.become_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" + timeout: "{{ __controller_template_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" + instance_groups: "{{ __controller_template_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" + job_slice_count: "{{ __controller_template_item.job_slice_count | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=1, omit_value=omit), true) }}" + webhook_service: "{{ __controller_template_item.webhook_service | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" - scm_branch: "{{ __controller_template_item.scm_branch | default(omit, true) }}" - labels: "{{ __controller_template_item.labels | default(__controller_template_item.related.labels | default([]) | map(attribute='name') | list if __controller_template_item.related.labels is defined else omit) }}" + scm_branch: "{{ __controller_template_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined else '') | default(__controller_template_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ __controller_template_item.notification_templates_started | default(__controller_template_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_success: "{{ __controller_template_item.notification_templates_success | default(__controller_template_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_error: "{{ __controller_template_item.notification_templates_error | default(__controller_template_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(omit, true) }}" + notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined else '') | default(__controller_template_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined else '') | default(__controller_template_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined else '') | default(__controller_template_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index d9131a743..46d1eb4d9 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_notifications`|`see below`|yes|Data structure describing your notification entries described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_notifications_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_notifications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/notification_templates/defaults/main.yml b/roles/notification_templates/defaults/main.yml index a88d71a34..f5fc5fe03 100644 --- a/roles/notification_templates/defaults/main.yml +++ b/roles/notification_templates/defaults/main.yml @@ -4,4 +4,5 @@ controller_notifications: [] controller_configuration_notifications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_notifications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_notifications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index 9431c1825..b39a4ac49 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -4,11 +4,11 @@ name: "{{ __controller_notification_item.name | mandatory }}" new_name: "{{ __controller_notification_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_notification_item.copy_from | default(omit, true) }}" - description: "{{ __controller_notification_item.description | default(omit, true) }}" - organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) }}" - notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) }}" - notification_configuration: "{{ __controller_notification_item.notification_configuration | default(omit, true) }}" - messages: "{{ __controller_notification_item.messages | default(omit, true) | regex_replace('[ ]{2,}', '') }}" + description: "{{ __controller_notification_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value='', omit_value=omit), true) }}" + organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) | mandatory }}" + notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory}}" + notification_configuration: "{{ __controller_notification_item.notification_configuration | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value={}, omit_value=omit), true) }}" + messages: "{{ __controller_notification_item.messages | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" state: "{{ __controller_notification_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/notification_templates/tests/configs/notifications.yml b/roles/notification_templates/tests/configs/notifications.yml index 3860939b8..00ae4d5dc 100644 --- a/roles/notification_templates/tests/configs/notifications.yml +++ b/roles/notification_templates/tests/configs/notifications.yml @@ -1,7 +1,7 @@ --- -controller_notification_templates: +controller_notifications: - name: Email notification - description: Send out emails for Controller jobs + # description: Send out emails for Controller jobs organization: Default notification_type: email notification_configuration: @@ -9,7 +9,9 @@ controller_notification_templates: recipients: - admin@example.com sender: tower0@example.com - port: '25' + port: 25 username: '' password: '' + use_tls: false + use_ssl: false ... diff --git a/roles/notification_templates/tests/test.yml b/roles/notification_templates/tests/test.yml index 48f311ade..2e1df99b9 100644 --- a/roles/notification_templates/tests/test.yml +++ b/roles/notification_templates/tests/test.yml @@ -19,5 +19,5 @@ extensions: ["yml"] roles: - - {role: ../.., when: controller_notification_templates is defined} + - {role: ../.., when: controller_notifications is defined} ... diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 53ff7ff71..401fb2ab4 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -8,10 +8,10 @@ instance_groups: "{{ __controller_organizations_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ __controller_organizations_item.notification_templates_approvals | default(__controller_organizations_item.related.notification_templates_approvals | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_started: "{{ __controller_organizations_item.notification_templates_started | default(__controller_organizations_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ __controller_organizations_item.notification_templates_success | default(__controller_organizations_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ __controller_organizations_item.notification_templates_error | default(__controller_organizations_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined else '') | default(__controller_organizations_item.notification_templates_approvals) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined else '') | default(__controller_organizations_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined else '') | default(__controller_organizations_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined else '') | default(__controller_organizations_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/projects/README.md b/roles/projects/README.md index ed6afde96..db20af404 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|str|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_projects`|`see below`|yes|str|Data structure describing your project or projects Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_projects_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_projects_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/projects/defaults/main.yml b/roles/projects/defaults/main.yml index c98b3a313..f4eeb2c50 100644 --- a/roles/projects/defaults/main.yml +++ b/roles/projects/defaults/main.yml @@ -4,4 +4,5 @@ controller_projects: [] controller_configuration_projects_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_projects_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_projects_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index bcb62ab83..61ec41bc3 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -4,31 +4,31 @@ name: "{{ __controller_project_item.name | mandatory }}" new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" - description: "{{ __controller_project_item.description | default(omit, true) }}" + description: "{{ __controller_project_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" - scm_url: "{{ __controller_project_item.scm_url | default(omit, true) }}" + scm_url: "{{ __controller_project_item.scm_url | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" default_environment: "{{ __controller_project_item.default_environment | default(omit, true) }}" - local_path: "{{ __controller_project_item.local_path | default(omit, true) }}" - scm_branch: "{{ __controller_project_item.scm_branch | default(omit) }}" - scm_refspec: "{{ __controller_project_item.scm_refspec | default(omit, true) }}" + local_path: "{{ __controller_project_item.local_path | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" + scm_branch: "{{ __controller_project_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit)) }}" + scm_refspec: "{{ __controller_project_item.scm_refspec | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" credential: "{{ __controller_project_item.credential.name | default(__controller_project_item.credential | default(__controller_project_item.scm_credential | default(omit, true))) }}" signature_validation_credential: "{{ __controller_project_item.signature_validation_credential.name | default(__controller_project_item.signature_validation_credential | default(omit, true)) }}" - scm_clean: "{{ __controller_project_item.scm_clean | default(omit) }}" - scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default(omit) }}" - scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default(omit) }}" - scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default(omit) }}" - scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(omit, true) }}" - allow_override: "{{ __controller_project_item.allow_override | default(omit) }}" - timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(omit, true)) }}" - custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(omit, true) }}" - organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(omit)) }}" + scm_clean: "{{ __controller_project_item.scm_clean | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=0, omit_value=omit), true) }}" + allow_override: "{{ __controller_project_item.allow_override | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=0, omit_value=omit), true)) }}" + custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" + organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit))) }}" state: "{{ __controller_project_item.state | default(controller_state | default('present')) }}" - wait: "{{ __controller_project_item.wait | default(omit) }}" - update_project: "{{ __controller_project_item.update_project | default(omit) }}" + wait: "{{ __controller_project_item.wait | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=true, omit_value=omit)) }}" + update_project: "{{ __controller_project_item.update_project | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" - notification_templates_started: "{{ __controller_project_item.notification_templates_started | default(__controller_project_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_success: "{{ __controller_project_item.notification_templates_success | default(__controller_project_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_error: "{{ __controller_project_item.notification_templates_error | default(__controller_project_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(omit, true) }}" + notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined else '') | default(__controller_project_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined else '') | default(__controller_project_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined else '') | default(__controller_project_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/roles/README.md b/roles/roles/README.md index dbd660fcf..8183f043d 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_roles`|`see below`|yes|Data structure describing your RBAC entries described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_role_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_role_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/roles/defaults/main.yml b/roles/roles/defaults/main.yml index 5e2d47836..a4ee7e0c0 100644 --- a/roles/roles/defaults/main.yml +++ b/roles/roles/defaults/main.yml @@ -4,4 +4,5 @@ controller_roles: [] controller_configuration_role_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_role_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_role_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index ab6018c9d..04f6b9ce3 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -5,20 +5,20 @@ team: "{{ __controller_role_item.team | default(omit, true) }}" role: "{{ __controller_role_item.role | mandatory }}" target_team: "{{ __controller_role_item.target_team | default(omit, true) }}" - target_teams: "{{ __controller_role_item.target_teams | default(omit, true) }}" + target_teams: "{{ __controller_role_item.target_teams | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" inventory: "{{ __controller_role_item.inventory | default(omit, true) }}" - inventories: "{{ __controller_role_item.inventories | default(omit, true) }}" + inventories: "{{ __controller_role_item.inventories | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" job_template: "{{ __controller_role_item.job_template | default(omit, true) }}" - job_templates: "{{ __controller_role_item.job_templates | default(omit, true) }}" + job_templates: "{{ __controller_role_item.job_templates | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" workflow: "{{ __controller_role_item.workflow | default(omit, true) }}" - workflows: "{{ __controller_role_item.workflows | default(omit, true) }}" + workflows: "{{ __controller_role_item.workflows | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" credential: "{{ __controller_role_item.credential | default(omit, true) }}" - credentials: "{{ __controller_role_item.credentials | default(omit, true) }}" + credentials: "{{ __controller_role_item.credentials | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" organization: "{{ __controller_role_item.organization | default(omit, true) }}" - organizations: "{{ __controller_role_item.organizations | default(omit, true) }}" + organizations: "{{ __controller_role_item.organizations | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" lookup_organization: "{{ __controller_role_item.lookup_organization | default(omit, true) }}" project: "{{ __controller_role_item.project | default(omit, true) }}" - projects: "{{ __controller_role_item.projects | default(omit, true) }}" + projects: "{{ __controller_role_item.projects | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" state: "{{ __controller_role_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/schedules/README.md b/roles/schedules/README.md index c1db6f125..0458b9581 100644 --- a/roles/schedules/README.md +++ b/roles/schedules/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_schedules`|`see below`|yes|Data structure describing your schedule or schedules Described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_schedules_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_schedules_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/schedules/defaults/main.yml b/roles/schedules/defaults/main.yml index 38555c283..3c3e9c935 100644 --- a/roles/schedules/defaults/main.yml +++ b/roles/schedules/defaults/main.yml @@ -4,4 +4,5 @@ controller_schedules: [] controller_configuration_schedules_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_schedules_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_schedules_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 4f9fd9192..7e2d97f3a 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -3,27 +3,27 @@ schedule: name: "{{ __controller_schedule_item.name | mandatory }}" new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" - description: "{{ __controller_schedule_item.description | default(omit, true) }}" - rrule: "{{ __controller_schedule_item.rrule | default(omit, true) }}" - extra_data: "{{ __controller_schedule_item.extra_data | default(omit, true) }}" - inventory: "{{ __controller_schedule_item.inventory | default(omit, true) }}" + description: "{{ __controller_schedule_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + rrule: "{{ __controller_schedule_item.rrule | mandatory }}" + extra_data: "{{ __controller_schedule_item.extra_data | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value={}, omit_value=omit), true) }}" + inventory: "{{ __controller_schedule_item.inventory | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" - scm_branch: "{{ __controller_schedule_item.scm_branch | default(omit, true) }}" - execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(omit, true)) }}" - forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" + scm_branch: "{{ __controller_schedule_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true)) }}" + forks: "{{ __controller_schedule_item.forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=0, omit_value=omit), true) }}" instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(omit, true) }}" - labels: "{{ __controller_schedule_item.labels | default(__controller_schedule_item.related.labels | default([]) | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else omit) }}" - timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" + job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=1, omit_value=omit), true) }}" + labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else '') | default(__controller_schedule_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=[], omit_value=omit), true) }}" + timeout: "{{ __controller_schedule_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=0, omit_value=omit), true) }}" job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" - job_tags: "{{ __controller_schedule_item.job_tags | default(omit, true) }}" - skip_tags: "{{ __controller_schedule_item.skip_tags | default(omit, true) }}" - limit: "{{ __controller_schedule_item.limit | default(omit, true) }}" - diff_mode: "{{ __controller_schedule_item.diff_mode | default(omit) }}" + job_tags: "{{ __controller_schedule_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + skip_tags: "{{ __controller_schedule_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + limit: "{{ __controller_schedule_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + diff_mode: "{{ __controller_schedule_item.diff_mode | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=false, omit_value=omit)) }}" verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" - organization: "{{ __controller_schedule_item.organization | default(omit, true) }}" + organization: "{{ __controller_schedule_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" - enabled: "{{ __controller_schedule_item.enabled | default(omit) }}" + enabled: "{{ __controller_schedule_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=true, omit_value=omit)) }}" state: "{{ __controller_schedule_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/teams/README.md b/roles/teams/README.md index 3b7805910..f5537875b 100644 --- a/roles/teams/README.md +++ b/roles/teams/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_teams`|`see below`|yes|Data structure describing your Teams described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_teams_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_teams_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/teams/defaults/main.yml b/roles/teams/defaults/main.yml index bc96bd3c1..c17c0313c 100644 --- a/roles/teams/defaults/main.yml +++ b/roles/teams/defaults/main.yml @@ -4,4 +4,5 @@ controller_teams: [] controller_configuration_teams_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_teams_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_teams_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index 98cf6def0..9cb48ac34 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -3,7 +3,7 @@ team: name: "{{ __controller_team_item.name | mandatory }}" new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" - description: "{{ __controller_team_item.description | default(omit, true) }}" + description: "{{ __controller_team_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_teams_enforce_defaults , default_value='', omit_value=omit), true) }}" organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" state: "{{ __controller_team_item.state | default(controller_state | default('present')) }}" diff --git a/roles/users/README.md b/roles/users/README.md index fb0237a9a..b001da72e 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -27,6 +27,22 @@ Currently: |`controller_user_accounts`|`see below`|yes|Data structure describing your user entries described below.|| |`controller_user_default_password`|""|no|Global variable to set the password for all users.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_users_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_users_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/users/defaults/main.yml b/roles/users/defaults/main.yml index 012a65fdc..63d7c0626 100644 --- a/roles/users/defaults/main.yml +++ b/roles/users/defaults/main.yml @@ -8,4 +8,5 @@ controller_user_default_password: "change_me" controller_configuration_users_secure_logging: "{{ controller_configuration_secure_logging | default('true') }}" controller_configuration_users_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_users_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index 31c18f353..d7d5c8837 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -10,9 +10,9 @@ email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" first_name: "{{ __controller_user_accounts_item.firstname | default(__controller_user_accounts_item.first_name | default(omit, true)) }}" last_name: "{{ __controller_user_accounts_item.lastname | default(__controller_user_accounts_item.last_name | default(omit, true)) }}" - is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default(omit)) }}" - is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default(omit)) }}" - update_secrets: "{{ __controller_user_accounts_item.update_secrets | default(omit) }}" + is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit))) }}" + is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit))) }}" + update_secrets: "{{ __controller_user_accounts_item.update_secrets | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit)) }}" organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" state: "{{ __controller_user_accounts_item.state | default(controller_state | default(omit, true)) }}" diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 273e34dff..dfabb558b 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -26,6 +26,22 @@ Currently: |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`workflow_job_templates`|`see below`|yes|Data structure describing your workflow job templates described below.|| +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'controller_configuration_workflows_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`controller_configuration_workflows_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| + ### Secure Logging Variables The following Variables compliment each other. diff --git a/roles/workflow_job_templates/defaults/main.yml b/roles/workflow_job_templates/defaults/main.yml index e484716e7..ef3ce2306 100644 --- a/roles/workflow_job_templates/defaults/main.yml +++ b/roles/workflow_job_templates/defaults/main.yml @@ -4,4 +4,5 @@ controller_workflows: [] workflow_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_workflow_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_workflow_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" ... diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index aa936388b..e303f7e16 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -5,34 +5,34 @@ name: "{{ __workflow_loop_item.name | mandatory }}" new_name: "{{ __workflow_loop_item.new_name | default(omit, true) }}" copy_from: "{{ __workflow_loop_item.copy_from | default(omit, true) }}" - description: "{{ __workflow_loop_item.description | default(omit, true) }}" - extra_vars: "{{ __workflow_loop_item.extra_vars | default(omit, true) }}" - allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default(omit) }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(omit, true)) }}" - ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(omit) }}" # only supported starting from Ansible 2.9 - inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(omit, true)) }}" - limit: "{{ __workflow_loop_item.limit | default(omit, true) }}" - labels: "{{ __workflow_loop_item.labels | default(__workflow_loop_item.related.labels | default([]) | map(attribute='name') | list if __workflow_loop_item.related.labels is defined else omit) }}" - scm_branch: "{{ __workflow_loop_item.scm_branch | default(omit, true) }}" - ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(omit) }}" - ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(omit) }}" - ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default(omit) }}" + description: "{{ __workflow_loop_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" + extra_vars: "{{ __workflow_loop_item.extra_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value={}, omit_value=omit), true) }}" + allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true)) }}" + ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true)) }}" + limit: "{{ __workflow_loop_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=0, omit_value=omit), true) }}" + labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined else '') | default(__workflow_loop_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" + scm_branch: "{{ __workflow_loop_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" + ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" webhook_service: "{{ __workflow_loop_item.webhook_service | default(omit, true) }}" webhook_credential: "{{ __workflow_loop_item.webhook_credential.name | default(__workflow_loop_item.webhook_credential | default(omit, true)) }}" - survey_enabled: "{{ __workflow_loop_item.survey_enabled | default(omit) }}" - survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(omit, true))) }}" - job_tags: "{{ __workflow_loop_item.job_tags | default(omit, true) }}" - skip_tags: "{{ __workflow_loop_item.skip_tags | default(omit, true) }}" - ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(omit)) }}" - ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(omit) }}" - ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(omit)) }}" - workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(omit, true)) }}" - destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(omit)) }}" + survey_enabled: "{{ __workflow_loop_item.survey_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value={}, omit_value=omit), true))) }}" + job_tags: "{{ __workflow_loop_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" + skip_tags: "{{ __workflow_loop_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" + ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" + ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" + workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true)) }}" + destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ __workflow_loop_item.notification_templates_started | default(__workflow_loop_item.related.notification_templates_started | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_success: "{{ __workflow_loop_item.notification_templates_success | default(__workflow_loop_item.related.notification_templates_success | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_error: "{{ __workflow_loop_item.notification_templates_error | default(__workflow_loop_item.related.notification_templates_error | default([]) | map(attribute='name') | list) | default(omit, true) }}" - notification_templates_approvals: "{{ __workflow_loop_item.notification_templates_approvals | default(__workflow_loop_item.related.notification_templates_approvals | default([]) | map(attribute='name') | list) | default(omit, true) }}" + notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined else '') | default(__workflow_loop_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined else '') | default(__workflow_loop_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined else '') | default(__workflow_loop_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined else '') | default(__workflow_loop_item.notification_templates_approvals) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" From e18ecd64c57397976eec956405e1c6bc8a602a9e Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 18 Apr 2023 20:57:11 -0400 Subject: [PATCH 015/129] Update release to release infra only (#574) * update release --- .github/workflows/release.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f87e15ae0..957ecc2f1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,11 +15,11 @@ jobs: matrix: awx_version: - devel + - 22.0.0 + - 21.14.0 - 21.13.0 - 21.12.0 - 21.11.0 - # - 20.1.0 Diabled until working - # - 19.5.1 Diabled until working uses: "./.github/workflows/ci_standalone_versioned.yml" with: awx_version: ${{ matrix.awx_version }} @@ -29,15 +29,13 @@ jobs: uses: "redhat-cop/ansible_collections_tooling/.github/workflows/release_pipeline.yml@main" with: collection_namespace: infra - collection_namespace_2: redhat_cop collection_name: controller_configuration collection_version: ${{ github.ref_name }} collection_repo: https://github.com/redhat-cop/controller_configuration/ quay_username: redhat_cop collection_dependencies: awx.awx secrets: - galaxy_api_key: ${{ secrets.ANSIBLE_GALAXY_APIKEY }} - infra_api_key: ${{ secrets.GALAXY_INFRA_KEY }} + galaxy_api_key: ${{ secrets.GALAXY_INFRA_KEY }} token: ${{ secrets.GITHUB_TOKEN }} quay_token: ${{ secrets.quay_token }} ... From fb170ae734bf4e39166ea76e2ab8776a47f8093a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Wed, 19 Apr 2023 18:28:43 +0200 Subject: [PATCH 016/129] treat the input dictionary as a dictionary and control the conflicting values (#576) --- roles/filetree_create/templates/current_settings.j2 | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/roles/filetree_create/templates/current_settings.j2 b/roles/filetree_create/templates/current_settings.j2 index 484e44838..42532cd1a 100644 --- a/roles/filetree_create/templates/current_settings.j2 +++ b/roles/filetree_create/templates/current_settings.j2 @@ -1,5 +1,13 @@ --- controller_settings: - settings: -{{ changed_settings[0] | replace('\'AUTH_LDAP_GROUP_TYPE_PARAMS\': {}', '\'AUTH_LDAP_GROUP_TYPE_PARAMS\': {\'name_attr\': \'cn\', \'member_attr\': \'member\'}') | replace("'", '"') | replace(': True', ': true') | replace(': False', ': false') | replace(': None', ': null') | from_json | to_nice_yaml | indent(width=6, first=True) }} +{% for key,value in changed_settings[0].items() %} +{% if key == "AUTH_LDAP_GROUP_TYPE_PARAMS" %} +{{ key | indent(width=6, first=True) }}: {'name_attr': 'cn', 'member_attr': 'member'} +{% elif key == "AUTOMATION_ANALYTICS_LAST_ENTRIES" %} +{{ key | indent(width=6, first=True) }}: {{ value | to_json }} +{% else %} +{{ key | indent(width=6, first=True) }}: {{ value | replace('True', 'true') | replace('False', 'false') | replace('None', 'null') }} +{% endif %} +{% endfor %} ... From bbcdee6b1fd9efeaf11e2c81975d2119ce1a9908 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 20 Apr 2023 09:22:30 +0100 Subject: [PATCH 017/129] Update pre-commit (#577) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2842a89a3..1a19c58a4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.6.0 + rev: v0.7.0 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 4ec138abafeef7576b86b777d72c17e072c58dbb Mon Sep 17 00:00:00 2001 From: Adebisi Oyawale <20134928+aoyawale@users.noreply.github.com> Date: Thu, 20 Apr 2023 20:38:03 -0400 Subject: [PATCH 018/129] Update galaxy.yml.j2 (#578) updating names. --- galaxy.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/galaxy.yml.j2 b/galaxy.yml.j2 index e4c57a0fe..41815d8d7 100644 --- a/galaxy.yml.j2 +++ b/galaxy.yml.j2 @@ -6,7 +6,7 @@ description: A collection of roles to manage Ansible Controller readme: README.md authors: - Andrew Huffman - - Jonathan Lozada De La Matta @jlozadad + - Adebisi Oyawale @aoyawale - Kedar Kulkarni @kedark3 - Tom Page @Tompage1994 - Sean Sullivan @sean-m-sullivan From e53c18d4471079526bf24fae6cebd54f8df41a11 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Fri, 21 Apr 2023 10:33:01 +0100 Subject: [PATCH 019/129] Update aap_config_as_code_public_meeting.ics (#573) * Update aap_config_as_code_public_meeting.ics * Update aap_config_as_code_public_meeting.ics * Update aap_config_as_code_public_meeting.ics --- docs/aap_config_as_code_public_meeting.ics | 32 ++++++---------------- 1 file changed, 9 insertions(+), 23 deletions(-) diff --git a/docs/aap_config_as_code_public_meeting.ics b/docs/aap_config_as_code_public_meeting.ics index 037453de2..7b53de7c2 100644 --- a/docs/aap_config_as_code_public_meeting.ics +++ b/docs/aap_config_as_code_public_meeting.ics @@ -1,16 +1,15 @@ BEGIN:VCALENDAR -CALSCALE:GREGORIAN VERSION:2.0 -X-WR-CALNAME:AAP config as code Public meeting -METHOD:PUBLISH -PRODID:-//Apple Inc.//macOS 13.2.1//EN +PRODID:-//ical.marudot.com//iCal Event Maker +CALSCALE:GREGORIAN BEGIN:VEVENT -TRANSP:OPAQUE -DTEND:20230412T160000Z -ORGANIZER;CN="ssulliva@redhat.com";EMAIL="ssulliva@redhat.com":mailto:ss - ulliva@redhat.com -UID:2k8fmfg2msr8lfi6k6g5upqt9a@google.com -DTSTAMP:20230316T155301Z +DTSTAMP:20230418T084131Z +UID:1681807271999-95396@ical.marudot.com +DTSTART:20230511T130000Z +RRULE:FREQ=WEEKLY;INTERVAL=4;BYDAY=TH +DTEND:20230511T140000Z +SUMMARY:AAP config as code Public meeting +URL:https://meet.google.com/npj-fyzv-oyo X-GOOGLE-CONFERENCE:https://meet.google.com/npj-fyzv-oyo DESCRIPTION:https://github.com/redhat-cop/controller_configuration/i @@ -22,18 +21,5 @@ DESCRIPTION: Date: Sun, 23 Apr 2023 03:20:26 -0400 Subject: [PATCH 021/129] Update pre-commit (#582) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1a19c58a4..6ccbcf49f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.14.6 + rev: v6.15.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 036d9a21b294ba3130f069a5a9aebff5aeb87e57 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 26 Apr 2023 21:35:59 -0400 Subject: [PATCH 022/129] Rrule fix (#586) * update org export * update org export * rebase * update rrule default * update rrule default --- changelogs/fragments/rrule_bugfix.yml | 4 ++++ roles/schedules/tasks/main.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/rrule_bugfix.yml diff --git a/changelogs/fragments/rrule_bugfix.yml b/changelogs/fragments/rrule_bugfix.yml new file mode 100644 index 000000000..a0e9688ee --- /dev/null +++ b/changelogs/fragments/rrule_bugfix.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - Fixed rrule in schedules to not be mandatory. +... diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 0d26906ef..b13758bd6 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -4,7 +4,7 @@ name: "{{ __controller_schedule_item.name | mandatory }}" new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" description: "{{ __controller_schedule_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - rrule: "{{ __controller_schedule_item.rrule | mandatory }}" + rrule: "{{ __controller_schedule_item.rrule | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" extra_data: "{{ __controller_schedule_item.extra_data | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value={}, omit_value=omit), true) }}" inventory: "{{ __controller_schedule_item.inventory | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" From 7c63ac0ade2d0ffbcf3c8a14a06010f73f93b836 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 28 Apr 2023 15:18:31 -0400 Subject: [PATCH 023/129] Update pre-commit (#588) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6ccbcf49f..fc50e90c4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.7.0 + rev: v0.7.1 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 86a1696e09b8c473f0675f6dbe7b28c542014b5c Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Fri, 28 Apr 2023 14:21:20 -0500 Subject: [PATCH 024/129] add get_stats playbook (#589) * updating export readme * tweaking readme some more * fixing link * adding get_stats.yml playbook --- changelogs/fragments/get_stats.yml | 4 + playbooks/get_stats.yml | 113 +++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+) create mode 100644 changelogs/fragments/get_stats.yml create mode 100644 playbooks/get_stats.yml diff --git a/changelogs/fragments/get_stats.yml b/changelogs/fragments/get_stats.yml new file mode 100644 index 000000000..541179f39 --- /dev/null +++ b/changelogs/fragments/get_stats.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - added get_stats.yml playbook in the playbook folder to get some basic info on a Tower/Controller instance +... diff --git a/playbooks/get_stats.yml b/playbooks/get_stats.yml new file mode 100644 index 000000000..254c45e4d --- /dev/null +++ b/playbooks/get_stats.yml @@ -0,0 +1,113 @@ +--- +# This expects you to run this on Controller/Tower itself and use a system administrator account which you attach to the Job Template +# You will also need to have localhost in your inventory for this to work without modification +- name: Get stats + hosts: localhost + connection: local + gather_facts: true + vars: + controller_hostname: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" + controller_username: "{{ lookup('ansible.builtin.env', 'CONTROLLER_USERNAME') }}" + controller_password: "{{ lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') }}" + controller_validate_certs: "{{ lookup('ansible.builtin.env', 'CONTROLLER_VERIFY_SSL') | default(false) }}" + + tasks: + - name: Get number of JT + ansible.builtin.uri: + url: "https://{{ controller_hostname }}/api/v2/metrics/?format=json" + method: GET + force_basic_auth: true + user: "{{ controller_username }}" + password: "{{ controller_password }}" + return_content: true + headers: + Content-Type: application/json + validate_certs: false + register: r_metrics + + - name: Debug metrics + ansible.builtin.debug: + verbosity: 1 + msg: + - "{{ r_metrics }}" + - "{{ r_metrics['json']['awx_system_info'] }}" + - "{{ r_metrics['json']['awx_job_templates_total'] }}" + - "{{ r_metrics['json']['awx_workflow_job_templates_total'] }}" + - "{{ r_metrics['json']['awx_license_instance_total'] }}" + - "{{ r_metrics['json']['awx_license_instance_free'] }}" + + - name: Get users info + ansible.builtin.uri: + url: "https://{{ controller_hostname }}/api/v2/users/?format=json" + method: GET + force_basic_auth: true + user: "{{ controller_username }}" + password: "{{ controller_password }}" + return_content: true + headers: + Content-Type: application/json + validate_certs: false + register: r_users + + - name: Debug users + ansible.builtin.debug: + verbosity: 1 + msg: + - "{{ r_users['json']['results'] }}" + - "{{ ansible_facts['date_time']['date'] | to_datetime('%Y-%m-%d') }}" + - "{{ r_users['json']['results'][0]['last_login'] | regex_search('[0-9]{4}-[0-9]{2}-[0-9]{2}', '\\0') | first }}" + - "{{ (r_users['json']['results'][0]['last_login'] | regex_search('[0-9]{4}-[0-9]{2}-[0-9]{2}', '\\0') | first) | to_datetime('%Y-%m-%d') }}" + - "{{ (((r_users['json']['results'][0]['last_login'] | regex_search('[0-9]{4}-[0-9]{2}-[0-9]{2}', '\\0') | first) | to_datetime('%Y-%m-%d')) - (ansible_facts['date_time']['date'] | to_datetime('%Y-%m-%d'))).days }}" + + - name: Remove users who have never logged in (null) + ansible.builtin.set_fact: + temp_user_list: "{{ (active_users | default([])) + [item['last_login']] }}" + active_users: [] + when: item['last_login'] is regex('[0-9]{4}-[0-9]{2}-[0-9]{2}(.*)') + loop: "{{ r_users['json']['results'] }}" + + - name: Debug removing users list + ansible.builtin.debug: + verbosity: 1 + msg: + - "{{ temp_user_list }}" + + - name: Find active users + ansible.builtin.set_fact: + active_users: "{{ active_users + [item] }}" + # when: (((item | regex_search('[0-9]{4}-[0-9]{2}-[0-9]{2}', '\\0') | first) | to_datetime('%Y-%m-%d')) - ('2023-03-30' | to_datetime('%Y-%m-%d'))).days <= 30 + when: ((((item | regex_search('[0-9]{4}-[0-9]{2}-[0-9]{2}', '\\0') | first) | to_datetime('%Y-%m-%d')) - (ansible_facts['date_time']['date'] | to_datetime('%Y-%m-%d'))).days) <= 30 + loop: "{{ temp_user_list }}" + + - name: Get subscription info + ansible.builtin.uri: + url: "https://{{ controller_hostname }}/api/v2/settings/all/?format=json" + method: GET + force_basic_auth: true + user: "{{ controller_username }}" + password: "{{ controller_password }}" + return_content: true + headers: + Content-Type: application/json + validate_certs: false + register: r_subscription + + - name: Output + ansible.builtin.debug: + msg: + - "Number of active users: {{ active_users | length }}" + - "Number of subs: {{ r_metrics['json']['awx_license_instance_total']['samples'][0]['value'] }}" + - "Number of avalible subs: {{ r_metrics['json']['awx_license_instance_free']['samples'][0]['value'] }}" + - "Number of orgs: {{ r_metrics['json']['awx_organizations_total']['samples'][0]['value'] }}" + - "Number of users: {{ r_metrics['json']['awx_users_total']['samples'][0]['value'] }}" + - "Number of teams: {{ r_metrics['json']['awx_teams_total']['samples'][0]['value'] }}" + - "Number of inv: {{ r_metrics['json']['awx_inventories_total']['samples'][0]['value'] }}" + - "Number of projects: {{ r_metrics['json']['awx_projects_total']['samples'][0]['value'] }}" + - "Number of JT: {{ r_metrics['json']['awx_job_templates_total']['samples'][0]['value'] }}" + - "Number of workflows: {{ r_metrics['json']['awx_workflow_job_templates_total']['samples'][0]['value'] }}" + - "Number of hosts: {{ r_metrics['json']['awx_hosts_total']['samples'] }}" + - "{{ r_metrics['json']['awx_status_total']['samples'] }}" + - "{{ r_metrics['json']['awx_system_info']['samples'][0]['labels'] }}" + - "{{ r_subscription['json']['LICENSE'] }}" + +... From 5344f3443dac0de7d025e76c45a6c72e5e9fd1cd Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Fri, 28 Apr 2023 16:36:26 -0400 Subject: [PATCH 025/129] Export differential module new and improved. (#583) * update org export * update org export * rebase * add export diff * add export differential module --------- Co-authored-by: David Danielsson --- .github/workflows/ci_standalone.yml | 1 + .github/workflows/ci_standalone_versioned.yml | 2 +- ansible.cfg | 2 +- plugins/modules/controller_export_diff.py | 331 ++++++++++++ .../credentials_export.yml | 93 ++++ .../differential_items.yml | 472 ++++++++++++++++++ .../configs_export_model/inventory_export.yml | 16 + .../configs_export_model/projects_export.yml | 38 +- tests/configs_export_model/teams_export.yml | 6 + tests/configs_export_model/users_export.yml | 2 + tests/configure_controller.yml | 2 +- tests/configure_controller_export_model.yml | 42 ++ 12 files changed, 992 insertions(+), 15 deletions(-) create mode 100644 plugins/modules/controller_export_diff.py create mode 100644 tests/configs_export_model/differential_items.yml diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 778c63d0f..0f54f99b5 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,6 +19,7 @@ jobs: matrix: awx_version: - devel + - 22.1.0 - 22.0.0 - 21.14.0 - 21.13.0 diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 226094999..960ed05f8 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -74,5 +74,5 @@ jobs: run: ansible-playbook tests/configure_controller.yml -e controller_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} - name: "Perform export model playbook tests" - run: ansible-playbook tests/configure_controller_export_model.yml -e controller_hostname=localhost:8043 -v + run: ansible-playbook tests/configure_controller_export_model.yml -e controller_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} ... diff --git a/ansible.cfg b/ansible.cfg index 1b81880fc..34cfbf901 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,4 +1,4 @@ [defaults] -collections_paths=collections:/home/runner/collections +collections_paths=/home/runner/collections roles_path=roles/ lookup_plugins=plugins/lookup/ diff --git a/plugins/modules/controller_export_diff.py b/plugins/modules/controller_export_diff.py new file mode 100644 index 000000000..958cd518b --- /dev/null +++ b/plugins/modules/controller_export_diff.py @@ -0,0 +1,331 @@ +#!/usr/bin/python +# coding: utf-8 -*- +# (c) 2017, John Westcott IV +# based on the work of John Westcott +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +ANSIBLE_METADATA = {"metadata_version": "1.1", "status": ["preview"], "supported_by": "community"} + + +DOCUMENTATION = """ +--- +module: controller_export_diff +author: "Sean Sullivan (@sean-m-sullivan)" +short_description: Compare controller configuration resources with those defined in code. +description: + - Compare controller configuration resources with those defined in code. +options: + all: + description: + - Export all assets + type: bool + default: 'False' + organizations: + description: + - organization names to export + type: list + elements: str + users: + description: + - user names to export + type: list + elements: str + teams: + description: + - team names to export + type: list + elements: str + credential_types: + description: + - credential type names to export + type: list + elements: str + credentials: + description: + - credential names to export + type: list + elements: str + execution_environments: + description: + - execution environment names to export + type: list + elements: str + notification_templates: + description: + - notification template names to export + type: list + elements: str + inventory_sources: + description: + - inventory soruces to export + type: list + elements: str + inventory: + description: + - inventory names to export + type: list + elements: str + projects: + description: + - project names to export + type: list + elements: str + job_templates: + description: + - job template names to export + type: list + elements: str + workflow_job_templates: + description: + - workflow names to export + type: list + elements: str + applications: + description: + - OAuth2 application names to export + type: list + elements: str + schedules: + description: + - schedule names to export + type: list + elements: str + compare_items: + description: + - The dict of list objects to compare the api_list to. + - This should match the dictionary name for the object above, and will be used for comparison. + type: dict + required: True + set_absent: + description: + - Set state of items not in the compare list to 'absent' + type: bool + default: True + with_present: + description: + - Include items in the original compare list in the output, and set state to 'present' + type: bool + default: True + controller_host: + description: + - URL to your Automation Platform Controller instance. + - If value not set, will try environment variable C(CONTROLLER_HOST) and then config files + - If value not specified by any means, the value of C(127.0.0.1) will be used + type: str + aliases: [ tower_host ] + controller_username: + description: + - Username for your controller instance. + - If value not set, will try environment variable C(CONTROLLER_USERNAME) and then config files + type: str + aliases: [ tower_username ] + controller_password: + description: + - Password for your controller instance. + - If value not set, will try environment variable C(CONTROLLER_PASSWORD) and then config files + type: str + aliases: [ tower_password ] + controller_oauthtoken: + description: + - The OAuth token to use. + - This value can be in one of two formats. + - A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX) + - A dictionary structure as returned by the token module. + - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files + type: raw + version_added: "3.7.0" + aliases: [ tower_oauthtoken ] + validate_certs: + description: + - Whether to allow insecure connections to AWX. + - If C(no), SSL certificates will not be validated. + - This should only be used on personally controlled sites using self-signed certificates. + - If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then config files + type: bool + aliases: [ tower_verify_ssl ] + controller_config_file: + description: + - Path to the controller config file. + - If provided, the other locations for config files will not be considered. + type: path + aliases: [tower_config_file] +requirements: + - "awxkit >= 9.3.0" + - awx.awx or ansible.controller collection +notes: + - Specifying a name of "all" for any asset type will export all items of that asset type. +""" + +EXAMPLES = """ +- name: Get differential on projects and orgs. + infra.controller_configuration.controller_export_diff: + organizations: all + projects: all + compare_items: + organizations: + - name: Satellite + - name: Default + projects: + - name: Test Project + scm_type: git + scm_url: https://github.com/ansible/tower-example.git + scm_branch: master + scm_clean: true + description: Test Project 1 + organization: + name: Default + wait: true + update_project: true + - name: Test Inventory source project with credential + scm_type: git + scm_url: https://github.com/ansible/ansible-examples.git + description: ansible-examples + organization: + name: Satellite + credential: gitlab-personal-access-token for satqe_auto_droid + wait: false + controller_host: https://controller + controller_username: admin + controller_password: secret123 + validate_certs: false + register: export_results +""" + +import logging +from ansible.module_utils.six.moves import StringIO +from copy import deepcopy + +try: + from ansible_collections.awx.awx.plugins.module_utils.awxkit import ControllerAWXKitModule +except ImportError: + try: + from ansible_collections.ansible.controller.plugins.module_utils.awxkit import ControllerAWXKitModule + except ImportError: + AAP_IMPORT_ERROR = True + +try: + from awxkit.api.pages.api import EXPORTABLE_RESOURCES + + HAS_EXPORTABLE_RESOURCES = True +except ImportError: + HAS_EXPORTABLE_RESOURCES = False + + +def main(): + argument_spec = dict( + all=dict(type="bool", default=False), + applications=dict(type="list", elements="str"), + credential_types=dict(type="list", elements="str"), + credentials=dict(type="list", elements="str"), + execution_environments=dict(type="list", elements="str"), + inventory=dict(type="list", elements="str"), + inventory_sources=dict(type="list", elements="str"), + job_templates=dict(type="list", elements="str"), + notification_templates=dict(type="list", elements="str"), + organizations=dict(type="list", elements="str"), + projects=dict(type="list", elements="str"), + schedules=dict(type="list", elements="str"), + teams=dict(type="list", elements="str"), + users=dict(type="list", elements="str"), + workflow_job_templates=dict(type="list", elements="str"), + compare_items=dict(type="dict", required=True), + set_absent=dict(type="bool", default=True), + with_present=dict(type="bool", default=True), + ) + + module = ControllerAWXKitModule(argument_spec=argument_spec) + + if not HAS_EXPORTABLE_RESOURCES: + module.fail_json(msg="Your version of awxkit does not have import/export") + + compare_items = module.params.get("compare_items") + set_absent = module.params.get("set_absent") + with_present = module.params.get("with_present") + # The export process will never change the AWX system + module.json_output["changed"] = False + + # The exporter code currently works like the following: + # Empty string == all assets of that type + # Non-Empty string = just one asset of that type (by name or ID) + # Asset type not present or None = skip asset type (unless everything is None, then export all) + # Here we are going to setup a dict of values to export + export_args = {} + for resource in EXPORTABLE_RESOURCES: + if module.params.get("all") or module.params.get(resource) == ["all"]: + # If we are exporting everything or we got the keyword "all" we pass in an empty string for this asset type + export_args[resource] = "" + else: + # Otherwise we take either the string or None (if the parameter was not passed) to get one or no items + resource_param = module.params.get(resource) + if resource_param is not None: + export_args[resource] = module.params.get(resource) + + # Currently the export process does not return anything on error + # It simply just logs to Python's logger + # Set up a log gobbler to get error messages from export_assets + log_capture_string = StringIO() + ch = logging.StreamHandler(log_capture_string) + for logger_name in ["awxkit.api.pages.api", "awxkit.api.pages.page"]: + logger = logging.getLogger(logger_name) + logger.setLevel(logging.ERROR) + ch.setLevel(logging.ERROR) + + logger.addHandler(ch) + log_contents = "" + + # Run the export process + try: + awxkit_list = module.get_api_v2_object().export_assets(**export_args) + module.json_output["controller_objects"] = deepcopy(awxkit_list) + except Exception as e: + module.fail_json(msg="Failed to export assets {0}".format(e)) + finally: + # Finally, consume the logs in case there were any errors and die if there were + log_contents = log_capture_string.getvalue() + log_capture_string.close() + if log_contents != "": + module.fail_json(msg=log_contents) + + # Loop over each resource type that we gathered from the API. + output_list = {} + for resource in export_args: + try: + if resource in compare_items: + for resource_object in compare_items[resource]: + if with_present: + resource_object.update({"state": "present"}) + for idx, dict_ in enumerate(awxkit_list[resource]): + if resource == "users": + if resource_object["username"] == dict_["username"]: + awxkit_list[resource].pop(idx) + elif "organization" not in resource_object or resource_object["organization"] is None: + if resource_object["name"] == dict_["name"]: + awxkit_list[resource].pop(idx) + else: + for idx, dict_ in enumerate(awxkit_list[resource]): + if resource_object["name"] == dict_["name"] and resource_object["organization"]["name"] == dict_["organization"]["name"]: + awxkit_list[resource].pop(idx) + # After looping through every item in the compare_items the remaining are set to absent. + if set_absent: + if awxkit_list[resource]: + for remaining_item in awxkit_list[resource]: + remaining_item.update({"state": "absent"}) + + if with_present: + output_list[resource] = compare_items[resource] + output_list[resource].extend(awxkit_list[resource]) + else: + output_list[resource] = awxkit_list[resource] + except Exception as e: + module.fail_json(msg="Failed to export assets {0} with resource {1}".format(e, resource_object)) + module.json_output["difference"] = output_list + module.exit_json(**module.json_output) + + +if __name__ == "__main__": + main() diff --git a/tests/configs_export_model/credentials_export.yml b/tests/configs_export_model/credentials_export.yml index 00f3628f1..e62e5ea0a 100644 --- a/tests/configs_export_model/credentials_export.yml +++ b/tests/configs_export_model/credentials_export.yml @@ -62,4 +62,97 @@ credentials: organization: name: Default type: organization + - name: admin@internal-RHVM-01 + credential_type: + kind: cloud + name: Red Hat Virtualization + type: credential_type + description: infra-rhvm-01 creds for inventory sources. + inputs: + host: https://example.com/ovirt-engine/api + password: "" + username: user + natural_key: + credential_type: + kind: cloud + name: Red Hat Virtualization + type: credential_type + name: admin@internal-RHVM-01 + organization: + name: Satellite + type: organization + type: credential + organization: + name: Satellite + type: organization + - name: cyberark + credential_type: + kind: external + name: CyberArk Central Credential Provider Lookup + type: credential_type + description: CyberArk Lookup Credential + inputs: + app_id: "" + url: https://cyberark.example.com + natural_key: + credential_type: + kind: external + name: CyberArk Central Credential Provider Lookup + type: credential_type + name: cyberark + organization: + name: Default + type: organization + type: credential + organization: + name: Default + type: organization + - name: gitlab-personal-access-token for satqe_auto_droid + credential_type: + kind: scm + name: Source Control + type: credential_type + description: + General purpose token that can be used by anyone for satlab-admin(or + other private) repo clone + inputs: + password: "" + username: gitlab + natural_key: + credential_type: + kind: scm + name: Source Control + type: credential_type + name: gitlab-personal-access-token for satqe_auto_droid + organization: + name: Satellite + type: organization + type: credential + organization: + name: Satellite + type: organization + - name: machine-creds-with-jenkins-pvt-key + credential_type: + kind: ssh + name: Machine + type: credential_type + description: + This credential can be used with any vm that contains jenkins_public + key in authorized keys + inputs: + ssh_key_data: "" + username: root + natural_key: + credential_type: + kind: ssh + name: Machine + type: credential_type + name: machine-creds-with-jenkins-pvt-key + organization: + name: Satellite + type: organization + type: credential + organization: + name: Satellite + type: organization ... diff --git a/tests/configs_export_model/differential_items.yml b/tests/configs_export_model/differential_items.yml new file mode 100644 index 000000000..7c504a40d --- /dev/null +++ b/tests/configs_export_model/differential_items.yml @@ -0,0 +1,472 @@ +--- +differential_expected: + credential_types: [] + credentials: + - credential_type: + kind: vault + name: Vault + type: credential_type + description: satlab-admin-vault ******** aka vault_secret + inputs: + vault_password: "" + name: satlab-admin-vault + natural_key: + credential_type: + kind: vault + name: Vault + type: credential_type + name: satlab-admin-vault + organization: + name: Satellite + type: organization + type: credential + organization: + name: Satellite + type: organization + state: absent + inventory: + - description: created by Ansible Playbook - for RHVM-02 + host_filter: + kind: "" + name: RHVM-02 + natural_key: + name: RHVM-02 + organization: + name: Satellite + type: organization + type: inventory + organization: + name: Satellite + type: organization + prevent_instance_group_fallback: true + related: + groups: [] + hosts: [] + labels: [] + state: absent + variables: "{}" + inventory_sources: + - credential: + credential_type: + kind: cloud + name: Red Hat Virtualization + type: credential_type + name: admin@internal-RHVM-01 + organization: + name: Satellite + type: organization + type: credential + description: "" + enabled_value: "" + enabled_var: "" + execution_environment: + host_filter: "" + inventory: + name: RHVM-01 + organization: + name: Satellite + type: organization + type: inventory + limit: "" + name: RHVM-01 + natural_key: + inventory: + name: RHVM-01 + organization: + name: Satellite + type: organization + type: inventory + name: RHVM-01 + type: inventory_source + overwrite: true + overwrite_vars: false + related: + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + schedules: [] + scm_branch: "" + source: scm + source_path: phillips_hue/hosts + source_project: + name: Test Inventory source project + organization: + name: Satellite + type: organization + type: project + source_vars: "" + state: absent + timeout: 0 + update_cache_timeout: 0 + update_on_launch: true + verbosity: 1 + job_templates: + - allow_simultaneous: false + ask_credential_on_launch: false + ask_diff_mode_on_launch: false + ask_execution_environment_on_launch: true + ask_forks_on_launch: true + ask_instance_groups_on_launch: true + ask_inventory_on_launch: true + ask_job_slice_count_on_launch: true + ask_job_type_on_launch: false + ask_labels_on_launch: true + ask_limit_on_launch: false + ask_scm_branch_on_launch: false + ask_skip_tags_on_launch: false + ask_tags_on_launch: false + ask_timeout_on_launch: true + ask_variables_on_launch: false + ask_verbosity_on_launch: false + become_enabled: false + description: "" + diff_mode: false + execution_environment: + name: My EE + type: execution_environment + extra_vars: "{}" + force_handlers: false + forks: 0 + host_config_key: "" + inventory: + name: localhost + organization: + name: Satellite + type: organization + type: inventory + job_slice_count: 1 + job_tags: "" + job_type: run + limit: "" + name: Demo Job Template + natural_key: + name: Demo Job Template + organization: + name: Default + type: organization + type: job_template + playbook: helloworld.yml + prevent_instance_group_fallback: true + project: + name: Test Project + organization: + name: Default + type: organization + type: project + related: + credentials: + - credential_type: + kind: ssh + name: Machine + type: credential_type + name: Demo Credential + organization: + type: credential + labels: [] + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + schedules: + - description: Another demonstration + diff_mode: false + enabled: true + execution_environment: + name: My EE + type: execution_environment + extra_data: {} + forks: 2 + inventory: + name: localhost + organization: + name: Satellite + type: organization + type: inventory + job_slice_count: 1 + job_tags: "" + job_type: + limit: "" + name: Demo Schedule 2 + natural_key: + name: Demo Schedule 2 + type: schedule + unified_job_template: + name: Demo Job Template + organization: + name: Default + type: organization + type: job_template + related: + credentials: [] + rrule: DTSTART:20200101T000000Z RRULE:FREQ=HOURLY;INTERVAL=3 + scm_branch: "" + skip_tags: "" + timeout: 165 + unified_job_template: + name: Demo Job Template + organization: + name: Default + type: organization + type: job_template + verbosity: + survey_spec: + description: "" + name: "" + spec: + - choices: "" + default: infra-ansible-tower-testing.infra.sat.rdu2.redhat.com + max: 1024 + min: 0 + new_question: true + question_description: + target host is required for playbook to work, this + host needs to exist in the inventory + question_name: Target Host + required: true + type: text + variable: target_hosts + scm_branch: "" + skip_tags: "" + start_at_task: "" + state: absent + survey_enabled: false + timeout: 0 + use_fact_cache: false + verbosity: 0 + webhook_credential: + webhook_service: "" + notification_templates: + - description: Send out emails for tower jobs + messages: {} + name: Email notification + natural_key: + name: Email notification + organization: + name: Default + type: organization + type: notification_template + notification_configuration: + host: smtp.example.com + password: "" + port: 25 + recipients: + - admin@example.com + sender: tower0@example.com + timeout: 30 + use_ssl: false + use_tls: false + username: "" + notification_type: email + organization: + name: Default + type: organization + state: absent + organizations: [] + projects: + - allow_override: false + credential: + default_environment: + description: ansible-examples + local_path: _10__test_inventory_source_project + name: Test Inventory source project + natural_key: + name: Test Inventory source project + organization: + name: Satellite + type: organization + type: project + organization: + name: Satellite + type: organization + related: + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + scm_branch: "" + scm_clean: false + scm_delete_on_update: false + scm_refspec: "" + scm_track_submodules: false + scm_type: git + scm_update_cache_timeout: 0 + scm_update_on_launch: false + scm_url: https://github.com/ansible/ansible-examples.git + signature_validation_credential: + state: absent + timeout: 0 + - allow_override: false + credential: + credential_type: + kind: scm + name: Source Control + type: credential_type + name: gitlab-personal-access-token for satqe_auto_droid + organization: + name: Satellite + type: organization + type: credential + default_environment: + description: ansible-examples + local_path: _11__test_inventory_source_project_with_credential + name: Test Inventory source project with credential + natural_key: + name: Test Inventory source project with credential + organization: + name: Satellite + type: organization + type: project + organization: + name: Satellite + type: organization + related: + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + scm_branch: "" + scm_clean: false + scm_delete_on_update: false + scm_refspec: "" + scm_track_submodules: false + scm_type: git + scm_update_cache_timeout: 0 + scm_update_on_launch: false + scm_url: https://github.com/ansible/ansible-examples.git + signature_validation_credential: + state: absent + timeout: 0 + - allow_override: false + credential: + default_environment: + description: ansible-examples + local_path: _19__test_inventory_source_project + name: Test Inventory source project + natural_key: + name: Test Inventory source project + organization: + name: Default + type: organization + type: project + organization: + name: Default + type: organization + related: + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + scm_branch: "" + scm_clean: false + scm_delete_on_update: false + scm_refspec: "" + scm_track_submodules: false + scm_type: git + scm_update_cache_timeout: 0 + scm_update_on_launch: false + scm_url: https://github.com/ansible/ansible-examples.git + signature_validation_credential: + state: absent + timeout: 0 + - allow_override: false + credential: + credential_type: + kind: scm + name: Source Control + type: credential_type + name: gitlab-personal-access-token for satqe_auto_droid + organization: + name: Satellite + type: organization + type: credential + default_environment: + description: ansible-examples + local_path: _20__test_inventory_source_project_with_credential + name: Test Inventory source project with credential + natural_key: + name: Test Inventory source project with credential + organization: + name: Default + type: organization + type: project + organization: + name: Default + type: organization + related: + notification_templates_error: [] + notification_templates_started: [] + notification_templates_success: [] + scm_branch: "" + scm_clean: false + scm_delete_on_update: false + scm_refspec: "" + scm_track_submodules: false + scm_type: git + scm_update_cache_timeout: 0 + scm_update_on_launch: false + scm_url: https://github.com/ansible/ansible-examples.git + signature_validation_credential: + state: absent + timeout: 0 + teams: + - description: "" + name: differential-1 + natural_key: + name: differential-1 + organization: + name: Default + type: organization + type: team + organization: + name: Default + type: organization + related: + roles: [] + state: absent + users: + - email: admin@localhost + state: absent + username: admin + first_name: "" + is_superuser: true + is_system_auditor: false + last_name: "" + natural_key: + type: user + username: admin + password: '' + related: + roles: + - content_object: + name: No Survey Template no vars + organization: + name: Satellite + type: organization + type: job_template + name: Admin + type: role + - content_object: + name: Survey Template with vars no org + organization: + name: Satellite + type: organization + type: job_template + name: Admin + type: role + - content_object: + name: workflow_test_template + organization: + name: Satellite + type: organization + type: job_template + name: Admin + type: role + - content_object: + credential_type: + kind: ssh + name: Machine + type: credential_type + name: Demo Credential + organization: + type: credential + name: Admin + type: role + - name: System Administrator + type: role +... diff --git a/tests/configs_export_model/inventory_export.yml b/tests/configs_export_model/inventory_export.yml index ca09958f1..529271de9 100644 --- a/tests/configs_export_model/inventory_export.yml +++ b/tests/configs_export_model/inventory_export.yml @@ -39,4 +39,20 @@ inventory: type: organization name: satlab-admin-inventory type: inventory + - name: localhost + description: inventory for localhost + organization: + name: Satellite + - name: RHVM-01 + organization: + name: Satellite + description: created by Ansible Playbook - for RHVM-01 + variables: + site_subnet: "{% raw %}{ % if site == 'SITE-2' %}10.200.{ % else %}10.100.{ % endif%}{% endraw %}" + remote_subnet: "{% raw %}{ % if site == 'SITE-2' %}10.100.{ % else %}10.200.{ % endif%}{% endraw %}" + - name: Demo Inventory + organization: + name: Default + type: organization + prevent_instance_group_fallback: false ... diff --git a/tests/configs_export_model/projects_export.yml b/tests/configs_export_model/projects_export.yml index cf6795894..190de48bd 100644 --- a/tests/configs_export_model/projects_export.yml +++ b/tests/configs_export_model/projects_export.yml @@ -39,12 +39,6 @@ projects: type: organization name: irc-satqe-chat-notification type: notification_template - natural_key: - organization: - name: Satellite - type: organization - name: Tower Config Testing - type: project - name: Tower Config description: '' local_path: _52__controller_config @@ -73,10 +67,30 @@ projects: type: organization name: irc-satqe-chat-notification type: notification_template - natural_key: - organization: - name: Satellite - type: organization - name: Tower Config - type: project + - name: Test Project + scm_type: git + scm_url: https://github.com/ansible/tower-example.git + scm_branch: master + scm_clean: true + description: Test Project 1 + organization: + name: Default + wait: true + update_project: true + - name: Demo Project + scm_type: git + scm_url: https://github.com/ansible/tower-example.git + scm_branch: master + scm_clean: true + description: Test Project 1 + organization: + name: Default + wait: true + update_project: true + - name: Test Project 2 + scm_type: git + scm_url: https://github.com/ansible/ansible-examples.git + description: Test Project 2 + organization: + name: Default ... diff --git a/tests/configs_export_model/teams_export.yml b/tests/configs_export_model/teams_export.yml index 34aa2425e..d27097cd2 100644 --- a/tests/configs_export_model/teams_export.yml +++ b/tests/configs_export_model/teams_export.yml @@ -107,4 +107,10 @@ teams: type: organization name: team1 type: team + - name: satellite-qe + organization: + name: Satellite + - name: satlab-admin + organization: + name: Satellite ... diff --git a/tests/configs_export_model/users_export.yml b/tests/configs_export_model/users_export.yml index bd2cbdf3f..1bc2f8c7b 100644 --- a/tests/configs_export_model/users_export.yml +++ b/tests/configs_export_model/users_export.yml @@ -32,4 +32,6 @@ users: natural_key: username: AWX-Collection-tests-controller_role-user-ClPzjxrRTIwcOCvO type: user + - username: controller_user + is_superuser: true ... diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index ffd8b821e..8878cb423 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -150,7 +150,7 @@ wait: false when: - controller_bulk_launch_jobs is defined - - awx_version == "21.14.0" or awx_version == "devel" + - awx_version == "21.14.0" or awx_version == "22.0.0" or awx_version == "22.1.0" or awx_version == "devel" - name: Launch Controller workflows ansible.builtin.include_role: diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 02e21f8a8..01758d99e 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -72,4 +72,46 @@ - {role: job_templates, when: job_templates is defined, tags: job_templates} - {role: workflow_job_templates, when: workflow_job_templates is defined, tags: workflow_job_templates} - {role: notification_templates, when: notification_templates is defined, tags: notification_templates} + + tasks: + # Need to install inside the venv for collection testing. + - name: Install awxkit python package + ansible.builtin.pip: + name: awxkit + + - name: Export workflow job template + infra.controller_configuration.controller_export_diff: + all: true + compare_items: + organizations: "{{ organizations }}" + projects: "{{ projects }}" + credential_types: "{{ credential_types }}" + credentials: "{{ credentials }}" + inventory: "{{ inventory }}" + inventory_sources: "{{ inventory_sources }}" + notification_templates: "{{ notification_templates }}" + teams: "{{ teams }}" + users: "{{ users }}" + job_templates: "{{ job_templates }}" + with_present: false + controller_host: "{{ controller_hostname }}" + controller_username: "{{ controller_username }}" + controller_password: "{{ controller_password }}" + validate_certs: "{{ controller_validate_certs }}" + register: export_results + + - name: Export output + ansible.builtin.debug: + var: export_results.difference + + - name: Differential_expected output + ansible.builtin.debug: + var: differential_expected + + - name: "Assert that the expected results match for {{ differential_item.name }}" + ansible.builtin.assert: + that: + - differential_expected == export_results.difference + when: + - awx_version == "22.0.0" or awx_version == "22.1.0" or awx_version == "devel" # It works on earlier versions, the issue is new fields fail in the differential. ... From 71a5247abe4e1a8fa09f8939a45c939e6940d91a Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Fri, 28 Apr 2023 17:14:08 -0400 Subject: [PATCH 026/129] Revised enforced defaults (#590) * update org export * update org export * rebase * revised enforced defaults --- changelogs/fragments/enforce_defaults.yml | 1 - plugins/lookup/enforce_defaults.py | 74 ---------------- roles/applications/tasks/main.yml | 4 +- roles/credential_input_sources/tasks/main.yml | 4 +- roles/credential_types/tasks/main.yml | 6 +- roles/credentials/tasks/main.yml | 12 +-- roles/execution_environments/tasks/main.yml | 8 +- roles/groups/tasks/main.yml | 12 +-- roles/hosts/tasks/main.yml | 6 +- roles/instance_groups/tasks/main.yml | 18 ++-- .../tests/configs/instance_groups.yml | 2 +- roles/instances/tasks/main.yml | 8 +- .../{instance_groups.yml => instances.yml} | 0 roles/inventories/tasks/main.yml | 14 +-- roles/inventory_sources/tasks/main.yml | 42 ++++----- roles/job_templates/tasks/main.yml | 88 +++++++++---------- roles/notification_templates/tasks/main.yml | 6 +- roles/organizations/tasks/main.yml | 16 ++-- roles/projects/tasks/main.yml | 38 ++++---- roles/roles/tasks/main.yml | 14 +-- roles/schedules/tasks/main.yml | 32 +++---- roles/teams/tasks/main.yml | 2 +- roles/teams/tests/configs/teams.yml | 6 +- roles/users/tasks/main.yml | 6 +- roles/workflow_job_templates/tasks/main.yml | 50 +++++------ .../tests/configs/controller_workflows.yml | 7 -- 26 files changed, 197 insertions(+), 279 deletions(-) delete mode 100644 plugins/lookup/enforce_defaults.py rename roles/instances/tests/configs/{instance_groups.yml => instances.yml} (100%) diff --git a/changelogs/fragments/enforce_defaults.yml b/changelogs/fragments/enforce_defaults.yml index ecdb5e414..c0fd4bdd8 100644 --- a/changelogs/fragments/enforce_defaults.yml +++ b/changelogs/fragments/enforce_defaults.yml @@ -4,5 +4,4 @@ minor_changes: - Credentials role credential type set to mandatory. This would fail in the past if it was not set, this just codifies it. - Instances role - changed default of node_type and node_state to omit, as generally these cannot be changed on existing instances unless deploying new instances. - Inventory role - added input_inventories option for constructed inventories. - - Schedule role - rrule set to mandatory. This would fail in the past if it was not set, this just codifies it. ... diff --git a/plugins/lookup/enforce_defaults.py b/plugins/lookup/enforce_defaults.py deleted file mode 100644 index 263968ccb..000000000 --- a/plugins/lookup/enforce_defaults.py +++ /dev/null @@ -1,74 +0,0 @@ -# (c) 2020 Ansible Project -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) -from __future__ import absolute_import, division, print_function - -__metaclass__ = type - -DOCUMENTATION = """ -name: enforce_defaults -author: "Sean Sullivan (@sean-m-sullivan)" -version_added: "2.4.0" -short_description: Return difference for objects from Controller API -requirements: - - None -description: - - This plugin is used to return what the default value should be depending on conditions. - - If enforce default is true, it will return the default value. Otherwise it will return the omit. - - This is so the value used for the default filter can be turned on and off. -options: - enforce_default: - description: Whether to enforce the default value or use omit. - type: bool - default: False - default_value: - description: - - Value to supply if enforce_default is True. - - This should be empty value or some form of string. - default: '' - omit_value: - description: - - the omit value - type: str - default: '' -""" - -EXAMPLES = """ -- name: Test Filter - ansible.builtin.debug: - msg: "{{ nothing | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=false , default_value='', omit_value=omit), false) }}" - -""" - -RETURN = """ -_raw: - description: - - Will either return the omit value, or the default value. -""" - -from ansible.plugins.lookup import LookupBase -from ansible.errors import AnsibleError -from ansible.module_utils._text import to_native -from ansible.utils.display import Display - - -class LookupModule(LookupBase): - display = Display() - - def handle_error(self, **kwargs): - raise AnsibleError(to_native(kwargs.get("msg"))) - - def warn_callback(self, warning): - self.display.warning(warning) - - def run(self, terms, variables=None, **kwargs): - self.set_options(direct=kwargs) - - # Set Variables for user input - enforce_default = self.get_option("enforce_default") - default_value = self.get_option("default_value") - omit_value = self.get_option("omit_value") - - if enforce_default: - return [default_value] - else: - return [omit_value] diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 92034753e..5224509b2 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -5,11 +5,11 @@ name: "{{ __application_item.name | mandatory }}" new_name: "{{ __application_item.new_name | default(omit, true) }}" organization: "{{ __application_item.organization | mandatory }}" - description: "{{ __application_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_applications_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __application_item.description | default(( '' if controller_configuration_applications_enforce_defaults else omit), true) }}" authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" client_type: "{{ __application_item.client_type | default('public') }}" redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" - skip_authorization: "{{ __application_item.skip_authorization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_applications_enforce_defaults , default_value=false, omit_value=omit), true) }}" + skip_authorization: "{{ __application_item.skip_authorization | default(( false if controller_configuration_applications_enforce_defaults else omit), true) }}" state: "{{ __application_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index 446ed0978..71f198b3c 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -4,8 +4,8 @@ target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" - description: "{{ __cred_input_src_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_input_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - metadata: "{{ __cred_input_src_item.metadata | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_input_sources_enforce_defaults , default_value={}, omit_value=omit), true) }}" + description: "{{ __cred_input_src_item.description | default(( '' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" + metadata: "{{ __cred_input_src_item.metadata | default(( {} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" state: "{{ __cred_input_src_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 7ab7dff71..0c8916247 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -3,9 +3,9 @@ credential_type: name: "{{ __controller_credential_type_item.name | mandatory }}" new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" - description: "{{ __controller_credential_type_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value='', omit_value=omit), true) }}" - injectors: "{{ __controller_credential_type_item.injectors | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" - inputs: "{{ __controller_credential_type_item.inputs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credential_types_enforce_defaults , default_value={}, omit_value=omit), true) }}" + description: "{{ __controller_credential_type_item.description | default(( '' if controller_configuration_credential_types_enforce_defaults else omit), true) }}" + injectors: "{{ __controller_credential_type_item.injectors | default(( {} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + inputs: "{{ __controller_credential_type_item.inputs | default(( {} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" state: "{{ __controller_credential_type_item.state | default(controller_state | default('present')) }}" diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 34f063a30..1ca7712f2 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -4,13 +4,13 @@ name: "{{ __controller_credentials_item.name | mandatory }}" new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" - description: "{{ __controller_credentials_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true) }}" - organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" + description: "{{ __controller_credentials_item.description | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true) }}" + organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory ) }}" - inputs: "{{ __controller_credentials_item.inputs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value={}, omit_value=omit), true) }}" - user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" - team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value='', omit_value=omit), true)) }}" - update_secrets: "{{ __controller_credentials_item.update_secrets | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_credentials_enforce_defaults , default_value=true, omit_value=omit), true) }}" + inputs: "{{ __controller_credentials_item.inputs | default(( {} if controller_configuration_credentials_enforce_defaults else omit), true) }}" + user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" + team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" + update_secrets: "{{ __controller_credentials_item.update_secrets | default(( true if controller_configuration_credentials_enforce_defaults else omit), true) }}" state: "{{ __controller_credentials_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index 8a37cc304..ee6862dde 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -4,11 +4,11 @@ execution_environment: name: "{{ __execution_environments_item.name | mandatory }}" new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" - description: "{{ __execution_environments_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __execution_environments_item.description | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" image: "{{ __execution_environments_item.image | mandatory }}" - organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true)) }}" - credential: "{{ __execution_environments_item.credential | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='', omit_value=omit), true) }}" - pull: "{{ __execution_environments_item.pull | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_execution_environments_enforce_defaults , default_value='missing', omit_value=omit), true) }}" + organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" + credential: "{{ __execution_environments_item.credential | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + pull: "{{ __execution_environments_item.pull | default(( 'missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" state: "{{ __execution_environments_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index b5eec183b..0f161dde3 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -5,13 +5,13 @@ group: name: "{{ controller_groups_item.name | mandatory }}" new_name: "{{ controller_groups_item.new_name | default(omit, true) }}" - description: "{{ controller_groups_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ controller_groups_item.description | default(( '' if controller_configuration_groups_enforce_defaults else omit), true) }}" inventory: "{{ controller_groups_item.inventory | mandatory }}" - variables: "{{ controller_groups_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" - hosts: "{{ controller_groups_item.hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" - children: "{{ controller_groups_item.children | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" - preserve_existing_hosts: "{{ controller_groups_item.preserve_existing_hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=false, omit_value=omit)) }}" - preserve_existing_children: "{{ controller_groups_item.preserve_existing_children | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_groups_enforce_defaults , default_value=false, omit_value=omit)) }}" + variables: "{{ controller_groups_item.variables | default(( {} if controller_configuration_groups_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + hosts: "{{ controller_groups_item.hosts | default(( [] if controller_configuration_groups_enforce_defaults else omit), true) }}" + children: "{{ controller_groups_item.children | default(( [] if controller_configuration_groups_enforce_defaults else omit), true) }}" + preserve_existing_hosts: "{{ controller_groups_item.preserve_existing_hosts | default(( false if controller_configuration_groups_enforce_defaults else omit)) }}" + preserve_existing_children: "{{ controller_groups_item.preserve_existing_children | default(( false if controller_configuration_groups_enforce_defaults else omit)) }}" state: "{{ controller_groups_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index 07f0ee048..5298d7a82 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -3,11 +3,11 @@ host: name: "{{ __controller_host_item.name | mandatory }}" new_name: "{{ __controller_host_item.new_name | default(omit, true) }}" - description: "{{ __controller_host_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_host_item.description | default(( '' if controller_configuration_host_enforce_defaults else omit), true) }}" inventory: "{{ __controller_host_item.inventory | mandatory }}" - enabled: "{{ __controller_host_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value=true, omit_value=omit), true) }}" + enabled: "{{ __controller_host_item.enabled | default(( false if controller_configuration_host_enforce_defaults else omit), true) }}" state: "{{ __controller_host_item.state | default(controller_state | default('present')) }}" - variables: "{{ __controller_host_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_host_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + variables: "{{ __controller_host_item.variables | default(( {} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" # Role Standard Options controller_host: "{{ controller_hostname | default(omit, true) }}" diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index 3731b3633..e0d617561 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -4,15 +4,15 @@ instance_group: name: "{{ __controller_instance_group_item.name | mandatory }}" new_name: "{{ __controller_instance_group_item.new_name | default(omit, true) }}" - credential: "{{ __controller_instance_group_item.credential | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" - is_container_group: "{{ __controller_instance_group_item.is_container_group | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=false, omit_value=omit), true) }}" - policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" - policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" - policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" - max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" - max_forks: "{{ __controller_instance_group_item.max_forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=0, omit_value=omit), true) }}" - pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value='', omit_value=omit), true) }}" - instances: "{{ __controller_instance_group_item.instances | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instance_groups_enforce_defaults , default_value=[], omit_value=omit), true) }}" + credential: "{{ __controller_instance_group_item.credential | default(( '' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + is_container_group: "{{ __controller_instance_group_item.is_container_group | default(( false if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(( [] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + max_forks: "{{ __controller_instance_group_item.max_forks | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(( '' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + instances: "{{ __controller_instance_group_item.instances | default(( [] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" state: "{{ __controller_instance_group_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/instance_groups/tests/configs/instance_groups.yml b/roles/instance_groups/tests/configs/instance_groups.yml index e9efbe31f..b66377066 100644 --- a/roles/instance_groups/tests/configs/instance_groups.yml +++ b/roles/instance_groups/tests/configs/instance_groups.yml @@ -1,4 +1,4 @@ --- controller_instance_groups: - - name: test_instance_group + - name: test1 ... diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 768c60dce..5f5e2c120 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -3,12 +3,12 @@ - name: Add Controller Instance instance: hostname: "{{ __controller_instance_item.hostname | mandatory }}" - capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=1.0, omit_value=omit), true) }}" - enabled: "{{ __controller_instance_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=true, omit_value=omit), true) }}" - managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=true, omit_value=omit), true) }}" + capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default(( 1.0 if controller_configuration_instances_enforce_defaults else omit), true) }}" + enabled: "{{ __controller_instance_item.enabled | default(( true if controller_configuration_instances_enforce_defaults else omit), true) }}" + managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default(( true if controller_configuration_instances_enforce_defaults else omit), true) }}" node_type: "{{ __controller_instance_item.node_type | default(omit, true) }}" node_state: "{{ __controller_instance_item.node_state | default(omit, true) }}" - listener_port: "{{ __controller_instance_item.listener_port | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_instances_enforce_defaults , default_value=27199, omit_value=omit), true) }}" + listener_port: "{{ __controller_instance_item.listener_port | default(( 27199 if controller_configuration_instances_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/instances/tests/configs/instance_groups.yml b/roles/instances/tests/configs/instances.yml similarity index 100% rename from roles/instances/tests/configs/instance_groups.yml rename to roles/instances/tests/configs/instances.yml diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index 1e338adb2..5ceef80d8 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -4,14 +4,14 @@ name: "{{ __controller_inventory_item.name | mandatory }}" new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" - description: "{{ __controller_inventory_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_inventory_item.description | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" - instance_groups: "{{ __controller_inventory_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=[], omit_value=omit), true) }}" - input_inventories: "{{ __controller_inventory_item.input_inventories | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=[], omit_value=omit), true) }}" - variables: "{{ __controller_inventory_item.variables | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" - kind: "{{ __controller_inventory_item.kind | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" - host_filter: "{{ __controller_inventory_item.host_filter | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value='', omit_value=omit), true) }}" - prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventories_enforce_defaults , default_value=false, omit_value=omit), true) }}" + instance_groups: "{{ __controller_inventory_item.instance_groups | default(( [] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + input_inventories: "{{ __controller_inventory_item.input_inventories | default(( [] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + variables: "{{ __controller_inventory_item.variables | default(( {} if controller_configuration_inventories_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + kind: "{{ __controller_inventory_item.kind | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_inventory_item.host_filter | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default(( false if controller_configuration_inventories_enforce_defaults else omit), true) }}" state: "{{ __controller_inventory_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index 8b4afc742..ab470cbc5 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -3,31 +3,31 @@ inventory_source: name: "{{ __controller_source_item.name | mandatory }}" new_name: "{{ __controller_source_item.new_name | default(omit, true) }}" - description: "{{ __controller_source_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_source_item.description | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" inventory: "{{ __controller_source_item.inventory.name | default(__controller_source_item.inventory) | mandatory }}" - organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true)) }}" - source: "{{ __controller_source_item.source | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='scm', omit_value=omit), true) }}" - source_path: "{{ __controller_source_item.source_path | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - source_vars: "{{ __controller_source_item.source_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" - enabled_var: "{{ __controller_source_item.enabled_var | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - enabled_value: "{{ __controller_source_item.enabled_value | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - host_filter: "{{ __controller_source_item.host_filter | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - limit: "{{ __controller_source_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" + organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + source: "{{ __controller_source_item.source | default(( 'scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_path: "{{ __controller_source_item.source_path | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_vars: "{{ __controller_source_item.source_vars | default(( {} if controller_configuration_inventory_sources_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + enabled_var: "{{ __controller_source_item.enabled_var | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + enabled_value: "{{ __controller_source_item.enabled_value | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_source_item.host_filter | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + limit: "{{ __controller_source_item.limit | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" credential: "{{ __controller_source_item.credential | default(omit, true) }}" execution_environment: "{{ __controller_source_item.execution_environment | default(omit, true) }}" - overwrite: "{{ __controller_source_item.overwrite | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" - overwrite_vars: "{{ __controller_source_item.overwrite_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" - custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true) }}" - timeout: "{{ __controller_source_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=0, omit_value=omit), true) }}" - verbosity: "{{ __controller_source_item.verbosity | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=1, omit_value=omit), true) }}" - update_on_launch: "{{ __controller_source_item.update_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=false, omit_value=omit)) }}" - update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=0, omit_value=omit), true) }}" - source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit), true)) }}" - scm_branch: "{{ __controller_source_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value='', omit_value=omit)) }}" + overwrite: "{{ __controller_source_item.overwrite | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + overwrite_vars: "{{ __controller_source_item.overwrite_vars | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_source_item.timeout | default(( 0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + verbosity: "{{ __controller_source_item.verbosity | default(( 1 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + update_on_launch: "{{ __controller_source_item.update_on_launch | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(( 0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + scm_branch: "{{ __controller_source_item.scm_branch | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true ) }}" state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined else '') | default(__controller_source_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined else '') | default(__controller_source_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined else '') | default(__controller_source_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_inventory_sources_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined else '') | default(__controller_source_item.notification_templates_started) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined else '') | default(__controller_source_item.notification_templates_success) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined else '') | default(__controller_source_item.notification_templates_error) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" # Role Standard Options controller_config_file: "{{ controller_config_file | default(omit, true) }}" diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index d9bf62f8a..ddafeffef 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -5,58 +5,58 @@ name: "{{ __controller_template_item.name | mandatory }}" new_name: "{{ __controller_template_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_template_item.copy_from | default(omit, true) }}" - description: "{{ __controller_template_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_template_item.description | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" execution_environment: "{{ __controller_template_item.execution_environment.name | default(__controller_template_item.execution_environment | default(omit, true)) }}" - custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" job_type: "{{ __controller_template_item.job_type | default('run') }}" inventory: "{{ __controller_template_item.inventory.name | default(__controller_template_item.inventory | default(omit, true)) }}" - organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true)) }}" + organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true)) }}" project: "{{ __controller_template_item.project.name | default(__controller_template_item.project | default(omit, true)) }}" playbook: "{{ __controller_template_item.playbook | default(omit, true) }}" credentials: "{{ __controller_template_item.credentials | default(__controller_template_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" - forks: "{{ __controller_template_item.forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" - limit: "{{ __controller_template_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - verbosity: "{{ __controller_template_item.verbosity | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" - extra_vars: "{{ __controller_template_item.extra_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value={}, omit_value=omit), true) }}" - job_tags: "{{ __controller_template_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - force_handlers: "{{ __controller_template_item.force_handlers | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - skip_tags: "{{ __controller_template_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - start_at_task: "{{ __controller_template_item.start_at_task | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - diff_mode: "{{ __controller_template_item.diff_mode | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - use_fact_cache: "{{ __controller_template_item.use_fact_cache | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - host_config_key: "{{ __controller_template_item.host_config_key | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit))) }}" - ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit))) }}" - ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - survey_enabled: "{{ __controller_template_item.survey_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value={}, omit_value=omit), true))) }}" - become_enabled: "{{ __controller_template_item.become_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=false, omit_value=omit)) }}" - timeout: "{{ __controller_template_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=0, omit_value=omit), true) }}" - instance_groups: "{{ __controller_template_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" - job_slice_count: "{{ __controller_template_item.job_slice_count | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=1, omit_value=omit), true) }}" - webhook_service: "{{ __controller_template_item.webhook_service | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" + forks: "{{ __controller_template_item.forks | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + limit: "{{ __controller_template_item.limit | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + verbosity: "{{ __controller_template_item.verbosity | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + extra_vars: "{{ __controller_template_item.extra_vars | default(( {} if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_tags: "{{ __controller_template_item.job_tags | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + force_handlers: "{{ __controller_template_item.force_handlers | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + skip_tags: "{{ __controller_template_item.skip_tags | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + start_at_task: "{{ __controller_template_item.start_at_task | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + diff_mode: "{{ __controller_template_item.diff_mode | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + use_fact_cache: "{{ __controller_template_item.use_fact_cache | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + host_config_key: "{{ __controller_template_item.host_config_key | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_enabled: "{{ __controller_template_item.survey_enabled | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(( {} if controller_configuration_job_templates_enforce_defaults else omit), true))) }}" + become_enabled: "{{ __controller_template_item.become_enabled | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + timeout: "{{ __controller_template_item.timeout | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_template_item.instance_groups | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_slice_count: "{{ __controller_template_item.job_slice_count | default(( 1 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + webhook_service: "{{ __controller_template_item.webhook_service | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" - scm_branch: "{{ __controller_template_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value='', omit_value=omit), true) }}" - labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined else '') | default(__controller_template_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" + scm_branch: "{{ __controller_template_item.scm_branch | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined else '') | default(__controller_template_item.labels) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined else '') | default(__controller_template_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined else '') | default(__controller_template_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined else '') | default(__controller_template_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_job_templates_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined else '') | default(__controller_template_item.notification_templates_started) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined else '') | default(__controller_template_item.notification_templates_success) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined else '') | default(__controller_template_item.notification_templates_error) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index a91725db7..bdf0ebd63 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -4,11 +4,11 @@ name: "{{ __controller_notification_item.name | mandatory }}" new_name: "{{ __controller_notification_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_notification_item.copy_from | default(omit, true) }}" - description: "{{ __controller_notification_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_notification_item.description | default(( '' if controller_configuration_notifications_enforce_defaults else omit), true) }}" organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) | mandatory }}" notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory}}" - notification_configuration: "{{ __controller_notification_item.notification_configuration | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value={}, omit_value=omit), true) }}" - messages: "{{ __controller_notification_item.messages | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_notifications_enforce_defaults , default_value={}, omit_value=omit), true) | regex_replace('[ ]{2,}', '') }}" + notification_configuration: "{{ __controller_notification_item.notification_configuration | default(( {} if controller_configuration_notifications_enforce_defaults else omit), true) }}" + messages: "{{ __controller_notification_item.messages | default(( {} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" state: "{{ __controller_notification_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 4f91759d7..ccbaed37a 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -2,16 +2,16 @@ - name: Add organizations organization: name: "{{ __controller_organizations_item.name | mandatory }}" - description: "{{ __controller_organizations_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_organizations_item.description | default(( '' if controller_configuration_organizations_enforce_defaults else omit), true) }}" custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" - max_hosts: "{{ __controller_organizations_item.max_hosts | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=0, omit_value=omit), true) }}" - instance_groups: "{{ __controller_organizations_item.instance_groups | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + max_hosts: "{{ __controller_organizations_item.max_hosts | default(omit, true) }}" + instance_groups: "{{ __controller_organizations_item.instance_groups | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" - galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined else '') | default(__controller_organizations_item.notification_templates_approvals) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined else '') | default(__controller_organizations_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined else '') | default(__controller_organizations_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined else '') | default(__controller_organizations_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_organizations_enforce_defaults , default_value=[], omit_value=omit), true) }}" + galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" + notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined else '') | default(__controller_organizations_item.notification_templates_approvals) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined else '') | default(__controller_organizations_item.notification_templates_started) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined else '') | default(__controller_organizations_item.notification_templates_success) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined else '') | default(__controller_organizations_item.notification_templates_error) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 5d0f6a30c..105e9f386 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -4,31 +4,31 @@ name: "{{ __controller_project_item.name | mandatory }}" new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" - description: "{{ __controller_project_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_project_item.description | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" - scm_url: "{{ __controller_project_item.scm_url | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" + scm_url: "{{ __controller_project_item.scm_url | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" default_environment: "{{ __controller_project_item.default_environment | default(omit, true) }}" - local_path: "{{ __controller_project_item.local_path | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" - scm_branch: "{{ __controller_project_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit)) }}" - scm_refspec: "{{ __controller_project_item.scm_refspec | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" + local_path: "{{ __controller_project_item.local_path | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" + scm_branch: "{{ __controller_project_item.scm_branch | default(( '' if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_refspec: "{{ __controller_project_item.scm_refspec | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" credential: "{{ __controller_project_item.credential.name | default(__controller_project_item.credential | default(__controller_project_item.scm_credential | default(omit, true))) }}" signature_validation_credential: "{{ __controller_project_item.signature_validation_credential.name | default(__controller_project_item.signature_validation_credential | default(omit, true)) }}" - scm_clean: "{{ __controller_project_item.scm_clean | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" - scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" - scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" - scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" - scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=0, omit_value=omit), true) }}" - allow_override: "{{ __controller_project_item.allow_override | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" - timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=0, omit_value=omit), true)) }}" - custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit), true) }}" - organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value='', omit_value=omit))) }}" + scm_clean: "{{ __controller_project_item.scm_clean | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(( 0 if controller_configuration_projects_enforce_defaults else omit), true) }}" + allow_override: "{{ __controller_project_item.allow_override | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(( 0 if controller_configuration_projects_enforce_defaults else omit), true)) }}" + custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" + organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(( '' if controller_configuration_projects_enforce_defaults else omit))) }}" state: "{{ __controller_project_item.state | default(controller_state | default('present')) }}" - wait: "{{ __controller_project_item.wait | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=true, omit_value=omit)) }}" - update_project: "{{ __controller_project_item.update_project | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=false, omit_value=omit)) }}" + wait: "{{ __controller_project_item.wait | default(( true if controller_configuration_projects_enforce_defaults else omit)) }}" + update_project: "{{ __controller_project_item.update_project | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" - notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined else '') | default(__controller_project_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined else '') | default(__controller_project_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined else '') | default(__controller_project_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_projects_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined else '') | default(__controller_project_item.notification_templates_started) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined else '') | default(__controller_project_item.notification_templates_success) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined else '') | default(__controller_project_item.notification_templates_error) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 04f6b9ce3..3e5b4dbe2 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -5,20 +5,20 @@ team: "{{ __controller_role_item.team | default(omit, true) }}" role: "{{ __controller_role_item.role | mandatory }}" target_team: "{{ __controller_role_item.target_team | default(omit, true) }}" - target_teams: "{{ __controller_role_item.target_teams | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + target_teams: "{{ __controller_role_item.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" inventory: "{{ __controller_role_item.inventory | default(omit, true) }}" - inventories: "{{ __controller_role_item.inventories | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + inventories: "{{ __controller_role_item.inventories | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" job_template: "{{ __controller_role_item.job_template | default(omit, true) }}" - job_templates: "{{ __controller_role_item.job_templates | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + job_templates: "{{ __controller_role_item.job_templates | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" workflow: "{{ __controller_role_item.workflow | default(omit, true) }}" - workflows: "{{ __controller_role_item.workflows | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + workflows: "{{ __controller_role_item.workflows | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" credential: "{{ __controller_role_item.credential | default(omit, true) }}" - credentials: "{{ __controller_role_item.credentials | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + credentials: "{{ __controller_role_item.credentials | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" organization: "{{ __controller_role_item.organization | default(omit, true) }}" - organizations: "{{ __controller_role_item.organizations | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + organizations: "{{ __controller_role_item.organizations | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" lookup_organization: "{{ __controller_role_item.lookup_organization | default(omit, true) }}" project: "{{ __controller_role_item.project | default(omit, true) }}" - projects: "{{ __controller_role_item.projects | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_role_enforce_defaults , default_value=[], omit_value=omit), true) }}" + projects: "{{ __controller_role_item.projects | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" state: "{{ __controller_role_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index b13758bd6..654254b23 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -3,27 +3,27 @@ schedule: name: "{{ __controller_schedule_item.name | mandatory }}" new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" - description: "{{ __controller_schedule_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - rrule: "{{ __controller_schedule_item.rrule | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - extra_data: "{{ __controller_schedule_item.extra_data | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value={}, omit_value=omit), true) }}" - inventory: "{{ __controller_schedule_item.inventory | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_schedule_item.description | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + rrule: "{{ __controller_schedule_item.rrule | default(omit, true) }}" + extra_data: "{{ __controller_schedule_item.extra_data | default(( {} if controller_configuration_schedules_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_schedule_item.inventory | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" - scm_branch: "{{ __controller_schedule_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true)) }}" - forks: "{{ __controller_schedule_item.forks | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=0, omit_value=omit), true) }}" + scm_branch: "{{ __controller_schedule_item.scm_branch | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" + forks: "{{ __controller_schedule_item.forks | default(( 0 if controller_configuration_schedules_enforce_defaults else omit), true) }}" instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=1, omit_value=omit), true) }}" - labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else '') | default(__controller_schedule_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=[], omit_value=omit), true) }}" - timeout: "{{ __controller_schedule_item.timeout | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=0, omit_value=omit), true) }}" + job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(( 1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else '') | default(__controller_schedule_item.labels) | default(( [] if controller_configuration_schedules_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_schedule_item.timeout | default(( 0 if controller_configuration_schedules_enforce_defaults else omit), true) }}" job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" - job_tags: "{{ __controller_schedule_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - skip_tags: "{{ __controller_schedule_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - limit: "{{ __controller_schedule_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" - diff_mode: "{{ __controller_schedule_item.diff_mode | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=false, omit_value=omit)) }}" + job_tags: "{{ __controller_schedule_item.job_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + skip_tags: "{{ __controller_schedule_item.skip_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + limit: "{{ __controller_schedule_item.limit | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + diff_mode: "{{ __controller_schedule_item.diff_mode | default(( false if controller_configuration_schedules_enforce_defaults else omit)) }}" verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" - organization: "{{ __controller_schedule_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value='', omit_value=omit), true) }}" + organization: "{{ __controller_schedule_item.organization | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" - enabled: "{{ __controller_schedule_item.enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_schedules_enforce_defaults , default_value=true, omit_value=omit)) }}" + enabled: "{{ __controller_schedule_item.enabled | default(( true if controller_configuration_schedules_enforce_defaults else omit)) }}" state: "{{ __controller_schedule_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index be418f321..d81b66896 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -3,7 +3,7 @@ team: name: "{{ __controller_team_item.name | mandatory }}" new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" - description: "{{ __controller_team_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_teams_enforce_defaults , default_value='', omit_value=omit), true) }}" + description: "{{ __controller_team_item.description | default(( '' if controller_configuration_teams_enforce_defaults else omit), true) }}" organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" state: "{{ __controller_team_item.state | default(controller_state | default('present')) }}" diff --git a/roles/teams/tests/configs/teams.yml b/roles/teams/tests/configs/teams.yml index fc48db5f2..d6886f235 100644 --- a/roles/teams/tests/configs/teams.yml +++ b/roles/teams/tests/configs/teams.yml @@ -1,12 +1,12 @@ --- controller_teams: - name: "team1" - desc: "My first team" + description: "My first team" organization: "Default" - name: "team2" - desc: "My second team" + description: "My second team" organization: "Default" - name: "team3" - desc: "My third team" + description: "My third team" organization: "Default" ... diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index bb6511e0f..a1282454a 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -10,9 +10,9 @@ email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" first_name: "{{ __controller_user_accounts_item.firstname | default(__controller_user_accounts_item.first_name | default(omit, true)) }}" last_name: "{{ __controller_user_accounts_item.lastname | default(__controller_user_accounts_item.last_name | default(omit, true)) }}" - is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit))) }}" - is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit))) }}" - update_secrets: "{{ __controller_user_accounts_item.update_secrets | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_users_enforce_defaults , default_value=false, omit_value=omit)) }}" + is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default(( false if controller_configuration_users_enforce_defaults else omit))) }}" + is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default(( false if controller_configuration_users_enforce_defaults else omit))) }}" + update_secrets: "{{ __controller_user_accounts_item.update_secrets | default(( false if controller_configuration_users_enforce_defaults else omit)) }}" organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" state: "{{ __controller_user_accounts_item.state | default(controller_state | default(omit, true)) }}" diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index 7ca95a09d..fa3ccd1dc 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -5,34 +5,34 @@ name: "{{ __workflow_loop_item.name | mandatory }}" new_name: "{{ __workflow_loop_item.new_name | default(omit, true) }}" copy_from: "{{ __workflow_loop_item.copy_from | default(omit, true) }}" - description: "{{ __workflow_loop_item.description | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" - extra_vars: "{{ __workflow_loop_item.extra_vars | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value={}, omit_value=omit), true) }}" - allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true)) }}" - ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true)) }}" - limit: "{{ __workflow_loop_item.limit | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=0, omit_value=omit), true) }}" - labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined else '') | default(__workflow_loop_item.labels) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" - scm_branch: "{{ __workflow_loop_item.scm_branch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" - ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" + description: "{{ __workflow_loop_item.description | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + extra_vars: "{{ __workflow_loop_item.extra_vars | default(( {} if controller_configuration_workflows_enforce_defaults else omit), true) }}" + allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + limit: "{{ __workflow_loop_item.limit | default(( 0 if controller_configuration_workflows_enforce_defaults else omit), true) }}" + labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined else '') | default(__workflow_loop_item.labels) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + scm_branch: "{{ __workflow_loop_item.scm_branch | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" webhook_service: "{{ __workflow_loop_item.webhook_service | default(omit, true) }}" webhook_credential: "{{ __workflow_loop_item.webhook_credential.name | default(__workflow_loop_item.webhook_credential | default(omit, true)) }}" - survey_enabled: "{{ __workflow_loop_item.survey_enabled | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value={}, omit_value=omit), true))) }}" - job_tags: "{{ __workflow_loop_item.job_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" - skip_tags: "{{ __workflow_loop_item.skip_tags | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value='', omit_value=omit), true) }}" - ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" - ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit)) }}" - ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" - workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true)) }}" - destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=false, omit_value=omit))) }}" + survey_enabled: "{{ __workflow_loop_item.survey_enabled | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(( {} if controller_configuration_workflows_enforce_defaults else omit), true))) }}" + job_tags: "{{ __workflow_loop_item.job_tags | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + skip_tags: "{{ __workflow_loop_item.skip_tags | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" + ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" + workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined else '') | default(__workflow_loop_item.notification_templates_started) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined else '') | default(__workflow_loop_item.notification_templates_success) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined else '') | default(__workflow_loop_item.notification_templates_error) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" - notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined else '') | default(__workflow_loop_item.notification_templates_approvals) | default(lookup('infra.controller_configuration.enforce_defaults', enforce_default=controller_configuration_workflows_enforce_defaults , default_value=[], omit_value=omit), true) }}" + notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined else '') | default(__workflow_loop_item.notification_templates_started) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined else '') | default(__workflow_loop_item.notification_templates_success) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined else '') | default(__workflow_loop_item.notification_templates_error) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined else '') | default(__workflow_loop_item.notification_templates_approvals) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/workflow_job_templates/tests/configs/controller_workflows.yml b/roles/workflow_job_templates/tests/configs/controller_workflows.yml index 11c9aa506..c78e1a59e 100644 --- a/roles/workflow_job_templates/tests/configs/controller_workflows.yml +++ b/roles/workflow_job_templates/tests/configs/controller_workflows.yml @@ -21,7 +21,6 @@ controller_workflows: schedules: [] workflow_nodes: - extra_data: {} - inventory: scm_branch: job_type: job_tags: @@ -77,7 +76,6 @@ controller_workflows: identifier: d9779889-cfdb-4a8c-8a11-1f54acf84aca type: workflow_job_template_node - extra_data: {} - inventory: scm_branch: job_type: job_tags: @@ -134,7 +132,6 @@ controller_workflows: option_true_false: 'yes' target_groups: - group1 - inventory: scm_branch: job_type: job_tags: @@ -171,7 +168,6 @@ controller_workflows: identifier: 28910097-e606-4252-8aa9-2c1a0b8b6c92 type: workflow_job_template_node - extra_data: {} - inventory: scm_branch: job_type: job_tags: @@ -208,7 +204,6 @@ controller_workflows: identifier: ca7ffc3b-8401-4153-83bf-bb3dd918ca87 type: workflow_job_template_node - extra_data: {} - inventory: scm_branch: job_type: job_tags: @@ -322,7 +317,6 @@ controller_workflows: schedules: [] workflow_nodes: - extra_data: {} - inventory: scm_branch: job_type: job_tags: @@ -370,7 +364,6 @@ controller_workflows: identifier: d9779889-cfdb-4a8c-8a11-1f54acf84aca type: workflow_job_template_node - extra_data: {} - inventory: scm_branch: job_type: job_tags: From 0400a7bc73fcc458b22e4c43c8a01620426c205f Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Fri, 28 Apr 2023 16:38:19 -0500 Subject: [PATCH 027/129] fixing get_stats to work on Tower (#591) * updating export readme * tweaking readme some more * fixing link * adding get_stats.yml playbook * updating env vars for backwards compatibility --- playbooks/get_stats.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/playbooks/get_stats.yml b/playbooks/get_stats.yml index 254c45e4d..f3d14e7ff 100644 --- a/playbooks/get_stats.yml +++ b/playbooks/get_stats.yml @@ -6,10 +6,11 @@ connection: local gather_facts: true vars: - controller_hostname: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" - controller_username: "{{ lookup('ansible.builtin.env', 'CONTROLLER_USERNAME') }}" - controller_password: "{{ lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') }}" - controller_validate_certs: "{{ lookup('ansible.builtin.env', 'CONTROLLER_VERIFY_SSL') | default(false) }}" + # Using the Tower env names for backwards compatibility + controller_hostname: "{{ lookup('ansible.builtin.env', 'TOWER_HOST') }}" + controller_username: "{{ lookup('ansible.builtin.env', 'TOWER_USERNAME') }}" + controller_password: "{{ lookup('ansible.builtin.env', 'TOWER_PASSWORD') }}" + controller_validate_certs: "{{ lookup('ansible.builtin.env', 'TOWER_VERIFY_SSL') | default(false) }}" tasks: - name: Get number of JT From 2ffce6967f297fc5bbe12cd1e6e61779516b9dd1 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Fri, 28 Apr 2023 22:15:04 -0400 Subject: [PATCH 028/129] fix ci (#592) * update org export * update org export * rebase * rebase * rebase * fix differential tests * fix differential tests --- tests/configure_controller_export_model.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 01758d99e..474567ba7 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -113,5 +113,5 @@ that: - differential_expected == export_results.difference when: - - awx_version == "22.0.0" or awx_version == "22.1.0" or awx_version == "devel" # It works on earlier versions, the issue is new fields fail in the differential. + - awx_version == "devel" # It works on earlier versions, the issue is new fields fail in the differential. ... From b27515433a3611020636eb9ee69cf2dc369c217f Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sat, 29 Apr 2023 15:11:51 -0400 Subject: [PATCH 029/129] update liscense role to use subscription module (#593) --- changelogs/fragments/license.yml | 4 ++ roles/license/README.md | 42 ++++++++++++++++++- roles/license/defaults/main.yml | 3 ++ roles/license/tasks/main.yml | 54 +++--------------------- roles/license/tasks/manifest.yml | 57 ++++++++++++++++++++++++++ roles/license/tasks/subscription.yml | 34 +++++++++++++++ roles/license/tests/config/license.yml | 1 - roles/license/tests/test.yml | 2 + 8 files changed, 145 insertions(+), 52 deletions(-) create mode 100644 changelogs/fragments/license.yml create mode 100644 roles/license/tasks/manifest.yml create mode 100644 roles/license/tasks/subscription.yml diff --git a/changelogs/fragments/license.yml b/changelogs/fragments/license.yml new file mode 100644 index 000000000..b53b27e3f --- /dev/null +++ b/changelogs/fragments/license.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - added options to license role to allow use of subcription lookup or pool_id. +... diff --git a/roles/license/README.md b/roles/license/README.md index b1ef530e9..c7f16078b 100644 --- a/roles/license/README.md +++ b/roles/license/README.md @@ -40,7 +40,11 @@ controller_configuration_license_secure_logging defaults to the value of control ## Data Structure -### License Variables +### Manifest vs Subscription + +The module and this role can use either a manifest file, or lookup the subscription on your account. Only one method is needed, provide the appropriate variables to use the either method. + +### License Variables for using mainfest |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| @@ -57,6 +61,21 @@ controller_configuration_license_secure_logging defaults to the value of control For further details on fields see +### License Variables for using Red Hat Subscription + +|Variable Name|Default Value|Required|Type|Description| +|:---:|:---:|:---:|:---:|:---:| +|`redhat_subscription_username`|""|no|str|Red Hat or Red Hat Satellite username to get available subscriptions.| +|`redhat_subscription_password`|""|no|str|Red Hat or Red Hat Satellite password to get available subscriptions.| +|`filters`|"default values"|no|str|dict of filters to use to narrow the subscription. See example below for how to use this.| +|`support_level`|"Self-Support"|no|str|DEPRECATED - changed to `manifest_file` (still works as an alias)| +|`list_num`|0|no|int|List index of the subscription to use, if you want to overide the default, it is recomended to use the filters to limit the pools found.| +|`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to, setting this will skip the lookup.| +|`force`|`False`|no|bool|By default, the license will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| +|`state`|`present`|no|str|Desired state of the resource.| + +For further details on fields see + ### Standard Project Data Structure #### Json Example @@ -83,7 +102,7 @@ controller_license: ## Playbook Examples -### Standard Role Usage +### Standard Manifest Role Usage ```yaml --- @@ -104,6 +123,25 @@ controller_license: - {role: infra.controller_configuration.license, when: controller_license is defined} ``` +### Standard Subscription lookup Role Usage + +```yaml +--- +- name: Playbook to configure ansible controller post installation + hosts: localhost + connection: local + vars: + controller_validate_certs: false + controller_hostname: controller.example.com + controller_username: admin + controller_password: changeme + redhat_subscription_username: changeme + redhat_subscription_password: changeme + + roles: + - {role: infra.controller_configuration.license} +``` + ## License [MIT](https://github.com/redhat-cop/controller_configuration#licensing) diff --git a/roles/license/defaults/main.yml b/roles/license/defaults/main.yml index 114c343d5..fbb93ef3b 100644 --- a/roles/license/defaults/main.yml +++ b/roles/license/defaults/main.yml @@ -1,3 +1,6 @@ --- controller_configuration_license_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +_redhat_cop_license_filters: + product_name: Red Hat Ansible Automation Platform + support_level: Self-Support ... diff --git a/roles/license/tasks/main.yml b/roles/license/tasks/main.yml index 22f446e87..b62a7bc9e 100644 --- a/roles/license/tasks/main.yml +++ b/roles/license/tasks/main.yml @@ -1,57 +1,13 @@ --- # tasks file for license role -- name: Ensure manifest is set - ansible.builtin.assert: - that: controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_url is defined or controller_license.manifest_content is defined or controller_license.pool_id is defined - fail_msg: "Must set a source for the manifest or pool. Please set 'manifest_file', 'manifest_url', 'manifest_content', or 'pool_id'" - -- name: Move manifest file to temporary location - ansible.builtin.copy: - src: "{{ controller_license.manifest_file | default(controller_license.manifest) }}" - dest: "{{ __controller_manifest_path }}" - mode: 0600 +- name: Use manifest file + ansible.builtin.include_tasks: "manifest.yml" when: - controller_license.manifest_file is defined or controller_license.manifest is defined -- name: Fetch manifest from URL - ansible.builtin.get_url: - url: "{{ controller_license.manifest_url }}" - dest: "{{ __controller_manifest_path }}" - username: "{{ controller_license.manifest_username | default(omit) }}" - password: "{{ controller_license.manifest_password | default(omit) }}" - mode: 0600 - when: - - controller_license.manifest_url is defined - - not controller_license.manifest_file is defined - - not controller_license.manifest is defined - -- name: Create manifest file from base64 encoded content - ansible.builtin.template: - src: controller_manifest.j2 - dest: "{{ __controller_manifest_path }}" - mode: 0600 +- name: Use subscription pool id or subscription lookup + ansible.builtin.include_tasks: "subscription.yml" when: - - controller_license.manifest_content is defined - - not controller_license.manifest_url is defined - - not controller_license.manifest_file is defined - - not controller_license.manifest is defined - -- name: Install the Controller license - license: - manifest: "{{ __controller_manifest_path | default(omit) }}" - eula_accepted: "{{ controller_license.eula_accepted | default(omit) }}" # Depreciated only for Tower 3.8.x or lower - pool_id: "{{ controller_license.pool_id | default(omit) }}" - force: "{{ controller_license.force | default(omit) }}" - state: "{{ controller_license.state | default(omit) }}" - - # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" - no_log: "{{ controller_configuration_license_secure_logging }}" - when: controller_license is defined + - (redhat_subscription_username is defined and redhat_subscription_password is defined) or controller_license.pool_id is defined ... diff --git a/roles/license/tasks/manifest.yml b/roles/license/tasks/manifest.yml new file mode 100644 index 000000000..4942ae0e1 --- /dev/null +++ b/roles/license/tasks/manifest.yml @@ -0,0 +1,57 @@ +--- +# tasks file for license role - manifest + +- name: Ensure manifest is set + ansible.builtin.assert: + that: controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_url is defined or controller_license.manifest_content is defined or controller_license.pool_id is defined + fail_msg: "Must set a source for the manifest or pool. Please set 'manifest_file', 'manifest_url', 'manifest_content', or 'pool_id'" + +- name: Move manifest file to temporary location + ansible.builtin.copy: + src: "{{ controller_license.manifest_file | default(controller_license.manifest) }}" + dest: "{{ __controller_manifest_path }}" + mode: 0600 + when: + - controller_license.manifest_file is defined or controller_license.manifest is defined + +- name: Fetch manifest from URL + ansible.builtin.get_url: + url: "{{ controller_license.manifest_url }}" + dest: "{{ __controller_manifest_path }}" + username: "{{ controller_license.manifest_username | default(omit) }}" + password: "{{ controller_license.manifest_password | default(omit) }}" + mode: 0600 + when: + - controller_license.manifest_url is defined + - not controller_license.manifest_file is defined + - not controller_license.manifest is defined + +- name: Create manifest file from base64 encoded content + ansible.builtin.template: + src: controller_manifest.j2 + dest: "{{ __controller_manifest_path }}" + mode: 0600 + when: + - controller_license.manifest_content is defined + - not controller_license.manifest_url is defined + - not controller_license.manifest_file is defined + - not controller_license.manifest is defined + +- name: Install the Controller license + license: + manifest: "{{ __controller_manifest_path | default(omit) }}" + eula_accepted: "{{ controller_license.eula_accepted | default(omit) }}" # Depreciated only for Tower 3.8.x or lower + pool_id: "{{ controller_license.pool_id | default(omit) }}" + force: "{{ controller_license.force | default(omit) }}" + state: "{{ controller_license.state | default(omit) }}" + + # Role Standard Options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + no_log: "{{ controller_configuration_license_secure_logging }}" + when: controller_license is defined +... diff --git a/roles/license/tasks/subscription.yml b/roles/license/tasks/subscription.yml new file mode 100644 index 000000000..92350cf84 --- /dev/null +++ b/roles/license/tasks/subscription.yml @@ -0,0 +1,34 @@ +--- +# tasks file for license role - Subscription + +- name: Get subscriptions with a filter + subscriptions: + username: "{{ redhat_subscription_username }}" + password: "{{ redhat_subscription_password }}" + filters: "{{ controller_license.filters | default(_redhat_cop_license_filters) }}" + # Role Standard Options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + register: subscription + when: controller_license.pool_id is not defined + +- name: Install the Controller license + license: + pool_id: "{{ controller_license.pool_id | default(subscription.subscriptions[(controller_license.list_num | default(0))].pool_id)}}" + force: "{{ controller_license.force | default(omit) }}" + state: "{{ controller_license.state | default(omit) }}" + + # Role Standard Options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + no_log: "{{ controller_configuration_license_secure_logging }}" + when: controller_license is defined +... diff --git a/roles/license/tests/config/license.yml b/roles/license/tests/config/license.yml index bdbae5e58..6dcca8391 100644 --- a/roles/license/tests/config/license.yml +++ b/roles/license/tests/config/license.yml @@ -3,5 +3,4 @@ controller_license: manifest_file: "/tmp/my_tower.zip" # manifest_url: https://www.ansible.com/hubfs/Logo-Red_Hat-Ansible-A-Reverse-SVG.svg # manifest_content: "aGVsbG8gd29ybGQ=" - eula_accepted: true ... diff --git a/roles/license/tests/test.yml b/roles/license/tests/test.yml index 0f256fcba..5d94b1388 100644 --- a/roles/license/tests/test.yml +++ b/roles/license/tests/test.yml @@ -8,6 +8,8 @@ controller_hostname: controller.example.com controller_username: admin controller_password: changeme + redhat_subscription_username: changeme + redhat_subscription_password: changeme collections: - awx.awx From 6f3b480ea22547e0930d8958b5de0393eeb4123b Mon Sep 17 00:00:00 2001 From: adonisgarciac <71078987+adonisgarciac@users.noreply.github.com> Date: Thu, 4 May 2023 15:15:55 +0200 Subject: [PATCH 030/129] fix issue #594 for roles with blank spaces in the name (#595) --- plugins/lookup/controller_object_diff.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index 33e1a0b66..b0d2f8d3b 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -202,7 +202,7 @@ def run(self, terms, variables=None, **kwargs): for item in api_list_reduced: if item["resource_type"] == "organization": item.update({"organizations": [item[item["resource_type"]]]}) - item.update({"role": item["name"].lower()}) + item.update({"role": item["name"].lower().replace(" ", "_")}) # Remove the extra fields item.pop("users") item.pop("teams") From fb0c1885a54e9860558448e5e19b36ca1e8c724b Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Mon, 8 May 2023 09:56:11 -0400 Subject: [PATCH 031/129] update pipeline to single (#598) --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 957ecc2f1..d2d1d2735 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: release: needs: - ci_standalone - uses: "redhat-cop/ansible_collections_tooling/.github/workflows/release_pipeline.yml@main" + uses: "redhat-cop/ansible_collections_tooling/.github/workflows/release_pipeline_single.yml@main" with: collection_namespace: infra collection_name: controller_configuration From 489117a387533ca77a9cd2738230f1a4d5dd6919 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 9 May 2023 10:12:47 -0400 Subject: [PATCH 032/129] update pipeline to single (#598) From a764ec7a64725ce35662a7dd2f655b1d9b589432 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 11 May 2023 08:53:54 -0400 Subject: [PATCH 033/129] Update pre-commit (#599) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index fc50e90c4..6e72e5e1e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.15.0 + rev: v6.16.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 1a40c8819d7ccf16192eb43851c364a37a3aa826 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 17 May 2023 01:31:26 -0400 Subject: [PATCH 034/129] Update pre-commit (#604) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6e72e5e1e..29bbe568c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.16.0 + rev: v6.16.1 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 72bcbc01a55c2ea618833c57e6dcc8d095d85ae1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 25 May 2023 21:27:59 -0400 Subject: [PATCH 035/129] Update pre-commit (#605) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 29bbe568c..d9aa3b199 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.16.1 + rev: v6.16.2 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 5a124b6d8d93b1a7f2e217e085c6604b923e5ddd Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Wed, 7 Jun 2023 14:56:14 -0500 Subject: [PATCH 036/129] updating galaxy tag to fix linting error (#611) fixing lint issue --- galaxy.yml.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/galaxy.yml.j2 b/galaxy.yml.j2 index 41815d8d7..12a31e8e5 100644 --- a/galaxy.yml.j2 +++ b/galaxy.yml.j2 @@ -27,4 +27,5 @@ tags: - collection - controller_configuration - automation_platform + - infrastructure ... From 22129a94f9be679d4ea5ae662d03775be136a1d5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 7 Jun 2023 15:57:24 -0400 Subject: [PATCH 037/129] Update pre-commit (#608) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d9aa3b199..5c03b6a3b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.16.2 + rev: v6.17.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 83cb0fea4d0c2d2d8db55834f2a2a2309ce76814 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 7 Jun 2023 17:18:58 -0400 Subject: [PATCH 038/129] update lint (#612) --- .ansible-lint | 1 + 1 file changed, 1 insertion(+) diff --git a/.ansible-lint b/.ansible-lint index e1bc1fe78..44d3018c6 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -22,6 +22,7 @@ skip_list: - meta-runtime # This collection with the appropriate awx.awx or ansible.controller still works with older ansible. - role-name[path] - sanity[cannot-ignore] # We're only ignoring sanity rules when we have to + - var-naming[no-role-prefix] kinds: - playbooks: "**/examples/templates/*.{yml,yaml}" - playbooks: "**/examples/*.{yml,yaml}" From 45f9a4cfac83eda33e9747bdc18acf5d698e30a6 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 7 Jun 2023 17:42:01 -0400 Subject: [PATCH 039/129] add options to roles role (#597) Co-authored-by: David Danielsson --- changelogs/fragments/roles_update.yml | 4 ++++ roles/roles/README.md | 5 +++++ roles/roles/tasks/main.yml | 2 ++ 3 files changed, 11 insertions(+) create mode 100644 changelogs/fragments/roles_update.yml diff --git a/changelogs/fragments/roles_update.yml b/changelogs/fragments/roles_update.yml new file mode 100644 index 000000000..188953f87 --- /dev/null +++ b/changelogs/fragments/roles_update.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - added option to roles role to support upcoming change to allow lists of teams and users to be used in the module. +... diff --git a/roles/roles/README.md b/roles/roles/README.md index 8183f043d..4c10eaf69 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -75,7 +75,9 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`user`|""|no|str|The user for which the role applies| +|`users`|""|no|list|The users for which the role applies| |`team`|""|no|str|The team for which the role applies| +|`teams`|""|no|list|The teams for which the role applies| |`role`|""|no|str (see note below)|The role which is applied to one of {`target_team`, `inventory`, `job_template`, `target_team`, `inventory`, `job_template`} for either `user` or `team` | |`target_team`|""|no|str|The team the role applies against| |`target_teams`|""|no|list|The teams the role applies against| @@ -140,6 +142,9 @@ This also speeds up the overall role. --- controller_roles: - user: jdoe + users: + - thing1 + - thing2 target_team: "My Team" role: member - team: "My Team" diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 3e5b4dbe2..7569ece85 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -2,7 +2,9 @@ - name: Create Role Based Access Entry on Controller role: user: "{{ __controller_role_item.user | default(omit, true) }}" + users: "{{ __controller_role_item.user | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" team: "{{ __controller_role_item.team | default(omit, true) }}" + teams: "{{ __controller_role_item.team | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" role: "{{ __controller_role_item.role | mandatory }}" target_team: "{{ __controller_role_item.target_team | default(omit, true) }}" target_teams: "{{ __controller_role_item.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" From ac84c0de5fa306efd690e4d8df937a70f9787c60 Mon Sep 17 00:00:00 2001 From: Klaas Demter Date: Thu, 8 Jun 2023 21:16:29 +0200 Subject: [PATCH 040/129] Fix job_template notifications (#603) Co-authored-by: David Danielsson --- roles/job_templates/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index ddafeffef..84f951ae5 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -54,9 +54,9 @@ scm_branch: "{{ __controller_template_item.scm_branch | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined else '') | default(__controller_template_item.labels) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined else '') | default(__controller_template_item.notification_templates_started) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined else '') | default(__controller_template_item.notification_templates_success) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined else '') | default(__controller_template_item.notification_templates_error) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" From 69b9f455e8892ac71c6bf208c1e8c65cea0e20ae Mon Sep 17 00:00:00 2001 From: Klaas Demter Date: Thu, 8 Jun 2023 21:17:19 +0200 Subject: [PATCH 041/129] Controller Schedule: forks, timeout and limit can only be set if template is configured as "prompt on launch" (#602) --- roles/schedules/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 654254b23..3a91e9ef1 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -10,15 +10,15 @@ credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" scm_branch: "{{ __controller_schedule_item.scm_branch | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" - forks: "{{ __controller_schedule_item.forks | default(( 0 if controller_configuration_schedules_enforce_defaults else omit), true) }}" + forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(( 1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else '') | default(__controller_schedule_item.labels) | default(( [] if controller_configuration_schedules_enforce_defaults else omit), true) }}" - timeout: "{{ __controller_schedule_item.timeout | default(( 0 if controller_configuration_schedules_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" job_tags: "{{ __controller_schedule_item.job_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" skip_tags: "{{ __controller_schedule_item.skip_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - limit: "{{ __controller_schedule_item.limit | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + limit: "{{ __controller_schedule_item.limit | default(omit, true) }}" diff_mode: "{{ __controller_schedule_item.diff_mode | default(( false if controller_configuration_schedules_enforce_defaults else omit)) }}" verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" organization: "{{ __controller_schedule_item.organization | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" From b9ed812f3d7697c4708d451b4535639f8c59f2b6 Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Thu, 8 Jun 2023 22:00:10 +0200 Subject: [PATCH 042/129] Make 'with_present' variable (#613) Co-authored-by: Marges, RSY (Rick) Co-authored-by: Sean Sullivan --- roles/object_diff/defaults/main.yml | 1 + roles/object_diff/tasks/applications.yml | 2 +- roles/object_diff/tasks/credential_types.yml | 2 +- roles/object_diff/tasks/credentials.yml | 2 +- roles/object_diff/tasks/execution_environments.yml | 2 +- roles/object_diff/tasks/groups.yml | 2 +- roles/object_diff/tasks/hosts.yml | 2 +- roles/object_diff/tasks/instance_groups.yml | 2 +- roles/object_diff/tasks/inventories.yml | 2 +- roles/object_diff/tasks/inventory_sources.yml | 2 +- roles/object_diff/tasks/job_templates.yml | 2 +- roles/object_diff/tasks/notification_templates.yml | 2 +- roles/object_diff/tasks/organizations.yml | 2 +- roles/object_diff/tasks/projects.yml | 2 +- roles/object_diff/tasks/roles.yml | 2 +- roles/object_diff/tasks/schedules.yml | 2 +- roles/object_diff/tasks/teams.yml | 2 +- roles/object_diff/tasks/user_accounts.yml | 2 +- roles/object_diff/tasks/workflow_job_templates.yml | 2 +- 19 files changed, 19 insertions(+), 18 deletions(-) diff --git a/roles/object_diff/defaults/main.yml b/roles/object_diff/defaults/main.yml index 483b3c949..0b5cde651 100644 --- a/roles/object_diff/defaults/main.yml +++ b/roles/object_diff/defaults/main.yml @@ -53,4 +53,5 @@ controller_configuration_object_diff_secure_logging: "{{ controller_configuratio controller_api_version: "v2" +include_present_state: false ... diff --git a/roles/object_diff/tasks/applications.yml b/roles/object_diff/tasks/applications.yml index 28bf86932..3fc72ede8 100644 --- a/roles/object_diff/tasks/applications.yml +++ b/roles/object_diff/tasks/applications.yml @@ -18,7 +18,7 @@ ansible.builtin.set_fact: __applications_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_applications, compare_list=controller_applications, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set application's list to be configured" diff --git a/roles/object_diff/tasks/credential_types.yml b/roles/object_diff/tasks/credential_types.yml index 5d800d013..4d4fabff3 100644 --- a/roles/object_diff/tasks/credential_types.yml +++ b/roles/object_diff/tasks/credential_types.yml @@ -24,7 +24,7 @@ ansible.builtin.set_fact: __credential_types_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_credential_types, compare_list=controller_credential_types, - with_present=false, set_absent=true) }}" + with_present=include_present_state, set_absent=true) }}" - name: "Set credential's list to be configured" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/credentials.yml b/roles/object_diff/tasks/credentials.yml index ca5321b3a..bbe003cba 100644 --- a/roles/object_diff/tasks/credentials.yml +++ b/roles/object_diff/tasks/credentials.yml @@ -21,7 +21,7 @@ ansible.builtin.set_fact: __credentials_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_credentials, compare_list=controller_credentials, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set credential's list to be configured" diff --git a/roles/object_diff/tasks/execution_environments.yml b/roles/object_diff/tasks/execution_environments.yml index c63c24cb0..27c4be89a 100644 --- a/roles/object_diff/tasks/execution_environments.yml +++ b/roles/object_diff/tasks/execution_environments.yml @@ -18,7 +18,7 @@ ansible.builtin.set_fact: __execution_environments_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_execution_environments, compare_list=controller_execution_environments, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set execution_environment's list to be configured" diff --git a/roles/object_diff/tasks/groups.yml b/roles/object_diff/tasks/groups.yml index 7104f3f37..209e4a87c 100644 --- a/roles/object_diff/tasks/groups.yml +++ b/roles/object_diff/tasks/groups.yml @@ -39,7 +39,7 @@ __groups_difference: "{{ lookup(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_groups, compare_list=controller_groups, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set the inventory key at the correct place" diff --git a/roles/object_diff/tasks/hosts.yml b/roles/object_diff/tasks/hosts.yml index aeadd54e9..5465bd9f6 100644 --- a/roles/object_diff/tasks/hosts.yml +++ b/roles/object_diff/tasks/hosts.yml @@ -40,7 +40,7 @@ __hosts_difference: "{{ lookup(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_hosts, compare_list=controller_hosts, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set the inventory key at the correct place" diff --git a/roles/object_diff/tasks/instance_groups.yml b/roles/object_diff/tasks/instance_groups.yml index 8acc1590f..2a3400067 100644 --- a/roles/object_diff/tasks/instance_groups.yml +++ b/roles/object_diff/tasks/instance_groups.yml @@ -22,7 +22,7 @@ __instance_groups_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_instance_groups, compare_list=controller_instance_groups, - with_present=false, + with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/inventories.yml b/roles/object_diff/tasks/inventories.yml index f546e237b..d5c2665d8 100644 --- a/roles/object_diff/tasks/inventories.yml +++ b/roles/object_diff/tasks/inventories.yml @@ -20,7 +20,7 @@ ansible.builtin.set_fact: __inventories_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_inventories, compare_list=controller_inventories, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set inventores' list to be configured" diff --git a/roles/object_diff/tasks/inventory_sources.yml b/roles/object_diff/tasks/inventory_sources.yml index 7e993f08a..5aa28799f 100644 --- a/roles/object_diff/tasks/inventory_sources.yml +++ b/roles/object_diff/tasks/inventory_sources.yml @@ -21,7 +21,7 @@ __inventory_sources_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_inventory_sources, compare_list=controller_inventory_sources, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set inventory_sources' list to be configured" diff --git a/roles/object_diff/tasks/job_templates.yml b/roles/object_diff/tasks/job_templates.yml index 9926f1e26..9ea242234 100644 --- a/roles/object_diff/tasks/job_templates.yml +++ b/roles/object_diff/tasks/job_templates.yml @@ -20,7 +20,7 @@ ansible.builtin.set_fact: __job_templates_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_job_templates, compare_list=controller_templates, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set job_template's list to be configured" diff --git a/roles/object_diff/tasks/notification_templates.yml b/roles/object_diff/tasks/notification_templates.yml index b7ea000a5..8dddee6c4 100644 --- a/roles/object_diff/tasks/notification_templates.yml +++ b/roles/object_diff/tasks/notification_templates.yml @@ -18,7 +18,7 @@ ansible.builtin.set_fact: __notification_templates_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_notification_templates, compare_list=controller_notifications, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set notification_template's list to be configured" diff --git a/roles/object_diff/tasks/organizations.yml b/roles/object_diff/tasks/organizations.yml index e88c1666e..33589b654 100644 --- a/roles/object_diff/tasks/organizations.yml +++ b/roles/object_diff/tasks/organizations.yml @@ -23,7 +23,7 @@ ansible.builtin.set_fact: __organizations_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_organizations, compare_list=controller_organizations, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set list __list_empty_orgs when protect_not_empty_orgs" diff --git a/roles/object_diff/tasks/projects.yml b/roles/object_diff/tasks/projects.yml index 3b119ab6c..1ca3675cd 100644 --- a/roles/object_diff/tasks/projects.yml +++ b/roles/object_diff/tasks/projects.yml @@ -20,7 +20,7 @@ ansible.builtin.set_fact: __projects_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_projects, compare_list=controller_projects, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set project's list to be configured" diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index 095161f21..34eb7f639 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -55,7 +55,7 @@ ansible.builtin.set_fact: __roles_difference: "{{ lookup(controller_role_plugin, api_list=__full_controller_api_roles, compare_list=controller_roles, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Sets differences between Roles what is on the Controller versus CasC on SCM" diff --git a/roles/object_diff/tasks/schedules.yml b/roles/object_diff/tasks/schedules.yml index fe2994186..b217e97f1 100644 --- a/roles/object_diff/tasks/schedules.yml +++ b/roles/object_diff/tasks/schedules.yml @@ -39,7 +39,7 @@ ansible.builtin.set_fact: __schedules_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_schedules, compare_list=controller_schedules, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set schedule's list to be configured" diff --git a/roles/object_diff/tasks/teams.yml b/roles/object_diff/tasks/teams.yml index d1abf599f..b05972677 100644 --- a/roles/object_diff/tasks/teams.yml +++ b/roles/object_diff/tasks/teams.yml @@ -33,7 +33,7 @@ __teams_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_teams, compare_list=controller_teams, - with_present=false, + with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/user_accounts.yml b/roles/object_diff/tasks/user_accounts.yml index 1bfb32e5a..80050bf8d 100644 --- a/roles/object_diff/tasks/user_accounts.yml +++ b/roles/object_diff/tasks/user_accounts.yml @@ -38,7 +38,7 @@ ansible.builtin.set_fact: __user_accounts_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_user_accounts, compare_list=controller_user_accounts, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/workflow_job_templates.yml b/roles/object_diff/tasks/workflow_job_templates.yml index 2f3c93c8a..bf2ecc2bb 100644 --- a/roles/object_diff/tasks/workflow_job_templates.yml +++ b/roles/object_diff/tasks/workflow_job_templates.yml @@ -21,7 +21,7 @@ __workflow_job_templates_difference: "{{ lookup(controller_role_plugin, api_list=__controller_api_workflow_job_templates, compare_list=controller_workflows, - with_present=false, set_absent=true) + with_present=include_present_state, set_absent=true) }}" - name: "Set job_template's list to be configured" From d499e5b3d3b9769010bac3ccc42d0d663885eb03 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Thu, 8 Jun 2023 23:48:22 -0400 Subject: [PATCH 043/129] update else on lists and tests (#614) --- .github/workflows/ci_standalone.yml | 4 ++-- .github/workflows/release.yml | 5 +++-- changelogs/fragments/list_default_fix.yml | 4 ++++ roles/inventory_sources/tasks/main.yml | 6 +++--- roles/job_templates/tasks/main.yml | 2 +- roles/organizations/tasks/main.yml | 8 ++++---- roles/projects/tasks/main.yml | 6 +++--- roles/schedules/tasks/main.yml | 2 +- roles/workflow_job_templates/tasks/main.yml | 10 +++++----- tests/configs/schedule.yml | 1 + tests/configs/templates.yml | 1 + tests/configs_export_model/differential_items.yml | 4 ++-- 12 files changed, 30 insertions(+), 23 deletions(-) create mode 100644 changelogs/fragments/list_default_fix.yml diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 0f54f99b5..1b07f0f30 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,11 +19,11 @@ jobs: matrix: awx_version: - devel + - 22.3.0 + - 22.2.0 - 22.1.0 - 22.0.0 - 21.14.0 - - 21.13.0 - - 21.12.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d2d1d2735..15a20c002 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,10 +15,11 @@ jobs: matrix: awx_version: - devel + - 22.3.0 + - 22.2.0 + - 22.1.0 - 22.0.0 - 21.14.0 - - 21.13.0 - - 21.12.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/changelogs/fragments/list_default_fix.yml b/changelogs/fragments/list_default_fix.yml new file mode 100644 index 000000000..592ca2150 --- /dev/null +++ b/changelogs/fragments/list_default_fix.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - Fixed defaults for values that are lists. +... diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index ab470cbc5..89d6f9524 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -25,9 +25,9 @@ source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" scm_branch: "{{ __controller_source_item.scm_branch | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true ) }}" state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined else '') | default(__controller_source_item.notification_templates_started) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined else '') | default(__controller_source_item.notification_templates_success) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined else '') | default(__controller_source_item.notification_templates_error) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" # Role Standard Options controller_config_file: "{{ controller_config_file | default(omit, true) }}" diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index 84f951ae5..be5e6126b 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -52,7 +52,7 @@ webhook_service: "{{ __controller_template_item.webhook_service | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" scm_branch: "{{ __controller_template_item.scm_branch | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined else '') | default(__controller_template_item.labels) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index ccbaed37a..0cb3f5b06 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -8,10 +8,10 @@ instance_groups: "{{ __controller_organizations_item.instance_groups | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined else '') | default(__controller_organizations_item.notification_templates_approvals) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined else '') | default(__controller_organizations_item.notification_templates_started) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined else '') | default(__controller_organizations_item.notification_templates_success) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined else '') | default(__controller_organizations_item.notification_templates_error) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" # Role Standard Options diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 105e9f386..149ed92f4 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -26,9 +26,9 @@ wait: "{{ __controller_project_item.wait | default(( true if controller_configuration_projects_enforce_defaults else omit)) }}" update_project: "{{ __controller_project_item.update_project | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" - notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined else '') | default(__controller_project_item.notification_templates_started) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined else '') | default(__controller_project_item.notification_templates_success) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined else '') | default(__controller_project_item.notification_templates_error) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined) | default(__controller_project_item.notification_templates_started) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined) | default(__controller_project_item.notification_templates_success) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 3a91e9ef1..644190dd0 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -13,7 +13,7 @@ forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(( 1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined else '') | default(__controller_schedule_item.labels) | default(( [] if controller_configuration_schedules_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined) | default(__controller_schedule_item.labels) | default(( [] if controller_configuration_schedules_enforce_defaults else omit), true) }}" timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" job_tags: "{{ __controller_schedule_item.job_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index fa3ccd1dc..3f6ef289b 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -12,7 +12,7 @@ ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" limit: "{{ __workflow_loop_item.limit | default(( 0 if controller_configuration_workflows_enforce_defaults else omit), true) }}" - labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined else '') | default(__workflow_loop_item.labels) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined) | default(__workflow_loop_item.labels) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" scm_branch: "{{ __workflow_loop_item.scm_branch | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" @@ -29,10 +29,10 @@ workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined else '') | default(__workflow_loop_item.notification_templates_started) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined else '') | default(__workflow_loop_item.notification_templates_success) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined else '') | default(__workflow_loop_item.notification_templates_error) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined else '') | default(__workflow_loop_item.notification_templates_approvals) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/tests/configs/schedule.yml b/tests/configs/schedule.yml index e2ab685af..c587ec84d 100644 --- a/tests/configs/schedule.yml +++ b/tests/configs/schedule.yml @@ -10,6 +10,7 @@ controller_schedules: rrule: "DTSTART:20200101T000000Z RRULE:FREQ=HOURLY;INTERVAL=3" execution_environment: My EE forks: 2 + limit: all instance_groups: - test_instance_group labels: diff --git a/tests/configs/templates.yml b/tests/configs/templates.yml index df1889a05..20a36a495 100644 --- a/tests/configs/templates.yml +++ b/tests/configs/templates.yml @@ -40,6 +40,7 @@ controller_templates: ask_job_slice_count_on_launch: true ask_labels_on_launch: true ask_timeout_on_launch: true + ask_limit_on_launch: true prevent_instance_group_fallback: true survey_spec: name: '' diff --git a/tests/configs_export_model/differential_items.yml b/tests/configs_export_model/differential_items.yml index 7c504a40d..67fe77227 100644 --- a/tests/configs_export_model/differential_items.yml +++ b/tests/configs_export_model/differential_items.yml @@ -111,7 +111,7 @@ differential_expected: ask_job_slice_count_on_launch: true ask_job_type_on_launch: false ask_labels_on_launch: true - ask_limit_on_launch: false + ask_limit_on_launch: true ask_scm_branch_on_launch: false ask_skip_tags_on_launch: false ask_tags_on_launch: false @@ -184,7 +184,7 @@ differential_expected: job_slice_count: 1 job_tags: "" job_type: - limit: "" + limit: all name: Demo Schedule 2 natural_key: name: Demo Schedule 2 From c39d834a97ac837c57f737e36ea674779e1bdc47 Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Fri, 9 Jun 2023 17:04:07 +0200 Subject: [PATCH 044/129] Fix the diff functionality when using with_present (#615) Co-authored-by: Marges, RSY (Rick) --- plugins/lookup/controller_object_diff.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index b0d2f8d3b..e5ec7f0cd 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -105,6 +105,14 @@ def handle_error(self, **kwargs): def warn_callback(self, warning): self.display.warning(warning) + def create_present_list(self, compare_list): + if not compare_list: + return [compare_list] + + for item in compare_list: + item.update({"state": "present"}) + return compare_list + def run(self, terms, variables=None, **kwargs): self.set_options(direct=kwargs) @@ -114,10 +122,11 @@ def run(self, terms, variables=None, **kwargs): warn_on_empty_api = self.get_option("warn_on_empty_api") if not api_list: if warn_on_empty_api: - self._display.warning("Skipping, did not find items in api_list") + if not compare_list: + self._display.warning("Skipping, did not find items in neither api_list nor compare_list") else: raise AnsibleLookupError("Unable to find items in api_list") - return [api_list] + return self.create_present_list(compare_list) # Set Keys to keep for each list. Depending on type if api_list[0]["type"] == "organization" or api_list[0]["type"] == "credential_type" or api_list[0]["type"] == "instance_group": @@ -285,8 +294,7 @@ def run(self, terms, variables=None, **kwargs): item.update({"state": "absent"}) # Combine Lists if self.get_option("with_present"): - for item in compare_list_reduced: - item.update({"state": "present"}) + self.create_present_list(compare_list_reduced) compare_list.extend(difference) # Return Compare list with difference attached difference = compare_list From 2247e3bc40423e1d6745b2ce252c7b4e420c19a2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 Jun 2023 14:40:01 -0400 Subject: [PATCH 045/129] Update changelog refs/tags/2.4.0 (#616) Co-authored-by: sean-m-sullivan --- CHANGELOG.rst | 36 +++++++++++- changelogs/.plugin-cache.yaml | 18 +++++- changelogs/changelog.yaml | 58 ++++++++++++++++++- changelogs/fragments/enforce_defaults.yml | 7 --- changelogs/fragments/export_defaults.yml | 4 -- .../fragments/filetree_inventory_org.yml | 4 -- changelogs/fragments/get_stats.yml | 4 -- changelogs/fragments/license.yml | 4 -- changelogs/fragments/list_default_fix.yml | 4 -- changelogs/fragments/org_ee.yml | 4 -- changelogs/fragments/project_update.yml | 6 -- changelogs/fragments/role_updates.yml | 9 --- changelogs/fragments/roles_update.yml | 4 -- changelogs/fragments/rrule_bugfix.yml | 4 -- 14 files changed, 107 insertions(+), 59 deletions(-) delete mode 100644 changelogs/fragments/enforce_defaults.yml delete mode 100644 changelogs/fragments/export_defaults.yml delete mode 100644 changelogs/fragments/filetree_inventory_org.yml delete mode 100644 changelogs/fragments/get_stats.yml delete mode 100644 changelogs/fragments/license.yml delete mode 100644 changelogs/fragments/list_default_fix.yml delete mode 100644 changelogs/fragments/org_ee.yml delete mode 100644 changelogs/fragments/project_update.yml delete mode 100644 changelogs/fragments/role_updates.yml delete mode 100644 changelogs/fragments/roles_update.yml delete mode 100644 changelogs/fragments/rrule_bugfix.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 85ada7f19..aac56d440 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,14 +5,46 @@ infra.controller_configuration Release Notes .. contents:: Topics +v2.4.0 +====== + +Minor Changes +------------- + +- Added Roles bulk_host_create, bulk_job_launch. +- Added new_name option to the roles applications, credential_types, execution_environments, inventories, projects, users. +- Added new_username option to user role. +- Added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. +- Added scm_branch option to inventory_sources role. +- Corrected various readmes. +- Credentials role credential type set to mandatory. This would fail in the past if it was not set, this just codifies it. +- If someone wants to have the old behavior, or only update projects with dispatch, the dispatch variable controller_configuration_dispatcher_roles can be overwritten and customized. +- Instances role - changed default of node_type and node_state to omit, as generally these cannot be changed on existing instances unless deploying new instances. +- Inventory role - added input_inventories option for constructed inventories. +- Removed project_update from dispatch. This is because with bringing update_project option in line with the module options, it was running twice both in project and project update. Since both roles use the same variable controller_projects. +- Set the default behavior of project_update to run the update as true, unless the user explicitly sets the variable update_project to overide the default behavior. This is because if the user is specifically calling project_update it should by default update the project. +- Updated workflow job template options to use non depreciated names for options. This should not affect any operations. +- added alias's for applicable roles to use the variables set by the awx cli export. +- added get_stats.yml playbook in the playbook folder to get some basic info on a Tower/Controller instance +- added option for using the export form of default execution environment. +- added option to roles role to support upcoming change to allow lists of teams and users to be used in the module. +- added options to license role to allow use of subcription lookup or pool_id. + +Bugfixes +-------- + +- Fixed defaults for values that are lists. +- Fixed filetree read to error when organization not defined. +- Fixed rrule in schedules to not be mandatory. + v2.3.1 ====== Bugfixes -------- +- Added argument_spec for all roles - Ensures vars get loaded properly by dispatch role -- Fixed issue in filetree_read where arg spec incorrect and caused failure (#550) v2.3.0 ====== @@ -24,6 +56,7 @@ Minor Changes - Add new type of objects for object_diff role: applications, execution environments, instance groups, notifications and schedules - Add no_log to all tasks that populates data to avoid exposing encrypted data - Add task to add Galaxy credentials and Execution Environments to Organization. +- Added argument_spec for all roles - Set the variables to assign_galaxy_credentials_to_org and assign_default_ee_to_org to false in the task to run all roles at dispatch role. - avoid to create orgs during drop_diff - fixed an extra blank line in schedules readme that was breaking the table @@ -37,7 +70,6 @@ Breaking Changes / Porting Guide Bugfixes -------- -- Added argument_spec for all roles - Fixed name of task for inventory source update - Fixed variable definitions in readmes - Removed master_role_example as no longer required (this wasn't a functional role) diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index 7b116cc24..c25f1a145 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -13,6 +13,14 @@ objects: description: An Ansible Role to create Applications on Ansible Controller. name: applications version_added: null + bulk_host_create: + description: An Ansible Role to run a list of ad hoc commands on Ansible Controller. + name: bulk_host_create + version_added: null + bulk_job_launch: + description: An Ansible Role to run a list of ad hoc commands on Ansible Controller. + name: bulk_job_launch + version_added: null credential_input_sources: description: An Ansible Role to create Credential Input Sources on Ansible Controller. name: credential_input_sources @@ -156,10 +164,16 @@ plugins: description: Return difference for objects from Controller API name: controller_object_diff version_added: null - module: {} + module: + controller_export_diff: + description: Compare controller configuration resources with those defined in + code. + name: controller_export_diff + namespace: '' + version_added: null netconf: {} shell: {} strategy: {} test: {} vars: {} -version: 2.3.1 +version: 2.4.0 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 9241d55e4..1aa55a2dd 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -393,12 +393,12 @@ releases: - Removed master_role_example as no longer required (this wasn't a functional role) minor_changes: - - Added argument_spec for all roles - Adapt filetree_read role tests playbook config-controller-filetree.yml. - 'Add new type of objects for object_diff role: applications, execution environments, instance groups, notifications and schedules' - Add no_log to all tasks that populates data to avoid exposing encrypted data - Add task to add Galaxy credentials and Execution Environments to Organization. + - Added argument_spec for all roles - Set the variables to assign_galaxy_credentials_to_org and assign_default_ee_to_org to false in the task to run all roles at dispatch role. - avoid to create orgs during drop_diff @@ -422,3 +422,59 @@ releases: - arg_spec.yml - dispatch_fix.yml release_date: '2023-03-24' + 2.4.0: + changes: + bugfixes: + - Fixed defaults for values that are lists. + - Fixed filetree read to error when organization not defined. + - Fixed rrule in schedules to not be mandatory. + minor_changes: + - Added Roles bulk_host_create, bulk_job_launch. + - Added new_name option to the roles applications, credential_types, execution_environments, + inventories, projects, users. + - Added new_username option to user role. + - Added option to multiple roles to enforce defaults. This is described in each + of the roles readmes and will slowly be rolled out to all applicable roles. + This option enforces module/api defaults in order to prevent config drift. + This makes it so if an option is NOT specified in a configuration it enforces + the default value. It is not enabled by default. + - Added scm_branch option to inventory_sources role. + - Corrected various readmes. + - Credentials role credential type set to mandatory. This would fail in the + past if it was not set, this just codifies it. + - If someone wants to have the old behavior, or only update projects with dispatch, + the dispatch variable controller_configuration_dispatcher_roles can be overwritten + and customized. + - Instances role - changed default of node_type and node_state to omit, as generally + these cannot be changed on existing instances unless deploying new instances. + - Inventory role - added input_inventories option for constructed inventories. + - Removed project_update from dispatch. This is because with bringing update_project + option in line with the module options, it was running twice both in project + and project update. Since both roles use the same variable controller_projects. + - Set the default behavior of project_update to run the update as true, unless + the user explicitly sets the variable update_project to overide the default + behavior. This is because if the user is specifically calling project_update + it should by default update the project. + - Updated workflow job template options to use non depreciated names for options. + This should not affect any operations. + - added alias's for applicable roles to use the variables set by the awx cli + export. + - added get_stats.yml playbook in the playbook folder to get some basic info + on a Tower/Controller instance + - added option for using the export form of default execution environment. + - added option to roles role to support upcoming change to allow lists of teams + and users to be used in the module. + - added options to license role to allow use of subcription lookup or pool_id. + fragments: + - enforce_defaults.yml + - export_defaults.yml + - filetree_inventory_org.yml + - get_stats.yml + - license.yml + - list_default_fix.yml + - org_ee.yml + - project_update.yml + - role_updates.yml + - roles_update.yml + - rrule_bugfix.yml + release_date: '2023-06-09' diff --git a/changelogs/fragments/enforce_defaults.yml b/changelogs/fragments/enforce_defaults.yml deleted file mode 100644 index c0fd4bdd8..000000000 --- a/changelogs/fragments/enforce_defaults.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -minor_changes: - - Added option to multiple roles to enforce defaults. This is described in each of the roles readmes and will slowly be rolled out to all applicable roles. This option enforces module/api defaults in order to prevent config drift. This makes it so if an option is NOT specified in a configuration it enforces the default value. It is not enabled by default. - - Credentials role credential type set to mandatory. This would fail in the past if it was not set, this just codifies it. - - Instances role - changed default of node_type and node_state to omit, as generally these cannot be changed on existing instances unless deploying new instances. - - Inventory role - added input_inventories option for constructed inventories. -... diff --git a/changelogs/fragments/export_defaults.yml b/changelogs/fragments/export_defaults.yml deleted file mode 100644 index 76c559d03..000000000 --- a/changelogs/fragments/export_defaults.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - added alias's for applicable roles to use the variables set by the awx cli export. -... diff --git a/changelogs/fragments/filetree_inventory_org.yml b/changelogs/fragments/filetree_inventory_org.yml deleted file mode 100644 index 646eb4811..000000000 --- a/changelogs/fragments/filetree_inventory_org.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - Fixed filetree read to error when organization not defined. -... diff --git a/changelogs/fragments/get_stats.yml b/changelogs/fragments/get_stats.yml deleted file mode 100644 index 541179f39..000000000 --- a/changelogs/fragments/get_stats.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - added get_stats.yml playbook in the playbook folder to get some basic info on a Tower/Controller instance -... diff --git a/changelogs/fragments/license.yml b/changelogs/fragments/license.yml deleted file mode 100644 index b53b27e3f..000000000 --- a/changelogs/fragments/license.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - added options to license role to allow use of subcription lookup or pool_id. -... diff --git a/changelogs/fragments/list_default_fix.yml b/changelogs/fragments/list_default_fix.yml deleted file mode 100644 index 592ca2150..000000000 --- a/changelogs/fragments/list_default_fix.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - Fixed defaults for values that are lists. -... diff --git a/changelogs/fragments/org_ee.yml b/changelogs/fragments/org_ee.yml deleted file mode 100644 index be782877e..000000000 --- a/changelogs/fragments/org_ee.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - added option for using the export form of default execution environment. -... diff --git a/changelogs/fragments/project_update.yml b/changelogs/fragments/project_update.yml deleted file mode 100644 index 7de2e9af6..000000000 --- a/changelogs/fragments/project_update.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -minor_changes: - - Removed project_update from dispatch. This is because with bringing update_project option in line with the module options, it was running twice both in project and project update. Since both roles use the same variable controller_projects. - - If someone wants to have the old behavior, or only update projects with dispatch, the dispatch variable controller_configuration_dispatcher_roles can be overwritten and customized. - - Set the default behavior of project_update to run the update as true, unless the user explicitly sets the variable update_project to overide the default behavior. This is because if the user is specifically calling project_update it should by default update the project. -... diff --git a/changelogs/fragments/role_updates.yml b/changelogs/fragments/role_updates.yml deleted file mode 100644 index c1519fda4..000000000 --- a/changelogs/fragments/role_updates.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -minor_changes: - - Added new_name option to the roles applications, credential_types, execution_environments, inventories, projects, users. - - Added scm_branch option to inventory_sources role. - - Added new_username option to user role. - - Corrected various readmes. - - Added Roles bulk_host_create, bulk_job_launch. - - Updated workflow job template options to use non depreciated names for options. This should not affect any operations. -... diff --git a/changelogs/fragments/roles_update.yml b/changelogs/fragments/roles_update.yml deleted file mode 100644 index 188953f87..000000000 --- a/changelogs/fragments/roles_update.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - added option to roles role to support upcoming change to allow lists of teams and users to be used in the module. -... diff --git a/changelogs/fragments/rrule_bugfix.yml b/changelogs/fragments/rrule_bugfix.yml deleted file mode 100644 index a0e9688ee..000000000 --- a/changelogs/fragments/rrule_bugfix.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - Fixed rrule in schedules to not be mandatory. -... From 17c10121083e268d218cc6960e88f214533caa1d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 16:29:48 -0400 Subject: [PATCH 046/129] Update pre-commit (#617) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5c03b6a3b..9301cb41f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.7.1 + rev: v0.8.0 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 1c266041dae05c46db241ed7a71ac33e97506d0c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 Jun 2023 10:10:02 -0400 Subject: [PATCH 047/129] Update pre-commit (#618) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9301cb41f..8ae645d4c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.8.0 + rev: v0.8.1 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From b0b01694de54e1540417b57f32890986f697d7ff Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Wed, 14 Jun 2023 05:13:43 +0000 Subject: [PATCH 048/129] Update pre-commit --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 8ae645d4c..2eb6da2da 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.17.0 + rev: v6.17.1 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From b128494271e4aece59ada09075f65a58bf248358 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 14 Jun 2023 11:53:46 -0400 Subject: [PATCH 049/129] bugfix roles role (#621) Co-authored-by: David Danielsson --- .github/workflows/ci_standalone_versioned.yml | 4 ++++ changelogs/fragments/roles_bugfix.yml | 4 ++++ roles/roles/README.md | 1 + roles/roles/tasks/main.yml | 5 +++-- 4 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/roles_bugfix.yml diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 960ed05f8..715fd7e40 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -44,6 +44,10 @@ jobs: - name: set the awx password in the inventory run: echo "admin_password='password'" >> awx/tools/docker-compose/inventory + - name: Find and replace dependency + run: sed -i 's,rsyslog-8.2102.0-106.el9 ,https://download.copr.fedorainfracloud.org/results/ansible/Rsyslog/epel-9-x86_64/06076718-rsyslog/rsyslog-8.2102.0-106.el9.x86_64.rpm ,' tools/ansible/roles/dockerfile/templates/Dockerfile.j2 + working-directory: awx + - name: build images working-directory: awx run: make docker-compose-build diff --git a/changelogs/fragments/roles_bugfix.yml b/changelogs/fragments/roles_bugfix.yml new file mode 100644 index 000000000..b32fdef0e --- /dev/null +++ b/changelogs/fragments/roles_bugfix.yml @@ -0,0 +1,4 @@ +bugfixes: + - fixed an the users and teams field on the roles role to be correct and not singular. +minor_changes: + - added the instance_groups filed to the roles role. diff --git a/roles/roles/README.md b/roles/roles/README.md index 4c10eaf69..9c3b638c1 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -94,6 +94,7 @@ This also speeds up the overall role. |`lookup_organization`|""|no|str|Organization the inventories, job templates, projects, or workflows the items exists in. Used to help lookup the object, for organization roles see organization. If not provided, will lookup by name only, which does not work with duplicates.| |`project`|""|no|str|The project the role applies against| |`projects`|""|no|list|The project the role applies against| +|`instance_groups`|""|no|list|The instance groups the role applies against| |`state`|`present`|no|str|Desired state of the resource.| #### Role diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 7569ece85..088aa7653 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -2,9 +2,9 @@ - name: Create Role Based Access Entry on Controller role: user: "{{ __controller_role_item.user | default(omit, true) }}" - users: "{{ __controller_role_item.user | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + users: "{{ __controller_role_item.users | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" team: "{{ __controller_role_item.team | default(omit, true) }}" - teams: "{{ __controller_role_item.team | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + teams: "{{ __controller_role_item.teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" role: "{{ __controller_role_item.role | mandatory }}" target_team: "{{ __controller_role_item.target_team | default(omit, true) }}" target_teams: "{{ __controller_role_item.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" @@ -21,6 +21,7 @@ lookup_organization: "{{ __controller_role_item.lookup_organization | default(omit, true) }}" project: "{{ __controller_role_item.project | default(omit, true) }}" projects: "{{ __controller_role_item.projects | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_role_item.instance_groups | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" state: "{{ __controller_role_item.state | default(controller_state | default('present')) }}" # Role Standard Options From 32507ff9f0c6b18fd862ddc001157bd76936c64e Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 14 Jun 2023 23:07:29 -0400 Subject: [PATCH 050/129] Rollback Precommit (#622) * bugfix roles role * update pre-commit * update lint --------- Co-authored-by: David Danielsson --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2eb6da2da..9fcffad7f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.17.1 + rev: fix/offline hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 7821e93a6af9c746420fe126c82b09e34957224e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 22 Jun 2023 14:02:35 +0200 Subject: [PATCH 051/129] added schedules to filetree_create (#625) * added schedules to filetree_create * add the problematic fields to the output file. see https://github.com/redhat-cop/controller_configuration/issues/624 * fix lintering * fix lintering * add new line at EOF * removed new line at EOF * added changelog fragment * added changelog fragment. fix fragment category --- .github/workflows/ci_standalone.yml | 1 + .gitignore | 1 + .../add_schedules_to_filetree_create.yml | 2 + roles/filetree_create/tasks/all.yml | 5 +- roles/filetree_create/tasks/schedules.yml | 38 ++++++++++ .../templates/current_schedules.j2 | 72 +++++++++++++++++++ roles/filetree_create/vars/main.yml | 1 + 7 files changed, 119 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/add_schedules_to_filetree_create.yml create mode 100644 roles/filetree_create/tasks/schedules.yml create mode 100644 roles/filetree_create/templates/current_schedules.j2 diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 1b07f0f30..5527ca370 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -24,6 +24,7 @@ jobs: - 22.1.0 - 22.0.0 - 21.14.0 + - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/.gitignore b/.gitignore index 188a8aadc..df31fe96a 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ galaxy.yml id_rsa* test tests/output +.vscode diff --git a/changelogs/fragments/add_schedules_to_filetree_create.yml b/changelogs/fragments/add_schedules_to_filetree_create.yml new file mode 100644 index 000000000..f00064b5c --- /dev/null +++ b/changelogs/fragments/add_schedules_to_filetree_create.yml @@ -0,0 +1,2 @@ +minor_changes: + - added the possibility to export schedules through the filetree_create role diff --git a/roles/filetree_create/tasks/all.yml b/roles/filetree_create/tasks/all.yml index 900038000..f071181cd 100644 --- a/roles/filetree_create/tasks/all.yml +++ b/roles/filetree_create/tasks/all.yml @@ -7,7 +7,7 @@ no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: Include tasks (block) - when: "['all', 'labels', 'applications', 'instance_groups', 'settings', 'inventory', 'credentials', 'credential_types', 'notification_templates', 'users', 'teams', 'organizations', 'projects', 'execution_environments', 'job_templates', 'workflow_job_templates', 'workflow_job_template_nodes'] | intersect(input_tag) | length > 0" + when: "['all', 'labels', 'applications', 'instance_groups', 'settings', 'inventory', 'credentials', 'credential_types', 'notification_templates', 'users', 'teams', 'organizations', 'projects', 'execution_environments', 'job_templates', 'workflow_job_templates', 'workflow_job_template_nodes', 'schedules'] | intersect(input_tag) | length > 0" block: - name: "Export Inventories and related Groups and Hosts" ansible.builtin.include_tasks: "inventory.yml" @@ -54,4 +54,7 @@ - name: "Export Labels" ansible.builtin.include_tasks: "labels.yml" when: "'labels' in input_tag or 'all' in input_tag" + - name: "Export Schedules" + ansible.builtin.include_tasks: "schedules.yml" + when: "'schedules' in input_tag or 'all' in input_tag" ... diff --git a/roles/filetree_create/tasks/schedules.yml b/roles/filetree_create/tasks/schedules.yml new file mode 100644 index 000000000..762623287 --- /dev/null +++ b/roles/filetree_create/tasks/schedules.yml @@ -0,0 +1,38 @@ +--- +- name: "Get current Schedules from the API" + ansible.builtin.set_fact: + schedules_lookvar: "{{ query(controller_api_plugin, 'api/v2/schedules/', + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + +- name: "Create the schedules output directory for schedules in {{ output_path }}" + ansible.builtin.file: + path: "{{ output_path }}/schedules" + state: directory + mode: '0755' + +- name: "Add current schedules to the schedules output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_schedules.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + label_id: "{{ current_schedules_asset_value.id }}" + label_name: "{{ current_schedules_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/schedules/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" + query_credentials: "{{ query(controller_api_plugin, current_schedules_asset_value.related.credentials, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_instance_groups: "{{ query(controller_api_plugin, current_schedules_asset_value.related.instance_groups, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_labels: "{{ query(controller_api_plugin, current_schedules_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + loop: "{{ schedules_lookvar }}" + loop_control: + loop_var: current_schedules_asset_value + label: "{{ __dest }}" +... diff --git a/roles/filetree_create/templates/current_schedules.j2 b/roles/filetree_create/templates/current_schedules.j2 new file mode 100644 index 000000000..d15467d66 --- /dev/null +++ b/roles/filetree_create/templates/current_schedules.j2 @@ -0,0 +1,72 @@ +--- +controller_schedules: + - name: "{{ current_schedules_asset_value.name }}" +{% if current_schedules_asset_value.description is defined %} + description: "{{ current_schedules_asset_value.description }}" +{% endif %} + organization: "ToDo: The schedule '{{ current_schedules_asset_value.name }}' must have an organization" + enabled: {{ current_schedules_asset_value.enabled }} + unified_job_template: "{{ current_schedules_asset_value.summary_fields.unified_job_template.name }}" +{% if current_schedules_asset_value.summary_fields.inventory is defined %} + inventory: "{{ current_schedules_asset_value.summary_fields.inventory.name }}" +{% endif %} +{% if query_instance_groups | length > 0 %} + instance_groups: +{% for instance_group in query_instance_groups %} + - "{{ instance_group.name }}" +{% endfor %} +{% endif %} + dtstart: "{{ current_schedules_asset_value.dtstart }}" + dtend: "{{ current_schedules_asset_value.dtend }}" + timezone: "{{ current_schedules_asset_value.timezone }}" + rrule: "{{ current_schedules_asset_value.rrule }}" +{% if current_schedules_asset_value.summary_fields.execution_environment is defined %} + execution_environment: "{{ current_schedules_asset_value.summary_fields.execution_environment.name }}" +{% endif %} +{% if current_schedules_asset_value.extra_data is defined %} + extra_data: + {{ current_schedules_asset_value.extra_data | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} +{%- endif -%} +{% if query_credentials | length > 0 %} + credentials: +{% for credential in query_credentials %} + - "{{ credential.name }}" +{% endfor %} +{% endif %} +{% if current_schedules_asset_value.scm_branch is defined %} + scm_branch: "{{ current_schedules_asset_value.scm_branch }}" +{% endif %} +{% if current_schedules_asset_value.forks is defined %} + forks: {{ current_schedules_asset_value.forks | int }} +{% endif %} +{% if current_schedules_asset_value.job_slice_count is defined %} + job_slice_count: {{ current_schedules_asset_value.job_slice_count | int }} +{% endif %} +{% if query_labels | length > 0 %} + labels: +{% for label in query_labels %} + - "{{ label.name }}" +{% endfor %} +{% endif %} +{% if current_schedules_asset_value.timeout is defined %} + timeout: {{ current_schedules_asset_value.timeout | int }} +{% endif %} +{% if current_schedules_asset_value.job_type is defined %} + job_type: "{{ current_schedules_asset_value.job_type }}" +{% endif %} +{% if current_schedules_asset_value.job_tags is defined %} + job_tags: "{{ current_schedules_asset_value.job_tags }}" +{% endif %} +{% if current_schedules_asset_value.skip_tags is defined %} + skip_tags: "{{ current_schedules_asset_value.skip_tags }}" +{% endif %} +{% if current_schedules_asset_value.limit is defined %} + limit: "{{ current_schedules_asset_value.limit }}" +{% endif %} +{% if current_schedules_asset_value.diff_mode is defined %} + diff_mode: {{ current_schedules_asset_value.diff_mode | bool }} +{% endif %} +{% if current_schedules_asset_value.verbosity is defined %} + verbosity: {{ current_schedules_asset_value.verbosity | int }} +{% endif %} +... diff --git a/roles/filetree_create/vars/main.yml b/roles/filetree_create/vars/main.yml index 844828d28..9c13f4ec9 100644 --- a/roles/filetree_create/vars/main.yml +++ b/roles/filetree_create/vars/main.yml @@ -21,4 +21,5 @@ valid_tags: - instance_groups - applications - labels + - schedules ... From ab7b5729d7c648f0d122a2c64e13a77f37c8687c Mon Sep 17 00:00:00 2001 From: Tom Page Date: Thu, 22 Jun 2023 15:26:38 +0100 Subject: [PATCH 052/129] #630 - Fix default for enforce_defaults (#631) --- roles/applications/defaults/main.yml | 2 +- roles/credential_input_sources/defaults/main.yml | 2 +- roles/credential_types/defaults/main.yml | 2 +- roles/credentials/defaults/main.yml | 2 +- roles/execution_environments/defaults/main.yml | 2 +- roles/groups/defaults/main.yml | 2 +- roles/hosts/defaults/main.yml | 2 +- roles/instance_groups/defaults/main.yml | 2 +- roles/instances/defaults/main.yml | 2 +- roles/inventories/defaults/main.yml | 2 +- roles/inventory_sources/defaults/main.yml | 2 +- roles/job_templates/defaults/main.yml | 2 +- roles/notification_templates/defaults/main.yml | 2 +- roles/organizations/defaults/main.yml | 2 +- roles/projects/defaults/main.yml | 2 +- roles/roles/defaults/main.yml | 2 +- roles/schedules/defaults/main.yml | 2 +- roles/teams/defaults/main.yml | 2 +- roles/users/defaults/main.yml | 2 +- roles/workflow_job_templates/defaults/main.yml | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/roles/applications/defaults/main.yml b/roles/applications/defaults/main.yml index 7eb310a7d..85d418b33 100644 --- a/roles/applications/defaults/main.yml +++ b/roles/applications/defaults/main.yml @@ -4,5 +4,5 @@ controller_applications: [] controller_configuration_applications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_applications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_applications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credential_input_sources/defaults/main.yml b/roles/credential_input_sources/defaults/main.yml index bd6320041..cfc92e09a 100644 --- a/roles/credential_input_sources/defaults/main.yml +++ b/roles/credential_input_sources/defaults/main.yml @@ -4,5 +4,5 @@ controller_credential_input_sources: [] controller_configuration_credential_input_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_input_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_input_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credential_types/defaults/main.yml b/roles/credential_types/defaults/main.yml index 8cb2ea2c5..8cdfacf7e 100644 --- a/roles/credential_types/defaults/main.yml +++ b/roles/credential_types/defaults/main.yml @@ -4,5 +4,5 @@ controller_credential_types: [] controller_configuration_credential_types_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_types_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_types_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credentials/defaults/main.yml b/roles/credentials/defaults/main.yml index 2a5c3775b..4a95f2513 100644 --- a/roles/credentials/defaults/main.yml +++ b/roles/credentials/defaults/main.yml @@ -4,5 +4,5 @@ controller_credentials: [] controller_configuration_credentials_secure_logging: "{{ controller_configuration_secure_logging | default(true) }}" controller_configuration_credentials_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credentials_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/execution_environments/defaults/main.yml b/roles/execution_environments/defaults/main.yml index 2cba5cf17..277cce6e4 100644 --- a/roles/execution_environments/defaults/main.yml +++ b/roles/execution_environments/defaults/main.yml @@ -3,5 +3,5 @@ controller_configuration_execution_environments_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_execution_environments_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_execution_environments_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/groups/defaults/main.yml b/roles/groups/defaults/main.yml index c7ecb9447..bf7ced6e0 100644 --- a/roles/groups/defaults/main.yml +++ b/roles/groups/defaults/main.yml @@ -4,5 +4,5 @@ controller_groups: [] controller_configuration_group_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_group_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_group_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/hosts/defaults/main.yml b/roles/hosts/defaults/main.yml index 7604e025c..3bda44683 100644 --- a/roles/hosts/defaults/main.yml +++ b/roles/hosts/defaults/main.yml @@ -4,5 +4,5 @@ controller_hosts: [] controller_configuration_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/instance_groups/defaults/main.yml b/roles/instance_groups/defaults/main.yml index ec0116294..31e5d66b8 100644 --- a/roles/instance_groups/defaults/main.yml +++ b/roles/instance_groups/defaults/main.yml @@ -3,5 +3,5 @@ controller_instance_groups: [] controller_configuration_instance_groups_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instance_groups_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instance_groups_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/instances/defaults/main.yml b/roles/instances/defaults/main.yml index 2773eb8ca..01d3d3559 100644 --- a/roles/instances/defaults/main.yml +++ b/roles/instances/defaults/main.yml @@ -3,5 +3,5 @@ controller_instances: [] controller_configuration_instances_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instances_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instances_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/inventories/defaults/main.yml b/roles/inventories/defaults/main.yml index a5510f43c..216396b95 100644 --- a/roles/inventories/defaults/main.yml +++ b/roles/inventories/defaults/main.yml @@ -4,5 +4,5 @@ controller_inventories: [] controller_configuration_inventories_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventories_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventories_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/inventory_sources/defaults/main.yml b/roles/inventory_sources/defaults/main.yml index 2bf3d01cf..ffd8305ed 100644 --- a/roles/inventory_sources/defaults/main.yml +++ b/roles/inventory_sources/defaults/main.yml @@ -3,5 +3,5 @@ controller_inventory_sources: [] controller_configuration_inventory_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventory_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventory_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/job_templates/defaults/main.yml b/roles/job_templates/defaults/main.yml index 1cfd57374..92a20a26d 100644 --- a/roles/job_templates/defaults/main.yml +++ b/roles/job_templates/defaults/main.yml @@ -4,5 +4,5 @@ controller_templates: [] controller_configuration_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_job_templates_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_job_templates_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/notification_templates/defaults/main.yml b/roles/notification_templates/defaults/main.yml index f5fc5fe03..21280459a 100644 --- a/roles/notification_templates/defaults/main.yml +++ b/roles/notification_templates/defaults/main.yml @@ -4,5 +4,5 @@ controller_notifications: [] controller_configuration_notifications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_notifications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_notifications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/organizations/defaults/main.yml b/roles/organizations/defaults/main.yml index 9da400e8c..548f2e20d 100644 --- a/roles/organizations/defaults/main.yml +++ b/roles/organizations/defaults/main.yml @@ -3,7 +3,7 @@ controller_organizations: [] controller_configuration_organizations_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_organizations_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_organizations_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true ... diff --git a/roles/projects/defaults/main.yml b/roles/projects/defaults/main.yml index f4eeb2c50..294de733d 100644 --- a/roles/projects/defaults/main.yml +++ b/roles/projects/defaults/main.yml @@ -4,5 +4,5 @@ controller_projects: [] controller_configuration_projects_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_projects_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_projects_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/roles/defaults/main.yml b/roles/roles/defaults/main.yml index a4ee7e0c0..64766c03e 100644 --- a/roles/roles/defaults/main.yml +++ b/roles/roles/defaults/main.yml @@ -4,5 +4,5 @@ controller_roles: [] controller_configuration_role_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_role_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_role_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/schedules/defaults/main.yml b/roles/schedules/defaults/main.yml index 3c3e9c935..13cfc0cfd 100644 --- a/roles/schedules/defaults/main.yml +++ b/roles/schedules/defaults/main.yml @@ -4,5 +4,5 @@ controller_schedules: [] controller_configuration_schedules_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_schedules_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_schedules_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/teams/defaults/main.yml b/roles/teams/defaults/main.yml index c17c0313c..819dc6c10 100644 --- a/roles/teams/defaults/main.yml +++ b/roles/teams/defaults/main.yml @@ -4,5 +4,5 @@ controller_teams: [] controller_configuration_teams_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_teams_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_teams_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/users/defaults/main.yml b/roles/users/defaults/main.yml index 63d7c0626..7b2edab1e 100644 --- a/roles/users/defaults/main.yml +++ b/roles/users/defaults/main.yml @@ -8,5 +8,5 @@ controller_user_default_password: "change_me" controller_configuration_users_secure_logging: "{{ controller_configuration_secure_logging | default('true') }}" controller_configuration_users_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_users_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/workflow_job_templates/defaults/main.yml b/roles/workflow_job_templates/defaults/main.yml index ef3ce2306..15a372c4f 100644 --- a/roles/workflow_job_templates/defaults/main.yml +++ b/roles/workflow_job_templates/defaults/main.yml @@ -4,5 +4,5 @@ controller_workflows: [] workflow_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_workflow_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_workflow_async_delay: "{{ controller_configuration_async_delay | default(1) }}" -controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default('false') }}" +controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... From c230c302753c17f304d6a9695963383652129a93 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Thu, 22 Jun 2023 14:38:21 -0400 Subject: [PATCH 053/129] Update Pre-commit (#634) * bugfix roles role * update pre-commit * update lint * Update ansible-lint --------- Co-authored-by: David Danielsson --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9fcffad7f..d573b4086 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: fix/offline + rev: v6.17.2 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 18ab9191c2d5c810642c87d53b1c2134a63ad333 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Fri, 23 Jun 2023 12:24:01 +0100 Subject: [PATCH 054/129] Adds changelog to #631 (#633) --- changelogs/fragments/630-enforce-defs.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 changelogs/fragments/630-enforce-defs.yml diff --git a/changelogs/fragments/630-enforce-defs.yml b/changelogs/fragments/630-enforce-defs.yml new file mode 100644 index 000000000..c603dbbf6 --- /dev/null +++ b/changelogs/fragments/630-enforce-defs.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - Changes default value for `*_enforce_defaults` to false instead of the truthy value (due to the quotes), 'false'. +... From 8e28cfda14dd57f1c2318885ab8bc3971d4d1734 Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Fri, 23 Jun 2023 11:13:33 +0200 Subject: [PATCH 055/129] #626 remove depencency of CONTROLER_USERNAME variable for object_diff role --- roles/object_diff/tasks/hosts.yml | 3 +-- roles/object_diff/tasks/instance_groups.yml | 3 +-- roles/object_diff/tasks/organizations.yml | 3 +-- roles/object_diff/tasks/roles.yml | 3 +-- roles/object_diff/tasks/teams.yml | 3 +-- roles/object_diff/tasks/user_accounts.yml | 3 +-- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/roles/object_diff/tasks/hosts.yml b/roles/object_diff/tasks/hosts.yml index 5465bd9f6..19462db98 100644 --- a/roles/object_diff/tasks/hosts.yml +++ b/roles/object_diff/tasks/hosts.yml @@ -14,8 +14,7 @@ 'has_inventory_sources': 'false', 'not__total_hosts': '0', 'not__kind': 'smart'}, - host=controller_hostname, username=controller_username, - oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/instance_groups.yml b/roles/object_diff/tasks/instance_groups.yml index 2a3400067..d67512439 100644 --- a/roles/object_diff/tasks/instance_groups.yml +++ b/roles/object_diff/tasks/instance_groups.yml @@ -1,8 +1,7 @@ --- - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: - __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'users', - query_params={'username': controller_username}, + __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" diff --git a/roles/object_diff/tasks/organizations.yml b/roles/object_diff/tasks/organizations.yml index 33589b654..a2c522c08 100644 --- a/roles/object_diff/tasks/organizations.yml +++ b/roles/object_diff/tasks/organizations.yml @@ -1,8 +1,7 @@ --- - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: - __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'users', - query_params={'username': controller_username}, + __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index 34eb7f639..61e44ea67 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -1,8 +1,7 @@ --- - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: - __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'users', - query_params={'username': controller_username}, + __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/teams.yml b/roles/object_diff/tasks/teams.yml index b05972677..9d35607d0 100644 --- a/roles/object_diff/tasks/teams.yml +++ b/roles/object_diff/tasks/teams.yml @@ -1,8 +1,7 @@ --- - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: - __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'users', - query_params={'username': controller_username}, + __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/user_accounts.yml b/roles/object_diff/tasks/user_accounts.yml index 80050bf8d..5395c72a5 100644 --- a/roles/object_diff/tasks/user_accounts.yml +++ b/roles/object_diff/tasks/user_accounts.yml @@ -2,8 +2,7 @@ # tasks file for controller_ldap_settings - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: - __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'users', - query_params={'username': controller_username}, + __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" From 50c3bf069a9b818a1cd72fdbf39c483b873e202a Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Fri, 23 Jun 2023 13:00:25 +0200 Subject: [PATCH 056/129] add changelog --- changelogs/fragments/remove_username_dependency_objectdiff | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/remove_username_dependency_objectdiff diff --git a/changelogs/fragments/remove_username_dependency_objectdiff b/changelogs/fragments/remove_username_dependency_objectdiff new file mode 100644 index 000000000..302d62f9d --- /dev/null +++ b/changelogs/fragments/remove_username_dependency_objectdiff @@ -0,0 +1,2 @@ +minor_changes: + - remove depencency of CONTROLER_USERNAME variable for object_diff role by calling the API with api/me instead of calling the api/users and filtering by username From f4cb735c1cf566ad5951f8b8150fcd2e837ed521 Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Fri, 23 Jun 2023 13:17:04 +0200 Subject: [PATCH 057/129] fix extension changelog --- changelogs/fragments/remove_username_dependency_objectdiff | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 changelogs/fragments/remove_username_dependency_objectdiff diff --git a/changelogs/fragments/remove_username_dependency_objectdiff b/changelogs/fragments/remove_username_dependency_objectdiff deleted file mode 100644 index 302d62f9d..000000000 --- a/changelogs/fragments/remove_username_dependency_objectdiff +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - remove depencency of CONTROLER_USERNAME variable for object_diff role by calling the API with api/me instead of calling the api/users and filtering by username From fc4983b402b58e5419b10dffe30ad3ba34ae1ee7 Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Fri, 23 Jun 2023 13:17:36 +0200 Subject: [PATCH 058/129] fix extension changelog --- changelogs/fragments/remove_username_dependency_objectdiff.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 changelogs/fragments/remove_username_dependency_objectdiff.yml diff --git a/changelogs/fragments/remove_username_dependency_objectdiff.yml b/changelogs/fragments/remove_username_dependency_objectdiff.yml new file mode 100644 index 000000000..302d62f9d --- /dev/null +++ b/changelogs/fragments/remove_username_dependency_objectdiff.yml @@ -0,0 +1,2 @@ +minor_changes: + - remove depencency of CONTROLER_USERNAME variable for object_diff role by calling the API with api/me instead of calling the api/users and filtering by username From 84a4db9f76f3ed1a351a0be6c5fe12afb521bf6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 22 Jun 2023 17:33:48 +0200 Subject: [PATCH 059/129] added all the fields to the job templates exportation --- .../templates/current_job_templates.j2 | 46 +++++++++++++++---- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/roles/filetree_create/templates/current_job_templates.j2 b/roles/filetree_create/templates/current_job_templates.j2 index 9e172c71f..da5a04864 100644 --- a/roles/filetree_create/templates/current_job_templates.j2 +++ b/roles/filetree_create/templates/current_job_templates.j2 @@ -8,29 +8,52 @@ controller_templates: inventory: "{{ current_job_templates_asset_value.summary_fields.inventory.name }}" {% endif %} playbook: "{{ current_job_templates_asset_value.playbook }}" + scm_branch: "{{ current_job_templates_asset_value.scm_branch }}" + forks: {{ current_job_templates_asset_value.forks }} + limit: "{{ current_job_templates_asset_value.limit }}" + verbosity: {{ current_job_templates_asset_value.verbosity }} job_type: "{{ current_job_templates_asset_value.job_type }}" - fact_caching_enabled: "{{ current_job_templates_asset_value.use_fact_cache }}" + job_slice_count: {{ current_job_templates_asset_value.job_slice_count }} + use_fact_cache: {{ current_job_templates_asset_value.use_fact_cache | bool }} {% if current_job_templates_asset_value.summary_fields.credentials %} credentials: {% for credential in current_job_templates_asset_value.summary_fields.credentials %} - "{{ credential.name }}" {% endfor %} {% endif %} - concurrent_jobs_enabled: "{{ current_job_templates_asset_value.allow_simultaneous }}" - ask_scm_branch_on_launch: "{{ current_job_templates_asset_value.ask_scm_branch_on_launch }}" - ask_tags_on_launch: "{{ current_job_templates_asset_value.ask_tags_on_launch }}" - ask_verbosity_on_launch: "{{ current_job_templates_asset_value.ask_verbosity_on_launch }}" - ask_variables_on_launch: "{{ current_job_templates_asset_value.ask_variables_on_launch }}" + allow_simultaneous: {{ current_job_templates_asset_value.allow_simultaneous | bool }} + ask_scm_branch_on_launch: {{ current_job_templates_asset_value.ask_scm_branch_on_launch | bool }} + ask_diff_mode_on_launch: {{ current_job_templates_asset_value.ask_diff_mode_on_launch | bool }} + ask_tags_on_launch: {{ current_job_templates_asset_value.ask_tags_on_launch | bool }} + ask_skip_tags_on_launch: {{ current_job_templates_asset_value.ask_skip_tags_on_launch | bool }} + ask_job_type_on_launch: {{ current_job_templates_asset_value.ask_job_type_on_launch | bool }} + ask_verbosity_on_launch: {{ current_job_templates_asset_value.ask_verbosity_on_launch | bool }} + ask_variables_on_launch: {{ current_job_templates_asset_value.ask_variables_on_launch | bool }} + ask_inventory_on_launch: {{ current_job_templates_asset_value.ask_inventory_on_launch | bool }} + ask_limit_on_launch: {{ current_job_templates_asset_value.ask_limit_on_launch | bool }} + ask_credential_on_launch: {{ current_job_templates_asset_value.ask_credential_on_launch | bool }} + ask_execution_environment_on_launch: {{ current_job_templates_asset_value.ask_execution_environment_on_launch | bool }} + ask_labels_on_launc: {{ current_job_templates_asset_value.ask_labels_on_launch | bool }} + ask_forks_on_launch: {{ current_job_templates_asset_value.ask_forks_on_launch | bool }} + ask_job_slice_count_on_launch: {{ current_job_templates_asset_value.ask_job_slice_count_on_launch | bool }} + ask_timeout_on_launch: {{ current_job_templates_asset_value.ask_timeout_on_launch | bool }} + ask_instance_groups_on_launch: {{ current_job_templates_asset_value.ask_instance_groups_on_launch | bool }} {% if current_job_templates_asset_value.extra_vars and current_job_templates_asset_value.extra_vars != '---' and current_job_templates_asset_value.extra_vars != '' %} extra_vars: {{ current_job_templates_asset_value.extra_vars | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} -{% if is_aap %} + job_tags: "{{ current_job_templates_asset_value.job_tags }}" + force_handlers: {{ current_job_templates_asset_value.force_handlers | bool }} + skip_tags: "{{ current_job_templates_asset_value.skip_tags }}" + start_at_task: "{{ current_job_templates_asset_value.start_at_task }}" + timeout: {{ current_job_templates_asset_value.timeout | int }} +{% if is_aap and current_job_templates_asset_value.summary_fields.execution_environment is defined %} execution_environment: "{{ current_job_templates_asset_value.summary_fields.execution_environment.name | default(omit) }}" {% endif %} {% if not is_aap %} custom_virtualenv: "{{ current_job_templates_asset_value.custom_virtualenv | default(omit) }}" {% endif %} + host_config_key: "{{ current_job_templates_asset_value.host_config_key }}" {% if query_labels | length > 0 %} labels: {% for label in query_labels %} @@ -55,6 +78,13 @@ controller_templates: - "{{ notification_success.name }}" {% endfor %} {% endif %} - survey_enabled: {{ current_job_templates_asset_value.survey_enabled }} + survey_enabled: {{ current_job_templates_asset_value.survey_enabled | bool }} survey_spec: {{ query(controller_api_plugin, current_job_templates_asset_value.related.survey_spec, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0] }} + become_enabled: {{ current_job_templates_asset_value.become_enabled | bool }} + diff_mode: {{ current_job_templates_asset_value.diff_mode | bool }} + webhook_service: "{{ current_job_templates_asset_value.webhook_service }}" +{% if current_job_templates_asset_value.webhook_credential %} + webhook_credential: "{{ current_job_templates_asset_value.webhook_credential }}" +{% endif %} + prevent_instance_group_fallback: {{ current_job_templates_asset_value.prevent_instance_group_fallback | bool }} ... From 247a27e4e51a1e133505c2ba5e4bae048e89ed76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 22 Jun 2023 17:44:13 +0200 Subject: [PATCH 060/129] remove no needed default --- roles/filetree_create/templates/current_job_templates.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/filetree_create/templates/current_job_templates.j2 b/roles/filetree_create/templates/current_job_templates.j2 index da5a04864..2bb95eecb 100644 --- a/roles/filetree_create/templates/current_job_templates.j2 +++ b/roles/filetree_create/templates/current_job_templates.j2 @@ -48,7 +48,7 @@ controller_templates: start_at_task: "{{ current_job_templates_asset_value.start_at_task }}" timeout: {{ current_job_templates_asset_value.timeout | int }} {% if is_aap and current_job_templates_asset_value.summary_fields.execution_environment is defined %} - execution_environment: "{{ current_job_templates_asset_value.summary_fields.execution_environment.name | default(omit) }}" + execution_environment: "{{ current_job_templates_asset_value.summary_fields.execution_environment.name }}" {% endif %} {% if not is_aap %} custom_virtualenv: "{{ current_job_templates_asset_value.custom_virtualenv | default(omit) }}" From 4aee6a882b4732b40c8b0b275ecda9c08fc878ef Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Sat, 1 Jul 2023 05:02:30 -0400 Subject: [PATCH 061/129] update tests --- .github/workflows/ci_standalone.yml | 6 +----- .github/workflows/ci_standalone_versioned.yml | 6 +++--- tests/configure_controller_export_model.yml | 1 + 3 files changed, 5 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 5527ca370..b4405651f 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,12 +19,8 @@ jobs: matrix: awx_version: - devel + - 22.4.0 - 22.3.0 - - 22.2.0 - - 22.1.0 - - 22.0.0 - - 21.14.0 - - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 715fd7e40..d4e214cd3 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -18,16 +18,16 @@ jobs: steps: - uses: actions/checkout@v2 - - name: "Checkout galaxy_ng" + - name: Checkout AWX uses: actions/checkout@v2 with: repository: ansible/awx path: awx ref: ${{ inputs.awx_version }} - - uses: actions/setup-python@v2 + - uses: actions/setup-python@v4 with: - python-version: "3.8" + python-version: "3.11" - name: Update apt run: sudo apt -y update diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 474567ba7..0c3c22d34 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -78,6 +78,7 @@ - name: Install awxkit python package ansible.builtin.pip: name: awxkit + version: 22.3.0 - name: Export workflow job template infra.controller_configuration.controller_export_diff: From a0bb370b3c8eb8aee7d9d3291cc240ac6cdcc894 Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Thu, 6 Jul 2023 09:47:38 +0200 Subject: [PATCH 062/129] add organizations tag to second dispatch task --- changelogs/fragments/add_organizations_tag.yml | 3 +++ roles/dispatch/tasks/main.yml | 1 + 2 files changed, 4 insertions(+) create mode 100644 changelogs/fragments/add_organizations_tag.yml diff --git a/changelogs/fragments/add_organizations_tag.yml b/changelogs/fragments/add_organizations_tag.yml new file mode 100644 index 000000000..a71cda638 --- /dev/null +++ b/changelogs/fragments/add_organizations_tag.yml @@ -0,0 +1,3 @@ +minor_changes: + - add organizations tag in a dispatch task which is in charge of applying galaxy credencitals in the organization. + diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index 472fd8a49..ea8330cb7 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -19,4 +19,5 @@ apply: tags: - organizations + tags: organizations ... From 66a2c1a566f611f49f9e9b5181e79a2b0d1b3a02 Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Thu, 6 Jul 2023 10:00:04 +0200 Subject: [PATCH 063/129] linting --- changelogs/fragments/add_organizations_tag.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/changelogs/fragments/add_organizations_tag.yml b/changelogs/fragments/add_organizations_tag.yml index a71cda638..29a69038a 100644 --- a/changelogs/fragments/add_organizations_tag.yml +++ b/changelogs/fragments/add_organizations_tag.yml @@ -1,3 +1,2 @@ minor_changes: - add organizations tag in a dispatch task which is in charge of applying galaxy credencitals in the organization. - From 5b89496f919ac0b0508e65d5e8e3184c7d9cffeb Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Thu, 6 Jul 2023 19:26:08 -0400 Subject: [PATCH 064/129] update directory --- README.md | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 2c0dbe853..5717cc81e 100644 --- a/README.md +++ b/README.md @@ -22,15 +22,21 @@ The awx.awx or ansible.controller collections MUST be installed in order for thi - awx.awx ``` -## Red Hat Communities of Practice Configuration Collections Suite - -|Collection Name|Purpose| -|:---:|:---:| -|[Controller Configuration](https://galaxy.ansible.com/redhat_cop/controller_configuration)|Automation controller configuration| -|[Hub Configuration](https://galaxy.ansible.com/redhat_cop/ah_configuration)|Automation hub configuration| -|[EE Utilities](https://galaxy.ansible.com/redhat_cop/ee_utilities)|Execution Environment creation utilities| -|[AAP installation Utilities](https://galaxy.ansible.com/redhat_cop/aap_utilities)|Ansible Automation Platform Utilities| -|[AAP Configuration Template](https://github.com/redhat-cop/aap_configuration_template)|Configuration Template for this suite| +## Links to Ansible Automation Platform Collections + +| Collection Name | Purpose | +|:--------------------------------------------------------------------------------------------:|:----------------------------------------:| +| [awx.awx/Ansible.controller repo](https://github.com/ansible/awx/tree/devel/awx_collection) | Automation controller modules | +| [Ansible Hub Configuration](https://github.com/ansible/automation_hub_collection) | Automation hub configuration | + +## Links to other Validated Configuration Collections for Ansible Automation Platform + +| Collection Name | Purpose | +|:------------------------------------------------------------------------------------------:|:----------------------------------------:| +| [Controller Configuration](https://github.com/redhat-cop/controller_configuration) | Automation controller configuration | +| [EE Utilities](https://github.com/redhat-cop/ee_utilities) | Execution Environment creation utilities | +| [AAP installation Utilities](https://github.com/redhat-cop/aap_utilities) | Ansible Automation Platform Utilities | +| [AAP Configuration Template](https://github.com/redhat-cop/aap_configuration_template) | Configuration Template for this suite | ## Included content From e0e925780a5d96747f487328e4dcc4798f464dd8 Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Tue, 11 Jul 2023 05:14:47 +0000 Subject: [PATCH 065/129] Update pre-commit --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d573b4086..a918020d9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.3.0 + rev: 23.7.0 hooks: - id: black name: black From 608cf5013a5c546cdd97f0530810794201f84945 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 13 Jul 2023 12:50:05 +0200 Subject: [PATCH 066/129] Filetree create schedules instance groups (#645) * run the query only if there is something to get returned * add control to the other fields * add 21.13.0 release needed for the tests to be successfull --- .github/workflows/ci_standalone.yml | 1 + roles/filetree_create/tasks/schedules.yml | 6 +++--- roles/filetree_create/templates/current_schedules.j2 | 8 ++++++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index b4405651f..7ea36949d 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -21,6 +21,7 @@ jobs: - devel - 22.4.0 - 22.3.0 + - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/roles/filetree_create/tasks/schedules.yml b/roles/filetree_create/tasks/schedules.yml index 762623287..83a110e05 100644 --- a/roles/filetree_create/tasks/schedules.yml +++ b/roles/filetree_create/tasks/schedules.yml @@ -24,13 +24,13 @@ __dest: "{{ output_path }}/schedules/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" query_credentials: "{{ query(controller_api_plugin, current_schedules_asset_value.related.credentials, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.credentials is defined else [] }}" query_instance_groups: "{{ query(controller_api_plugin, current_schedules_asset_value.related.instance_groups, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.instance_groups is defined else [] }}" query_labels: "{{ query(controller_api_plugin, current_schedules_asset_value.related.labels, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.labels is defined else [] }}" loop: "{{ schedules_lookvar }}" loop_control: loop_var: current_schedules_asset_value diff --git a/roles/filetree_create/templates/current_schedules.j2 b/roles/filetree_create/templates/current_schedules.j2 index d15467d66..acaf16fda 100644 --- a/roles/filetree_create/templates/current_schedules.j2 +++ b/roles/filetree_create/templates/current_schedules.j2 @@ -16,10 +16,18 @@ controller_schedules: - "{{ instance_group.name }}" {% endfor %} {% endif %} +{% if current_schedules_asset_value.dtstart is defined %} dtstart: "{{ current_schedules_asset_value.dtstart }}" +{% endif %} +{% if current_schedules_asset_value.dtend is defined %} dtend: "{{ current_schedules_asset_value.dtend }}" +{% endif %} +{% if current_schedules_asset_value.timezone is defined %} timezone: "{{ current_schedules_asset_value.timezone }}" +{% endif %} +{% if current_schedules_asset_value.rrule is defined %} rrule: "{{ current_schedules_asset_value.rrule }}" +{% endif %} {% if current_schedules_asset_value.summary_fields.execution_environment is defined %} execution_environment: "{{ current_schedules_asset_value.summary_fields.execution_environment.name }}" {% endif %} From 80fb2024b2688c47d6c7b889b3b05f7f0d785f72 Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Mon, 17 Jul 2023 17:28:07 +0200 Subject: [PATCH 067/129] Change lookup to query to ensure list (#647) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Change lookup to query to ensure list * Prevent the diff plugin from returning a nested list * Correctly make use of the present_list * Add changelog fragment --------- Co-authored-by: Marges, RSY (Rick) Co-authored-by: Ivan Aragonés Muniesa <26822043+ivarmu@users.noreply.github.com> --- changelogs/fragments/change_from_lookup_to_query.yml | 5 +++++ plugins/lookup/controller_object_diff.py | 9 +++++---- roles/object_diff/tasks/applications.yml | 2 +- roles/object_diff/tasks/credential_types.yml | 2 +- roles/object_diff/tasks/credentials.yml | 2 +- roles/object_diff/tasks/execution_environments.yml | 2 +- roles/object_diff/tasks/groups.yml | 2 +- roles/object_diff/tasks/hosts.yml | 2 +- roles/object_diff/tasks/instance_groups.yml | 2 +- roles/object_diff/tasks/inventories.yml | 2 +- roles/object_diff/tasks/inventory_sources.yml | 2 +- roles/object_diff/tasks/job_templates.yml | 2 +- roles/object_diff/tasks/notification_templates.yml | 2 +- roles/object_diff/tasks/organizations.yml | 2 +- roles/object_diff/tasks/projects.yml | 2 +- roles/object_diff/tasks/roles.yml | 2 +- roles/object_diff/tasks/schedules.yml | 2 +- roles/object_diff/tasks/teams.yml | 2 +- roles/object_diff/tasks/user_accounts.yml | 2 +- roles/object_diff/tasks/workflow_job_templates.yml | 2 +- tests/configs/differential_items.yml | 4 ++++ tests/configure_controller.yml | 4 ++-- tests/tasks/differential.yml | 4 ++-- 23 files changed, 36 insertions(+), 26 deletions(-) create mode 100644 changelogs/fragments/change_from_lookup_to_query.yml diff --git a/changelogs/fragments/change_from_lookup_to_query.yml b/changelogs/fragments/change_from_lookup_to_query.yml new file mode 100644 index 000000000..f15f674d2 --- /dev/null +++ b/changelogs/fragments/change_from_lookup_to_query.yml @@ -0,0 +1,5 @@ +--- +bugfixes: + - 'Fix addition of `state: present` when `with_present: true`' +minor_changes: + - Change from lookup to query in the object_diff task files diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index e5ec7f0cd..e894b7f1c 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -67,7 +67,7 @@ - name: "Find the difference of Project between what is on the Controller versus curated list." set_fact: - project_difference: "{{ lookup('infra.controller_configuration.controller_object_diff', + project_difference: "{{ query('infra.controller_configuration.controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=true, set_absent=true ) }}" @@ -106,11 +106,12 @@ def warn_callback(self, warning): self.display.warning(warning) def create_present_list(self, compare_list): - if not compare_list: + if not compare_list and not isinstance(compare_list, list): return [compare_list] for item in compare_list: item.update({"state": "present"}) + return compare_list def run(self, terms, variables=None, **kwargs): @@ -294,7 +295,7 @@ def run(self, terms, variables=None, **kwargs): item.update({"state": "absent"}) # Combine Lists if self.get_option("with_present"): - self.create_present_list(compare_list_reduced) + compare_list = self.create_present_list(compare_list) compare_list.extend(difference) # Return Compare list with difference attached difference = compare_list @@ -307,4 +308,4 @@ def run(self, terms, variables=None, **kwargs): for item in difference_to_remove: difference.remove(item) - return [difference] + return difference diff --git a/roles/object_diff/tasks/applications.yml b/roles/object_diff/tasks/applications.yml index 3fc72ede8..9651143dc 100644 --- a/roles/object_diff/tasks/applications.yml +++ b/roles/object_diff/tasks/applications.yml @@ -16,7 +16,7 @@ - name: "Find the difference of Application between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __applications_difference: "{{ lookup(controller_role_plugin, + __applications_difference: "{{ query(controller_role_plugin, api_list=__controller_api_applications, compare_list=controller_applications, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/credential_types.yml b/roles/object_diff/tasks/credential_types.yml index 4d4fabff3..bae39645b 100644 --- a/roles/object_diff/tasks/credential_types.yml +++ b/roles/object_diff/tasks/credential_types.yml @@ -22,7 +22,7 @@ - name: "Find the difference of Credential Types between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __credential_types_difference: "{{ lookup(controller_role_plugin, + __credential_types_difference: "{{ query(controller_role_plugin, api_list=__controller_api_credential_types, compare_list=controller_credential_types, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/credentials.yml b/roles/object_diff/tasks/credentials.yml index bbe003cba..fba26423a 100644 --- a/roles/object_diff/tasks/credentials.yml +++ b/roles/object_diff/tasks/credentials.yml @@ -19,7 +19,7 @@ - name: "Find the difference of Credentials between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __credentials_difference: "{{ lookup(controller_role_plugin, + __credentials_difference: "{{ query(controller_role_plugin, api_list=__controller_api_credentials, compare_list=controller_credentials, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/execution_environments.yml b/roles/object_diff/tasks/execution_environments.yml index 27c4be89a..13dec4a9e 100644 --- a/roles/object_diff/tasks/execution_environments.yml +++ b/roles/object_diff/tasks/execution_environments.yml @@ -16,7 +16,7 @@ - name: "Find the difference of Execution Environment between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __execution_environments_difference: "{{ lookup(controller_role_plugin, + __execution_environments_difference: "{{ query(controller_role_plugin, api_list=__controller_api_execution_environments, compare_list=controller_execution_environments, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/groups.yml b/roles/object_diff/tasks/groups.yml index 209e4a87c..9847179e7 100644 --- a/roles/object_diff/tasks/groups.yml +++ b/roles/object_diff/tasks/groups.yml @@ -36,7 +36,7 @@ block: - name: "Find the difference of Groups between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __groups_difference: "{{ lookup(controller_role_plugin, + __groups_difference: "{{ query(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_groups, compare_list=controller_groups, with_present=include_present_state, set_absent=true) diff --git a/roles/object_diff/tasks/hosts.yml b/roles/object_diff/tasks/hosts.yml index 19462db98..d5e9e4c6b 100644 --- a/roles/object_diff/tasks/hosts.yml +++ b/roles/object_diff/tasks/hosts.yml @@ -36,7 +36,7 @@ block: - name: "Find the difference of Hosts between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __hosts_difference: "{{ lookup(controller_role_plugin, + __hosts_difference: "{{ query(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_hosts, compare_list=controller_hosts, with_present=include_present_state, set_absent=true) diff --git a/roles/object_diff/tasks/instance_groups.yml b/roles/object_diff/tasks/instance_groups.yml index d67512439..b1ff4ba26 100644 --- a/roles/object_diff/tasks/instance_groups.yml +++ b/roles/object_diff/tasks/instance_groups.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Instance Groups between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __instance_groups_difference: "{{ lookup(controller_role_plugin, + __instance_groups_difference: "{{ query(controller_role_plugin, api_list=__controller_api_instance_groups, compare_list=controller_instance_groups, with_present=include_present_state, diff --git a/roles/object_diff/tasks/inventories.yml b/roles/object_diff/tasks/inventories.yml index d5c2665d8..b1307428f 100644 --- a/roles/object_diff/tasks/inventories.yml +++ b/roles/object_diff/tasks/inventories.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Inventories between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __inventories_difference: "{{ lookup(controller_role_plugin, + __inventories_difference: "{{ query(controller_role_plugin, api_list=__controller_api_inventories, compare_list=controller_inventories, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/inventory_sources.yml b/roles/object_diff/tasks/inventory_sources.yml index 5aa28799f..44cf6ef0b 100644 --- a/roles/object_diff/tasks/inventory_sources.yml +++ b/roles/object_diff/tasks/inventory_sources.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Inventory Sources between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __inventory_sources_difference: "{{ lookup(controller_role_plugin, + __inventory_sources_difference: "{{ query(controller_role_plugin, api_list=__controller_api_inventory_sources, compare_list=controller_inventory_sources, with_present=include_present_state, set_absent=true) diff --git a/roles/object_diff/tasks/job_templates.yml b/roles/object_diff/tasks/job_templates.yml index 9ea242234..00eeb351b 100644 --- a/roles/object_diff/tasks/job_templates.yml +++ b/roles/object_diff/tasks/job_templates.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Job Templates between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __job_templates_difference: "{{ lookup(controller_role_plugin, + __job_templates_difference: "{{ query(controller_role_plugin, api_list=__controller_api_job_templates, compare_list=controller_templates, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/notification_templates.yml b/roles/object_diff/tasks/notification_templates.yml index 8dddee6c4..9af7122a5 100644 --- a/roles/object_diff/tasks/notification_templates.yml +++ b/roles/object_diff/tasks/notification_templates.yml @@ -16,7 +16,7 @@ - name: "Find the difference of Notification Template between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __notification_templates_difference: "{{ lookup(controller_role_plugin, + __notification_templates_difference: "{{ query(controller_role_plugin, api_list=__controller_api_notification_templates, compare_list=controller_notifications, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/organizations.yml b/roles/object_diff/tasks/organizations.yml index a2c522c08..3da346712 100644 --- a/roles/object_diff/tasks/organizations.yml +++ b/roles/object_diff/tasks/organizations.yml @@ -20,7 +20,7 @@ - name: "Find the difference of Organizations between what is on the Controller versus curated list." ansible.builtin.set_fact: - __organizations_difference: "{{ lookup(controller_role_plugin, + __organizations_difference: "{{ query(controller_role_plugin, api_list=__controller_api_organizations, compare_list=controller_organizations, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/projects.yml b/roles/object_diff/tasks/projects.yml index 1ca3675cd..cc48a8b60 100644 --- a/roles/object_diff/tasks/projects.yml +++ b/roles/object_diff/tasks/projects.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Project between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __projects_difference: "{{ lookup(controller_role_plugin, + __projects_difference: "{{ query(controller_role_plugin, api_list=__controller_api_projects, compare_list=controller_projects, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index 61e44ea67..ba706b62b 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -52,7 +52,7 @@ - name: "Find the difference of Roles between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __roles_difference: "{{ lookup(controller_role_plugin, + __roles_difference: "{{ query(controller_role_plugin, api_list=__full_controller_api_roles, compare_list=controller_roles, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/schedules.yml b/roles/object_diff/tasks/schedules.yml index b217e97f1..7eb2dc271 100644 --- a/roles/object_diff/tasks/schedules.yml +++ b/roles/object_diff/tasks/schedules.yml @@ -37,7 +37,7 @@ - name: "Find the difference of Schedule between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __schedules_difference: "{{ lookup(controller_role_plugin, + __schedules_difference: "{{ query(controller_role_plugin, api_list=__controller_api_schedules, compare_list=controller_schedules, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/teams.yml b/roles/object_diff/tasks/teams.yml index 9d35607d0..36221d368 100644 --- a/roles/object_diff/tasks/teams.yml +++ b/roles/object_diff/tasks/teams.yml @@ -29,7 +29,7 @@ - name: "Find the difference of Teams between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __teams_difference: "{{ lookup(controller_role_plugin, + __teams_difference: "{{ query(controller_role_plugin, api_list=__controller_api_teams, compare_list=controller_teams, with_present=include_present_state, diff --git a/roles/object_diff/tasks/user_accounts.yml b/roles/object_diff/tasks/user_accounts.yml index 5395c72a5..e4dc4ef27 100644 --- a/roles/object_diff/tasks/user_accounts.yml +++ b/roles/object_diff/tasks/user_accounts.yml @@ -35,7 +35,7 @@ block: - name: "Find the difference of User Accounts between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __user_accounts_difference: "{{ lookup(controller_role_plugin, + __user_accounts_difference: "{{ query(controller_role_plugin, api_list=__controller_api_user_accounts, compare_list=controller_user_accounts, with_present=include_present_state, set_absent=true) }}" diff --git a/roles/object_diff/tasks/workflow_job_templates.yml b/roles/object_diff/tasks/workflow_job_templates.yml index bf2ecc2bb..2609e9ba0 100644 --- a/roles/object_diff/tasks/workflow_job_templates.yml +++ b/roles/object_diff/tasks/workflow_job_templates.yml @@ -18,7 +18,7 @@ - name: "Find the difference of Workflow Job Templates between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: - __workflow_job_templates_difference: "{{ lookup(controller_role_plugin, + __workflow_job_templates_difference: "{{ query(controller_role_plugin, api_list=__controller_api_workflow_job_templates, compare_list=controller_workflows, with_present=include_present_state, set_absent=true) diff --git a/tests/configs/differential_items.yml b/tests/configs/differential_items.yml index 3adeff41c..217603386 100644 --- a/tests/configs/differential_items.yml +++ b/tests/configs/differential_items.yml @@ -45,17 +45,20 @@ differential_items: organization: Default scm_type: git scm_url: https://github.com/ansible/tower-example.git + state: present - description: ansible-examples name: Test Inventory source project organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git + state: present - credential: gitlab-personal-access-token for satqe_auto_droid description: ansible-examples name: Test Inventory source project with credential organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git + state: present wait: false - description: Test Project 1 name: Test Project @@ -64,6 +67,7 @@ differential_items: scm_clean: true scm_type: git scm_url: https://github.com/ansible/tower-example.git + state: present - name: Demo Project organization: Default state: absent diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 8878cb423..9d59e1d85 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -183,13 +183,13 @@ - name: "Error out on empty list" ansible.builtin.set_fact: - error_empty_diff: "{{ lookup('controller_object_diff', api_list=controller_api_results, compare_list=differential_test_items, warn_on_empty_api=false) }}" + error_empty_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_test_items, warn_on_empty_api=false) }}" ignore_errors: true register: error_results - name: "Warn out on empty list" ansible.builtin.set_fact: - warn_empty_diff: "{{ lookup('controller_object_diff', api_list=controller_api_results, compare_list=differential_test_items) }}" + warn_empty_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_test_items) }}" register: warn_results - name: "Assert that the empty list error correctly" diff --git a/tests/tasks/differential.yml b/tests/tasks/differential.yml index 261f51419..5fd698c7c 100644 --- a/tests/tasks/differential.yml +++ b/tests/tasks/differential.yml @@ -1,11 +1,11 @@ --- - name: "Get the API list in the Default Organization of all {{ differential_item.name }}" ansible.builtin.set_fact: - controller_api_results: "{{ lookup(controller_api_plugin, differential_item.name, query_params={'organization': controller_organization_id.id}, host=controller_hostname, username=controller_username, password=controller_password, verify_ssl=false) }}" + controller_api_results: "{{ query(controller_api_plugin, differential_item.name, query_params={'organization': controller_organization_id.id}, host=controller_hostname, username=controller_username, password=controller_password, verify_ssl=false) }}" - name: "Find the difference between what is on the Controller versus curated list of {{ differential_item.name }}" ansible.builtin.set_fact: - set_absent_diff: "{{ lookup('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) }}" + set_absent_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) }}" - name: Display set_absent_diff ansible.builtin.debug: From 9f25df4759e2a2fbe4f12964b622682195bc0530 Mon Sep 17 00:00:00 2001 From: Eric C Chong Date: Thu, 20 Jul 2023 12:23:15 -0400 Subject: [PATCH 068/129] Bug/fix credentials role ignoring update secrets (#651) * should not force 'default' to true when update_secrets is fales * should not force 'default' to true when update_secrets is fales --- changelogs/fragments/credentials_role_bugfix.yml | 2 ++ roles/credentials/tasks/main.yml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/credentials_role_bugfix.yml diff --git a/changelogs/fragments/credentials_role_bugfix.yml b/changelogs/fragments/credentials_role_bugfix.yml new file mode 100644 index 000000000..761db2c21 --- /dev/null +++ b/changelogs/fragments/credentials_role_bugfix.yml @@ -0,0 +1,2 @@ +bugfixes: + - fix 'credentials' role ignoring 'update_secrets: false' and forcing to default 'true' diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 1ca7712f2..60f83e767 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -10,7 +10,7 @@ inputs: "{{ __controller_credentials_item.inputs | default(( {} if controller_configuration_credentials_enforce_defaults else omit), true) }}" user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" - update_secrets: "{{ __controller_credentials_item.update_secrets | default(( true if controller_configuration_credentials_enforce_defaults else omit), true) }}" + update_secrets: "{{ __controller_credentials_item.update_secrets | default( true if controller_configuration_credentials_enforce_defaults else omit) }}" state: "{{ __controller_credentials_item.state | default(controller_state | default('present')) }}" # Role specific options From 5a9da42e22926fe89d5f72a81ae457f35909c814 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Fri, 21 Jul 2023 02:46:50 +0200 Subject: [PATCH 069/129] fixed exporting job templates issues (#650) * fixed collection detection and exporting job templates issues * fixed collection detection and exporting job templates issues * fixed collection detection and exporting job templates issues * fixed collection detection and exporting job templates issues * revert fixes for collection detection as it hasn't been reported to be failling * fixed bugs in settings exportation. Added changelog fragment * fixed bugs in notification_templates exportation. Added changelog fragment * fixed bugs in schedules exportation. Added changelog fragment * typo in changelog fragment * temporary fix integration tests * temporary fix integration tests. Better solution * Revert "temporary fix integration tests. Better solution" This reverts commit 363b4d4b01ddd72db2b7bf8aa20c1e53f1218878. --- .github/workflows/ci_standalone_versioned.yml | 2 +- changelogs/fragments/filetree_create_bugfix.yml | 6 ++++++ .../templates/current_job_templates.j2 | 14 ++++++++++++++ .../templates/current_notification_templates.j2 | 12 +++++++++++- .../filetree_create/templates/current_schedules.j2 | 2 +- .../filetree_create/templates/current_settings.j2 | 11 +++++------ 6 files changed, 38 insertions(+), 9 deletions(-) create mode 100644 changelogs/fragments/filetree_create_bugfix.yml diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index d4e214cd3..12d8d4409 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -36,7 +36,7 @@ jobs: run: sudo apt-get install -y libsasl2-dev python3-dev libldap2-dev libssl-dev build-essential - name: Install docker-compose - run: pip3 install --upgrade docker-compose + run: pip3 install --upgrade docker-compose pyyaml==5.3.1 - name: collect system info run: whoami; id; pwd; ls -al; uname -a ; df -h .; mount ; cat /etc/issue; docker --version ; ps aux | fgrep -i docker; ls -al /var/run/containerd/containerd.sock diff --git a/changelogs/fragments/filetree_create_bugfix.yml b/changelogs/fragments/filetree_create_bugfix.yml new file mode 100644 index 000000000..42d6634bc --- /dev/null +++ b/changelogs/fragments/filetree_create_bugfix.yml @@ -0,0 +1,6 @@ +bugfixes: + - When exporting job templates it was failing when missing some input information. + - "When importing the exported settings, fields like `AUTOMATION_ANALYTICS_LAST_GATHER: 2023-07-17T13:22:06.445818Z` caused problems with the multiple `:`." + - When importing the exported notification templates, the types of some values are not as expected. + - When exporting schedules, the diff_mode was not treated correctly + - Temporarily fixed an error when installing docker-compose using pip (see https://stackoverflow.com/questions/76708329/docker-compose-no-longer-building-image-attributeerror-cython-sources for more information) diff --git a/roles/filetree_create/templates/current_job_templates.j2 b/roles/filetree_create/templates/current_job_templates.j2 index 2bb95eecb..3d54da336 100644 --- a/roles/filetree_create/templates/current_job_templates.j2 +++ b/roles/filetree_create/templates/current_job_templates.j2 @@ -32,12 +32,24 @@ controller_templates: ask_inventory_on_launch: {{ current_job_templates_asset_value.ask_inventory_on_launch | bool }} ask_limit_on_launch: {{ current_job_templates_asset_value.ask_limit_on_launch | bool }} ask_credential_on_launch: {{ current_job_templates_asset_value.ask_credential_on_launch | bool }} +{% if current_job_templates_asset_value.ask_execution_environment_on_launch is defined %} ask_execution_environment_on_launch: {{ current_job_templates_asset_value.ask_execution_environment_on_launch | bool }} +{% endif %} +{% if current_job_templates_asset_value.ask_labels_on_launch is defined %} ask_labels_on_launc: {{ current_job_templates_asset_value.ask_labels_on_launch | bool }} +{% endif %} +{% if current_job_templates_asset_value.ask_forks_on_launch is defined %} ask_forks_on_launch: {{ current_job_templates_asset_value.ask_forks_on_launch | bool }} +{% endif %} +{% if current_job_templates_asset_value.ask_job_slice_count_on_launch is defined %} ask_job_slice_count_on_launch: {{ current_job_templates_asset_value.ask_job_slice_count_on_launch | bool }} +{% endif %} +{% if current_job_templates_asset_value.ask_timeout_on_launch is defined %} ask_timeout_on_launch: {{ current_job_templates_asset_value.ask_timeout_on_launch | bool }} +{% endif %} +{% if current_job_templates_asset_value.ask_instance_groups_on_launch is defined %} ask_instance_groups_on_launch: {{ current_job_templates_asset_value.ask_instance_groups_on_launch | bool }} +{% endif %} {% if current_job_templates_asset_value.extra_vars and current_job_templates_asset_value.extra_vars != '---' and current_job_templates_asset_value.extra_vars != '' %} extra_vars: {{ current_job_templates_asset_value.extra_vars | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} @@ -86,5 +98,7 @@ controller_templates: {% if current_job_templates_asset_value.webhook_credential %} webhook_credential: "{{ current_job_templates_asset_value.webhook_credential }}" {% endif %} +{% if current_job_templates_asset_value.prevent_instance_group_fallback is defined %} prevent_instance_group_fallback: {{ current_job_templates_asset_value.prevent_instance_group_fallback | bool }} +{% endif %} ... diff --git a/roles/filetree_create/templates/current_notification_templates.j2 b/roles/filetree_create/templates/current_notification_templates.j2 index 66e21f1ee..18008c56a 100644 --- a/roles/filetree_create/templates/current_notification_templates.j2 +++ b/roles/filetree_create/templates/current_notification_templates.j2 @@ -4,7 +4,17 @@ controller_notifications: organization: "{{ current_notification_templates_asset_value.summary_fields.organization.name }}" notification_type: "{{ current_notification_templates_asset_value.notification_type }}" notification_configuration: -{{ current_notification_templates_asset_value.notification_configuration | to_nice_yaml(indent=2) | indent(width=6, first=True) }} +{% for key,value in current_notification_templates_asset_value.notification_configuration.items() %} +{% if value is mapping or (value | type_debug == 'list') %} + {{ key }}: {{ value }} +{% elif (value | type_debug == 'int') %} + {{ key }}: {{ value | int }} +{% elif (value | lower) is match('true') or (value | lower) is match('false') %} + {{ key }}: {{ value | bool }} +{% else %} + {{ key }}: {{ '!unsafe ' if ( value | regex_search('{{')) }}"{{ value | replace('\n','\\n') | replace('"', '\\"') }}" +{% endif %} +{% endfor %} {% if current_notification_templates_asset_value.messages is defined and current_notification_templates_asset_value.messages %} messages: {{ current_notification_templates_asset_value.messages | to_nice_yaml(indent=2) | indent(width=6, first=True) | replace("'{{", "!unsafe \'{{") }} diff --git a/roles/filetree_create/templates/current_schedules.j2 b/roles/filetree_create/templates/current_schedules.j2 index acaf16fda..9bffe3fde 100644 --- a/roles/filetree_create/templates/current_schedules.j2 +++ b/roles/filetree_create/templates/current_schedules.j2 @@ -71,7 +71,7 @@ controller_schedules: {% if current_schedules_asset_value.limit is defined %} limit: "{{ current_schedules_asset_value.limit }}" {% endif %} -{% if current_schedules_asset_value.diff_mode is defined %} +{% if current_schedules_asset_value.diff_mode is defined and current_schedules_asset_value.diff_mode | type_debug != "NoneType" %} diff_mode: {{ current_schedules_asset_value.diff_mode | bool }} {% endif %} {% if current_schedules_asset_value.verbosity is defined %} diff --git a/roles/filetree_create/templates/current_settings.j2 b/roles/filetree_create/templates/current_settings.j2 index 42532cd1a..3fd54f21f 100644 --- a/roles/filetree_create/templates/current_settings.j2 +++ b/roles/filetree_create/templates/current_settings.j2 @@ -2,12 +2,11 @@ controller_settings: - settings: {% for key,value in changed_settings[0].items() %} -{% if key == "AUTH_LDAP_GROUP_TYPE_PARAMS" %} -{{ key | indent(width=6, first=True) }}: {'name_attr': 'cn', 'member_attr': 'member'} -{% elif key == "AUTOMATION_ANALYTICS_LAST_ENTRIES" %} -{{ key | indent(width=6, first=True) }}: {{ value | to_json }} -{% else %} -{{ key | indent(width=6, first=True) }}: {{ value | replace('True', 'true') | replace('False', 'false') | replace('None', 'null') }} +{% if value is mapping or value | type_debug == "list" %} +{{ key | indent(width=6, first=True) }}: +{{ value | to_nice_yaml(indent=2) | indent(width=8, first=True) }} +{%- else %} +{{ key | indent(width=6, first=True) }}: "{{ value | replace('True', 'true') | replace('False', 'false') | replace('None', 'null') }}" {% endif %} {% endfor %} ... From 391d6f8c258c730200c44b77dee30847891234bb Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Fri, 21 Jul 2023 10:26:28 -0400 Subject: [PATCH 070/129] update pyyaml (#652) --- changelogs/fragments/credentials_role_bugfix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/fragments/credentials_role_bugfix.yml b/changelogs/fragments/credentials_role_bugfix.yml index 761db2c21..e86776f76 100644 --- a/changelogs/fragments/credentials_role_bugfix.yml +++ b/changelogs/fragments/credentials_role_bugfix.yml @@ -1,2 +1,2 @@ bugfixes: - - fix 'credentials' role ignoring 'update_secrets: false' and forcing to default 'true' + - fix 'credentials' role ignoring 'update_secrets false' and forcing to default 'true' From 350c616f66f0e891e851c1abd7d86ce15ce7095c Mon Sep 17 00:00:00 2001 From: Ben Formosa Date: Tue, 25 Jul 2023 23:40:56 +1000 Subject: [PATCH 071/129] add controller_configuration_async_dir var (#653) --- changelogs/fragments/async.yml | 4 ++++ roles/applications/README.md | 1 + roles/applications/defaults/main.yml | 1 + roles/applications/meta/argument_specs.yml | 4 ++++ roles/applications/tasks/main.yml | 4 ++-- roles/bulk_host_create/README.md | 1 + roles/bulk_host_create/defaults/main.yml | 1 + roles/bulk_host_create/meta/argument_specs.yml | 6 ++++++ roles/bulk_host_create/tasks/main.yml | 4 ++-- roles/credential_input_sources/README.md | 1 + roles/credential_input_sources/defaults/main.yml | 1 + roles/credential_input_sources/meta/argument_specs.yml | 4 ++++ roles/credential_input_sources/tasks/main.yml | 4 ++-- roles/credential_types/README.md | 1 + roles/credential_types/defaults/main.yml | 1 + roles/credential_types/meta/argument_specs.yml | 4 ++++ roles/credential_types/tasks/main.yml | 4 ++-- roles/credentials/README.md | 1 + roles/credentials/defaults/main.yml | 1 + roles/credentials/meta/argument_specs.yml | 4 ++++ roles/credentials/tasks/main.yml | 4 ++-- roles/execution_environments/README.md | 1 + roles/execution_environments/defaults/main.yml | 1 + roles/execution_environments/meta/argument_specs.yml | 4 ++++ roles/execution_environments/tasks/main.yml | 4 ++-- roles/groups/README.md | 1 + roles/groups/defaults/main.yml | 1 + roles/groups/meta/argument_specs.yml | 4 ++++ roles/groups/tasks/main.yml | 4 ++-- roles/hosts/README.md | 1 + roles/hosts/defaults/main.yml | 1 + roles/hosts/meta/argument_specs.yml | 4 ++++ roles/hosts/tasks/main.yml | 4 ++-- roles/instance_groups/README.md | 1 + roles/instance_groups/defaults/main.yml | 1 + roles/instance_groups/meta/argument_specs.yml | 4 ++++ roles/instance_groups/tasks/main.yml | 4 ++-- roles/instances/README.md | 1 + roles/instances/defaults/main.yml | 1 + roles/instances/meta/argument_specs.yml | 4 ++++ roles/instances/tasks/main.yml | 4 ++-- roles/inventories/README.md | 1 + roles/inventories/defaults/main.yml | 1 + roles/inventories/meta/argument_specs.yml | 4 ++++ roles/inventories/tasks/main.yml | 4 ++-- roles/inventory_source_update/README.md | 1 + roles/inventory_source_update/defaults/main.yml | 1 + roles/inventory_source_update/meta/argument_specs.yml | 4 ++++ roles/inventory_source_update/tasks/main.yml | 4 ++-- roles/inventory_sources/README.md | 1 + roles/inventory_sources/defaults/main.yml | 1 + roles/inventory_sources/meta/argument_specs.yml | 4 ++++ roles/inventory_sources/tasks/main.yml | 4 ++-- roles/job_templates/README.md | 1 + roles/job_templates/defaults/main.yml | 1 + roles/job_templates/meta/argument_specs.yml | 4 ++++ roles/job_templates/tasks/main.yml | 4 ++-- roles/labels/README.md | 1 + roles/labels/defaults/main.yml | 1 + roles/labels/meta/argument_specs.yml | 4 ++++ roles/labels/tasks/main.yml | 4 ++-- roles/notification_templates/README.md | 1 + roles/notification_templates/defaults/main.yml | 1 + roles/notification_templates/meta/argument_specs.yml | 4 ++++ roles/notification_templates/tasks/main.yml | 4 ++-- roles/organizations/README.md | 1 + roles/organizations/defaults/main.yml | 1 + roles/organizations/meta/argument_specs.yml | 4 ++++ roles/organizations/tasks/main.yml | 4 ++-- roles/project_update/README.md | 1 + roles/project_update/defaults/main.yml | 1 + roles/project_update/meta/argument_specs.yml | 4 ++++ roles/project_update/tasks/main.yml | 4 ++-- roles/projects/README.md | 1 + roles/projects/defaults/main.yml | 1 + roles/projects/meta/argument_specs.yml | 4 ++++ roles/projects/tasks/main.yml | 4 ++-- roles/roles/README.md | 1 + roles/roles/defaults/main.yml | 1 + roles/roles/meta/argument_specs.yml | 4 ++++ roles/roles/tasks/main.yml | 4 ++-- roles/schedules/README.md | 1 + roles/schedules/defaults/main.yml | 1 + roles/schedules/meta/argument_specs.yml | 4 ++++ roles/schedules/tasks/main.yml | 4 ++-- roles/settings/README.md | 1 + roles/settings/defaults/main.yml | 1 + roles/settings/meta/argument_specs.yml | 4 ++++ roles/settings/tasks/main.yml | 4 ++-- roles/teams/README.md | 1 + roles/teams/defaults/main.yml | 1 + roles/teams/meta/argument_specs.yml | 4 ++++ roles/teams/tasks/main.yml | 4 ++-- roles/users/README.md | 1 + roles/users/defaults/main.yml | 1 + roles/users/meta/argument_specs.yml | 4 ++++ roles/users/tasks/main.yml | 4 ++-- roles/workflow_job_templates/README.md | 1 + roles/workflow_job_templates/defaults/main.yml | 1 + roles/workflow_job_templates/meta/argument_specs.yml | 4 ++++ .../workflow_job_templates/tasks/add_workflows_schema.yml | 8 ++++---- roles/workflow_job_templates/tasks/main.yml | 4 ++-- tests/templated_role_example/README.md | 1 + tests/templated_role_example/defaults/main.yml | 1 + tests/templated_role_example/tasks/main.yml | 4 ++-- 105 files changed, 214 insertions(+), 56 deletions(-) create mode 100644 changelogs/fragments/async.yml diff --git a/changelogs/fragments/async.yml b/changelogs/fragments/async.yml new file mode 100644 index 000000000..d67273814 --- /dev/null +++ b/changelogs/fragments/async.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - Add option to change async directory, and set the default to null. /tmp/.ansible_async was a workaround while the default was broken previously. +... diff --git a/roles/applications/README.md b/roles/applications/README.md index 96a889dc1..f36cbcff1 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_applications_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_applications_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/applications/defaults/main.yml b/roles/applications/defaults/main.yml index 85d418b33..f578abea8 100644 --- a/roles/applications/defaults/main.yml +++ b/roles/applications/defaults/main.yml @@ -4,5 +4,6 @@ controller_applications: [] controller_configuration_applications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_applications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_applications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/applications/meta/argument_specs.yml b/roles/applications/meta/argument_specs.yml index bc2524c7b..3da902379 100644 --- a/roles/applications/meta/argument_specs.yml +++ b/roles/applications/meta/argument_specs.yml @@ -62,6 +62,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 5224509b2..3ea5f8b07 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -28,7 +28,7 @@ register: __applications_job_async changed_when: not __applications_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Create Applications | Wait for finish the Applications creation" ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __applications_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_applications_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/bulk_host_create/README.md b/roles/bulk_host_create/README.md index d122ee90f..bf9e7a19d 100644 --- a/roles/bulk_host_create/README.md +++ b/roles/bulk_host_create/README.md @@ -50,6 +50,7 @@ This also speeds up the overall role. |`controller_configuration_bulk_hosts_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_bulk_hosts_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/bulk_host_create/defaults/main.yml b/roles/bulk_host_create/defaults/main.yml index 4754a14c9..dcdea0ba4 100644 --- a/roles/bulk_host_create/defaults/main.yml +++ b/roles/bulk_host_create/defaults/main.yml @@ -2,4 +2,5 @@ controller_configuration_bulk_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_bulk_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_bulk_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null ... diff --git a/roles/bulk_host_create/meta/argument_specs.yml b/roles/bulk_host_create/meta/argument_specs.yml index 43a6e9fcd..a609ad810 100644 --- a/roles/bulk_host_create/meta/argument_specs.yml +++ b/roles/bulk_host_create/meta/argument_specs.yml @@ -8,6 +8,12 @@ argument_specs: type: list elements: dict + # Async variables + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. + # No_log variables controller_configuration_bulk_hosts_secure_logging: default: "{{ controller_configuration_secure_logging | default(false) }}" diff --git a/roles/bulk_host_create/tasks/main.yml b/roles/bulk_host_create/tasks/main.yml index 4bc749803..53b164282 100644 --- a/roles/bulk_host_create/tasks/main.yml +++ b/roles/bulk_host_create/tasks/main.yml @@ -21,7 +21,7 @@ register: __controller_bulk_hosts_job_async changed_when: not __controller_bulk_hosts_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure bulk_hosts | Wait for finish the bulk_hosts creation" ansible.builtin.async_status: @@ -36,5 +36,5 @@ when: __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credential_input_sources/README.md b/roles/credential_input_sources/README.md index 429e4a161..b321cadf2 100644 --- a/roles/credential_input_sources/README.md +++ b/roles/credential_input_sources/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_credential_input_sources_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_credential_input_sources_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/credential_input_sources/defaults/main.yml b/roles/credential_input_sources/defaults/main.yml index cfc92e09a..b9ec68ea2 100644 --- a/roles/credential_input_sources/defaults/main.yml +++ b/roles/credential_input_sources/defaults/main.yml @@ -4,5 +4,6 @@ controller_credential_input_sources: [] controller_configuration_credential_input_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_input_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_input_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credential_input_sources/meta/argument_specs.yml b/roles/credential_input_sources/meta/argument_specs.yml index ed3ec9e5e..c03c9c848 100644 --- a/roles/credential_input_sources/meta/argument_specs.yml +++ b/roles/credential_input_sources/meta/argument_specs.yml @@ -51,6 +51,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index 71f198b3c..bb4ab20b8 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -24,7 +24,7 @@ register: __credential_input_sources_job_async changed_when: not __credential_input_sources_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Create Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources creation" ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __credential_input_sources_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index 46f6bb84c..a16e9be74 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_credential_types_async_retries`|`controller_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_credential_types_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/credential_types/defaults/main.yml b/roles/credential_types/defaults/main.yml index 8cdfacf7e..2ab36b6a4 100644 --- a/roles/credential_types/defaults/main.yml +++ b/roles/credential_types/defaults/main.yml @@ -4,5 +4,6 @@ controller_credential_types: [] controller_configuration_credential_types_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_credential_types_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credential_types_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credential_types/meta/argument_specs.yml b/roles/credential_types/meta/argument_specs.yml index 01bb2400a..94580d0a7 100644 --- a/roles/credential_types/meta/argument_specs.yml +++ b/roles/credential_types/meta/argument_specs.yml @@ -59,6 +59,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 0c8916247..31174461e 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -25,7 +25,7 @@ register: __credentialtypes_job_async changed_when: not __credentialtypes_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Credential Types | Wait for finish the credential types creation" ansible.builtin.async_status: @@ -40,5 +40,5 @@ when: __credentialtypes_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_types_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credentials/README.md b/roles/credentials/README.md index 30e2ca735..0c8dd2e73 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_credentials_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_credentials_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/credentials/defaults/main.yml b/roles/credentials/defaults/main.yml index 4a95f2513..adbac1567 100644 --- a/roles/credentials/defaults/main.yml +++ b/roles/credentials/defaults/main.yml @@ -4,5 +4,6 @@ controller_credentials: [] controller_configuration_credentials_secure_logging: "{{ controller_configuration_secure_logging | default(true) }}" controller_configuration_credentials_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_credentials_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/credentials/meta/argument_specs.yml b/roles/credentials/meta/argument_specs.yml index a9c171c14..f8b5f8a1e 100644 --- a/roles/credentials/meta/argument_specs.yml +++ b/roles/credentials/meta/argument_specs.yml @@ -72,6 +72,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 60f83e767..576997301 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -30,7 +30,7 @@ register: __credentials_job_async changed_when: not __credentials_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Credentials | Wait for finish the credential creation" ansible.builtin.async_status: @@ -46,5 +46,5 @@ when: __credentials_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credentials_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index 961e97394..2481cbab3 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_execution_environments_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_execution_environments_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/execution_environments/defaults/main.yml b/roles/execution_environments/defaults/main.yml index 277cce6e4..90c9a8e76 100644 --- a/roles/execution_environments/defaults/main.yml +++ b/roles/execution_environments/defaults/main.yml @@ -3,5 +3,6 @@ controller_configuration_execution_environments_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_execution_environments_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_execution_environments_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/execution_environments/meta/argument_specs.yml b/roles/execution_environments/meta/argument_specs.yml index e8415a45f..10aa99f4f 100644 --- a/roles/execution_environments/meta/argument_specs.yml +++ b/roles/execution_environments/meta/argument_specs.yml @@ -60,6 +60,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index ee6862dde..fcb0f577d 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -28,7 +28,7 @@ register: __execution_environments_job_async changed_when: not __execution_environments_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Create Controller Execution Environments | Wait for finish the Controller Execution Environments creation" ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __execution_environments_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_execution_environments_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/groups/README.md b/roles/groups/README.md index 44a70a9f2..1ae23adab 100644 --- a/roles/groups/README.md +++ b/roles/groups/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_groups_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_groups_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables diff --git a/roles/groups/defaults/main.yml b/roles/groups/defaults/main.yml index bf7ced6e0..2e26ec5fb 100644 --- a/roles/groups/defaults/main.yml +++ b/roles/groups/defaults/main.yml @@ -4,5 +4,6 @@ controller_groups: [] controller_configuration_group_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_group_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_group_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/groups/meta/argument_specs.yml b/roles/groups/meta/argument_specs.yml index 8b0b2a0a9..8ff25e66f 100644 --- a/roles/groups/meta/argument_specs.yml +++ b/roles/groups/meta/argument_specs.yml @@ -71,6 +71,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index 0f161dde3..8ad0bdb8f 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -30,7 +30,7 @@ register: __group_job_async changed_when: not __group_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Create Controller Group | Wait for finish the Controller Group creation" ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __group_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_group_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/hosts/README.md b/roles/hosts/README.md index c703cdb55..fc301455d 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_host_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_host_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables diff --git a/roles/hosts/defaults/main.yml b/roles/hosts/defaults/main.yml index 3bda44683..944825675 100644 --- a/roles/hosts/defaults/main.yml +++ b/roles/hosts/defaults/main.yml @@ -4,5 +4,6 @@ controller_hosts: [] controller_configuration_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/hosts/meta/argument_specs.yml b/roles/hosts/meta/argument_specs.yml index 234dba67d..0cfa2ef60 100644 --- a/roles/hosts/meta/argument_specs.yml +++ b/roles/hosts/meta/argument_specs.yml @@ -56,6 +56,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index 5298d7a82..2d49d15e0 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -25,7 +25,7 @@ register: __host_job_async changed_when: not __host_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Hosts | Wait for finish the Hosts creation" ansible.builtin.async_status: @@ -40,5 +40,5 @@ when: __host_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_hosts_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/instance_groups/README.md b/roles/instance_groups/README.md index 95c53b2a0..b7bdb48ef 100644 --- a/roles/instance_groups/README.md +++ b/roles/instance_groups/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_instance_groups_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_instance_groups_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/instance_groups/defaults/main.yml b/roles/instance_groups/defaults/main.yml index 31e5d66b8..1212c5cd8 100644 --- a/roles/instance_groups/defaults/main.yml +++ b/roles/instance_groups/defaults/main.yml @@ -3,5 +3,6 @@ controller_instance_groups: [] controller_configuration_instance_groups_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instance_groups_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instance_groups_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/instance_groups/meta/argument_specs.yml b/roles/instance_groups/meta/argument_specs.yml index a1a52dfc0..17ddba3e8 100644 --- a/roles/instance_groups/meta/argument_specs.yml +++ b/roles/instance_groups/meta/argument_specs.yml @@ -80,6 +80,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index e0d617561..2d2ec7e8c 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -32,7 +32,7 @@ register: __instance_groups_job_async changed_when: not __instance_groups_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller instance groups | Wait for finish the instance groups creation" ansible.builtin.async_status: @@ -47,5 +47,5 @@ when: __instance_groups_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instance_groups_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/instances/README.md b/roles/instances/README.md index 14f5e284f..10c9a4252 100644 --- a/roles/instances/README.md +++ b/roles/instances/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_instances_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_instances_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/instances/defaults/main.yml b/roles/instances/defaults/main.yml index 01d3d3559..af667d992 100644 --- a/roles/instances/defaults/main.yml +++ b/roles/instances/defaults/main.yml @@ -3,5 +3,6 @@ controller_instances: [] controller_configuration_instances_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_instances_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_instances_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/instances/meta/argument_specs.yml b/roles/instances/meta/argument_specs.yml index a68f53934..13c47503f 100644 --- a/roles/instances/meta/argument_specs.yml +++ b/roles/instances/meta/argument_specs.yml @@ -56,6 +56,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 5f5e2c120..108ea7d16 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -27,7 +27,7 @@ register: __instance_job_async changed_when: not __instance_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller instances | Wait for finish the instance creation" ansible.builtin.async_status: @@ -42,5 +42,5 @@ when: __instance_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instances_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/inventories/README.md b/roles/inventories/README.md index f8d657b64..48eeab8ee 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_inventories_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_inventories_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables diff --git a/roles/inventories/defaults/main.yml b/roles/inventories/defaults/main.yml index 216396b95..4f8a3f46d 100644 --- a/roles/inventories/defaults/main.yml +++ b/roles/inventories/defaults/main.yml @@ -4,5 +4,6 @@ controller_inventories: [] controller_configuration_inventories_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventories_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventories_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/inventories/meta/argument_specs.yml b/roles/inventories/meta/argument_specs.yml index 72446a2e9..35c58df6b 100644 --- a/roles/inventories/meta/argument_specs.yml +++ b/roles/inventories/meta/argument_specs.yml @@ -74,6 +74,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index 5ceef80d8..d2553622f 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -30,7 +30,7 @@ register: __inventories_job_async changed_when: not __inventories_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Create Controller inventories | Wait for finish the inventories creation" ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/inventory_source_update/README.md b/roles/inventory_source_update/README.md index c038a4c39..82812519d 100644 --- a/roles/inventory_source_update/README.md +++ b/roles/inventory_source_update/README.md @@ -51,6 +51,7 @@ This also speeds up the overall role. |`controller_configuration_inventory_source_update_async_retries`|`controller_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_inventory_source_update_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/inventory_source_update/defaults/main.yml b/roles/inventory_source_update/defaults/main.yml index 136f6fc7c..84e12f551 100644 --- a/roles/inventory_source_update/defaults/main.yml +++ b/roles/inventory_source_update/defaults/main.yml @@ -2,4 +2,5 @@ controller_configuration_inventory_source_update_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventory_source_update_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventory_source_update_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null ... diff --git a/roles/inventory_source_update/meta/argument_specs.yml b/roles/inventory_source_update/meta/argument_specs.yml index dd07fada4..0c81ed4d7 100644 --- a/roles/inventory_source_update/meta/argument_specs.yml +++ b/roles/inventory_source_update/meta/argument_specs.yml @@ -150,6 +150,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/inventory_source_update/tasks/main.yml b/roles/inventory_source_update/tasks/main.yml index 9a7d6db84..13cc4ec36 100644 --- a/roles/inventory_source_update/tasks/main.yml +++ b/roles/inventory_source_update/tasks/main.yml @@ -28,7 +28,7 @@ register: __inventory_source_update_async changed_when: not __inventory_source_update_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Controller inventory source update | Wait for finish of the inventory source update" ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __inventory_source_update_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 5a91af088..663b9f358 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_inventory_sources_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_inventory_sources_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables diff --git a/roles/inventory_sources/defaults/main.yml b/roles/inventory_sources/defaults/main.yml index ffd8305ed..d4b05271b 100644 --- a/roles/inventory_sources/defaults/main.yml +++ b/roles/inventory_sources/defaults/main.yml @@ -3,5 +3,6 @@ controller_inventory_sources: [] controller_configuration_inventory_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_inventory_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_inventory_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/inventory_sources/meta/argument_specs.yml b/roles/inventory_sources/meta/argument_specs.yml index 8d584c5e7..022819924 100644 --- a/roles/inventory_sources/meta/argument_specs.yml +++ b/roles/inventory_sources/meta/argument_specs.yml @@ -150,6 +150,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index 89d6f9524..b20943a85 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -45,7 +45,7 @@ register: __inventory_source_job_async changed_when: not __inventory_source_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Inventory Source | Wait for finish the Inventory Source creation" ansible.builtin.async_status: @@ -60,5 +60,5 @@ when: __inventory_source_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/job_templates/README.md b/roles/job_templates/README.md index 12df05d77..ea158bc91 100644 --- a/roles/job_templates/README.md +++ b/roles/job_templates/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_job_templates_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_job_templates_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/job_templates/defaults/main.yml b/roles/job_templates/defaults/main.yml index 92a20a26d..5aaca4515 100644 --- a/roles/job_templates/defaults/main.yml +++ b/roles/job_templates/defaults/main.yml @@ -4,5 +4,6 @@ controller_templates: [] controller_configuration_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_job_templates_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_job_templates_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/job_templates/meta/argument_specs.yml b/roles/job_templates/meta/argument_specs.yml index d28f7b6fe..69744c6f6 100644 --- a/roles/job_templates/meta/argument_specs.yml +++ b/roles/job_templates/meta/argument_specs.yml @@ -265,6 +265,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index be5e6126b..5bf291a72 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -74,7 +74,7 @@ register: __job_templates_job_async changed_when: not __job_templates_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Job Templates | Wait for finish the job templates creation" ansible.builtin.async_status: @@ -89,5 +89,5 @@ when: __job_templates_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_job_templates_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/labels/README.md b/roles/labels/README.md index f64fcd9a1..29d7201fd 100644 --- a/roles/labels/README.md +++ b/roles/labels/README.md @@ -49,6 +49,7 @@ This also speeds up the overall role. |`controller_configuration_labels_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_labels_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/labels/defaults/main.yml b/roles/labels/defaults/main.yml index 703351e6b..a9c861b4c 100644 --- a/roles/labels/defaults/main.yml +++ b/roles/labels/defaults/main.yml @@ -3,4 +3,5 @@ controller_labels: [] controller_configuration_labels_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_labels_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_labels_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null ... diff --git a/roles/labels/meta/argument_specs.yml b/roles/labels/meta/argument_specs.yml index 16b7033e3..a057cf09c 100644 --- a/roles/labels/meta/argument_specs.yml +++ b/roles/labels/meta/argument_specs.yml @@ -43,6 +43,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/labels/tasks/main.yml b/roles/labels/tasks/main.yml index 971d2b623..49c7e595e 100644 --- a/roles/labels/tasks/main.yml +++ b/roles/labels/tasks/main.yml @@ -22,7 +22,7 @@ register: __controller_label_job_async changed_when: not __controller_label_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Labels | Wait for finish the Label creation" ansible.builtin.async_status: @@ -37,5 +37,5 @@ when: __controller_label_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_labels_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index 686c27882..2f68854cd 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_notification_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_notification_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/notification_templates/defaults/main.yml b/roles/notification_templates/defaults/main.yml index 21280459a..40d9fcefb 100644 --- a/roles/notification_templates/defaults/main.yml +++ b/roles/notification_templates/defaults/main.yml @@ -4,5 +4,6 @@ controller_notifications: [] controller_configuration_notifications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_notifications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_notifications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/notification_templates/meta/argument_specs.yml b/roles/notification_templates/meta/argument_specs.yml index 9950fc4db..4a2408034 100644 --- a/roles/notification_templates/meta/argument_specs.yml +++ b/roles/notification_templates/meta/argument_specs.yml @@ -64,6 +64,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables controller_configuration_notification_templates_secure_logging: diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index bdf0ebd63..5914f9987 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -27,7 +27,7 @@ register: __controller_notification_job_async changed_when: not __controller_notification_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure notifications | Wait for finish the notifications creation" ansible.builtin.async_status: @@ -42,5 +42,5 @@ when: __controller_notification_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_notifications_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/organizations/README.md b/roles/organizations/README.md index 72213dd6a..208051bb9 100644 --- a/roles/organizations/README.md +++ b/roles/organizations/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_organizations_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_organizations_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Organization Data Structure diff --git a/roles/organizations/defaults/main.yml b/roles/organizations/defaults/main.yml index 548f2e20d..d6235a90f 100644 --- a/roles/organizations/defaults/main.yml +++ b/roles/organizations/defaults/main.yml @@ -3,6 +3,7 @@ controller_organizations: [] controller_configuration_organizations_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_organizations_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_organizations_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true diff --git a/roles/organizations/meta/argument_specs.yml b/roles/organizations/meta/argument_specs.yml index c3e91de82..c8dfbfae8 100644 --- a/roles/organizations/meta/argument_specs.yml +++ b/roles/organizations/meta/argument_specs.yml @@ -91,6 +91,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 0cb3f5b06..5e645db1d 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -30,7 +30,7 @@ register: __organizations_job_async changed_when: not __organizations_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Organizations | Wait for finish the organization creation" ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_organizations_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/project_update/README.md b/roles/project_update/README.md index f11c95edd..5cd84b7a0 100644 --- a/roles/project_update/README.md +++ b/roles/project_update/README.md @@ -51,6 +51,7 @@ This also speeds up the overall role. |`controller_configuration_project_update_async_retries`|60|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|10|no|This sets the delay between retries for the role globally.| |`controller_configuration_project_update_async_delay`|10|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/project_update/defaults/main.yml b/roles/project_update/defaults/main.yml index 4aa399913..a909d681f 100644 --- a/roles/project_update/defaults/main.yml +++ b/roles/project_update/defaults/main.yml @@ -2,4 +2,5 @@ controller_configuration_project_update_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_project_update_async_retries: "{{ controller_configuration_async_retries | default(60) }}" controller_configuration_project_update_async_delay: "{{ controller_configuration_async_delay | default(10) }}" +controller_configuration_async_dir: null ... diff --git a/roles/project_update/meta/argument_specs.yml b/roles/project_update/meta/argument_specs.yml index cf2a6ad90..1c3ffa3c4 100644 --- a/roles/project_update/meta/argument_specs.yml +++ b/roles/project_update/meta/argument_specs.yml @@ -139,6 +139,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables controller_configuration_groups_secure_logging: diff --git a/roles/project_update/tasks/main.yml b/roles/project_update/tasks/main.yml index 46d164fa4..01824d862 100644 --- a/roles/project_update/tasks/main.yml +++ b/roles/project_update/tasks/main.yml @@ -28,7 +28,7 @@ register: __project_update_job_async changed_when: not __project_update_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Projects | Wait for finish the projects creation" ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __project_update_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_project_update_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/projects/README.md b/roles/projects/README.md index c8ad51e4b..18bbdb57b 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_projects_async_retries`|`{{ controller_configuration_async_retries }}`|no|str|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|str|This sets the delay between retries for the role globally.| |`controller_configuration_projects_async_delay`|`controller_configuration_async_delay`|no|str|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/projects/defaults/main.yml b/roles/projects/defaults/main.yml index 294de733d..d60e66aee 100644 --- a/roles/projects/defaults/main.yml +++ b/roles/projects/defaults/main.yml @@ -4,5 +4,6 @@ controller_projects: [] controller_configuration_projects_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_projects_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_projects_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/projects/meta/argument_specs.yml b/roles/projects/meta/argument_specs.yml index 67ec7bec2..8951ac329 100644 --- a/roles/projects/meta/argument_specs.yml +++ b/roles/projects/meta/argument_specs.yml @@ -147,6 +147,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 149ed92f4..41877977a 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -46,7 +46,7 @@ register: __projects_job_async changed_when: not __projects_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Controller Projects | Wait for finish the projects creation" ansible.builtin.async_status: @@ -61,5 +61,5 @@ when: __projects_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_projects_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/roles/README.md b/roles/roles/README.md index 9c3b638c1..eaae4171f 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_role_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_role_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/roles/defaults/main.yml b/roles/roles/defaults/main.yml index 64766c03e..769ef23d3 100644 --- a/roles/roles/defaults/main.yml +++ b/roles/roles/defaults/main.yml @@ -4,5 +4,6 @@ controller_roles: [] controller_configuration_role_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_role_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_role_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/roles/meta/argument_specs.yml b/roles/roles/meta/argument_specs.yml index 62edc84c6..679842fa6 100644 --- a/roles/roles/meta/argument_specs.yml +++ b/roles/roles/meta/argument_specs.yml @@ -110,6 +110,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 088aa7653..d12c8d1a3 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -40,7 +40,7 @@ register: __controller_role_job_async changed_when: not __controller_role_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Roles | Wait for finish the Roles creation" ansible.builtin.async_status: @@ -55,5 +55,5 @@ when: __controller_role_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_role_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/schedules/README.md b/roles/schedules/README.md index 0d8a2dca8..887ecd065 100644 --- a/roles/schedules/README.md +++ b/roles/schedules/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_schedules_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_schedules_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/schedules/defaults/main.yml b/roles/schedules/defaults/main.yml index 13cfc0cfd..0601fe5a0 100644 --- a/roles/schedules/defaults/main.yml +++ b/roles/schedules/defaults/main.yml @@ -4,5 +4,6 @@ controller_schedules: [] controller_configuration_schedules_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_schedules_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_schedules_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/schedules/meta/argument_specs.yml b/roles/schedules/meta/argument_specs.yml index 39131cb00..4b7979cf4 100644 --- a/roles/schedules/meta/argument_specs.yml +++ b/roles/schedules/meta/argument_specs.yml @@ -132,6 +132,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 644190dd0..bbb6e294e 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -42,7 +42,7 @@ register: __controller_schedule_job_async changed_when: not __controller_schedule_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Schedules | Wait for finish the Schedules creation" ansible.builtin.async_status: @@ -57,5 +57,5 @@ when: __controller_schedule_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_schedules_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/settings/README.md b/roles/settings/README.md index 4ee4dea42..d8e46d806 100644 --- a/roles/settings/README.md +++ b/roles/settings/README.md @@ -49,6 +49,7 @@ This also speeds up the overall role. |`controller_configuration_settings_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_settings_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/settings/defaults/main.yml b/roles/settings/defaults/main.yml index da7c0f903..2799dae7c 100644 --- a/roles/settings/defaults/main.yml +++ b/roles/settings/defaults/main.yml @@ -4,4 +4,5 @@ controller_settings: [] controller_configuration_settings_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_settings_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_settings_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null ... diff --git a/roles/settings/meta/argument_specs.yml b/roles/settings/meta/argument_specs.yml index d0a7738af..968024db1 100644 --- a/roles/settings/meta/argument_specs.yml +++ b/roles/settings/meta/argument_specs.yml @@ -38,6 +38,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/settings/tasks/main.yml b/roles/settings/tasks/main.yml index 71f5a2579..8192a1687 100644 --- a/roles/settings/tasks/main.yml +++ b/roles/settings/tasks/main.yml @@ -23,7 +23,7 @@ register: __controller_setting_job_async changed_when: not __controller_setting_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Settings | Wait for finish the Settings creation" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __controller_setting_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_settings_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/teams/README.md b/roles/teams/README.md index da98d01a8..f553cd46a 100644 --- a/roles/teams/README.md +++ b/roles/teams/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_teams_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_teams_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Data structure `controller_teams:` should include following vars diff --git a/roles/teams/defaults/main.yml b/roles/teams/defaults/main.yml index 819dc6c10..a93aabb48 100644 --- a/roles/teams/defaults/main.yml +++ b/roles/teams/defaults/main.yml @@ -4,5 +4,6 @@ controller_teams: [] controller_configuration_teams_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_teams_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_teams_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/teams/meta/argument_specs.yml b/roles/teams/meta/argument_specs.yml index 8758eb7ce..7bcf6818e 100644 --- a/roles/teams/meta/argument_specs.yml +++ b/roles/teams/meta/argument_specs.yml @@ -47,6 +47,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index d81b66896..eae46364e 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -23,7 +23,7 @@ register: __controller_team_job_async changed_when: not __controller_team_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Teams | Wait for finish the Teams creation" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __controller_team_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_teams_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/users/README.md b/roles/users/README.md index 358389b0a..55bc283b1 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -68,6 +68,7 @@ This also speeds up the overall role. |`controller_configuration_users_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_users_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/users/defaults/main.yml b/roles/users/defaults/main.yml index 7b2edab1e..04f50dddd 100644 --- a/roles/users/defaults/main.yml +++ b/roles/users/defaults/main.yml @@ -8,5 +8,6 @@ controller_user_default_password: "change_me" controller_configuration_users_secure_logging: "{{ controller_configuration_secure_logging | default('true') }}" controller_configuration_users_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_users_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/users/meta/argument_specs.yml b/roles/users/meta/argument_specs.yml index 8ca2d3cf5..c539646d8 100644 --- a/roles/users/meta/argument_specs.yml +++ b/roles/users/meta/argument_specs.yml @@ -76,6 +76,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index a1282454a..f7565a11d 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -32,7 +32,7 @@ register: __controller_user_accounts_job_async changed_when: not __controller_user_accounts_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure Users | Wait for finish the Users creation" ansible.builtin.async_status: @@ -47,5 +47,5 @@ when: __controller_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_users_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 2a99dcc54..9c5e450a0 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -67,6 +67,7 @@ This also speeds up the overall role. |`controller_configuration_workflow_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_workflow_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/roles/workflow_job_templates/defaults/main.yml b/roles/workflow_job_templates/defaults/main.yml index 15a372c4f..127f51609 100644 --- a/roles/workflow_job_templates/defaults/main.yml +++ b/roles/workflow_job_templates/defaults/main.yml @@ -4,5 +4,6 @@ controller_workflows: [] workflow_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" controller_configuration_workflow_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_workflow_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/workflow_job_templates/meta/argument_specs.yml b/roles/workflow_job_templates/meta/argument_specs.yml index f302d9ea6..b8cb25949 100644 --- a/roles/workflow_job_templates/meta/argument_specs.yml +++ b/roles/workflow_job_templates/meta/argument_specs.yml @@ -293,6 +293,10 @@ argument_specs: default: 1 required: false description: This variable sets delay between retries across all roles as a default. + controller_configuration_async_dir: + default: null + required: false + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables diff --git a/roles/workflow_job_templates/tasks/add_workflows_schema.yml b/roles/workflow_job_templates/tasks/add_workflows_schema.yml index 86eb47cad..b1712e98d 100644 --- a/roles/workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/workflow_job_templates/tasks/add_workflows_schema.yml @@ -44,7 +44,7 @@ register: __workflows_node_async changed_when: not __workflows_node_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Manage Workflows | Wait for finish the workflow creation" ansible.builtin.async_status: @@ -58,7 +58,7 @@ when: __workflows_node_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' # Create links between workflow node - name: Create links between Workflow Nodes @@ -88,7 +88,7 @@ poll: 0 register: __workflows_link_async vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Manage Workflows | Wait for finish the workflow creation" ansible.builtin.async_status: @@ -103,5 +103,5 @@ when: __workflows_link_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index 3f6ef289b..6e2b9e4dd 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -50,7 +50,7 @@ register: __workflows_job_async changed_when: not __workflows_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Manage Workflows | Wait for finish the workflow creation" ansible.builtin.async_status: @@ -65,7 +65,7 @@ when: __workflows_job_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' # Create links between workflow node - name: Loop over nodes in schema to add to workflow templates diff --git a/tests/templated_role_example/README.md b/tests/templated_role_example/README.md index 826943fe8..fa223bf11 100644 --- a/tests/templated_role_example/README.md +++ b/tests/templated_role_example/README.md @@ -51,6 +51,7 @@ This also speeds up the overall role. |`controller_configuration_*******_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| |`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`controller_configuration_*******_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure diff --git a/tests/templated_role_example/defaults/main.yml b/tests/templated_role_example/defaults/main.yml index 485ba84ba..4ea251aa9 100644 --- a/tests/templated_role_example/defaults/main.yml +++ b/tests/templated_role_example/defaults/main.yml @@ -2,4 +2,5 @@ controller_configuration_*******_secure_logging: "{{controller_configuration_secure_logging | default('false')}}" controller_configuration_***********_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_***********_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_async_dir: null ... diff --git a/tests/templated_role_example/tasks/main.yml b/tests/templated_role_example/tasks/main.yml index 541c28b07..dc9d97782 100644 --- a/tests/templated_role_example/tasks/main.yml +++ b/tests/templated_role_example/tasks/main.yml @@ -24,7 +24,7 @@ register: __controller_***********_job_async changed_when: not __controller_***********_job_async.changed vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' - name: "Configure *********** | Wait for finish the *********** creation" async_status: @@ -39,5 +39,5 @@ when: __controller_***********_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_*******_secure_logging }}" vars: - ansible_async_dir: '/tmp/.ansible_async' + ansible_async_dir: '{{ controller_configuration_async_dir }}' ... From e4cc85f9589d3c96d0d03a5085adb420e1497211 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Wed, 26 Jul 2023 19:31:13 +0200 Subject: [PATCH 072/129] filetree_create now allows to export objects for the specified organization (#648) * filetree_create now allows to export objects for the specified organization * add 21.13.0 release needed for the tests to be successfull * remove debug * add changelog --- ...-objects-for-the-specified-organization.yml | 2 ++ roles/filetree_create/README.md | 4 +++- roles/filetree_create/tasks/all.yml | 18 ++++++++++++++++++ roles/filetree_create/tasks/applications.yml | 7 +++++-- roles/filetree_create/tasks/credentials.yml | 5 ++++- .../tasks/execution_environments.yml | 4 ++++ roles/filetree_create/tasks/inventory.yml | 6 +++++- .../tasks/inventory_sources.yml | 3 ++- roles/filetree_create/tasks/job_templates.yml | 5 ++++- roles/filetree_create/tasks/labels.yml | 9 ++++++--- .../tasks/notification_templates.yml | 4 ++++ roles/filetree_create/tasks/organizations.yml | 5 ++++- roles/filetree_create/tasks/projects.yml | 5 ++++- roles/filetree_create/tasks/teams.yml | 6 +++++- roles/filetree_create/tasks/users.yml | 12 +++++++++--- .../tasks/workflow_job_templates.yml | 5 ++++- .../current_execution_environments.j2 | 5 +++++ 17 files changed, 88 insertions(+), 17 deletions(-) create mode 100644 changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml diff --git a/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml b/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml new file mode 100644 index 000000000..f28a5aef5 --- /dev/null +++ b/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml @@ -0,0 +1,2 @@ +minor_changes: + - filetree_create now allows to export objects for the specified organization diff --git a/roles/filetree_create/README.md b/roles/filetree_create/README.md index f84c5f150..cfc66f5e9 100644 --- a/roles/filetree_create/README.md +++ b/roles/filetree_create/README.md @@ -15,8 +15,10 @@ The following variables are required for that role to work properly: | Variable Name | Default Value | Required | Type | Description | | :------------ | :-----------: | :------: | :------: | :---------- | | `controller_api_plugin` | `ansible.controller` | yes | str | Full path for the controller_api_plugin to be used.
Can have two possible values:
  - awx.awx.controller_api # For the community Collection version
  - ansible.controller.controller_api # For the Red Hat Certified Collection version| +| `organization_filter` | N/A | no | str | Exports only the objects belonging to the specified organization (applies to all the objects that can be assigned to an organization). | +| `organization_id` | N/A | no | int | Alternative to `organization_filter`, but specifiying the current organization's ID to filter by. Exports only the objects belonging to the specified organization (applies to all the objects that can be assigned to an organization). | | `output_path` | `/tmp/filetree_output` | yes | str | The path to the output directory where all the generated `yaml` files with the corresponding Objects as code will be written to. | -| `input_tag` | `['all']` | no | bool | The tags which are applied to the 'sub-roles'. If 'all' is in the list (the default value) then all roles will be called. | +| `input_tag` | `['all']` | no | List of Strings | The tags which are applied to the 'sub-roles'. If 'all' is in the list (the default value) then all roles will be called. | ## Dependencies diff --git a/roles/filetree_create/tasks/all.yml b/roles/filetree_create/tasks/all.yml index f071181cd..8f9e6148b 100644 --- a/roles/filetree_create/tasks/all.yml +++ b/roles/filetree_create/tasks/all.yml @@ -6,6 +6,24 @@ verify_ssl=controller_validate_certs).version is version('4.0.0', '>=') }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" +- name: "Block to get the organization_filter ID to filter all the queries" + when: + - organization_filter is defined + - organization_filter | length > 0 + block: + - name: "Get the organization_filter ID to restrict the API queries" + ansible.builtin.set_fact: + organization_id: "{{ lookup(controller_api_plugin, 'organizations', + query_params={'name': organization_filter}, + host=controller_hostname, oauth_token=controller_oauthtoken, + verify_ssl=controller_validate_certs).id + }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + + - name: "Show the organization_filter ID" + ansible.builtin.debug: + msg: "The organization {{ organization_filter }} has the ID {{ organization_id }}" + - name: Include tasks (block) when: "['all', 'labels', 'applications', 'instance_groups', 'settings', 'inventory', 'credentials', 'credential_types', 'notification_templates', 'users', 'teams', 'organizations', 'projects', 'execution_environments', 'job_templates', 'workflow_job_templates', 'workflow_job_template_nodes', 'schedules'] | intersect(input_tag) | length > 0" block: diff --git a/roles/filetree_create/tasks/applications.yml b/roles/filetree_create/tasks/applications.yml index 477902b17..5fbcaf85d 100644 --- a/roles/filetree_create/tasks/applications.yml +++ b/roles/filetree_create/tasks/applications.yml @@ -1,11 +1,14 @@ --- - name: "Get current Applications from the API" ansible.builtin.set_fact: - applications_lookvar: "{{ query(controller_api_plugin, 'api/v2/applications/', - query_params={'order_by': 'organization,id'}, + applications_lookvar: "{{ query(controller_api_plugin, 'applications/', + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /applications output directory for applications in {{ output_path }}" diff --git a/roles/filetree_create/tasks/credentials.yml b/roles/filetree_create/tasks/credentials.yml index 3af85f91f..5647b312b 100644 --- a/roles/filetree_create/tasks/credentials.yml +++ b/roles/filetree_create/tasks/credentials.yml @@ -2,10 +2,13 @@ - name: "Get current Credentials from the API" ansible.builtin.set_fact: credentials_lookvar: "{{ query(controller_api_plugin, 'api/v2/credentials/', - query_params={'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /credentials output directory for credentials in {{ output_path }}" diff --git a/roles/filetree_create/tasks/execution_environments.yml b/roles/filetree_create/tasks/execution_environments.yml index 2fc737d3f..55d4118d7 100644 --- a/roles/filetree_create/tasks/execution_environments.yml +++ b/roles/filetree_create/tasks/execution_environments.yml @@ -2,9 +2,13 @@ - name: "Get current Execution Environments from the API" ansible.builtin.set_fact: execution_environments_lookvar: "{{ query(controller_api_plugin, 'api/v2/execution_environments/', + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the output directory for execution environments: {{ output_path }}" diff --git a/roles/filetree_create/tasks/inventory.yml b/roles/filetree_create/tasks/inventory.yml index 2c3e9ef64..de03c090b 100644 --- a/roles/filetree_create/tasks/inventory.yml +++ b/roles/filetree_create/tasks/inventory.yml @@ -2,10 +2,14 @@ - name: "Get the inventories from the API" ansible.builtin.set_fact: inventory_lookvar: "{{ query(controller_api_plugin, 'api/v2/inventories/', - query_params={'not__kind': 'smart', 'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + not__kind: 'smart' + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /inventories output directory for inventories in {{ output_path }}" diff --git a/roles/filetree_create/tasks/inventory_sources.yml b/roles/filetree_create/tasks/inventory_sources.yml index fa09b1595..5092d2ee6 100644 --- a/roles/filetree_create/tasks/inventory_sources.yml +++ b/roles/filetree_create/tasks/inventory_sources.yml @@ -10,5 +10,6 @@ src: "templates/current_inventory_sources.j2" dest: "{{ inventory_sources_output_path }}/current_inventory_sources.yaml" mode: '0644' - when: current_inventory_sources_asset_value | length > 0 + when: + - current_inventory_sources_asset_value | length > 0 ... diff --git a/roles/filetree_create/tasks/job_templates.yml b/roles/filetree_create/tasks/job_templates.yml index 87617eaf1..3a5125052 100644 --- a/roles/filetree_create/tasks/job_templates.yml +++ b/roles/filetree_create/tasks/job_templates.yml @@ -2,10 +2,13 @@ - name: "Get current Job Templates from the API" ansible.builtin.set_fact: job_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/job_templates/', - query_params={'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the output directories for job templates in {{ output_path }}" diff --git a/roles/filetree_create/tasks/labels.yml b/roles/filetree_create/tasks/labels.yml index f993c998f..db9f44fcc 100644 --- a/roles/filetree_create/tasks/labels.yml +++ b/roles/filetree_create/tasks/labels.yml @@ -2,10 +2,13 @@ - name: "Get current Labels from the API" ansible.builtin.set_fact: labels_lookvar: "{{ query(controller_api_plugin, 'api/v2/labels/', - query_params={'order_by': 'organization,id'}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /labels output directory for labels in {{ output_path }}" diff --git a/roles/filetree_create/tasks/notification_templates.yml b/roles/filetree_create/tasks/notification_templates.yml index d2517e90f..20e87e11b 100644 --- a/roles/filetree_create/tasks/notification_templates.yml +++ b/roles/filetree_create/tasks/notification_templates.yml @@ -2,9 +2,13 @@ - name: "Get current Notification Templates from the API" ansible.builtin.set_fact: notification_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/notification_templates/', + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /notification_templates output directory for notification templates in {{ output_path }}" diff --git a/roles/filetree_create/tasks/organizations.yml b/roles/filetree_create/tasks/organizations.yml index ebbfed93c..54c2f0266 100644 --- a/roles/filetree_create/tasks/organizations.yml +++ b/roles/filetree_create/tasks/organizations.yml @@ -2,10 +2,13 @@ - name: "Get current Organizations from the API" ansible.builtin.set_fact: orgs_lookvar: "{{ query(controller_api_plugin, 'api/v2/organizations/', - query_params={'order_by': 'id'}, + query_params=(query_params | combine({'id': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the output directory for organizations: {{ output_path + '/' + current_organization_dir.name }}" diff --git a/roles/filetree_create/tasks/projects.yml b/roles/filetree_create/tasks/projects.yml index 0b96f126d..5bbcfeca6 100644 --- a/roles/filetree_create/tasks/projects.yml +++ b/roles/filetree_create/tasks/projects.yml @@ -2,10 +2,13 @@ - name: "Get current Projects from the API" ansible.builtin.set_fact: projects_lookvar: "{{ query(controller_api_plugin, 'api/v2/projects/', - query_params={'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /projects output directory for projects in {{ output_path }}" diff --git a/roles/filetree_create/tasks/teams.yml b/roles/filetree_create/tasks/teams.yml index ea20e6ae3..4435aa571 100644 --- a/roles/filetree_create/tasks/teams.yml +++ b/roles/filetree_create/tasks/teams.yml @@ -2,10 +2,13 @@ - name: "Get current Teams from the API" ansible.builtin.set_fact: teams_lookvar: "{{ query(controller_api_plugin, 'api/v2/teams/', - query_params={'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /teams output directory for teams in {{ output_path }}" @@ -40,6 +43,7 @@ - name: "Set the team's roles" ansible.builtin.include_tasks: "team_roles.yml" vars: + team_organization: "{{ (current_teams_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" teamname: "{{ current_team.name }}" teamid: "{{ current_team.id }}" loop: "{{ teams_lookvar }}" diff --git a/roles/filetree_create/tasks/users.yml b/roles/filetree_create/tasks/users.yml index e99566e2f..dc1e0de13 100644 --- a/roles/filetree_create/tasks/users.yml +++ b/roles/filetree_create/tasks/users.yml @@ -29,6 +29,7 @@ mode: '0755' vars: __path: "{{ output_path }}/{{ current_user_dir | regex_replace('/', '_') }}/users" + when: organization_filter is not defined or (current_user_dir is match(organization_filter)) loop: "{{ current_users | selectattr('organizations', 'defined') | map(attribute='organizations') | flatten | unique }}" loop_control: loop_var: current_user_dir @@ -42,6 +43,7 @@ vars: current_users_asset_value: "{{ current_user_dir.0 }}" __dest: "{{ output_path }}/{{ current_user_dir.1 | regex_replace('/', '_') }}/users/{{ current_user_dir.0.username | regex_replace('/', '_') }}.yaml" + when: organization_filter is not defined or (current_user_dir.1 is match(organization_filter)) loop: "{{ current_users | subelements('organizations') }}" loop_control: loop_var: current_user_dir @@ -50,7 +52,11 @@ - name: "Set the user's roles" ansible.builtin.include_tasks: "user_roles.yml" vars: - username: "{{ item.username }}" - loop: "{{ users_lookvar }}" - when: not item.is_superuser + username: "{{ current_user.0.username }}" + when: + - not current_user.0.is_superuser + - organization_filter is not defined or (current_user.1 is match(organization_filter)) + loop: "{{ current_users | subelements('organizations') }}" + loop_control: + loop_var: current_user ... diff --git a/roles/filetree_create/tasks/workflow_job_templates.yml b/roles/filetree_create/tasks/workflow_job_templates.yml index 0f4655130..c66d3a156 100644 --- a/roles/filetree_create/tasks/workflow_job_templates.yml +++ b/roles/filetree_create/tasks/workflow_job_templates.yml @@ -2,10 +2,13 @@ - name: "Get current Workflow Job Templates from the API" ansible.builtin.set_fact: workflow_job_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/workflow_job_templates/', - query_params={'order_by': 'organization,id'}, + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) }}" + vars: + query_params: + order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" - name: "Create the /workflow_job_templates output directory for workflow job templates in {{ output_path }}" diff --git a/roles/filetree_create/templates/current_execution_environments.j2 b/roles/filetree_create/templates/current_execution_environments.j2 index fbd6bcb4b..3c998f03c 100644 --- a/roles/filetree_create/templates/current_execution_environments.j2 +++ b/roles/filetree_create/templates/current_execution_environments.j2 @@ -1,12 +1,17 @@ --- controller_execution_environments: {% for ee in current_execution_environments_asset_value %} +{% if organization_filter is not defined or (ee.summary_fields.organization is defined and ee.summary_fields.organization.name is match(organization_filter)) %} - name: "{{ ee.name }}" description: "{{ ee.description }}" +{% if ee.summary_fields.organization.name is defined %} + organization: "{{ ee.summary_fields.organization.name }}" +{% endif %} image: "{{ ee.image }}" pull: "{{ ee.pull }}" {% if ee.summary_fields.credential is defined %} credential: "{{ ee.summary_fields.credential.name }}" {% endif %} +{% endif %} {% endfor %} ... From ee4ed408ae8148a6cb8fa5a95384ab1a25d4b8c0 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 26 Jul 2023 16:31:50 -0400 Subject: [PATCH 073/129] update release (#654) --- .github/workflows/release.yml | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15a20c002..0cfdfaef9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,11 +15,9 @@ jobs: matrix: awx_version: - devel + - 22.4.0 - 22.3.0 - - 22.2.0 - - 22.1.0 - - 22.0.0 - - 21.14.0 + - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: @@ -27,16 +25,29 @@ jobs: release: needs: - ci_standalone - uses: "redhat-cop/ansible_collections_tooling/.github/workflows/release_pipeline_single.yml@main" + uses: "redhat-cop/ansible_collections_tooling/.github/workflows/release_pipeline_dual.yml@main" with: - collection_namespace: infra - collection_name: controller_configuration + # Galaxy Publish + collection_namespace_1: infra + collection_name_1: controller_configuration + publish_url_collection_1: https://galaxy.ansible.com + galaxy_publish_1: true + ah_publish_1: false + # CRC Publish + collection_namespace_2: infra + collection_name_2: controller_configuration + publish_url_collection_2: https://cloud.redhat.com/api/automation-hub/ + galaxy_publish_2: false + ah_publish_2: true collection_version: ${{ github.ref_name }} collection_repo: https://github.com/redhat-cop/controller_configuration/ quay_username: redhat_cop collection_dependencies: awx.awx + matrix_message: This Ansible collection allows for easy interaction with an AWX or Ansible Controller server via Ansible roles using the AWX/Controller collection modules. secrets: - galaxy_api_key: ${{ secrets.GALAXY_INFRA_KEY }} - token: ${{ secrets.GITHUB_TOKEN }} + collection_api_key_1: ${{ secrets.GALAXY_INFRA_KEY }} + collection_api_key_2: ${{ secrets.CRC_PUBLISH_KEY }} + git_token: ${{ secrets.GITHUB_TOKEN }} quay_token: ${{ secrets.quay_token }} + matrix_token: ${{ secrets.matrix_token }} ... From e1e99191c1e368052f155595db8030a83ff5fb05 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 26 Jul 2023 23:04:30 -0400 Subject: [PATCH 074/129] changelog (#655) --- CHANGELOG.rst | 27 ++++++++++++ changelogs/.plugin-cache.yaml | 2 +- changelogs/changelog.yaml | 41 +++++++++++++++++++ ...objects-for-the-specified-organization.yml | 2 - changelogs/fragments/630-enforce-defs.yml | 4 -- .../fragments/add_organizations_tag.yml | 2 - .../add_schedules_to_filetree_create.yml | 2 - changelogs/fragments/async.yml | 4 -- .../fragments/change_from_lookup_to_query.yml | 5 --- .../fragments/credentials_role_bugfix.yml | 2 - .../fragments/filetree_create_bugfix.yml | 6 --- .../remove_username_dependency_objectdiff.yml | 2 - changelogs/fragments/roles_bugfix.yml | 4 -- 13 files changed, 69 insertions(+), 34 deletions(-) delete mode 100644 changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml delete mode 100644 changelogs/fragments/630-enforce-defs.yml delete mode 100644 changelogs/fragments/add_organizations_tag.yml delete mode 100644 changelogs/fragments/add_schedules_to_filetree_create.yml delete mode 100644 changelogs/fragments/async.yml delete mode 100644 changelogs/fragments/change_from_lookup_to_query.yml delete mode 100644 changelogs/fragments/credentials_role_bugfix.yml delete mode 100644 changelogs/fragments/filetree_create_bugfix.yml delete mode 100644 changelogs/fragments/remove_username_dependency_objectdiff.yml delete mode 100644 changelogs/fragments/roles_bugfix.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index aac56d440..059cc8aa5 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,33 @@ infra.controller_configuration Release Notes .. contents:: Topics +v2.4.1 +====== + +Minor Changes +------------- + +- Add option to change async directory, and set the default to null. /tmp/.ansible_async was a workaround while the default was broken previously. +- Change from lookup to query in the object_diff task files +- add organizations tag in a dispatch task which is in charge of applying galaxy credencitals in the organization. +- added the instance_groups filed to the roles role. +- added the possibility to export schedules through the filetree_create role +- filetree_create now allows to export objects for the specified organization +- remove depencency of CONTROLER_USERNAME variable for object_diff role by calling the API with api/me instead of calling the api/users and filtering by username + +Bugfixes +-------- + +- Changes default value for `*_enforce_defaults` to false instead of the truthy value (due to the quotes), 'false'. +- Fix addition of `state: present` when `with_present: true` +- Temporarily fixed an error when installing docker-compose using pip (see https://stackoverflow.com/questions/76708329/docker-compose-no-longer-building-image-attributeerror-cython-sources for more information) +- When exporting job templates it was failing when missing some input information. +- When exporting schedules, the diff_mode was not treated correctly +- When importing the exported notification templates, the types of some values are not as expected. +- When importing the exported settings, fields like `AUTOMATION_ANALYTICS_LAST_GATHER: 2023-07-17T13:22:06.445818Z` caused problems with the multiple `:`. +- fix 'credentials' role ignoring 'update_secrets false' and forcing to default 'true' +- fixed an the users and teams field on the roles role to be correct and not singular. + v2.4.0 ====== diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index c25f1a145..96a0cde01 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -176,4 +176,4 @@ plugins: strategy: {} test: {} vars: {} -version: 2.4.0 +version: 2.4.1 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 1aa55a2dd..b32913698 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -478,3 +478,44 @@ releases: - roles_update.yml - rrule_bugfix.yml release_date: '2023-06-09' + 2.4.1: + changes: + bugfixes: + - Changes default value for `*_enforce_defaults` to false instead of the truthy + value (due to the quotes), 'false'. + - 'Fix addition of `state: present` when `with_present: true`' + - Temporarily fixed an error when installing docker-compose using pip (see https://stackoverflow.com/questions/76708329/docker-compose-no-longer-building-image-attributeerror-cython-sources + for more information) + - When exporting job templates it was failing when missing some input information. + - When exporting schedules, the diff_mode was not treated correctly + - When importing the exported notification templates, the types of some values + are not as expected. + - 'When importing the exported settings, fields like `AUTOMATION_ANALYTICS_LAST_GATHER: + 2023-07-17T13:22:06.445818Z` caused problems with the multiple `:`.' + - fix 'credentials' role ignoring 'update_secrets false' and forcing to default + 'true' + - fixed an the users and teams field on the roles role to be correct and not + singular. + minor_changes: + - Add option to change async directory, and set the default to null. /tmp/.ansible_async + was a workaround while the default was broken previously. + - Change from lookup to query in the object_diff task files + - add organizations tag in a dispatch task which is in charge of applying galaxy + credencitals in the organization. + - added the instance_groups filed to the roles role. + - added the possibility to export schedules through the filetree_create role + - filetree_create now allows to export objects for the specified organization + - remove depencency of CONTROLER_USERNAME variable for object_diff role by calling + the API with api/me instead of calling the api/users and filtering by username + fragments: + - 610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml + - 630-enforce-defs.yml + - add_organizations_tag.yml + - add_schedules_to_filetree_create.yml + - async.yml + - change_from_lookup_to_query.yml + - credentials_role_bugfix.yml + - filetree_create_bugfix.yml + - remove_username_dependency_objectdiff.yml + - roles_bugfix.yml + release_date: '2023-07-26' diff --git a/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml b/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml deleted file mode 100644 index f28a5aef5..000000000 --- a/changelogs/fragments/610-filetree_create-now-allows-to-export-objects-for-the-specified-organization.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - filetree_create now allows to export objects for the specified organization diff --git a/changelogs/fragments/630-enforce-defs.yml b/changelogs/fragments/630-enforce-defs.yml deleted file mode 100644 index c603dbbf6..000000000 --- a/changelogs/fragments/630-enforce-defs.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - Changes default value for `*_enforce_defaults` to false instead of the truthy value (due to the quotes), 'false'. -... diff --git a/changelogs/fragments/add_organizations_tag.yml b/changelogs/fragments/add_organizations_tag.yml deleted file mode 100644 index 29a69038a..000000000 --- a/changelogs/fragments/add_organizations_tag.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - add organizations tag in a dispatch task which is in charge of applying galaxy credencitals in the organization. diff --git a/changelogs/fragments/add_schedules_to_filetree_create.yml b/changelogs/fragments/add_schedules_to_filetree_create.yml deleted file mode 100644 index f00064b5c..000000000 --- a/changelogs/fragments/add_schedules_to_filetree_create.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - added the possibility to export schedules through the filetree_create role diff --git a/changelogs/fragments/async.yml b/changelogs/fragments/async.yml deleted file mode 100644 index d67273814..000000000 --- a/changelogs/fragments/async.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - Add option to change async directory, and set the default to null. /tmp/.ansible_async was a workaround while the default was broken previously. -... diff --git a/changelogs/fragments/change_from_lookup_to_query.yml b/changelogs/fragments/change_from_lookup_to_query.yml deleted file mode 100644 index f15f674d2..000000000 --- a/changelogs/fragments/change_from_lookup_to_query.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -bugfixes: - - 'Fix addition of `state: present` when `with_present: true`' -minor_changes: - - Change from lookup to query in the object_diff task files diff --git a/changelogs/fragments/credentials_role_bugfix.yml b/changelogs/fragments/credentials_role_bugfix.yml deleted file mode 100644 index e86776f76..000000000 --- a/changelogs/fragments/credentials_role_bugfix.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: - - fix 'credentials' role ignoring 'update_secrets false' and forcing to default 'true' diff --git a/changelogs/fragments/filetree_create_bugfix.yml b/changelogs/fragments/filetree_create_bugfix.yml deleted file mode 100644 index 42d6634bc..000000000 --- a/changelogs/fragments/filetree_create_bugfix.yml +++ /dev/null @@ -1,6 +0,0 @@ -bugfixes: - - When exporting job templates it was failing when missing some input information. - - "When importing the exported settings, fields like `AUTOMATION_ANALYTICS_LAST_GATHER: 2023-07-17T13:22:06.445818Z` caused problems with the multiple `:`." - - When importing the exported notification templates, the types of some values are not as expected. - - When exporting schedules, the diff_mode was not treated correctly - - Temporarily fixed an error when installing docker-compose using pip (see https://stackoverflow.com/questions/76708329/docker-compose-no-longer-building-image-attributeerror-cython-sources for more information) diff --git a/changelogs/fragments/remove_username_dependency_objectdiff.yml b/changelogs/fragments/remove_username_dependency_objectdiff.yml deleted file mode 100644 index 302d62f9d..000000000 --- a/changelogs/fragments/remove_username_dependency_objectdiff.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - remove depencency of CONTROLER_USERNAME variable for object_diff role by calling the API with api/me instead of calling the api/users and filtering by username diff --git a/changelogs/fragments/roles_bugfix.yml b/changelogs/fragments/roles_bugfix.yml deleted file mode 100644 index b32fdef0e..000000000 --- a/changelogs/fragments/roles_bugfix.yml +++ /dev/null @@ -1,4 +0,0 @@ -bugfixes: - - fixed an the users and teams field on the roles role to be correct and not singular. -minor_changes: - - added the instance_groups filed to the roles role. From d9f0c2db276dbe652148498ca0556fff8c7953ab Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 31 Jul 2023 11:10:24 -0400 Subject: [PATCH 075/129] Update pre-commit (#657) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a918020d9..83394b784 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -42,7 +42,7 @@ repos: args: [--config=.black.cfg, --check, --diff] types: [python] - repo: https://github.com/pycqa/flake8 - rev: 6.0.0 + rev: 6.1.0 hooks: - id: flake8 name: flake8 From 4f273f4ae314351c874547fb36989ec41dd9b503 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Tue, 1 Aug 2023 14:01:58 +0100 Subject: [PATCH 076/129] Add roles option to roles role to allow setting multiple roles in one item rather than repeating entire sections of code (#658) --- changelogs/fragments/roles.yml | 4 +++ roles/roles/README.md | 16 ++++++++--- roles/roles/tasks/main.yml | 44 +++++++++++++++++++++++++++++ roles/roles/tests/configs/roles.yml | 4 ++- tests/configs/roles.yml | 4 ++- 5 files changed, 66 insertions(+), 6 deletions(-) create mode 100644 changelogs/fragments/roles.yml diff --git a/changelogs/fragments/roles.yml b/changelogs/fragments/roles.yml new file mode 100644 index 000000000..859500b7d --- /dev/null +++ b/changelogs/fragments/roles.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - Added roles option to roles role to allow setting multiple roles in one item rather than repeating entire sections of code +... diff --git a/roles/roles/README.md b/roles/roles/README.md index eaae4171f..c79f4fbb6 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -79,6 +79,7 @@ This also speeds up the overall role. |`users`|""|no|list|The users for which the role applies| |`team`|""|no|str|The team for which the role applies| |`teams`|""|no|list|The teams for which the role applies| +|`roles`|""|no|str (see note below)|The roles which are applied to one of {`target_team`, `inventory`, `job_template`, `target_team`, `inventory`, `job_template`} for either `user` or `team` | |`role`|""|no|str (see note below)|The role which is applied to one of {`target_team`, `inventory`, `job_template`, `target_team`, `inventory`, `job_template`} for either `user` or `team` | |`target_team`|""|no|str|The team the role applies against| |`target_teams`|""|no|list|The teams the role applies against| @@ -100,7 +101,7 @@ This also speeds up the overall role. #### Role -`role` must be one of the following: +`role` must be one of the following (or roles must contain a list made up from the following): - `admin` - `read` @@ -117,6 +118,8 @@ This also speeds up the overall role. - `notification_admin` - `job_template_admin` +Note that the `roles` option takes precedence over the `role` option and simply allows to specify multiple roles for a user or team (or set of users or teams). + ### Standard RBAC Data Structure #### Json Example @@ -132,13 +135,16 @@ This also speeds up the overall role. { "team": "My Team", "organization": "Default", - "role": "execute" + "role": [ + "execute", + "read" + ] } ] } ``` -#### Yaml Example +git check ```yaml --- @@ -151,7 +157,9 @@ controller_roles: role: member - team: "My Team" organization: "Default" - role: execute + roles: + - execute + - read ``` ## Playbook Examples diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index d12c8d1a3..1961fbcba 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -1,4 +1,47 @@ --- +- name: Create Roles Based Access Entry on Controller + role: + user: "{{ __controller_role_item.0.user | default(omit, true) }}" + users: "{{ __controller_role_item.0.users | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + team: "{{ __controller_role_item.0.team | default(omit, true) }}" + teams: "{{ __controller_role_item.0.teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + role: "{{ __controller_role_item.1 | mandatory }}" + target_team: "{{ __controller_role_item.0.target_team | default(omit, true) }}" + target_teams: "{{ __controller_role_item.0.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_role_item.0.inventory | default(omit, true) }}" + inventories: "{{ __controller_role_item.0.inventories | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + job_template: "{{ __controller_role_item.0.job_template | default(omit, true) }}" + job_templates: "{{ __controller_role_item.0.job_templates | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + workflow: "{{ __controller_role_item.0.workflow | default(omit, true) }}" + workflows: "{{ __controller_role_item.0.workflows | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + credential: "{{ __controller_role_item.0.credential | default(omit, true) }}" + credentials: "{{ __controller_role_item.0.credentials | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + organization: "{{ __controller_role_item.0.organization | default(omit, true) }}" + organizations: "{{ __controller_role_item.0.organizations | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(omit, true) }}" + project: "{{ __controller_role_item.0.project | default(omit, true) }}" + projects: "{{ __controller_role_item.0.projects | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_role_item.0.instance_groups | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + state: "{{ __controller_role_item.0.state | default(controller_state | default('present')) }}" + + # Role Standard Options + controller_username: "{{ controller_username | default(omit, true) }}" + controller_password: "{{ controller_password | default(omit, true) }}" + controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_config_file: "{{ controller_config_file | default(omit, true) }}" + validate_certs: "{{ controller_validate_certs | default(omit) }}" + loop: "{{ controller_roles | subelements('roles', skip_missing=true) }}" + loop_control: + loop_var: __controller_role_item + no_log: "{{ controller_configuration_role_secure_logging }}" + async: 1000 + poll: 0 + register: __controller_role_job_async + changed_when: not __controller_role_job_async.changed + vars: + ansible_async_dir: '/tmp/.ansible_async' + - name: Create Role Based Access Entry on Controller role: user: "{{ __controller_role_item.user | default(omit, true) }}" @@ -32,6 +75,7 @@ controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ controller_roles }}" + when: not __controller_role_item.roles is defined loop_control: loop_var: __controller_role_item no_log: "{{ controller_configuration_role_secure_logging }}" diff --git a/roles/roles/tests/configs/roles.yml b/roles/roles/tests/configs/roles.yml index 7582ecd84..6c2659b32 100644 --- a/roles/roles/tests/configs/roles.yml +++ b/roles/roles/tests/configs/roles.yml @@ -2,7 +2,9 @@ controller_roles: - user: admin job_template: Demo Job Template - role: read + roles: + - read + - execute - inventory: Demo Inventory user: admin role: read diff --git a/tests/configs/roles.yml b/tests/configs/roles.yml index 24fd1d1df..48dd4d14b 100644 --- a/tests/configs/roles.yml +++ b/tests/configs/roles.yml @@ -8,7 +8,9 @@ controller_roles: role: use - inventory: RHVM-02 team: satlab-admin - role: admin + roles: + - admin + - use # - workflow: Test workflow 1 # team: satellite-qe # role: execute From fe3f79aa6000568af855cd13f061c3205004d28c Mon Sep 17 00:00:00 2001 From: Tom Page Date: Wed, 2 Aug 2023 10:00:14 +0100 Subject: [PATCH 077/129] Deduplicate role task in roles role (#662) * Deduplicate role task in roles role * Fix mistakenly changed async dir and fix readme mistake --- roles/roles/README.md | 2 +- roles/roles/tasks/main.yml | 90 ++++++++++---------------------------- 2 files changed, 24 insertions(+), 68 deletions(-) diff --git a/roles/roles/README.md b/roles/roles/README.md index c79f4fbb6..80fe6d1a0 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -135,7 +135,7 @@ Note that the `roles` option takes precedence over the `role` option and simply { "team": "My Team", "organization": "Default", - "role": [ + "roles": [ "execute", "read" ] diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 1961fbcba..4a2aa3cbe 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -1,71 +1,28 @@ --- -- name: Create Roles Based Access Entry on Controller - role: - user: "{{ __controller_role_item.0.user | default(omit, true) }}" - users: "{{ __controller_role_item.0.users | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - team: "{{ __controller_role_item.0.team | default(omit, true) }}" - teams: "{{ __controller_role_item.0.teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - role: "{{ __controller_role_item.1 | mandatory }}" - target_team: "{{ __controller_role_item.0.target_team | default(omit, true) }}" - target_teams: "{{ __controller_role_item.0.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_role_item.0.inventory | default(omit, true) }}" - inventories: "{{ __controller_role_item.0.inventories | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - job_template: "{{ __controller_role_item.0.job_template | default(omit, true) }}" - job_templates: "{{ __controller_role_item.0.job_templates | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - workflow: "{{ __controller_role_item.0.workflow | default(omit, true) }}" - workflows: "{{ __controller_role_item.0.workflows | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - credential: "{{ __controller_role_item.0.credential | default(omit, true) }}" - credentials: "{{ __controller_role_item.0.credentials | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - organization: "{{ __controller_role_item.0.organization | default(omit, true) }}" - organizations: "{{ __controller_role_item.0.organizations | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(omit, true) }}" - project: "{{ __controller_role_item.0.project | default(omit, true) }}" - projects: "{{ __controller_role_item.0.projects | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - instance_groups: "{{ __controller_role_item.0.instance_groups | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - state: "{{ __controller_role_item.0.state | default(controller_state | default('present')) }}" - - # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" - loop: "{{ controller_roles | subelements('roles', skip_missing=true) }}" - loop_control: - loop_var: __controller_role_item - no_log: "{{ controller_configuration_role_secure_logging }}" - async: 1000 - poll: 0 - register: __controller_role_job_async - changed_when: not __controller_role_job_async.changed - vars: - ansible_async_dir: '/tmp/.ansible_async' - - name: Create Role Based Access Entry on Controller role: - user: "{{ __controller_role_item.user | default(omit, true) }}" - users: "{{ __controller_role_item.users | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - team: "{{ __controller_role_item.team | default(omit, true) }}" - teams: "{{ __controller_role_item.teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - role: "{{ __controller_role_item.role | mandatory }}" - target_team: "{{ __controller_role_item.target_team | default(omit, true) }}" - target_teams: "{{ __controller_role_item.target_teams | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_role_item.inventory | default(omit, true) }}" - inventories: "{{ __controller_role_item.inventories | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - job_template: "{{ __controller_role_item.job_template | default(omit, true) }}" - job_templates: "{{ __controller_role_item.job_templates | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - workflow: "{{ __controller_role_item.workflow | default(omit, true) }}" - workflows: "{{ __controller_role_item.workflows | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - credential: "{{ __controller_role_item.credential | default(omit, true) }}" - credentials: "{{ __controller_role_item.credentials | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - organization: "{{ __controller_role_item.organization | default(omit, true) }}" - organizations: "{{ __controller_role_item.organizations | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - lookup_organization: "{{ __controller_role_item.lookup_organization | default(omit, true) }}" - project: "{{ __controller_role_item.project | default(omit, true) }}" - projects: "{{ __controller_role_item.projects | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - instance_groups: "{{ __controller_role_item.instance_groups | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - state: "{{ __controller_role_item.state | default(controller_state | default('present')) }}" + user: "{{ __controller_role_item.0.user | default(__controller_role_item.user) | default(omit, true) }}" + users: "{{ __controller_role_item.0.users | default(__controller_role_item.users) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + team: "{{ __controller_role_item.0.team | default(__controller_role_item.team) | default(omit, true) }}" + teams: "{{ __controller_role_item.0.teams | default(__controller_role_item.teams) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + role: "{{ __controller_role_item.1 | default(__controller_role_item.role) | mandatory }}" + target_team: "{{ __controller_role_item.0.target_team | default(__controller_role_item.target_team) | default(omit, true) }}" + target_teams: "{{ __controller_role_item.0.target_teams | default(__controller_role_item.target_teams) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_role_item.0.inventory | default(__controller_role_item.inventory) | default(omit, true) }}" + inventories: "{{ __controller_role_item.0.inventories | default(__controller_role_item.inventories) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + job_template: "{{ __controller_role_item.0.job_template | default(__controller_role_item.job_template) | default(omit, true) }}" + job_templates: "{{ __controller_role_item.0.job_templates | default(__controller_role_item.job_templates) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + workflow: "{{ __controller_role_item.0.workflow | default(__controller_role_item.workflow) | default(omit, true) }}" + workflows: "{{ __controller_role_item.0.workflows | default(__controller_role_item.workflows) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + credential: "{{ __controller_role_item.0.credential | default(__controller_role_item.credential) | default(omit, true) }}" + credentials: "{{ __controller_role_item.0.credentials | default(__controller_role_item.credentials) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + organization: "{{ __controller_role_item.0.organization | default(__controller_role_item.organization) | default(omit, true) }}" + organizations: "{{ __controller_role_item.0.organizations | default(__controller_role_item.organizations) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(__controller_role_item.lookup_organization) | default(omit, true) }}" + project: "{{ __controller_role_item.0.project | default(__controller_role_item.project) | default(omit, true) }}" + projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(controller_state | default('present')) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" @@ -74,8 +31,7 @@ controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" - loop: "{{ controller_roles }}" - when: not __controller_role_item.roles is defined + loop: "{{ ( controller_roles | subelements(['roles'], skip_missing=true)) + controller_roles | selectattr('roles', 'undefined') }}" loop_control: loop_var: __controller_role_item no_log: "{{ controller_configuration_role_secure_logging }}" From a7a20989cf468e543a5aaaa4f715ea2636f3e00b Mon Sep 17 00:00:00 2001 From: Tom Page Date: Wed, 2 Aug 2023 17:13:19 +0100 Subject: [PATCH 078/129] Make galaxy.yml persistent and move out ansible.cfg (#663) * Make galaxy.yml persistent and move out ansible.cfg * Trigger Git Commit --------- Co-authored-by: Sean Sullivan --- ansible.cfg => .github/files/ansible.cfg | 0 galaxy.yml.j2 => .github/files/galaxy.yml.j2 | 0 .github/workflows/ci_standalone_versioned.yml | 3 ++ .gitignore | 1 - changelogs/fragments/source_build.yml | 4 +++ galaxy.yml | 31 +++++++++++++++++++ 6 files changed, 38 insertions(+), 1 deletion(-) rename ansible.cfg => .github/files/ansible.cfg (100%) rename galaxy.yml.j2 => .github/files/galaxy.yml.j2 (100%) create mode 100644 changelogs/fragments/source_build.yml create mode 100644 galaxy.yml diff --git a/ansible.cfg b/.github/files/ansible.cfg similarity index 100% rename from ansible.cfg rename to .github/files/ansible.cfg diff --git a/galaxy.yml.j2 b/.github/files/galaxy.yml.j2 similarity index 100% rename from galaxy.yml.j2 rename to .github/files/galaxy.yml.j2 diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 12d8d4409..8dbc3ecb0 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -60,6 +60,9 @@ jobs: - name: give some time to spin up run: sleep 30 + - name: Move ansible.cfg to root + run: mv .github/files/ansible.cfg . + - name: Display Versions run: which python && pip --version && ansible --version diff --git a/.gitignore b/.gitignore index df31fe96a..a1fc7799d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ collections/* !collections/requirements.yml -galaxy.yml *.tar.gz *.pyc id_rsa* diff --git a/changelogs/fragments/source_build.yml b/changelogs/fragments/source_build.yml new file mode 100644 index 000000000..1a65407d8 --- /dev/null +++ b/changelogs/fragments/source_build.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - ansible.cfg removed from root and galaxy.yml added to enable install from source +... diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 000000000..0ffe0d091 --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,31 @@ +--- +namespace: infra +name: controller_configuration +version: 2.4.1-devel +description: A collection of roles to manage Ansible Controller +readme: README.md +authors: + - Andrew Huffman + - Adebisi Oyawale @aoyawale + - Kedar Kulkarni @kedark3 + - Tom Page @Tompage1994 + - Sean Sullivan @sean-m-sullivan + - David Danielsson @djdanielsson +repository: https://github.com/redhat-cop/controller_configuration.git +issues: https://github.com/redhat-cop/controller_configuration.git/issues +build_ignore: + - galaxy.yml.j2 + - release.yml + - .github + - .ansiblelint.yml + - .yamllint.yml + - '*.tar.gz' +license: + - GPL-3.0-or-later +tags: + - controller + - collection + - controller_configuration + - automation_platform + - infrastructure +... From 155c08ff66e110db15977c20b0b05b8b7b583096 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 3 Aug 2023 04:23:10 +0200 Subject: [PATCH 079/129] Solve issue `Object diff for roles removing most roles` (#562) * added singulars to be treated as well * new attributes for roles * new attributes for roles * added changelog fragment * fix on map_item function * removed extra empty line * fixes on object_diff inputs * removed debug information. added ORGANIZATIONLESS to credentials and users without an organization * fix lintering issues * fix lintering issues * fix lintering issues * tests fixes. multiple list from https://github.com/redhat-cop/controller_configuration/pull/647 fixed. Test ping URL fixed --- changelogs/fragments/object_diff.yml | 5 + plugins/lookup/controller_object_diff.py | 101 +++++++++++------- roles/applications/tasks/main.yml | 4 +- roles/credential_input_sources/tasks/main.yml | 4 +- roles/credential_types/tasks/main.yml | 6 +- roles/credentials/tasks/main.yml | 12 +-- roles/filetree_create/tasks/all.yml | 6 +- roles/filetree_create/tasks/users.yml | 2 +- .../templates/current_credentials.j2 | 2 + roles/object_diff/tasks/applications.yml | 14 +-- roles/object_diff/tasks/credential_types.yml | 5 +- roles/object_diff/tasks/credentials.yml | 4 +- .../tasks/execution_environments.yml | 47 ++++---- roles/object_diff/tasks/groups.yml | 2 +- roles/object_diff/tasks/hosts.yml | 2 +- roles/object_diff/tasks/instance_groups.yml | 18 ++-- roles/object_diff/tasks/inventories.yml | 4 +- roles/object_diff/tasks/inventory_sources.yml | 6 +- roles/object_diff/tasks/job_templates.yml | 8 +- roles/object_diff/tasks/main.yml | 3 +- .../tasks/notification_templates.yml | 18 ++-- roles/object_diff/tasks/organizations.yml | 4 +- roles/object_diff/tasks/projects.yml | 14 +-- roles/object_diff/tasks/roles.yml | 10 +- roles/object_diff/tasks/schedules.yml | 22 ++-- roles/object_diff/tasks/teams.yml | 14 +-- roles/object_diff/tasks/user_accounts.yml | 6 +- .../tasks/workflow_job_templates.yml | 16 +-- roles/object_diff/tests/.gitignore | 3 + roles/object_diff/tests/drop_diff.yml | 3 + roles/object_diff/tests/object_diff.yml | 2 + tests/configs/differential_items.yml | 11 +- tests/configure_controller.yml | 2 +- tests/tasks/differential.yml | 4 +- 34 files changed, 219 insertions(+), 165 deletions(-) create mode 100644 changelogs/fragments/object_diff.yml create mode 100644 roles/object_diff/tests/.gitignore diff --git a/changelogs/fragments/object_diff.yml b/changelogs/fragments/object_diff.yml new file mode 100644 index 000000000..6a9ca2996 --- /dev/null +++ b/changelogs/fragments/object_diff.yml @@ -0,0 +1,5 @@ +--- +bugfixes: + - Added more attributes to be expanded and used by the comparison + - Fixed lintering issues +... diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index e894b7f1c..b9926cea1 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -89,11 +89,11 @@ returned: on successful differential """ -from ansible.plugins.lookup import LookupBase +import copy from ansible.errors import AnsibleError, AnsibleLookupError from ansible.module_utils._text import to_native +from ansible.plugins.lookup import LookupBase from ansible.utils.display import Display -import copy class LookupModule(LookupBase): @@ -114,6 +114,13 @@ def create_present_list(self, compare_list): return compare_list + def map_item(self, item, new_attribute_name, attribute_value, dupitems): + new_item = copy.deepcopy(item) + new_item.update({new_attribute_name: attribute_value}) + for dupitem in [dupitem for dupitem in dupitems if dupitem in new_item]: + new_item.pop(dupitem) + return new_item + def run(self, terms, variables=None, **kwargs): self.set_options(direct=kwargs) @@ -179,7 +186,12 @@ def run(self, terms, variables=None, **kwargs): api_list_reduced = copy.deepcopy(api_list) elif api_list[0]["type"] == "instance_group": compare_list_reduced = [{key: item[key] for key in keys_to_keep} for item in compare_list] - api_list_reduced = [{key: item[key] for key in api_keys_to_keep} for item in api_list if item["summary_fields"]["user_capabilities"]["delete"]] + api_list_reduced = [ + {key: item[key] for key in api_keys_to_keep} + for item in api_list + if (item["summary_fields"] and item["summary_fields"]["user_capabilities"]["delete"]) + ] + else: compare_list_reduced = [{key: item[key] for key in keys_to_keep} for item in compare_list] api_list_reduced = [{key: item[key] for key in api_keys_to_keep} for item in api_list] @@ -196,7 +208,7 @@ def run(self, terms, variables=None, **kwargs): item.pop("summary_fields") elif api_list[0]["type"] == "credential": for item in api_list_reduced: - item.update({"organization": item["summary_fields"]["organization"]["name"]}) + item.update({"organization": item["summary_fields"]["organization"]["name"] if item["summary_fields"]["organization"] else ""}) item.update({"credential_type": item["summary_fields"]["credential_type"]["name"]}) item.pop("summary_fields") elif api_list[0]["type"] == "workflow_job_template_node": @@ -225,43 +237,57 @@ def run(self, terms, variables=None, **kwargs): list_to_extend = [] list_to_remove = [] for item in compare_list_reduced: - target_teams_expanded = False - job_templates_expanded = False - workflows_expanded = False + expanded = False + dupitems = [ + "target_team", + "target_teams", + "job_template", + "job_templates", + "workflow", + "workflows", + "inventory", + "inventories", + "project", + "projects", + "credential", + "credentials", + ] + if "target_team" in item: + list_to_extend.append(self.map_item(item, "team", item["target_team"], dupitems)) + expanded = True if "target_teams" in item: for team in item["target_teams"]: - new_item = copy.deepcopy(item) - new_item.update({"team": team}) - new_item.pop("target_teams") - if "job_templates" in new_item: - new_item.pop("job_templates") - if "workflows" in new_item: - new_item.pop("workflows") - list_to_extend.append(new_item) - target_teams_expanded = True + list_to_extend.append(self.map_item(item, "team", team, dupitems)) + expanded = True + if "job_template" in item: + list_to_extend.append(self.map_item(item, "job_template", item["job_template"], dupitems)) + expanded = True if "job_templates" in item: for job_template in item["job_templates"]: - new_item = copy.deepcopy(item) - new_item.update({"job_template": job_template}) - new_item.pop("job_templates") - if "target_teams" in new_item: - new_item.pop("target_teams") - if "workflows" in new_item: - new_item.pop("workflows") - list_to_extend.append(new_item) - job_templates_expanded = True + list_to_extend.append(self.map_item(item, "job_template", job_template, dupitems)) + expanded = True + if "workflow" in item: + list_to_extend.append(self.map_item(item, "workflow_job_template", item["workflow"], dupitems)) + expanded = True if "workflows" in item: for workflow in item["workflows"]: - new_item = copy.deepcopy(item) - new_item.update({"workflow_job_template": workflow}) - new_item.pop("workflows") - if "target_teams" in new_item: - new_item.pop("target_teams") - if "job_templates" in new_item: - new_item.pop("job_templates") - list_to_extend.append(new_item) - workflows_expanded = True - if target_teams_expanded or job_templates_expanded or workflows_expanded: + list_to_extend.append(self.map_item(item, "workflow_job_template", workflow, dupitems)) + expanded = True + if "inventory" in item: + list_to_extend.append(self.map_item(item, "inventory", item["inventory"], dupitems)) + expanded = True + if "inventories" in item: + for inventory in item["inventories"]: + list_to_extend.append(self.map_item(item, "inventory", inventory, dupitems)) + expanded = True + if "project" in item: + list_to_extend.append(self.map_item(item, "project", item["project"], dupitems)) + expanded = True + if "projects" in item: + for project in item["projects"]: + list_to_extend.append(self.map_item(item, "project", project, dupitems)) + expanded = True + if expanded: list_to_remove.append(item) for item in list_to_remove: compare_list_reduced.remove(item) @@ -295,7 +321,8 @@ def run(self, terms, variables=None, **kwargs): item.update({"state": "absent"}) # Combine Lists if self.get_option("with_present"): - compare_list = self.create_present_list(compare_list) + for item in compare_list_reduced: + item.update({"state": "present"}) compare_list.extend(difference) # Return Compare list with difference attached difference = compare_list @@ -308,4 +335,4 @@ def run(self, terms, variables=None, **kwargs): for item in difference_to_remove: difference.remove(item) - return difference + return [difference] diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 3ea5f8b07..cc56dfad2 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -5,11 +5,11 @@ name: "{{ __application_item.name | mandatory }}" new_name: "{{ __application_item.new_name | default(omit, true) }}" organization: "{{ __application_item.organization | mandatory }}" - description: "{{ __application_item.description | default(( '' if controller_configuration_applications_enforce_defaults else omit), true) }}" + description: "{{ __application_item.description | default(('' if controller_configuration_applications_enforce_defaults else omit), true) }}" authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" client_type: "{{ __application_item.client_type | default('public') }}" redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" - skip_authorization: "{{ __application_item.skip_authorization | default(( false if controller_configuration_applications_enforce_defaults else omit), true) }}" + skip_authorization: "{{ __application_item.skip_authorization | default((false if controller_configuration_applications_enforce_defaults else omit), true) }}" state: "{{ __application_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index bb4ab20b8..c0d93c211 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -4,8 +4,8 @@ target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" - description: "{{ __cred_input_src_item.description | default(( '' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" - metadata: "{{ __cred_input_src_item.metadata | default(( {} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" + description: "{{ __cred_input_src_item.description | default(('' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" + metadata: "{{ __cred_input_src_item.metadata | default(({} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" state: "{{ __cred_input_src_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 31174461e..53535c4d1 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -3,9 +3,9 @@ credential_type: name: "{{ __controller_credential_type_item.name | mandatory }}" new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" - description: "{{ __controller_credential_type_item.description | default(( '' if controller_configuration_credential_types_enforce_defaults else omit), true) }}" - injectors: "{{ __controller_credential_type_item.injectors | default(( {} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" - inputs: "{{ __controller_credential_type_item.inputs | default(( {} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" + description: "{{ __controller_credential_type_item.description | default(('' if controller_configuration_credential_types_enforce_defaults else omit), true) }}" + injectors: "{{ __controller_credential_type_item.injectors | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + inputs: "{{ __controller_credential_type_item.inputs | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" state: "{{ __controller_credential_type_item.state | default(controller_state | default('present')) }}" diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 576997301..108fc691d 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -4,13 +4,13 @@ name: "{{ __controller_credentials_item.name | mandatory }}" new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" - description: "{{ __controller_credentials_item.description | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true) }}" - organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" + description: "{{ __controller_credentials_item.description | default(('' if controller_configuration_credentials_enforce_defaults else omit), true) }}" + organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory ) }}" - inputs: "{{ __controller_credentials_item.inputs | default(( {} if controller_configuration_credentials_enforce_defaults else omit), true) }}" - user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" - team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(( '' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" - update_secrets: "{{ __controller_credentials_item.update_secrets | default( true if controller_configuration_credentials_enforce_defaults else omit) }}" + inputs: "{{ __controller_credentials_item.inputs | default(({} if controller_configuration_credentials_enforce_defaults else omit), true) }}" + user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" + team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" + update_secrets: "{{ __controller_credentials_item.update_secrets | default(true if controller_configuration_credentials_enforce_defaults else omit) }}" state: "{{ __controller_credentials_item.state | default(controller_state | default('present')) }}" # Role specific options diff --git a/roles/filetree_create/tasks/all.yml b/roles/filetree_create/tasks/all.yml index 8f9e6148b..d00f00e67 100644 --- a/roles/filetree_create/tasks/all.yml +++ b/roles/filetree_create/tasks/all.yml @@ -25,7 +25,7 @@ msg: "The organization {{ organization_filter }} has the ID {{ organization_id }}" - name: Include tasks (block) - when: "['all', 'labels', 'applications', 'instance_groups', 'settings', 'inventory', 'credentials', 'credential_types', 'notification_templates', 'users', 'teams', 'organizations', 'projects', 'execution_environments', 'job_templates', 'workflow_job_templates', 'workflow_job_template_nodes', 'schedules'] | intersect(input_tag) | length > 0" + when: "['all', 'labels', 'applications', 'instance_groups', 'settings', 'inventory', 'credentials', 'credential_types', 'notification_templates', 'users', 'teams', 'roles', 'organizations', 'projects', 'execution_environments', 'job_templates', 'workflow_job_templates', 'workflow_job_template_nodes', 'schedules'] | intersect(input_tag) | length > 0" block: - name: "Export Inventories and related Groups and Hosts" ansible.builtin.include_tasks: "inventory.yml" @@ -41,10 +41,10 @@ when: "'notification_templates' in input_tag or 'all' in input_tag" - name: "Export Users" ansible.builtin.include_tasks: "users.yml" - when: "'users' in input_tag or 'all' in input_tag" + when: "'users' in input_tag or 'roles' in input_tag or 'all' in input_tag" - name: "Export Teams" ansible.builtin.include_tasks: "teams.yml" - when: "'teams' in input_tag or 'all' in input_tag" + when: "'teams' in input_tag or 'roles' in input_tag or 'all' in input_tag" - name: "Export Organizations" ansible.builtin.include_tasks: "organizations.yml" when: "'organizations' in input_tag or 'all' in input_tag" diff --git a/roles/filetree_create/tasks/users.yml b/roles/filetree_create/tasks/users.yml index dc1e0de13..26d6bd538 100644 --- a/roles/filetree_create/tasks/users.yml +++ b/roles/filetree_create/tasks/users.yml @@ -9,7 +9,7 @@ - name: "Add the users the Organizations information" # noqa jinja[spacing] ansible.builtin.set_fact: - current_users: "{{ (current_users | default([])) + [user_lookvar_item | combine({'organizations': user_lookvar_item_organizations})] }}" + current_users: "{{ (current_users | default([])) + [user_lookvar_item | combine({'organizations': user_lookvar_item_organizations if (user_lookvar_item_organizations | length > 1) else ['ORGANIZATIONLESS']})] }}" vars: user_lookvar_item_organizations: "{{ query(controller_api_plugin, user_lookvar_item.related.organizations, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, diff --git a/roles/filetree_create/templates/current_credentials.j2 b/roles/filetree_create/templates/current_credentials.j2 index e9aeed9d9..1eed4841c 100644 --- a/roles/filetree_create/templates/current_credentials.j2 +++ b/roles/filetree_create/templates/current_credentials.j2 @@ -5,6 +5,8 @@ controller_credentials: credential_type: "{{ current_credentials_asset_value.summary_fields.credential_type.name }}" {% if current_credentials_asset_value.organization is defined and current_credentials_asset_value.organization is not none %} organization: "{{ current_credentials_asset_value.summary_fields.organization.name }}" +{% else %} + organization: "ORGANIZATIONLESS" {% endif %} inputs: {{ current_credentials_asset_value.inputs | to_nice_yaml(indent=2) | indent(width=6, first=True) | replace("$encrypted$", "\'\'") }} diff --git a/roles/object_diff/tasks/applications.yml b/roles/object_diff/tasks/applications.yml index 9651143dc..ad337a871 100644 --- a/roles/object_diff/tasks/applications.yml +++ b/roles/object_diff/tasks/applications.yml @@ -9,17 +9,17 @@ - name: "Get the API list of all Applications in Organization {{ orgs }}" ansible.builtin.set_fact: __controller_api_applications: "{{ query(controller_api_plugin, 'applications', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" - name: "Find the difference of Application between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __applications_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_applications, compare_list=controller_applications, - with_present=include_present_state, set_absent=true) - }}" + api_list=__controller_api_applications, compare_list=controller_applications, + with_present=include_present_state, set_absent=true) | flatten + }}" - name: "Set application's list to be configured" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/credential_types.yml b/roles/object_diff/tasks/credential_types.yml index bae39645b..8b42e43de 100644 --- a/roles/object_diff/tasks/credential_types.yml +++ b/roles/object_diff/tasks/credential_types.yml @@ -23,8 +23,9 @@ - name: "Find the difference of Credential Types between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __credential_types_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_credential_types, compare_list=controller_credential_types, - with_present=include_present_state, set_absent=true) }}" + api_list=__controller_api_credential_types, compare_list=controller_credential_types, + with_present=include_present_state, set_absent=true) | flatten + }}" - name: "Set credential's list to be configured" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/credentials.yml b/roles/object_diff/tasks/credentials.yml index fba26423a..8929bf44e 100644 --- a/roles/object_diff/tasks/credentials.yml +++ b/roles/object_diff/tasks/credentials.yml @@ -20,8 +20,8 @@ - name: "Find the difference of Credentials between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __credentials_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_credentials, compare_list=controller_credentials, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_credentials, compare_list=controller_credentials, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set credential's list to be configured" diff --git a/roles/object_diff/tasks/execution_environments.yml b/roles/object_diff/tasks/execution_environments.yml index 13dec4a9e..b6e0fb686 100644 --- a/roles/object_diff/tasks/execution_environments.yml +++ b/roles/object_diff/tasks/execution_environments.yml @@ -1,27 +1,30 @@ --- -- name: Get the organization ID - ansible.builtin.set_fact: - __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) - }}" +- name: "Block to be executed only when connected against an AAP instance (not Tower)" + when: is_aap + block: + - name: Get the organization ID + ansible.builtin.set_fact: + __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + }}" -- name: "Get the API list of all Execution Environments in Organization {{ orgs }}" - ansible.builtin.set_fact: - __controller_api_execution_environments: "{{ query(controller_api_plugin, 'execution_environments', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + - name: "Get the API list of all Execution Environments in Organization {{ orgs }}" + ansible.builtin.set_fact: + __controller_api_execution_environments: "{{ query(controller_api_plugin, 'execution_environments', + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" -- name: "Find the difference of Execution Environment between what is on the Controller versus CasC on SCM" - ansible.builtin.set_fact: - __execution_environments_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_execution_environments, compare_list=controller_execution_environments, - with_present=include_present_state, set_absent=true) - }}" + - name: "Find the difference of Execution Environment between what is on the Controller versus CasC on SCM" + ansible.builtin.set_fact: + __execution_environments_difference: "{{ query(controller_role_plugin, + api_list=__controller_api_execution_environments, compare_list=controller_execution_environments, + with_present=include_present_state, set_absent=true) | flatten + }}" -- name: "Set execution_environment's list to be configured" - ansible.builtin.set_fact: - controller_execution_environments: "{{ __execution_environments_difference }}" + - name: "Set execution_environment's list to be configured" + ansible.builtin.set_fact: + controller_execution_environments: "{{ __execution_environments_difference }}" ... diff --git a/roles/object_diff/tasks/groups.yml b/roles/object_diff/tasks/groups.yml index 9847179e7..81fd8041d 100644 --- a/roles/object_diff/tasks/groups.yml +++ b/roles/object_diff/tasks/groups.yml @@ -39,7 +39,7 @@ __groups_difference: "{{ query(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_groups, compare_list=controller_groups, - with_present=include_present_state, set_absent=true) + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set the inventory key at the correct place" diff --git a/roles/object_diff/tasks/hosts.yml b/roles/object_diff/tasks/hosts.yml index d5e9e4c6b..31d898c7d 100644 --- a/roles/object_diff/tasks/hosts.yml +++ b/roles/object_diff/tasks/hosts.yml @@ -39,7 +39,7 @@ __hosts_difference: "{{ query(controller_role_plugin, query_params={'summary_fields.inventory.organization_id': controller_organization_id.id}, api_list=__controller_api_hosts, compare_list=controller_hosts, - with_present=include_present_state, set_absent=true) + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set the inventory key at the correct place" diff --git a/roles/object_diff/tasks/instance_groups.yml b/roles/object_diff/tasks/instance_groups.yml index b1ff4ba26..cad212783 100644 --- a/roles/object_diff/tasks/instance_groups.yml +++ b/roles/object_diff/tasks/instance_groups.yml @@ -2,7 +2,7 @@ - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" - name: "Instance Group differences (block)" @@ -12,18 +12,18 @@ - name: "Get the API list of all instance_groups" ansible.builtin.set_fact: __controller_api_instance_groups: "{{ query(controller_api_plugin, 'instance_groups', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" - name: "Find the difference of Instance Groups between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __instance_groups_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_instance_groups, - compare_list=controller_instance_groups, - with_present=include_present_state, - set_absent=true) - }}" + api_list=__controller_api_instance_groups, + compare_list=controller_instance_groups, + with_present=include_present_state, + set_absent=true) | flatten + }}" - name: "Sets the difference of Instance Groups between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/inventories.yml b/roles/object_diff/tasks/inventories.yml index b1307428f..e407bf36b 100644 --- a/roles/object_diff/tasks/inventories.yml +++ b/roles/object_diff/tasks/inventories.yml @@ -19,8 +19,8 @@ - name: "Find the difference of Inventories between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __inventories_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_inventories, compare_list=controller_inventories, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_inventories, compare_list=controller_inventories, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set inventores' list to be configured" diff --git a/roles/object_diff/tasks/inventory_sources.yml b/roles/object_diff/tasks/inventory_sources.yml index 44cf6ef0b..f1cde6c25 100644 --- a/roles/object_diff/tasks/inventory_sources.yml +++ b/roles/object_diff/tasks/inventory_sources.yml @@ -19,9 +19,9 @@ - name: "Find the difference of Inventory Sources between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __inventory_sources_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_inventory_sources, - compare_list=controller_inventory_sources, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_inventory_sources, + compare_list=controller_inventory_sources, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set inventory_sources' list to be configured" diff --git a/roles/object_diff/tasks/job_templates.yml b/roles/object_diff/tasks/job_templates.yml index 00eeb351b..84b8fc577 100644 --- a/roles/object_diff/tasks/job_templates.yml +++ b/roles/object_diff/tasks/job_templates.yml @@ -2,8 +2,8 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" @@ -19,8 +19,8 @@ - name: "Find the difference of Job Templates between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __job_templates_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_job_templates, compare_list=controller_templates, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_job_templates, compare_list=controller_templates, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set job_template's list to be configured" diff --git a/roles/object_diff/tasks/main.yml b/roles/object_diff/tasks/main.yml index 12d316a54..1ffcb7f84 100644 --- a/roles/object_diff/tasks/main.yml +++ b/roles/object_diff/tasks/main.yml @@ -64,7 +64,8 @@ args: apply: tags: "{{ __task_diff.tags }}" - tags: always + tags: + - always loop: "{{ controller_configuration_object_diff_tasks }}" loop_control: loop_var: __task_diff diff --git a/roles/object_diff/tasks/notification_templates.yml b/roles/object_diff/tasks/notification_templates.yml index 9af7122a5..4308c6fd0 100644 --- a/roles/object_diff/tasks/notification_templates.yml +++ b/roles/object_diff/tasks/notification_templates.yml @@ -2,24 +2,24 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" - name: "Get the API list of all Notification Templates in Organization {{ orgs }}" ansible.builtin.set_fact: __controller_api_notification_templates: "{{ query(controller_api_plugin, 'notification_templates', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" - name: "Find the difference of Notification Template between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __notification_templates_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_notification_templates, compare_list=controller_notifications, - with_present=include_present_state, set_absent=true) - }}" + api_list=__controller_api_notification_templates, compare_list=controller_notifications, + with_present=include_present_state, set_absent=true) | flatten + }}" - name: "Set notification_template's list to be configured" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/organizations.yml b/roles/object_diff/tasks/organizations.yml index 3da346712..7497eb81e 100644 --- a/roles/object_diff/tasks/organizations.yml +++ b/roles/object_diff/tasks/organizations.yml @@ -21,8 +21,8 @@ - name: "Find the difference of Organizations between what is on the Controller versus curated list." ansible.builtin.set_fact: __organizations_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_organizations, compare_list=controller_organizations, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_organizations, compare_list=controller_organizations, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set list __list_empty_orgs when protect_not_empty_orgs" diff --git a/roles/object_diff/tasks/projects.yml b/roles/object_diff/tasks/projects.yml index cc48a8b60..b9e338055 100644 --- a/roles/object_diff/tasks/projects.yml +++ b/roles/object_diff/tasks/projects.yml @@ -2,25 +2,25 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" - name: "Get the API list of all Projects in Organization {{ orgs }}" ansible.builtin.set_fact: __controller_api_projects: "{{ query(controller_api_plugin, 'projects', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" - name: "Find the difference of Project between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __projects_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_projects, compare_list=controller_projects, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_projects, compare_list=controller_projects, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set project's list to be configured" diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index ba706b62b..cf77f7f91 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -2,13 +2,17 @@ - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" + tags: + - always - name: "Role differences (block)" when: - __controller_api_current_user_check_is_admin.is_superuser + tags: + - always block: - name: "Get the API list of all roles" # noqa jinja[spacing] @@ -53,8 +57,8 @@ - name: "Find the difference of Roles between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __roles_difference: "{{ query(controller_role_plugin, - api_list=__full_controller_api_roles, compare_list=controller_roles, - with_present=include_present_state, set_absent=true) + api_list=__full_controller_api_roles, compare_list=controller_roles, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Sets differences between Roles what is on the Controller versus CasC on SCM" diff --git a/roles/object_diff/tasks/schedules.yml b/roles/object_diff/tasks/schedules.yml index 7eb2dc271..8deffd283 100644 --- a/roles/object_diff/tasks/schedules.yml +++ b/roles/object_diff/tasks/schedules.yml @@ -2,8 +2,8 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" - name: "Get the API list of all WF and Job Templates in Organization {{ orgs }}" @@ -14,10 +14,10 @@ return_all=true, max_objects=query_controller_api_max_objects) }}" __controller_api_workflow_job_templates: "{{ query(controller_api_plugin, 'workflow_job_templates', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" - name: "Get WF and JT IDs" # noqa jinja[spacing] @@ -27,9 +27,9 @@ - name: "Get the API list of all Schedules" ansible.builtin.set_fact: __controller_api_schedules_prefilter: "{{ query(controller_api_plugin, 'schedules', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - }}" + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" - name: "Get the API list of all Schedules in Organization {{ orgs }}" ansible.builtin.set_fact: @@ -39,8 +39,8 @@ ansible.builtin.set_fact: __schedules_difference: "{{ query(controller_role_plugin, api_list=__controller_api_schedules, compare_list=controller_schedules, - with_present=include_present_state, set_absent=true) - }}" + with_present=include_present_state, set_absent=true) | flatten + }}" - name: "Set schedule's list to be configured" ansible.builtin.set_fact: diff --git a/roles/object_diff/tasks/teams.yml b/roles/object_diff/tasks/teams.yml index 36221d368..70a7d5b5f 100644 --- a/roles/object_diff/tasks/teams.yml +++ b/roles/object_diff/tasks/teams.yml @@ -2,7 +2,7 @@ - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" @@ -13,8 +13,8 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" @@ -30,10 +30,10 @@ - name: "Find the difference of Teams between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __teams_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_teams, - compare_list=controller_teams, - with_present=include_present_state, - set_absent=true) + api_list=__controller_api_teams, + compare_list=controller_teams, + with_present=include_present_state, + set_absent=true) | flatten }}" - name: "Sets the difference of Teams between what is on the Controller versus CasC on SCM" diff --git a/roles/object_diff/tasks/user_accounts.yml b/roles/object_diff/tasks/user_accounts.yml index e4dc4ef27..b8109dd66 100644 --- a/roles/object_diff/tasks/user_accounts.yml +++ b/roles/object_diff/tasks/user_accounts.yml @@ -3,7 +3,7 @@ - name: "Get the current controller user to determine if it is super-admin" ansible.builtin.set_fact: __controller_api_current_user_check_is_admin: "{{ lookup(controller_api_plugin, 'me', - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" @@ -36,8 +36,8 @@ - name: "Find the difference of User Accounts between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __user_accounts_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_user_accounts, compare_list=controller_user_accounts, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_user_accounts, compare_list=controller_user_accounts, + with_present=include_present_state, set_absent=true) | flatten }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" diff --git a/roles/object_diff/tasks/workflow_job_templates.yml b/roles/object_diff/tasks/workflow_job_templates.yml index 2609e9ba0..cf7f05ffa 100644 --- a/roles/object_diff/tasks/workflow_job_templates.yml +++ b/roles/object_diff/tasks/workflow_job_templates.yml @@ -2,26 +2,26 @@ - name: Get the organization ID ansible.builtin.set_fact: __controller_organization_id: "{{ lookup(controller_api_plugin, 'organizations', - query_params={'name': orgs}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) + query_params={'name': orgs}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" - name: "Get the API list of all Workflow Job Templates" ansible.builtin.set_fact: __controller_api_workflow_job_templates: "{{ query(controller_api_plugin, 'workflow_job_templates', - query_params={'organization': __controller_organization_id.id}, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) + query_params={'organization': __controller_organization_id.id}, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" - name: "Find the difference of Workflow Job Templates between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: __workflow_job_templates_difference: "{{ query(controller_role_plugin, - api_list=__controller_api_workflow_job_templates, - compare_list=controller_workflows, - with_present=include_present_state, set_absent=true) + api_list=__controller_api_workflow_job_templates, + compare_list=controller_workflows, + with_present=include_present_state, set_absent=true) | flatten }}" - name: "Set job_template's list to be configured" diff --git a/roles/object_diff/tests/.gitignore b/roles/object_diff/tests/.gitignore new file mode 100644 index 000000000..9bcaba703 --- /dev/null +++ b/roles/object_diff/tests/.gitignore @@ -0,0 +1,3 @@ +collections +.vault_password_file +vault.yml diff --git a/roles/object_diff/tests/drop_diff.yml b/roles/object_diff/tests/drop_diff.yml index d76a29a71..46e371e7c 100644 --- a/roles/object_diff/tests/drop_diff.yml +++ b/roles/object_diff/tests/drop_diff.yml @@ -40,6 +40,7 @@ controller_configuration_dispatcher_roles: - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} - {role: job_templates, var: controller_templates, tags: job_templates} + - {role: roles, var: controller_roles, tags: roles} - {role: teams, var: controller_teams, tags: teams} - {role: users, var: controller_user_accounts, tags: users} - {role: groups, var: controller_groups, tags: inventories} @@ -62,4 +63,6 @@ validate_certs: "{{ controller_validate_certs }}" status_code: 204 when: controller_oauthtoken_url is defined + tags: + - always ... diff --git a/roles/object_diff/tests/object_diff.yml b/roles/object_diff/tests/object_diff.yml index b6cd9efa7..bd2089c66 100644 --- a/roles/object_diff/tests/object_diff.yml +++ b/roles/object_diff/tests/object_diff.yml @@ -46,4 +46,6 @@ validate_certs: "{{ controller_validate_certs }}" status_code: 204 when: controller_oauthtoken_url is defined + tags: + - always ... diff --git a/tests/configs/differential_items.yml b/tests/configs/differential_items.yml index 217603386..770b8854c 100644 --- a/tests/configs/differential_items.yml +++ b/tests/configs/differential_items.yml @@ -45,20 +45,20 @@ differential_items: organization: Default scm_type: git scm_url: https://github.com/ansible/tower-example.git - state: present + # state: present - description: ansible-examples name: Test Inventory source project organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git - state: present + # state: present - credential: gitlab-personal-access-token for satqe_auto_droid description: ansible-examples name: Test Inventory source project with credential organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git - state: present + # state: present wait: false - description: Test Project 1 name: Test Project @@ -67,7 +67,7 @@ differential_items: scm_clean: true scm_type: git scm_url: https://github.com/ansible/tower-example.git - state: present + # state: present - name: Demo Project organization: Default state: absent @@ -77,6 +77,9 @@ differential_items: - name: "cyberark" credential_type: CyberArk Central Credential Provider Lookup organization: Default + - name: Demo Credential + organization: Default + credential_type: "Machine" expected_test_result: - name: gitlab organization: Default diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 9d59e1d85..31d52fdbc 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -48,7 +48,7 @@ - name: Wait for Controller to come up ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/ping" + url: "https://{{ controller_hostname }}/api/v2/ping/" status_code: 200 validate_certs: "{{ controller_validate_certs }}" register: result diff --git a/tests/tasks/differential.yml b/tests/tasks/differential.yml index 5fd698c7c..b48b9f0d4 100644 --- a/tests/tasks/differential.yml +++ b/tests/tasks/differential.yml @@ -5,7 +5,7 @@ - name: "Find the difference between what is on the Controller versus curated list of {{ differential_item.name }}" ansible.builtin.set_fact: - set_absent_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) }}" + set_absent_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) | flatten }}" - name: Display set_absent_diff ansible.builtin.debug: @@ -18,7 +18,7 @@ - name: "Assert that the expected results match for {{ differential_item.name }}" ansible.builtin.assert: that: - - set_absent_diff == differential_item.expected_test_result + - set_absent_diff == differential_item.expected_test_result - name: Run differential applications ansible.builtin.include_role: From 43ce54f0b58b7969b7780c6ccad47c5b41a1f0ac Mon Sep 17 00:00:00 2001 From: Tompage1994 Date: Thu, 3 Aug 2023 15:10:37 +0000 Subject: [PATCH 080/129] Update changelog refs/tags/2.5.0 --- CHANGELOG.rst | 15 +++++++++++++++ changelogs/.plugin-cache.yaml | 2 +- changelogs/changelog.yaml | 15 +++++++++++++++ changelogs/fragments/object_diff.yml | 5 ----- changelogs/fragments/roles.yml | 4 ---- changelogs/fragments/source_build.yml | 4 ---- galaxy.yml | 6 +++--- 7 files changed, 34 insertions(+), 17 deletions(-) delete mode 100644 changelogs/fragments/object_diff.yml delete mode 100644 changelogs/fragments/roles.yml delete mode 100644 changelogs/fragments/source_build.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 059cc8aa5..c5e4d6658 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,21 @@ infra.controller_configuration Release Notes .. contents:: Topics +v2.5.0 +====== + +Minor Changes +------------- + +- Added roles option to roles role to allow setting multiple roles in one item rather than repeating entire sections of code +- ansible.cfg removed from root and galaxy.yml added to enable install from source + +Bugfixes +-------- + +- Added more attributes to be expanded and used by the comparison +- Fixed lintering issues + v2.4.1 ====== diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index 96a0cde01..753e86d4d 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -176,4 +176,4 @@ plugins: strategy: {} test: {} vars: {} -version: 2.4.1 +version: 2.5.0 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index b32913698..01d0b6710 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -519,3 +519,18 @@ releases: - remove_username_dependency_objectdiff.yml - roles_bugfix.yml release_date: '2023-07-26' + 2.5.0: + changes: + bugfixes: + - Added more attributes to be expanded and used by the comparison + - Fixed lintering issues + minor_changes: + - Added roles option to roles role to allow setting multiple roles in one item + rather than repeating entire sections of code + - ansible.cfg removed from root and galaxy.yml added to enable install from + source + fragments: + - object_diff.yml + - roles.yml + - source_build.yml + release_date: '2023-08-03' diff --git a/changelogs/fragments/object_diff.yml b/changelogs/fragments/object_diff.yml deleted file mode 100644 index 6a9ca2996..000000000 --- a/changelogs/fragments/object_diff.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -bugfixes: - - Added more attributes to be expanded and used by the comparison - - Fixed lintering issues -... diff --git a/changelogs/fragments/roles.yml b/changelogs/fragments/roles.yml deleted file mode 100644 index 859500b7d..000000000 --- a/changelogs/fragments/roles.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - Added roles option to roles role to allow setting multiple roles in one item rather than repeating entire sections of code -... diff --git a/changelogs/fragments/source_build.yml b/changelogs/fragments/source_build.yml deleted file mode 100644 index 1a65407d8..000000000 --- a/changelogs/fragments/source_build.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - ansible.cfg removed from root and galaxy.yml added to enable install from source -... diff --git a/galaxy.yml b/galaxy.yml index 0ffe0d091..a796f8dc0 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: infra name: controller_configuration -version: 2.4.1-devel +version: 2.5.0-devel description: A collection of roles to manage Ansible Controller readme: README.md authors: @@ -11,8 +11,8 @@ authors: - Tom Page @Tompage1994 - Sean Sullivan @sean-m-sullivan - David Danielsson @djdanielsson -repository: https://github.com/redhat-cop/controller_configuration.git -issues: https://github.com/redhat-cop/controller_configuration.git/issues +repository: https://github.com/redhat-cop/controller_configuration/ +issues: https://github.com/redhat-cop/controller_configuration//issues build_ignore: - galaxy.yml.j2 - release.yml From 6ed45e503698dab2020dd1534eea2fc09fb6ae37 Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 14:34:58 +0100 Subject: [PATCH 081/129] Update awx versions --- .github/workflows/ci_standalone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 7ea36949d..425b8962a 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,8 +19,8 @@ jobs: matrix: awx_version: - devel - - 22.4.0 - - 22.3.0 + - 22.6.0 + - 22.5.0 - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" From 8b97ad07815a921bc8a33871e05b609c97966107 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Wed, 9 Aug 2023 18:40:08 +0100 Subject: [PATCH 082/129] Use version for PR in the action (#668) --- .github/workflows/ci_standalone.yml | 1 + .github/workflows/ci_standalone_versioned.yml | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 425b8962a..38a0ffda6 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -26,3 +26,4 @@ jobs: uses: "./.github/workflows/ci_standalone_versioned.yml" with: awx_version: ${{ matrix.awx_version }} + gh_ref: ${{ github.event.pull_request.head.sha || github.sha }} diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 8dbc3ecb0..f79520644 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -8,6 +8,11 @@ on: description: The version to pull of awx required: true type: string + gh_ref: + description: The ref in the repository to pull + required: false + default: devel + type: string env: # Run docker-compose up in the background COMPOSE_UP_OPTS: -d @@ -17,6 +22,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + with: + ref: ${{ gh_ref }} - name: Checkout AWX uses: actions/checkout@v2 From 89325f8295604f41d8c66325f8a17e249778cf45 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Tue, 15 Aug 2023 16:31:31 +0100 Subject: [PATCH 083/129] Fix missing value (#674) --- .github/workflows/ci_standalone_versioned.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index f79520644..30551587a 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v2 with: - ref: ${{ gh_ref }} + ref: ${{ inputs.gh_ref }} - name: Checkout AWX uses: actions/checkout@v2 From b513a4376471ac6a6c771a1801d167af93f70291 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 15 Aug 2023 12:39:40 -0400 Subject: [PATCH 084/129] Org environment fix (#672) * test sanity change * update * fix bugs in org and licence roles --- changelogs/fragments/licence_org.yml | 7 +++++++ roles/ad_hoc_command/README.md | 2 -- roles/ad_hoc_command_cancel/README.md | 2 -- roles/applications/README.md | 2 -- roles/bulk_host_create/README.md | 2 -- roles/bulk_job_launch/README.md | 2 -- roles/credential_input_sources/README.md | 2 -- roles/credential_types/README.md | 2 -- roles/credentials/README.md | 2 -- roles/execution_environments/README.md | 2 -- roles/groups/README.md | 2 -- roles/hosts/README.md | 2 -- roles/instance_groups/README.md | 2 -- roles/instances/README.md | 2 -- roles/inventories/README.md | 2 -- roles/inventory_source_update/README.md | 2 -- roles/inventory_sources/README.md | 2 -- roles/job_launch/README.md | 2 -- roles/job_templates/README.md | 2 -- roles/jobs_cancel/README.md | 2 -- roles/labels/README.md | 2 -- roles/license/README.md | 20 ++++++++++---------- roles/license/meta/argument_specs.yml | 22 +++++++++++++++++++--- roles/license/tasks/subscription.yml | 4 +++- roles/notification_templates/README.md | 2 -- roles/organizations/README.md | 2 -- roles/organizations/tasks/main.yml | 2 +- roles/project_update/README.md | 2 -- roles/projects/README.md | 2 -- roles/roles/README.md | 2 -- roles/schedules/README.md | 2 -- roles/settings/README.md | 2 -- roles/teams/README.md | 2 -- roles/users/README.md | 2 -- roles/workflow_job_templates/README.md | 2 -- roles/workflow_launch/README.md | 2 -- 36 files changed, 40 insertions(+), 77 deletions(-) create mode 100644 changelogs/fragments/licence_org.yml diff --git a/changelogs/fragments/licence_org.yml b/changelogs/fragments/licence_org.yml new file mode 100644 index 000000000..b1d3e2f6d --- /dev/null +++ b/changelogs/fragments/licence_org.yml @@ -0,0 +1,7 @@ +--- +bugfixes: + - Fixed issue with organization role not acceppting default environments option correctly. + - Fixed issue with licence role not operating properly, when a controller never had credentials provided for subscription lookup. See Role Readme for proper usuage. +minor_changes: + - licence role now uses a boolean of controller_license.use_looup to determine whether to lookup subscriptions. A lookup is only needed to refresh the available pools, or if it has never been done. See Role Readme for details. +... diff --git a/roles/ad_hoc_command/README.md b/roles/ad_hoc_command/README.md index 6b703cf87..6ff703ae4 100644 --- a/roles/ad_hoc_command/README.md +++ b/roles/ad_hoc_command/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/ad_hoc_command_cancel/README.md b/roles/ad_hoc_command_cancel/README.md index c6e706543..c9aeea5f7 100644 --- a/roles/ad_hoc_command_cancel/README.md +++ b/roles/ad_hoc_command_cancel/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/applications/README.md b/roles/applications/README.md index f36cbcff1..30de31159 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/bulk_host_create/README.md b/roles/bulk_host_create/README.md index bf9e7a19d..6a92b00fb 100644 --- a/roles/bulk_host_create/README.md +++ b/roles/bulk_host_create/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| diff --git a/roles/bulk_job_launch/README.md b/roles/bulk_job_launch/README.md index ca8656348..034ca0dc9 100644 --- a/roles/bulk_job_launch/README.md +++ b/roles/bulk_job_launch/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/credential_input_sources/README.md b/roles/credential_input_sources/README.md index b321cadf2..3e822d4c7 100644 --- a/roles/credential_input_sources/README.md +++ b/roles/credential_input_sources/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index a16e9be74..95b59a1f8 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/credentials/README.md b/roles/credentials/README.md index 0c8dd2e73..bc6a44a8c 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index 2481cbab3..a3860e73e 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/groups/README.md b/roles/groups/README.md index 1ae23adab..f2eb212d1 100644 --- a/roles/groups/README.md +++ b/roles/groups/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/hosts/README.md b/roles/hosts/README.md index fc301455d..02ba0bc5a 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/instance_groups/README.md b/roles/instance_groups/README.md index b7bdb48ef..5823d3334 100644 --- a/roles/instance_groups/README.md +++ b/roles/instance_groups/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/instances/README.md b/roles/instances/README.md index 10c9a4252..7258ab7fe 100644 --- a/roles/instances/README.md +++ b/roles/instances/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/inventories/README.md b/roles/inventories/README.md index 48eeab8ee..2790e8e1c 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/inventory_source_update/README.md b/roles/inventory_source_update/README.md index 82812519d..d484d898d 100644 --- a/roles/inventory_source_update/README.md +++ b/roles/inventory_source_update/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 663b9f358..703f62b12 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/job_launch/README.md b/roles/job_launch/README.md index 1466bcc93..c5650bab0 100644 --- a/roles/job_launch/README.md +++ b/roles/job_launch/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/job_templates/README.md b/roles/job_templates/README.md index ea158bc91..9287e681a 100644 --- a/roles/job_templates/README.md +++ b/roles/job_templates/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/jobs_cancel/README.md b/roles/jobs_cancel/README.md index 9c9c41e47..c46cc008a 100644 --- a/roles/jobs_cancel/README.md +++ b/roles/jobs_cancel/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/labels/README.md b/roles/labels/README.md index 29d7201fd..e49776e7f 100644 --- a/roles/labels/README.md +++ b/roles/labels/README.md @@ -12,8 +12,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/license/README.md b/roles/license/README.md index c7f16078b..b7c76d3a2 100644 --- a/roles/license/README.md +++ b/roles/license/README.md @@ -4,6 +4,8 @@ An Ansible Role to deploy a license on Ansible Controller. +This will either accept a manifest file, or use redhat subscription account credentials to lookup available subscriptions and use them. + ## Requirements ansible-galaxy collection install -r tests/collections/requirements.yml to be installed @@ -14,8 +16,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| @@ -25,6 +25,8 @@ Currently: |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| |`controller_license`|`see below`|yes|Data structure describing your license for controller, described below.|| +|`redhat_subscription_username`|""|no|Red Hat or Red Hat Satellite username to get available subscriptions. Used only for Subscription lookup implementation.| +|`redhat_subscription_password`|""|no|Red Hat or Red Hat Satellite password to get available subscriptions. Used only for Subscription lookup implementation.| ### Secure Logging Variables @@ -59,23 +61,18 @@ The module and this role can use either a manifest file, or lookup the subscript |`force`|`False`|no|bool|By default, the license manifest will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| |`state`|`present`|no|str|Desired state of the resource.| -For further details on fields see - ### License Variables for using Red Hat Subscription |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| -|`redhat_subscription_username`|""|no|str|Red Hat or Red Hat Satellite username to get available subscriptions.| -|`redhat_subscription_password`|""|no|str|Red Hat or Red Hat Satellite password to get available subscriptions.| |`filters`|"default values"|no|str|dict of filters to use to narrow the subscription. See example below for how to use this.| |`support_level`|"Self-Support"|no|str|DEPRECATED - changed to `manifest_file` (still works as an alias)| |`list_num`|0|no|int|List index of the subscription to use, if you want to overide the default, it is recomended to use the filters to limit the pools found.| -|`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to, setting this will skip the lookup.| +|`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to.| |`force`|`False`|no|bool|By default, the license will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| +|`use_lookup`|`False`|no|bool|Whether or not to lookup subscriptions.| |`state`|`present`|no|str|Desired state of the resource.| -For further details on fields see - ### Standard Project Data Structure #### Json Example @@ -137,7 +134,10 @@ controller_license: controller_password: changeme redhat_subscription_username: changeme redhat_subscription_password: changeme - + controller_license: + filters: + product_name: "Red Hat Ansible Automation Platform" + support_level: "Self-Support" roles: - {role: infra.controller_configuration.license} ``` diff --git a/roles/license/meta/argument_specs.yml b/roles/license/meta/argument_specs.yml index f0851624b..3040dd82f 100644 --- a/roles/license/meta/argument_specs.yml +++ b/roles/license/meta/argument_specs.yml @@ -4,10 +4,9 @@ argument_specs: short_description: An Ansible Role to deploy a license on Ansible Controller. options: - controller_labels: + controller_license: description: Data structure describing your license for Controller - type: list - elements: dict + type: dict # options: # manifest_file: # required: false @@ -46,6 +45,23 @@ argument_specs: # required: false # type: bool # description: By default, the license manifest will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied. + # use_lookup: + # default: false + # required: false + # type: bool + # description: Whether or not to lookup subscriptions. + + # Variables used for Liscense lookup + redhat_subscription_username: + default: None + required: false + type: str + description: Red Hat or Red Hat Satellite username to get available subscriptions. + redhat_subscription_password: + default: None + required: false + type: str + description: Red Hat or Red Hat Satellite password to get available subscriptions. # No_log variables controller_configuration_labels_secure_logging: diff --git a/roles/license/tasks/subscription.yml b/roles/license/tasks/subscription.yml index 92350cf84..64bb26b21 100644 --- a/roles/license/tasks/subscription.yml +++ b/roles/license/tasks/subscription.yml @@ -14,7 +14,9 @@ controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" register: subscription - when: controller_license.pool_id is not defined + when: + - "'use_lookup' in controller_license" + - controller_license.use_lookup - name: Install the Controller license license: diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index 2f68854cd..db57ff8ae 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/organizations/README.md b/roles/organizations/README.md index 208051bb9..0992d9edd 100644 --- a/roles/organizations/README.md +++ b/roles/organizations/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 5e645db1d..5a43bc906 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -6,7 +6,7 @@ custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" max_hosts: "{{ __controller_organizations_item.max_hosts | default(omit, true) }}" instance_groups: "{{ __controller_organizations_item.instance_groups | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.execution_environment | default(omit))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" + default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.default_environment | default(__controller_organizations_item.execution_environment | default(omit)))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" diff --git a/roles/project_update/README.md b/roles/project_update/README.md index 5cd84b7a0..cc3dca597 100644 --- a/roles/project_update/README.md +++ b/roles/project_update/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/projects/README.md b/roles/projects/README.md index 18bbdb57b..1c1aec1f9 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|str|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/roles/README.md b/roles/roles/README.md index 80fe6d1a0..fcf5b284c 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/schedules/README.md b/roles/schedules/README.md index 887ecd065..6ab6d468e 100644 --- a/roles/schedules/README.md +++ b/roles/schedules/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/settings/README.md b/roles/settings/README.md index d8e46d806..7ec268ec1 100644 --- a/roles/settings/README.md +++ b/roles/settings/README.md @@ -12,8 +12,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/teams/README.md b/roles/teams/README.md index f553cd46a..89795439c 100644 --- a/roles/teams/README.md +++ b/roles/teams/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/users/README.md b/roles/users/README.md index 55bc283b1..965a2a5fd 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 9c5e450a0..8c95a0e3b 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| diff --git a/roles/workflow_launch/README.md b/roles/workflow_launch/README.md index ca85e5ebe..480c166bd 100644 --- a/roles/workflow_launch/README.md +++ b/roles/workflow_launch/README.md @@ -14,8 +14,6 @@ Currently: ## Variables -### Authentication - |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| From 23e609ca729ac07ef3de73a857cf90bd7c5b0ec3 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Wed, 16 Aug 2023 14:12:39 +0100 Subject: [PATCH 085/129] Fix broken CI because of request_timeout added to awx (#675) --- changelogs/fragments/add_request_timeout.yml | 4 ++++ plugins/modules/controller_export_diff.py | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/add_request_timeout.yml diff --git a/changelogs/fragments/add_request_timeout.yml b/changelogs/fragments/add_request_timeout.yml new file mode 100644 index 000000000..18b5851e3 --- /dev/null +++ b/changelogs/fragments/add_request_timeout.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - Adds request_timeout to controller_export_diff module +... diff --git a/plugins/modules/controller_export_diff.py b/plugins/modules/controller_export_diff.py index 958cd518b..4b60ff0f1 100644 --- a/plugins/modules/controller_export_diff.py +++ b/plugins/modules/controller_export_diff.py @@ -138,7 +138,6 @@ - A dictionary structure as returned by the token module. - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files type: raw - version_added: "3.7.0" aliases: [ tower_oauthtoken ] validate_certs: description: @@ -148,6 +147,12 @@ - If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then config files type: bool aliases: [ tower_verify_ssl ] + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the controller host. + - Defaults to 10s, but this is handled by the shared module_utils code + type: float + version_added: "2.6.0" controller_config_file: description: - Path to the controller config file. From c4ca2ddbc0bcf5f6252dba5eb5d13151b310f583 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 16 Aug 2023 23:50:12 -0400 Subject: [PATCH 086/129] add request timeout (#676) --- changelogs/fragments/add_request_timeout.yml | 2 +- roles/ad_hoc_command/README.md | 1 + roles/ad_hoc_command/tasks/main.yml | 1 + roles/ad_hoc_command_cancel/README.md | 1 + roles/ad_hoc_command_cancel/tasks/main.yml | 1 + roles/applications/README.md | 1 + roles/applications/tasks/main.yml | 1 + roles/bulk_host_create/README.md | 1 + roles/bulk_host_create/tasks/main.yml | 1 + roles/bulk_job_launch/README.md | 1 + roles/bulk_job_launch/tasks/main.yml | 1 + roles/credential_input_sources/README.md | 1 + roles/credential_input_sources/tasks/main.yml | 1 + roles/credential_types/README.md | 1 + roles/credential_types/tasks/main.yml | 1 + roles/credentials/README.md | 1 + roles/dispatch/README.md | 3 +++ roles/dispatch/defaults/main.yml | 2 ++ roles/execution_environments/README.md | 1 + roles/execution_environments/tasks/main.yml | 1 + roles/groups/README.md | 1 + roles/groups/tasks/main.yml | 1 + roles/hosts/README.md | 1 + roles/hosts/tasks/main.yml | 1 + roles/instance_groups/README.md | 1 + roles/instance_groups/tasks/main.yml | 1 + roles/instances/README.md | 1 + roles/instances/tasks/main.yml | 1 + roles/inventories/README.md | 1 + roles/inventories/tasks/main.yml | 1 + roles/inventory_source_update/README.md | 1 + roles/inventory_source_update/tasks/main.yml | 1 + roles/inventory_sources/README.md | 1 + roles/inventory_sources/tasks/main.yml | 1 + roles/job_launch/README.md | 1 + roles/job_launch/tasks/main.yml | 1 + roles/job_templates/README.md | 1 + roles/job_templates/tasks/main.yml | 1 + roles/jobs_cancel/README.md | 1 + roles/jobs_cancel/tasks/main.yml | 1 + roles/labels/README.md | 1 + roles/labels/tasks/main.yml | 1 + roles/license/README.md | 1 + roles/license/tasks/manifest.yml | 1 + roles/license/tasks/subscription.yml | 2 ++ roles/notification_templates/README.md | 1 + roles/notification_templates/tasks/main.yml | 1 + roles/organizations/README.md | 1 + roles/organizations/tasks/main.yml | 1 + roles/project_update/README.md | 1 + roles/project_update/tasks/main.yml | 1 + roles/projects/README.md | 1 + roles/projects/tasks/main.yml | 1 + roles/roles/README.md | 1 + roles/roles/tasks/main.yml | 1 + roles/schedules/README.md | 1 + roles/schedules/tasks/main.yml | 1 + roles/settings/README.md | 1 + roles/settings/tasks/main.yml | 1 + roles/teams/README.md | 1 + roles/teams/tasks/main.yml | 1 + roles/users/README.md | 1 + roles/users/tasks/main.yml | 1 + roles/workflow_job_templates/README.md | 1 + roles/workflow_job_templates/tasks/add_workflows_schema.yml | 2 ++ roles/workflow_job_templates/tasks/main.yml | 1 + roles/workflow_launch/README.md | 1 + roles/workflow_launch/tasks/main.yml | 1 + 68 files changed, 73 insertions(+), 1 deletion(-) diff --git a/changelogs/fragments/add_request_timeout.yml b/changelogs/fragments/add_request_timeout.yml index 18b5851e3..d0fa4ff70 100644 --- a/changelogs/fragments/add_request_timeout.yml +++ b/changelogs/fragments/add_request_timeout.yml @@ -1,4 +1,4 @@ --- minor_changes: - - Adds request_timeout to controller_export_diff module + - Adds request_timeout to controller_export_diff module, and roles ... diff --git a/roles/ad_hoc_command/README.md b/roles/ad_hoc_command/README.md index 6ff703ae4..70f1a3410 100644 --- a/roles/ad_hoc_command/README.md +++ b/roles/ad_hoc_command/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_ad_hoc_commands`|`see below`|yes|Data structure describing your ad hoc commands to run Described below.|| ### Secure Logging Variables diff --git a/roles/ad_hoc_command/tasks/main.yml b/roles/ad_hoc_command/tasks/main.yml index a469406f3..e8901266b 100644 --- a/roles/ad_hoc_command/tasks/main.yml +++ b/roles/ad_hoc_command/tasks/main.yml @@ -22,6 +22,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/ad_hoc_command_cancel/README.md b/roles/ad_hoc_command_cancel/README.md index c9aeea5f7..7b1ffb7a4 100644 --- a/roles/ad_hoc_command_cancel/README.md +++ b/roles/ad_hoc_command_cancel/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_ad_hoc_commands_cancel`|`see below`|yes|Data structure describing your ad hoc jobs to cancel Described below.|| ### Secure Logging Variables diff --git a/roles/ad_hoc_command_cancel/tasks/main.yml b/roles/ad_hoc_command_cancel/tasks/main.yml index 638332af2..18e4f0c1f 100644 --- a/roles/ad_hoc_command_cancel/tasks/main.yml +++ b/roles/ad_hoc_command_cancel/tasks/main.yml @@ -11,6 +11,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/applications/README.md b/roles/applications/README.md index 30de31159..a37f682f6 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_applications`|`see below`|yes|Data structure describing your applications, described below. Alias: applications || ### Enforcing defaults diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index cc56dfad2..43394d54f 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -16,6 +16,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/bulk_host_create/README.md b/roles/bulk_host_create/README.md index 6a92b00fb..6882a8b17 100644 --- a/roles/bulk_host_create/README.md +++ b/roles/bulk_host_create/README.md @@ -21,6 +21,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_configuration_bulk_hosts_secure_logging`|`see below`|yes|Data structure describing your organization or organizations Described below.|| ### Secure Logging Variables diff --git a/roles/bulk_host_create/tasks/main.yml b/roles/bulk_host_create/tasks/main.yml index 53b164282..bc85adb99 100644 --- a/roles/bulk_host_create/tasks/main.yml +++ b/roles/bulk_host_create/tasks/main.yml @@ -9,6 +9,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/bulk_job_launch/README.md b/roles/bulk_job_launch/README.md index 034ca0dc9..79df2d895 100644 --- a/roles/bulk_job_launch/README.md +++ b/roles/bulk_job_launch/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_bulk_launch_jobs`|`see below`|yes|Data structure describing your organization or organizations Described below.|| ### Secure Logging Variables diff --git a/roles/bulk_job_launch/tasks/main.yml b/roles/bulk_job_launch/tasks/main.yml index fa9a07ec2..a3446b567 100644 --- a/roles/bulk_job_launch/tasks/main.yml +++ b/roles/bulk_job_launch/tasks/main.yml @@ -19,6 +19,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/credential_input_sources/README.md b/roles/credential_input_sources/README.md index 3e822d4c7..d74ad2bbd 100644 --- a/roles/credential_input_sources/README.md +++ b/roles/credential_input_sources/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credential_input_sources`|`see below`|yes|Data structure describing your credential input sources Described below.|| ### Enforcing defaults diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index c0d93c211..c5e6139ad 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -12,6 +12,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index 95b59a1f8..8cb81cac8 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credential_types`|`see below`|yes|Data structure describing your credential types Described below. Alias: credential_types || ### Enforcing defaults diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 53535c4d1..21f085af4 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -13,6 +13,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/credentials/README.md b/roles/credentials/README.md index bc6a44a8c..dfc307380 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credentials`|`see below`|yes|Data structure describing your credentials Described below. Alias: credentials || ### Enforcing defaults diff --git a/roles/dispatch/README.md b/roles/dispatch/README.md index 699755812..319f6db16 100644 --- a/roles/dispatch/README.md +++ b/roles/dispatch/README.md @@ -41,6 +41,8 @@ controller_configuration_dispatcher_roles: - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} - {role: schedules, var: controller_schedules, tags: schedules} - {role: roles, var: controller_roles, tags: roles} + - {role: job_launch, var: controller_launch_jobs, tags: job_launch} + - {role: workflow_launch, var: controller_workflow_launch_jobs, tags: workflow_launch} ``` Note that each item has three elements: @@ -61,6 +63,7 @@ It is possible to redefine this variable with a subset of roles or with differen |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| ### Secure Logging Variables diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index ead68ddaf..e0b54b0e0 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -24,4 +24,6 @@ controller_configuration_dispatcher_roles: - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} - {role: schedules, var: controller_schedules, tags: schedules} - {role: roles, var: controller_roles, tags: roles} + - {role: job_launch, var: controller_launch_jobs, tags: job_launch} + - {role: workflow_launch, var: controller_workflow_launch_jobs, tags: workflow_launch} ... diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index a3860e73e..d37728813 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_execution_environments`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: execution_environments || ### Enforcing defaults diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index fcb0f577d..0012b2861 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -15,6 +15,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/groups/README.md b/roles/groups/README.md index f2eb212d1..de6e6c810 100644 --- a/roles/groups/README.md +++ b/roles/groups/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_groups`|`see below`|yes|Data structure describing your group or groups Described below.|| ### Enforcing defaults diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index 8ad0bdb8f..dd7fb126f 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -18,6 +18,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/hosts/README.md b/roles/hosts/README.md index 02ba0bc5a..1cf4357df 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_hosts`|`see below`|yes|Data structure describing your host entries described below.|| ### Enforcing defaults diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index 2d49d15e0..7fbca6f07 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -14,6 +14,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ controller_hosts }}" diff --git a/roles/instance_groups/README.md b/roles/instance_groups/README.md index 5823d3334..9500e7406 100644 --- a/roles/instance_groups/README.md +++ b/roles/instance_groups/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_instance_groups`|`see below`|yes|Data structure describing your instance groups Described below.|| ### Enforcing defaults diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index 2d2ec7e8c..cfeee70fe 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -19,6 +19,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/instances/README.md b/roles/instances/README.md index 7258ab7fe..4901b16da 100644 --- a/roles/instances/README.md +++ b/roles/instances/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_instances`|`see below`|yes|Data structure describing your instances Described below.|| ### Enforcing defaults diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 108ea7d16..033cd4909 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -14,6 +14,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/inventories/README.md b/roles/inventories/README.md index 2790e8e1c..13dbaa0fe 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventories`|`see below`|yes|Data structure describing your inventories described below. Alias: inventory || ### Enforcing defaults diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index d2553622f..403678e20 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -19,6 +19,7 @@ controller_host: "{{ controller_hostname | default(omit, true) }}" controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ inventory if inventory is defined else controller_inventories }}" diff --git a/roles/inventory_source_update/README.md b/roles/inventory_source_update/README.md index d484d898d..fb8bb735f 100644 --- a/roles/inventory_source_update/README.md +++ b/roles/inventory_source_update/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventory_sources`|`see below`|yes|Data structure describing controller inventory sources to update Described below. Alias: inventory_sources || ### Secure Logging Variables diff --git a/roles/inventory_source_update/tasks/main.yml b/roles/inventory_source_update/tasks/main.yml index 13cc4ec36..a2c824b56 100644 --- a/roles/inventory_source_update/tasks/main.yml +++ b/roles/inventory_source_update/tasks/main.yml @@ -13,6 +13,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 703f62b12..630e2ead8 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventory_sources`|`see below`|yes|Data structure describing your inventory sources Described below. Alias: inventory_sources || ### Enforcing defaults diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index b20943a85..d94ee19e1 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -35,6 +35,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: diff --git a/roles/job_launch/README.md b/roles/job_launch/README.md index c5650bab0..559646ea9 100644 --- a/roles/job_launch/README.md +++ b/roles/job_launch/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_launch_jobs`|`see below`|yes|Data structure describing the jobs to launch Described below.|| ### Secure Logging Variables diff --git a/roles/job_launch/tasks/main.yml b/roles/job_launch/tasks/main.yml index 639ce39c1..0d5df39d4 100644 --- a/roles/job_launch/tasks/main.yml +++ b/roles/job_launch/tasks/main.yml @@ -29,6 +29,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/job_templates/README.md b/roles/job_templates/README.md index 9287e681a..e839d0dd8 100644 --- a/roles/job_templates/README.md +++ b/roles/job_templates/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_templates`|`see below`|yes|Data structure describing your job template or job templates Described below. Alias: job_templates || ### Enforcing defaults diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index 5bf291a72..0a156daf5 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -62,6 +62,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/jobs_cancel/README.md b/roles/jobs_cancel/README.md index c46cc008a..282839dab 100644 --- a/roles/jobs_cancel/README.md +++ b/roles/jobs_cancel/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_cancel_jobs`|`see below`|yes|Data structure describing jobs to cancel Described below.|| ### Secure Logging Variables diff --git a/roles/jobs_cancel/tasks/main.yml b/roles/jobs_cancel/tasks/main.yml index c40e0ca13..e41abb5a7 100644 --- a/roles/jobs_cancel/tasks/main.yml +++ b/roles/jobs_cancel/tasks/main.yml @@ -9,6 +9,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/labels/README.md b/roles/labels/README.md index e49776e7f..dd5dba001 100644 --- a/roles/labels/README.md +++ b/roles/labels/README.md @@ -20,6 +20,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_labels`|`see below`|yes|Data structure describing your label or labels Described below.|| ### Secure Logging Variables diff --git a/roles/labels/tasks/main.yml b/roles/labels/tasks/main.yml index 49c7e595e..1caab28f2 100644 --- a/roles/labels/tasks/main.yml +++ b/roles/labels/tasks/main.yml @@ -12,6 +12,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ controller_labels }}" loop_control: diff --git a/roles/license/README.md b/roles/license/README.md index b7c76d3a2..b7e2aa147 100644 --- a/roles/license/README.md +++ b/roles/license/README.md @@ -24,6 +24,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_license`|`see below`|yes|Data structure describing your license for controller, described below.|| |`redhat_subscription_username`|""|no|Red Hat or Red Hat Satellite username to get available subscriptions. Used only for Subscription lookup implementation.| |`redhat_subscription_password`|""|no|Red Hat or Red Hat Satellite password to get available subscriptions. Used only for Subscription lookup implementation.| diff --git a/roles/license/tasks/manifest.yml b/roles/license/tasks/manifest.yml index 4942ae0e1..0f80a40d5 100644 --- a/roles/license/tasks/manifest.yml +++ b/roles/license/tasks/manifest.yml @@ -49,6 +49,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/license/tasks/subscription.yml b/roles/license/tasks/subscription.yml index 64bb26b21..f91f8301c 100644 --- a/roles/license/tasks/subscription.yml +++ b/roles/license/tasks/subscription.yml @@ -10,6 +10,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" @@ -28,6 +29,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index db57ff8ae..7e0954343 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_notifications`|`see below`|yes|Data structure describing your notification entries described below. Alias: notification_templates || ### Enforcing defaults diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index 5914f9987..e52d1e54b 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -16,6 +16,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ notification_templates if notification_templates is defined else controller_notifications }}" diff --git a/roles/organizations/README.md b/roles/organizations/README.md index 0992d9edd..f9a7603e2 100644 --- a/roles/organizations/README.md +++ b/roles/organizations/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_organizations`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: organizations || ### Enforcing defaults diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 5a43bc906..c474531a6 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -18,6 +18,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/project_update/README.md b/roles/project_update/README.md index cc3dca597..5812648f5 100644 --- a/roles/project_update/README.md +++ b/roles/project_update/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_projects`|`see below`|yes|Data structure describing the project to update Described below. Alias: projects || ### Secure Logging Variables diff --git a/roles/project_update/tasks/main.yml b/roles/project_update/tasks/main.yml index 01824d862..ad1ccf02a 100644 --- a/roles/project_update/tasks/main.yml +++ b/roles/project_update/tasks/main.yml @@ -12,6 +12,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/projects/README.md b/roles/projects/README.md index 1c1aec1f9..45b2059de 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|str|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|str|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|str|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_projects`|`see below`|yes|str|Data structure describing your project or projects Described below. Alias: projects || ### Enforcing defaults diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 41877977a..6ed6879bd 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -34,6 +34,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/roles/README.md b/roles/roles/README.md index fcf5b284c..296f2abff 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_roles`|`see below`|yes|Data structure describing your RBAC entries described below.|| ### Enforcing defaults diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 4a2aa3cbe..278b814a4 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -28,6 +28,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/schedules/README.md b/roles/schedules/README.md index 6ab6d468e..2bebff6b6 100644 --- a/roles/schedules/README.md +++ b/roles/schedules/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_schedules`|`see below`|yes|Data structure describing your schedule or schedules Described below. Alias: schedules || ### Enforcing defaults diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index bbb6e294e..72a534285 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -30,6 +30,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/settings/README.md b/roles/settings/README.md index 7ec268ec1..52d4752a0 100644 --- a/roles/settings/README.md +++ b/roles/settings/README.md @@ -20,6 +20,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_settings`|`see below`|yes|Data structure describing your settings described below.|| ### Secure Logging Variables diff --git a/roles/settings/tasks/main.yml b/roles/settings/tasks/main.yml index 8192a1687..2ce4582a2 100644 --- a/roles/settings/tasks/main.yml +++ b/roles/settings/tasks/main.yml @@ -12,6 +12,7 @@ controller_password: "{{ controller_password | default(omit, true) }}" controller_username: "{{ controller_username | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" # controller_settings must be either a dictionary/mapping or a list of dictionaries loop: "{{ controller_settings is mapping | ternary([controller_settings], controller_settings) }}" diff --git a/roles/teams/README.md b/roles/teams/README.md index 89795439c..2b891d700 100644 --- a/roles/teams/README.md +++ b/roles/teams/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_teams`|`see below`|yes|Data structure describing your Teams described below. Alias: teams || ### Enforcing defaults diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index eae46364e..f128471bb 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -13,6 +13,7 @@ controller_password: "{{ controller_password | default(omit, true) }}" controller_username: "{{ controller_username | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ teams if teams is defined else controller_teams }}" loop_control: diff --git a/roles/users/README.md b/roles/users/README.md index 965a2a5fd..bc149fd7f 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_user_accounts`|`see below`|yes|Data structure describing your user entries described below. Alias: users || |`controller_user_default_password`|""|no|Global variable to set the password for all users.|| diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index f7565a11d..9856407fa 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -21,6 +21,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" loop: "{{ users if users is defined else controller_user_accounts }}" diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 8c95a0e3b..52692219b 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_workflows`|`see below`|yes|Data structure describing your workflow job templates described below. Alias: workflow_job_templates || ### Enforcing defaults diff --git a/roles/workflow_job_templates/tasks/add_workflows_schema.yml b/roles/workflow_job_templates/tasks/add_workflows_schema.yml index b1712e98d..5f83a9159 100644 --- a/roles/workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/workflow_job_templates/tasks/add_workflows_schema.yml @@ -32,6 +32,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" @@ -73,6 +74,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index 6e2b9e4dd..266eaaab7 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -38,6 +38,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" diff --git a/roles/workflow_launch/README.md b/roles/workflow_launch/README.md index 480c166bd..53478aef4 100644 --- a/roles/workflow_launch/README.md +++ b/roles/workflow_launch/README.md @@ -22,6 +22,7 @@ Currently: |`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||| +|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_workflow_launch_jobs`|`see below`|yes|Data structure describing workflow or workflows to launch Described below.|| ### Secure Logging Variables diff --git a/roles/workflow_launch/tasks/main.yml b/roles/workflow_launch/tasks/main.yml index 8fe9930a7..29e013928 100644 --- a/roles/workflow_launch/tasks/main.yml +++ b/roles/workflow_launch/tasks/main.yml @@ -16,6 +16,7 @@ controller_username: "{{ controller_username | default(omit, true) }}" controller_password: "{{ controller_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" + request_timeout: "{{ controller_request_timeout | default(omit, true) }}" controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" From e4beeb75728c389ee0b69a1a1b220cd494fa491f Mon Sep 17 00:00:00 2001 From: Tom Page Date: Thu, 17 Aug 2023 14:24:04 +0100 Subject: [PATCH 087/129] Add to description of request_timeout option that awx.awx>=22.7.0 is required (#677) --- plugins/modules/controller_export_diff.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/modules/controller_export_diff.py b/plugins/modules/controller_export_diff.py index 4b60ff0f1..4150267ef 100644 --- a/plugins/modules/controller_export_diff.py +++ b/plugins/modules/controller_export_diff.py @@ -151,6 +151,7 @@ description: - Specify the timeout Ansible should use in requests to the controller host. - Defaults to 10s, but this is handled by the shared module_utils code + - This option requires awx.awx>=22.7.0 or equivalent ansible.controller collection type: float version_added: "2.6.0" controller_config_file: From 96639bb5e6608c5d86485cf431b87c6a4e3d61d5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 22 Aug 2023 01:40:37 -0400 Subject: [PATCH 088/129] Update pre-commit (#679) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 83394b784..6785cfe01 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.17.2 + rev: v6.18.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 750cae113bf7888a57af9ee9edffe51ddc77a54c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 23 Aug 2023 13:04:45 -0400 Subject: [PATCH 089/129] Update pre-commit (#681) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6785cfe01..e47930100 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.8.1 + rev: v0.9.0 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 589f57d31bd592efbe99b87d8f5c3241d80922c3 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 23 Aug 2023 15:17:32 -0400 Subject: [PATCH 090/129] sanity rework (#680) --- tests/config.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 tests/config.yml diff --git a/tests/config.yml b/tests/config.yml new file mode 100644 index 000000000..a1993a256 --- /dev/null +++ b/tests/config.yml @@ -0,0 +1,6 @@ +--- +# See template for more information: +# https://github.com/ansible/ansible/blob/devel/test/lib/ansible_test/config/config.yml +modules: + python_requires: controller +... From 01ddd19a41aaeeeee31f62cad31fee75d4c15cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Fri, 25 Aug 2023 16:33:44 +0200 Subject: [PATCH 091/129] Remove the organization content for the schedules (#678) * remove the organization content for the schedules as it is not really needed. Add a reminder to check for the existance of 'ToDo:' in the generated files * use fqcn * completely remove the organization empty field --------- Co-authored-by: silvinux --- roles/filetree_create/tasks/main.yml | 4 ++++ roles/filetree_create/templates/current_schedules.j2 | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/filetree_create/tasks/main.yml b/roles/filetree_create/tasks/main.yml index 35fe4cd84..4241dcd23 100644 --- a/roles/filetree_create/tasks/main.yml +++ b/roles/filetree_create/tasks/main.yml @@ -51,4 +51,8 @@ apply: tags: "{{ input_tag | to_yaml }}" tags: "{{ valid_tags }}" + +- name: "Remind to check all the 'ToDo:' entries in the output files" + ansible.builtin.debug: + msg: "Please, check the existance of 'ToDo: ' entries in the files generated at '{{ output_path }}' with the following command: grep -R 'ToDo: ' '{{ output_path }}'" ... diff --git a/roles/filetree_create/templates/current_schedules.j2 b/roles/filetree_create/templates/current_schedules.j2 index 9bffe3fde..367af3851 100644 --- a/roles/filetree_create/templates/current_schedules.j2 +++ b/roles/filetree_create/templates/current_schedules.j2 @@ -4,7 +4,6 @@ controller_schedules: {% if current_schedules_asset_value.description is defined %} description: "{{ current_schedules_asset_value.description }}" {% endif %} - organization: "ToDo: The schedule '{{ current_schedules_asset_value.name }}' must have an organization" enabled: {{ current_schedules_asset_value.enabled }} unified_job_template: "{{ current_schedules_asset_value.summary_fields.unified_job_template.name }}" {% if current_schedules_asset_value.summary_fields.inventory is defined %} From 1122211e1da236c59f83ed869490683558bdbf1d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 01:21:55 -0400 Subject: [PATCH 092/129] Update pre-commit (#682) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e47930100..688da5113 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.9.0 + rev: v0.9.1 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 3f086f64994fd340042e15ed290852b80879c8f6 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 08:35:36 -0400 Subject: [PATCH 093/129] Update pre-commit (#683) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 688da5113..0e2335877 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.9.1 + rev: v0.9.2 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 8a3a49fda72bf841eeb361c0bd9d4ec0bcddf772 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 29 Aug 2023 13:57:47 -0400 Subject: [PATCH 094/129] Update changelog refs/tags/2.5.1 (#684) Co-authored-by: sean-m-sullivan --- CHANGELOG.rst | 15 +++++++++++++++ changelogs/.plugin-cache.yaml | 2 +- changelogs/changelog.yaml | 17 +++++++++++++++++ changelogs/fragments/add_request_timeout.yml | 4 ---- changelogs/fragments/licence_org.yml | 7 ------- galaxy.yml | 2 +- 6 files changed, 34 insertions(+), 13 deletions(-) delete mode 100644 changelogs/fragments/add_request_timeout.yml delete mode 100644 changelogs/fragments/licence_org.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index c5e4d6658..313aaac15 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,21 @@ infra.controller_configuration Release Notes .. contents:: Topics +v2.5.1 +====== + +Minor Changes +------------- + +- Adds request_timeout to controller_export_diff module, and roles +- licence role now uses a boolean of controller_license.use_looup to determine whether to lookup subscriptions. A lookup is only needed to refresh the available pools, or if it has never been done. See Role Readme for details. + +Bugfixes +-------- + +- Fixed issue with licence role not operating properly, when a controller never had credentials provided for subscription lookup. See Role Readme for proper usuage. +- Fixed issue with organization role not acceppting default environments option correctly. + v2.5.0 ====== diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index 753e86d4d..e02da8dd6 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -176,4 +176,4 @@ plugins: strategy: {} test: {} vars: {} -version: 2.5.0 +version: 2.5.1 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 01d0b6710..3eb8d0be9 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -534,3 +534,20 @@ releases: - roles.yml - source_build.yml release_date: '2023-08-03' + 2.5.1: + changes: + bugfixes: + - Fixed issue with licence role not operating properly, when a controller never + had credentials provided for subscription lookup. See Role Readme for proper + usuage. + - Fixed issue with organization role not acceppting default environments option + correctly. + minor_changes: + - Adds request_timeout to controller_export_diff module, and roles + - licence role now uses a boolean of controller_license.use_looup to determine + whether to lookup subscriptions. A lookup is only needed to refresh the available + pools, or if it has never been done. See Role Readme for details. + fragments: + - add_request_timeout.yml + - licence_org.yml + release_date: '2023-08-29' diff --git a/changelogs/fragments/add_request_timeout.yml b/changelogs/fragments/add_request_timeout.yml deleted file mode 100644 index d0fa4ff70..000000000 --- a/changelogs/fragments/add_request_timeout.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -minor_changes: - - Adds request_timeout to controller_export_diff module, and roles -... diff --git a/changelogs/fragments/licence_org.yml b/changelogs/fragments/licence_org.yml deleted file mode 100644 index b1d3e2f6d..000000000 --- a/changelogs/fragments/licence_org.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -bugfixes: - - Fixed issue with organization role not acceppting default environments option correctly. - - Fixed issue with licence role not operating properly, when a controller never had credentials provided for subscription lookup. See Role Readme for proper usuage. -minor_changes: - - licence role now uses a boolean of controller_license.use_looup to determine whether to lookup subscriptions. A lookup is only needed to refresh the available pools, or if it has never been done. See Role Readme for details. -... diff --git a/galaxy.yml b/galaxy.yml index a796f8dc0..d7954ffbb 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: infra name: controller_configuration -version: 2.5.0-devel +version: 2.5.1-devel description: A collection of roles to manage Ansible Controller readme: README.md authors: From d5fae1d8060313b432fe7a35293bd46b4e03674e Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Wed, 30 Aug 2023 08:28:44 +0200 Subject: [PATCH 095/129] fix org creation with instance groups --- changelogs/fragments/instancegroups_org.yml | 4 ++++ roles/dispatch/defaults/main.yml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 changelogs/fragments/instancegroups_org.yml diff --git a/changelogs/fragments/instancegroups_org.yml b/changelogs/fragments/instancegroups_org.yml new file mode 100644 index 000000000..c32887e3f --- /dev/null +++ b/changelogs/fragments/instancegroups_org.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - Fixed issue with organization creation with instance group. Execute instance and instance_group before organizations. +... diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index e0b54b0e0..1b1bfc22e 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -1,6 +1,8 @@ --- controller_configuration_dispatcher_roles: - {role: settings, var: controller_settings, tags: settings} + - {role: instances, var: controller_instances, tags: instances} + - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - {role: organizations, var: controller_organizations, tags: organizations} - {role: labels, var: controller_labels, tags: labels} - {role: users, var: controller_user_accounts, tags: users} @@ -15,8 +17,6 @@ controller_configuration_dispatcher_roles: - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources} - {role: execution_environments, var: controller_execution_environments, tags: execution_environments} - {role: applications, var: controller_applications, tags: applications} - - {role: instances, var: controller_instances, tags: instances} - - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - {role: hosts, var: controller_hosts, tags: hosts} - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} - {role: groups, var: controller_groups, tags: inventories} From 6e4aa0f8c1828d3ab85eaf75a1616669835a19bb Mon Sep 17 00:00:00 2001 From: adonisgarciac Date: Wed, 30 Aug 2023 08:33:30 +0200 Subject: [PATCH 096/129] change instance_group after orgs in object_diff role --- roles/object_diff/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/object_diff/defaults/main.yml b/roles/object_diff/defaults/main.yml index 0b5cde651..f910020f7 100644 --- a/roles/object_diff/defaults/main.yml +++ b/roles/object_diff/defaults/main.yml @@ -38,7 +38,6 @@ controller_configuration_object_diff_tasks: - {name: user_accounts, var: controller_user_accounts, tags: users} - {name: groups, var: controller_groups, tags: groups} - {name: hosts, var: controller_hosts, tags: hosts} - - {name: instance_groups, var: controller_instance_groups, tags: instance_groups} - {name: applications, var: controller_applications, tags: applications} - {name: execution_environments, var: controller_execution_environments, tags: execution_environments} - {name: inventory_sources, var: controller_inventory_sources, tags: inventory_sources} @@ -48,6 +47,7 @@ controller_configuration_object_diff_tasks: - {name: credentials, var: controller_credentials, tags: credentials} - {name: credential_types, var: controller_credential_types, tags: credential_types} - {name: organizations, var: controller_organizations, tags: organizations} + - {name: instance_groups, var: controller_instance_groups, tags: instance_groups} controller_configuration_object_diff_secure_logging: "{{ controller_configuration_secure_logging | default(true) }}" From 6a6dde2d179eaf20a7158e0e0a7cbe42d6e072ac Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Thu, 7 Sep 2023 05:12:54 +0000 Subject: [PATCH 097/129] Update pre-commit --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0e2335877..60db7c260 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.18.0 + rev: v6.19.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 71781efcf87b7d07aff202284ee3cfeab31a5747 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 02:35:20 -0400 Subject: [PATCH 098/129] Update pre-commit (#688) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 60db7c260..ba9b74d5d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.7.0 + rev: 23.9.0 hooks: - id: black name: black From 91629f8fdb0827ec0bdc65e4aa42292a62cc55a7 Mon Sep 17 00:00:00 2001 From: sean-m-sullivan Date: Mon, 11 Sep 2023 05:13:22 +0000 Subject: [PATCH 099/129] Update pre-commit --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index ba9b74d5d..a4e0ffe28 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.9.0 + rev: 23.9.1 hooks: - id: black name: black From 83d05e32934d6df429d4d4835ac0d692432a2533 Mon Sep 17 00:00:00 2001 From: Gagandeep Singh Sekhon <44285960+myselfgagandeep@users.noreply.github.com> Date: Wed, 13 Sep 2023 19:11:26 +0200 Subject: [PATCH 100/129] rectified misspelled variable in job_templates (#691) * rectified ask_labels_on_launch variable * Added changelog fragment file --- changelogs/fragments/filetree_create_job_templates.yml | 4 ++++ roles/filetree_create/templates/current_job_templates.j2 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/filetree_create_job_templates.yml diff --git a/changelogs/fragments/filetree_create_job_templates.yml b/changelogs/fragments/filetree_create_job_templates.yml new file mode 100644 index 000000000..e49d75fd3 --- /dev/null +++ b/changelogs/fragments/filetree_create_job_templates.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - filetree_create - Fixed the misspelled variable name that caused exported job_templates yaml files containing incorrect name. +... diff --git a/roles/filetree_create/templates/current_job_templates.j2 b/roles/filetree_create/templates/current_job_templates.j2 index 3d54da336..a5e848b41 100644 --- a/roles/filetree_create/templates/current_job_templates.j2 +++ b/roles/filetree_create/templates/current_job_templates.j2 @@ -36,7 +36,7 @@ controller_templates: ask_execution_environment_on_launch: {{ current_job_templates_asset_value.ask_execution_environment_on_launch | bool }} {% endif %} {% if current_job_templates_asset_value.ask_labels_on_launch is defined %} - ask_labels_on_launc: {{ current_job_templates_asset_value.ask_labels_on_launch | bool }} + ask_labels_on_launch: {{ current_job_templates_asset_value.ask_labels_on_launch | bool }} {% endif %} {% if current_job_templates_asset_value.ask_forks_on_launch is defined %} ask_forks_on_launch: {{ current_job_templates_asset_value.ask_forks_on_launch | bool }} From 33d829b15dd86e8e76321df76e7dbcccabd9d0cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Fri, 15 Sep 2023 03:49:06 +0200 Subject: [PATCH 101/129] Add failed_when to force the fail when there are undefined variables (#692) --- roles/filetree_read/tasks/applications.yml | 1 + roles/filetree_read/tasks/credential_input_sources.yml | 1 + roles/filetree_read/tasks/credential_types.yml | 1 + roles/filetree_read/tasks/credentials.yml | 1 + roles/filetree_read/tasks/execution_environments.yml | 1 + roles/filetree_read/tasks/groups.yml | 1 + roles/filetree_read/tasks/hosts.yml | 1 + roles/filetree_read/tasks/instance_groups.yml | 1 + roles/filetree_read/tasks/inventories.yml | 1 + roles/filetree_read/tasks/inventory_sources.yml | 1 + roles/filetree_read/tasks/job_templates.yml | 1 + roles/filetree_read/tasks/labels.yml | 1 + roles/filetree_read/tasks/notifications.yml | 1 + roles/filetree_read/tasks/organizations.yml | 1 + roles/filetree_read/tasks/projects.yml | 1 + roles/filetree_read/tasks/roles.yml | 1 + roles/filetree_read/tasks/schedules.yml | 1 + roles/filetree_read/tasks/settings.yml | 1 + roles/filetree_read/tasks/teams.yml | 1 + roles/filetree_read/tasks/user_accounts.yml | 1 + roles/filetree_read/tasks/workflow_job_templates.yml | 1 + 21 files changed, 21 insertions(+) diff --git a/roles/filetree_read/tasks/applications.yml b/roles/filetree_read/tasks/applications.yml index ac5638e0c..cebf3ead6 100644 --- a/roles/filetree_read/tasks/applications.yml +++ b/roles/filetree_read/tasks/applications.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_applications_definitions_item register: __contents_filetree_controller_applications + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_applications" - name: "Populate Applications list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/credential_input_sources.yml b/roles/filetree_read/tasks/credential_input_sources.yml index 27201d47a..a305c8332 100644 --- a/roles/filetree_read/tasks/credential_input_sources.yml +++ b/roles/filetree_read/tasks/credential_input_sources.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_input_sources_definitions_item register: __contents_filetree_controller_credential_input_sources + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_credential_input_sources" - name: "Populate Credential Input Sources list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/credential_types.yml b/roles/filetree_read/tasks/credential_types.yml index 90e51dde0..c72f69387 100644 --- a/roles/filetree_read/tasks/credential_types.yml +++ b/roles/filetree_read/tasks/credential_types.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_credentials_definitions_item register: __contents_filetree_controller_credential_types + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_credential_types" - name: "Populate Credential_Types list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/credentials.yml b/roles/filetree_read/tasks/credentials.yml index 3ff5661bb..10902d58b 100644 --- a/roles/filetree_read/tasks/credentials.yml +++ b/roles/filetree_read/tasks/credentials.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_credentials_definitions_item register: __contents_filetree_controller_credentials + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_credentials" - name: "Populate Credentials list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/execution_environments.yml b/roles/filetree_read/tasks/execution_environments.yml index 8dd80a77c..1060ffa78 100644 --- a/roles/filetree_read/tasks/execution_environments.yml +++ b/roles/filetree_read/tasks/execution_environments.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_execution_environments_definitions_item register: __contents_filetree_controller_execution_environments + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_execution_environments" - name: "Populate Execution Environments list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/groups.yml b/roles/filetree_read/tasks/groups.yml index 6f17d6e80..8e2c2afe8 100644 --- a/roles/filetree_read/tasks/groups.yml +++ b/roles/filetree_read/tasks/groups.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_groups_definitions_item register: __contents_filetree_controller_groups + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_groups" - name: "Populate Groups list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/hosts.yml b/roles/filetree_read/tasks/hosts.yml index ab7af5a2f..cb145b34c 100644 --- a/roles/filetree_read/tasks/hosts.yml +++ b/roles/filetree_read/tasks/hosts.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_hosts_definitions_item register: __contents_filetree_controller_hosts + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_hosts" - name: "Populate Hosts list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/instance_groups.yml b/roles/filetree_read/tasks/instance_groups.yml index f5a1e113b..03951ddd2 100644 --- a/roles/filetree_read/tasks/instance_groups.yml +++ b/roles/filetree_read/tasks/instance_groups.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_instance_groups_definitions_item register: __contents_filetree_controller_instance_groups + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_instance_groups" - name: "Populate Instance Groups list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/inventories.yml b/roles/filetree_read/tasks/inventories.yml index 6de650c3a..aa35a64d9 100644 --- a/roles/filetree_read/tasks/inventories.yml +++ b/roles/filetree_read/tasks/inventories.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_inventories_definitions_item register: __contents_filetree_controller_inventories + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_inventories" - name: "Populate Inventories list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/inventory_sources.yml b/roles/filetree_read/tasks/inventory_sources.yml index 1c5d457bd..f08001730 100644 --- a/roles/filetree_read/tasks/inventory_sources.yml +++ b/roles/filetree_read/tasks/inventory_sources.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_inventory_sources_definitions_item register: __contents_filetree_controller_inventory_sources + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_inventory_sources" - name: "Populate Inventory Sources list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/job_templates.yml b/roles/filetree_read/tasks/job_templates.yml index 287998c11..386a9a5dc 100644 --- a/roles/filetree_read/tasks/job_templates.yml +++ b/roles/filetree_read/tasks/job_templates.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_job_templates_definitions_item register: __contents_filetree_controller_templates + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_templates" - name: "Populate Job Templates list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/labels.yml b/roles/filetree_read/tasks/labels.yml index 16b8f51f9..721df02a4 100644 --- a/roles/filetree_read/tasks/labels.yml +++ b/roles/filetree_read/tasks/labels.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_labels_definitions_item register: __contents_filetree_controller_labels + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_labels" - name: "Populate Labels list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/notifications.yml b/roles/filetree_read/tasks/notifications.yml index f40c7db0f..058caaa35 100644 --- a/roles/filetree_read/tasks/notifications.yml +++ b/roles/filetree_read/tasks/notifications.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_notifications_definitions_item register: __contents_filetree_controller_notifications + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_notifications" - name: "Populate Notifications list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/organizations.yml b/roles/filetree_read/tasks/organizations.yml index 1fb04bd67..538e73cee 100644 --- a/roles/filetree_read/tasks/organizations.yml +++ b/roles/filetree_read/tasks/organizations.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_organizations_definitions_item register: __contents_filetree_controller_organizations + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_organizations" - name: "Populate Organizations list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/projects.yml b/roles/filetree_read/tasks/projects.yml index 83d9038e3..dd50fe91f 100644 --- a/roles/filetree_read/tasks/projects.yml +++ b/roles/filetree_read/tasks/projects.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_projects_definitions_item register: __contents_filetree_controller_projects + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_projects" - name: "Populate Projects list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/roles.yml b/roles/filetree_read/tasks/roles.yml index 3d9ec8c6c..ce7002fbe 100644 --- a/roles/filetree_read/tasks/roles.yml +++ b/roles/filetree_read/tasks/roles.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_roles_definitions_item register: __contents_filetree_controller_roles + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_roles" - name: "Populate Roles list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/schedules.yml b/roles/filetree_read/tasks/schedules.yml index a86d4df9b..e058cec6b 100644 --- a/roles/filetree_read/tasks/schedules.yml +++ b/roles/filetree_read/tasks/schedules.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_schedules_definitions_item register: __contents_filetree_controller_schedules + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_schedules" - name: "Populate Schedules list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/settings.yml b/roles/filetree_read/tasks/settings.yml index 0c850634d..3bdb60b28 100644 --- a/roles/filetree_read/tasks/settings.yml +++ b/roles/filetree_read/tasks/settings.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_settings_definitions_item register: __contents_filetree_controller_settings + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_settings" - name: "Populate Settings list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/teams.yml b/roles/filetree_read/tasks/teams.yml index 3b9a62b35..3c6a33f9d 100644 --- a/roles/filetree_read/tasks/teams.yml +++ b/roles/filetree_read/tasks/teams.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_teams_definitions_item register: __contents_filetree_controller_teams + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_teams" - name: "Populate Teams list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/user_accounts.yml b/roles/filetree_read/tasks/user_accounts.yml index 22b21711c..65ac0d400 100644 --- a/roles/filetree_read/tasks/user_accounts.yml +++ b/roles/filetree_read/tasks/user_accounts.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_user_accounts_definitions_item register: __contents_filetree_controller_user_accounts + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_user_accounts" - name: "Populate User Accounts list" ansible.builtin.set_fact: diff --git a/roles/filetree_read/tasks/workflow_job_templates.yml b/roles/filetree_read/tasks/workflow_job_templates.yml index baab23c38..00f586f91 100644 --- a/roles/filetree_read/tasks/workflow_job_templates.yml +++ b/roles/filetree_read/tasks/workflow_job_templates.yml @@ -13,6 +13,7 @@ loop_control: loop_var: __read_credentials_definitions_item register: __contents_filetree_controller_workflow_job_templates + failed_when: "'VARIABLE IS NOT DEFINED' in __contents_filetree_controller_workflow_job_templates" - name: "Populate Workflow Job Templates list" ansible.builtin.set_fact: From 326e6a01b2c184e8f2f4ea9cbf404d42b2076696 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 17 Sep 2023 16:09:32 -0400 Subject: [PATCH 102/129] Update pre-commit (#693) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a4e0ffe28..71d0b0288 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.9.2 + rev: v0.10.0 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black From 6e5c972db2472863862ea605e0c58f6408bc6bd6 Mon Sep 17 00:00:00 2001 From: adonisgarciac <71078987+adonisgarciac@users.noreply.github.com> Date: Mon, 18 Sep 2023 10:57:10 +0200 Subject: [PATCH 103/129] Fix subelements conditional failure for filetree_create and object_diff (#694) * Fix subelements conditional failure for filetree_create and object_diff roles * remove empty end line in fragments * linting fragment file extension * linting fragment too many spaces after hyphen --- changelogs/fragments/fix_subelements_conditional.yml | 4 ++++ roles/filetree_create/tasks/users.yml | 4 ++-- roles/object_diff/tasks/roles.yml | 4 ++-- 3 files changed, 8 insertions(+), 4 deletions(-) create mode 100644 changelogs/fragments/fix_subelements_conditional.yml diff --git a/changelogs/fragments/fix_subelements_conditional.yml b/changelogs/fragments/fix_subelements_conditional.yml new file mode 100644 index 000000000..0310f5eb9 --- /dev/null +++ b/changelogs/fragments/fix_subelements_conditional.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - filetree_create and object_diff- Subelement filter is executed before when and it was causing a failure when the list was not defined. +... diff --git a/roles/filetree_create/tasks/users.yml b/roles/filetree_create/tasks/users.yml index 26d6bd538..79fbbe938 100644 --- a/roles/filetree_create/tasks/users.yml +++ b/roles/filetree_create/tasks/users.yml @@ -44,7 +44,7 @@ current_users_asset_value: "{{ current_user_dir.0 }}" __dest: "{{ output_path }}/{{ current_user_dir.1 | regex_replace('/', '_') }}/users/{{ current_user_dir.0.username | regex_replace('/', '_') }}.yaml" when: organization_filter is not defined or (current_user_dir.1 is match(organization_filter)) - loop: "{{ current_users | subelements('organizations') }}" + loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" loop_control: loop_var: current_user_dir label: "{{ __dest }}" @@ -56,7 +56,7 @@ when: - not current_user.0.is_superuser - organization_filter is not defined or (current_user.1 is match(organization_filter)) - loop: "{{ current_users | subelements('organizations') }}" + loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" loop_control: loop_var: current_user ... diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index cf77f7f91..dcc3e3bb7 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -47,12 +47,12 @@ - name: "Explode the roles for users" ansible.builtin.set_fact: __full_controller_api_roles: "{{ (__full_controller_api_roles | default([])) + [item.0 | combine({'user': item.1})] }}" - loop: "{{ (__controller_api_roles | subelements('users')) }}" + loop: "{{ (__controller_api_roles | default([]) | subelements('users', skip_missing=true)) }}" - name: "Explode the roles for teams" ansible.builtin.set_fact: __full_controller_api_roles: "{{ (__full_controller_api_roles | default([])) + [item.0 | combine({'team': item.1})] }}" - loop: "{{ (__controller_api_roles | subelements('teams')) }}" + loop: "{{ (__controller_api_roles | default([]) | subelements('teams', skip_missing=true)) }}" - name: "Find the difference of Roles between what is on the Controller versus CasC on SCM" ansible.builtin.set_fact: From 35326765208bdd2f7fb50fd1ab1c85233e2e487e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 21 Sep 2023 12:00:30 -0400 Subject: [PATCH 104/129] Update pre-commit (#696) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 71d0b0288..4dbcf9e5c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.19.0 + rev: v6.20.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From 20b7bb7e274ae90ddb36f9b154442fbfc4d5a49a Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sun, 24 Sep 2023 16:51:47 -0500 Subject: [PATCH 105/129] update links to forums (#697) --- .github/ISSUE_TEMPLATE/bug_report.md | 1 + .github/ISSUE_TEMPLATE/config.yml | 3 +++ README.md | 8 ++++++++ 3 files changed, 12 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 053c8650c..b01ac53a6 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -8,6 +8,7 @@ labels: bug, new --- + # Summary diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 451a12a00..0741163e6 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -2,6 +2,9 @@ # Ref: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser blank_issues_enabled: false # default is true contact_links: + - name: Help and Support + url: https://forum.ansible.com/tag/infra-config-as-code + about: We use the ansible forums for Annoucements, Getting Help, and more! - name: Feature requests url: https://github.com/redhat-cop/controller_configuration/discussions/categories/ideas about: Suggest an idea for this project diff --git a/README.md b/README.md index 5717cc81e..a107b45ab 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,14 @@ This Ansible collection allows for easy interaction with an AWX or Ansible Controller server via Ansible roles using the AWX/Controller collection modules. +## Getting Help + +We are on the Ansible Forums and Matrix, if you want to discuss something, ask for help, or participate in the community, please use the #infra-config-as-code tag on the fourm, or post to the chat in Matrix. + +[Ansible Forums](https://forum.ansible.com/tag/infra-config-as-code) + +[Matrix Chat Room](https://matrix.to/#/#aap_config_as_code:ansible.com) + ## Requirements The awx.awx or ansible.controller collections MUST be installed in order for this collection to work. It is recommended they be invoked in the playbook in the following way. From 5a750e9de9931864e5a252a614d1a465030f763a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 21:13:38 -0400 Subject: [PATCH 106/129] Update pre-commit (#700) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4dbcf9e5c..02fa90779 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.20.0 + rev: v6.20.2 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From ee94c0085ce4eeb4b0910dc5ab0a716a319d93ef Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 3 Oct 2023 10:00:40 -0400 Subject: [PATCH 107/129] Update pre-commit (#701) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 02fa90779..22a83125a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.20.2 + rev: v6.20.3 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From ca61b8b81e9cf9ef63f1039648f55ab2f291dccd Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Tue, 3 Oct 2023 21:01:37 -0500 Subject: [PATCH 108/129] update export information (#699) --- EXPORT_README.md | 61 ++++++++++++++++++++++++++++++++++++++++++------ README.md | 1 + 2 files changed, 55 insertions(+), 7 deletions(-) diff --git a/EXPORT_README.md b/EXPORT_README.md index d02612d90..0a85a767b 100644 --- a/EXPORT_README.md +++ b/EXPORT_README.md @@ -14,7 +14,7 @@ This command allows exporting all available endpoints for Automation Controller pip3 install awxkit ``` -## Basic command options +## Basic command options and export methods ```console awx export --conf.host https://localhost --conf.username admin --conf.password ******** --conf.insecure --help @@ -24,18 +24,65 @@ awx export --conf.host https://localhost --conf.username admin --conf.password * awx export --conf.host https://localhost --conf.username admin --conf.password ******** --conf.insecure --job_templates ``` +```yaml +--- +- name: Export projects + hosts: localhost + connection: local + gather_facts: false + collections: + - ansible.controller + environment: + CONTROLLER_HOST: https://localhost + CONTROLLER_USERNAME: admin + CONTROLLER_PASSWORD: password + CONTROLLER_VERIFY_SSL: False + + tasks: + - name: Export projects + awx.awx.export: # or ansible.controller.export + projects: all + register: export_results + + - name: Show results + ansible.builtin.debug: + var: export_results + + - name: Export projects to file + ansible.builtin.copy: + content: "{{ export_results | to_nice_yaml( width=50, explicit_start=True, explicit_end=True) }}" + dest: projects.yaml +... +``` + ## Available options for this command |Option| |:---:| -|users| -|organizations| -|teams| -|credential_types| +|applications| |credentials| -|notification_templates| -|projects| +|credential_types| +|execution_environments| |inventory| |inventory_sources| |job_templates| +|notification_templates| +|organizations| +|projects| +|schedules| +|teams| +|users| |workflow_job_templates| + +## Limitations + +### Project export + +related signature_validation_credential is exported as a credential # not an object. + +### Workflow export related items + +related instanced groups for workflow nodes prompt on launch for job templates +related labels for workflow nodes prompt on launch for job templates + +Keep up to date with these limitations with [this awx issue](https://github.com/ansible/awx/issues/13868) diff --git a/README.md b/README.md index a107b45ab..71fa463a5 100644 --- a/README.md +++ b/README.md @@ -150,6 +150,7 @@ The input data can be organized in a very flexible way, letting the user use any ### Controller Export The awx command line can export json that is compatible with this collection. +In addition there is an awx.awx/ansible.controller export module that use the awx command line to export. More details can be found [here](EXPORT_README.md) ### Template Example From 2626f139d6e861f257d65dd13d99b5ea28ec5daf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 12:10:02 -0400 Subject: [PATCH 109/129] Update pre-commit (#703) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 22a83125a..baa824119 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,7 +1,7 @@ --- repos: - repo: 'https://github.com/pre-commit/pre-commit-hooks' - rev: v4.4.0 + rev: v4.5.0 hooks: - id: end-of-file-fixer - id: trailing-whitespace From 957ed97726a16ff23dbae6f736ef72d37243024c Mon Sep 17 00:00:00 2001 From: davidcba1 <88520017+davidcba1@users.noreply.github.com> Date: Wed, 11 Oct 2023 02:27:07 +1030 Subject: [PATCH 110/129] Fix calling manifest when manifest content is defined (#704) --- roles/license/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/license/tasks/main.yml b/roles/license/tasks/main.yml index b62a7bc9e..88e3654bf 100644 --- a/roles/license/tasks/main.yml +++ b/roles/license/tasks/main.yml @@ -4,7 +4,7 @@ - name: Use manifest file ansible.builtin.include_tasks: "manifest.yml" when: - - controller_license.manifest_file is defined or controller_license.manifest is defined + - controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_content is defined - name: Use subscription pool id or subscription lookup ansible.builtin.include_tasks: "subscription.yml" From 63d3bf518b9028a7cd1a4ca04bd3cd0fe28b271f Mon Sep 17 00:00:00 2001 From: dbk-rabel <57803476+dbk-rabel@users.noreply.github.com> Date: Fri, 13 Oct 2023 14:54:21 +0200 Subject: [PATCH 111/129] Cleanup task name (#708) This jinja2 template is never evaluated. The loop is inside the task. There is only one task and it was called literally: "Include Tasks to get OBJECT DIFF {{ __task_diff.name }}" --- roles/object_diff/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/object_diff/tasks/main.yml b/roles/object_diff/tasks/main.yml index 1ffcb7f84..6eb0a1e21 100644 --- a/roles/object_diff/tasks/main.yml +++ b/roles/object_diff/tasks/main.yml @@ -59,7 +59,7 @@ tags: - always -- name: "Include Tasks to get OBJECT DIFF {{ __task_diff.name }}" +- name: "Include Tasks to get OBJECT DIFF" ansible.builtin.include_tasks: "{{ __task_diff.name }}.yml" args: apply: From e88e4be79055bb256af5178227661a351016aa14 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Fri, 13 Oct 2023 22:27:54 +0100 Subject: [PATCH 112/129] Ensure dispatch is generalised (#709) Co-authored-by: Sean Sullivan --- roles/dispatch/defaults/main.yml | 1 + roles/dispatch/meta/argument_specs.yml | 17 ++++++++++++++--- roles/dispatch/tasks/main.yml | 12 ++---------- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index 1b1bfc22e..f3e0a8aa2 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -16,6 +16,7 @@ controller_configuration_dispatcher_roles: - {role: inventory_sources, var: controller_inventory_sources, tags: inventory_sources} - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources} - {role: execution_environments, var: controller_execution_environments, tags: execution_environments} + - {role: organizations, var: controller_organizations, tags: organizations, assign_galaxy_credentials_to_org: true, assign_default_ee_to_org: true} - {role: applications, var: controller_applications, tags: applications} - {role: hosts, var: controller_hosts, tags: hosts} - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index ade0c93f7..23bad66be 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -6,6 +6,8 @@ argument_specs: controller_configuration_dispatcher_roles: default: - {role: settings, var: controller_settings, tags: settings} + - {role: instances, var: controller_instances, tags: instances} + - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - {role: organizations, var: controller_organizations, tags: organizations} - {role: labels, var: controller_labels, tags: labels} - {role: users, var: controller_user_accounts, tags: users} @@ -19,16 +21,17 @@ argument_specs: - {role: inventory_sources, var: controller_inventory_sources, tags: inventory_sources} - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources} - {role: execution_environments, var: controller_execution_environments, tags: execution_environments} + - {role: organizations, var: controller_organizations, tags: organizations, assign_galaxy_credentials_to_org: true, assign_default_ee_to_org: true} - {role: applications, var: controller_applications, tags: applications} - - {role: instances, var: controller_instances, tags: instances} - - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - - {role: project_update, var: controller_projects, tags: projects} - {role: hosts, var: controller_hosts, tags: hosts} + - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} - {role: groups, var: controller_groups, tags: inventories} - {role: job_templates, var: controller_templates, tags: job_templates} - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} - {role: schedules, var: controller_schedules, tags: schedules} - {role: roles, var: controller_roles, tags: roles} + - {role: job_launch, var: controller_launch_jobs, tags: job_launch} + - {role: workflow_launch, var: controller_workflow_launch_jobs, tags: workflow_launch} required: false description: List of roles, variables and tags to run through type: list @@ -45,6 +48,14 @@ argument_specs: tags: required: false description: Tags to be applied to the role so tagging can be used to run only part of a playbook + assign_galaxy_credentials_to_org: + required: false + description: Variable to be applied. Whether to assign the galaxy credential to the organizations. Only relevant against the organizations role. + default: false + assign_default_ee_to_org: + required: false + description: Variable to be applied. Whether to assign the default execution environment to the organizations. Only relevant against the organizations role. + default: false # Async variables diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index ea8330cb7..0a0273087 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -10,14 +10,6 @@ loop_control: loop_var: __role vars: - assign_galaxy_credentials_to_org: false - assign_default_ee_to_org: false - -- name: Include Tasks to add Galaxy credentials and Execution Environments to Organizations - ansible.builtin.include_role: - name: organizations - apply: - tags: - - organizations - tags: organizations + assign_galaxy_credentials_to_org: "{{ __role.assign_galaxy_credentials_to_org | default(false) }}" + assign_default_ee_to_org: "{{ __role.assign_default_ee_to_org | default(false) }}" ... From 53d4f1e2921eab68c3c2f7cbc4d9206c3b6e159a Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Fri, 13 Oct 2023 16:58:22 -0500 Subject: [PATCH 113/129] dispatch tweak (#710) --- changelogs/fragments/dispatch_bugfix.yml | 4 + roles/dispatch/defaults/main.yml | 112 +++++++++++++++++------ 2 files changed, 89 insertions(+), 27 deletions(-) create mode 100644 changelogs/fragments/dispatch_bugfix.yml diff --git a/changelogs/fragments/dispatch_bugfix.yml b/changelogs/fragments/dispatch_bugfix.yml new file mode 100644 index 000000000..6f0fd55da --- /dev/null +++ b/changelogs/fragments/dispatch_bugfix.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - dispatch - Fixed the order and behavior to run as a single task with options for organization behavior. +... diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index f3e0a8aa2..f76bcab27 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -1,30 +1,88 @@ --- controller_configuration_dispatcher_roles: - - {role: settings, var: controller_settings, tags: settings} - - {role: instances, var: controller_instances, tags: instances} - - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} - - {role: organizations, var: controller_organizations, tags: organizations} - - {role: labels, var: controller_labels, tags: labels} - - {role: users, var: controller_user_accounts, tags: users} - - {role: teams, var: controller_teams, tags: teams} - - {role: credential_types, var: controller_credential_types, tags: credential_types} - - {role: credentials, var: controller_credentials, tags: credentials} - - {role: credential_input_sources, var: controller_credential_input_sources, tags: credential_input_sources} - - {role: notification_templates, var: controller_notifications, tags: notification_templates} - - {role: projects, var: controller_projects, tags: projects} - - {role: inventories, var: controller_inventories, tags: inventories} - - {role: inventory_sources, var: controller_inventory_sources, tags: inventory_sources} - - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources} - - {role: execution_environments, var: controller_execution_environments, tags: execution_environments} - - {role: organizations, var: controller_organizations, tags: organizations, assign_galaxy_credentials_to_org: true, assign_default_ee_to_org: true} - - {role: applications, var: controller_applications, tags: applications} - - {role: hosts, var: controller_hosts, tags: hosts} - - {role: bulk_host_create, var: controller_bulk_hosts, tags: bulk_hosts} - - {role: groups, var: controller_groups, tags: inventories} - - {role: job_templates, var: controller_templates, tags: job_templates} - - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} - - {role: schedules, var: controller_schedules, tags: schedules} - - {role: roles, var: controller_roles, tags: roles} - - {role: job_launch, var: controller_launch_jobs, tags: job_launch} - - {role: workflow_launch, var: controller_workflow_launch_jobs, tags: workflow_launch} + - role: settings + var: controller_settings + tags: settings + - role: instances + var: controller_instances + tags: instances + - role: instance_groups + var: controller_instance_groups + tags: instance_groups + - role: organizations + var: controller_organizations + tags: organizations + assign_galaxy_credentials_to_org: false + assign_default_ee_to_org: false + - role: labels + var: controller_labels + tags: labels + - role: users + var: controller_user_accounts + tags: users + - role: teams + var: controller_teams + tags: teams + - role: credential_types + var: controller_credential_types + tags: credential_types + - role: credentials + var: controller_credentials + tags: credentials + - role: credential_input_sources + var: controller_credential_input_sources + tags: credential_input_sources + - role: execution_environments + var: controller_execution_environments + tags: execution_environments + - role: organizations + var: controller_organizations + tags: organizations + assign_galaxy_credentials_to_org: true + assign_default_ee_to_org: true + - role: notification_templates + var: controller_notifications + tags: notification_templates + - role: projects + var: controller_projects + tags: projects + - role: inventories + var: controller_inventories + tags: inventories + - role: inventory_sources + var: controller_inventory_sources + tags: inventory_sources + - role: inventory_source_update + var: controller_inventory_sources + tags: inventory_sources + - role: applications + var: controller_applications + tags: applications + - role: hosts + var: controller_hosts + tags: hosts + - role: bulk_host_create + var: controller_bulk_hosts + tags: bulk_hosts + - role: groups + var: controller_groups + tags: inventories + - role: job_templates + var: controller_templates + tags: job_templates + - role: workflow_job_templates + var: controller_workflows + tags: workflow_job_templates + - role: schedules + var: controller_schedules + tags: schedules + - role: roles + var: controller_roles + tags: roles + - role: job_launch + var: controller_launch_jobs + tags: job_launch + - role: workflow_launch + var: controller_workflow_launch_jobs + tags: workflow_launch ... From 06babc1d4bad00b83df8234e8f092ba5469213ef Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sat, 14 Oct 2023 07:48:27 -0400 Subject: [PATCH 114/129] Update galaxy api pulibsh url --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0cfdfaef9..d2ba3a0b4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: # Galaxy Publish collection_namespace_1: infra collection_name_1: controller_configuration - publish_url_collection_1: https://galaxy.ansible.com + publish_url_collection_1: https://galaxy.ansible.com/api/ galaxy_publish_1: true ah_publish_1: false # CRC Publish From c263de0edaff4861d62d33e1feece14c6edebb37 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Wed, 18 Oct 2023 07:21:36 -0500 Subject: [PATCH 115/129] update changelog (#711) --- CHANGELOG.rst | 11 +++++++++++ changelogs/.plugin-cache.yaml | 2 +- changelogs/changelog.yaml | 17 +++++++++++++++++ changelogs/fragments/dispatch_bugfix.yml | 4 ---- .../fragments/filetree_create_job_templates.yml | 4 ---- .../fragments/fix_subelements_conditional.yml | 4 ---- changelogs/fragments/instancegroups_org.yml | 4 ---- galaxy.yml | 2 +- 8 files changed, 30 insertions(+), 18 deletions(-) delete mode 100644 changelogs/fragments/dispatch_bugfix.yml delete mode 100644 changelogs/fragments/filetree_create_job_templates.yml delete mode 100644 changelogs/fragments/fix_subelements_conditional.yml delete mode 100644 changelogs/fragments/instancegroups_org.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 313aaac15..76dc42da6 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,17 @@ infra.controller_configuration Release Notes .. contents:: Topics +v2.5.2 +====== + +Bugfixes +-------- + +- Fixed issue with organization creation with instance group. Execute instance and instance_group before organizations. +- dispatch - Fixed the order and behavior to run as a single task with options for organization behavior. +- filetree_create - Fixed the misspelled variable name that caused exported job_templates yaml files containing incorrect name. +- filetree_create and object_diff- Subelement filter is executed before when and it was causing a failure when the list was not defined. + v2.5.1 ====== diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index e02da8dd6..5af973336 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -176,4 +176,4 @@ plugins: strategy: {} test: {} vars: {} -version: 2.5.1 +version: 2.5.2 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 3eb8d0be9..2d1ef090b 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -551,3 +551,20 @@ releases: - add_request_timeout.yml - licence_org.yml release_date: '2023-08-29' + 2.5.2: + changes: + bugfixes: + - Fixed issue with organization creation with instance group. Execute instance + and instance_group before organizations. + - dispatch - Fixed the order and behavior to run as a single task with options + for organization behavior. + - filetree_create - Fixed the misspelled variable name that caused exported + job_templates yaml files containing incorrect name. + - filetree_create and object_diff- Subelement filter is executed before when + and it was causing a failure when the list was not defined. + fragments: + - dispatch_bugfix.yml + - filetree_create_job_templates.yml + - fix_subelements_conditional.yml + - instancegroups_org.yml + release_date: '2023-10-14' diff --git a/changelogs/fragments/dispatch_bugfix.yml b/changelogs/fragments/dispatch_bugfix.yml deleted file mode 100644 index 6f0fd55da..000000000 --- a/changelogs/fragments/dispatch_bugfix.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - dispatch - Fixed the order and behavior to run as a single task with options for organization behavior. -... diff --git a/changelogs/fragments/filetree_create_job_templates.yml b/changelogs/fragments/filetree_create_job_templates.yml deleted file mode 100644 index e49d75fd3..000000000 --- a/changelogs/fragments/filetree_create_job_templates.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - filetree_create - Fixed the misspelled variable name that caused exported job_templates yaml files containing incorrect name. -... diff --git a/changelogs/fragments/fix_subelements_conditional.yml b/changelogs/fragments/fix_subelements_conditional.yml deleted file mode 100644 index 0310f5eb9..000000000 --- a/changelogs/fragments/fix_subelements_conditional.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - filetree_create and object_diff- Subelement filter is executed before when and it was causing a failure when the list was not defined. -... diff --git a/changelogs/fragments/instancegroups_org.yml b/changelogs/fragments/instancegroups_org.yml deleted file mode 100644 index c32887e3f..000000000 --- a/changelogs/fragments/instancegroups_org.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -bugfixes: - - Fixed issue with organization creation with instance group. Execute instance and instance_group before organizations. -... diff --git a/galaxy.yml b/galaxy.yml index d7954ffbb..260b4e458 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: infra name: controller_configuration -version: 2.5.1-devel +version: 2.5.2-devel description: A collection of roles to manage Ansible Controller readme: README.md authors: From 9176050d4d910df3080ce31c3e413472c098321c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:55:53 +0000 Subject: [PATCH 116/129] Update pre-commit (#713) Co-authored-by: sean-m-sullivan Co-authored-by: Sean Sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index baa824119..6db7c681a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.9.1 + rev: 23.10.0 hooks: - id: black name: black From 1da69ba4d8e6924404d23c82770c36f4ebd5455e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 22 Oct 2023 10:33:42 -0400 Subject: [PATCH 117/129] Update pre-commit (#714) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6db7c681a..5811a5a26 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.20.3 + rev: v6.21.1 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 From f45b00f9817336b2d10759ba74868f0246bbcef7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Wed, 1 Nov 2023 01:32:17 +0100 Subject: [PATCH 118/129] Added role to host global vars to all other roles. Updated tasks tittles to solve issue707 (#716) --- .ansible-lint-ignore | 2 + EXPORT_README.md | 2 +- plugins/lookup/controller_object_diff.py | 3 +- plugins/modules/controller_export_diff.py | 2 +- roles/applications/README.md | 2 +- roles/applications/meta/main.yml | 7 +- roles/applications/tasks/main.yml | 8 +- roles/credential_input_sources/README.md | 2 +- roles/credential_input_sources/meta/main.yml | 7 +- roles/credential_input_sources/tasks/main.yml | 8 +- roles/credential_types/README.md | 2 +- roles/credential_types/meta/main.yml | 7 +- roles/credential_types/tasks/main.yml | 8 +- roles/credentials/README.md | 2 +- roles/credentials/meta/main.yml | 7 +- roles/credentials/tasks/main.yml | 12 ++- roles/dispatch/tasks/main.yml | 2 +- roles/execution_environments/README.md | 2 +- roles/execution_environments/meta/main.yml | 7 +- roles/execution_environments/tasks/main.yml | 16 +-- .../current_notification_templates.j2 | 2 +- roles/global_vars/README.md | 45 +++++++++ roles/global_vars/defaults/main.yml | 10 ++ roles/global_vars/meta/main.yml | 54 +++++++++++ roles/global_vars/vars/main.yml | 3 + roles/groups/README.md | 2 +- roles/groups/meta/main.yml | 7 +- roles/groups/tasks/main.yml | 30 +++--- roles/hosts/README.md | 2 +- roles/hosts/meta/main.yml | 7 +- roles/hosts/tasks/main.yml | 14 ++- roles/instance_groups/README.md | 2 +- roles/instance_groups/meta/main.yml | 7 +- roles/instance_groups/tasks/main.yml | 27 +++--- roles/instances/tasks/main.yml | 8 +- roles/inventories/README.md | 2 +- roles/inventories/meta/main.yml | 5 + roles/inventories/tasks/main.yml | 22 +++-- roles/inventory_sources/README.md | 2 +- roles/inventory_sources/meta/main.yml | 5 + roles/inventory_sources/tasks/main.yml | 50 +++++----- roles/job_templates/README.md | 2 +- roles/job_templates/meta/main.yml | 7 +- roles/job_templates/tasks/main.yml | 97 ++++++++++--------- roles/labels/README.md | 2 +- roles/labels/meta/main.yml | 5 + roles/labels/tasks/main.yml | 8 +- roles/license/tasks/subscription.yml | 2 +- roles/notification_templates/README.md | 2 +- roles/notification_templates/meta/main.yml | 7 +- roles/notification_templates/tasks/main.yml | 16 +-- roles/object_diff/tasks/roles.yml | 4 - roles/organizations/README.md | 2 +- roles/organizations/meta/main.yml | 7 +- roles/organizations/tasks/main.yml | 22 +++-- roles/projects/README.md | 2 +- roles/projects/meta/main.yml | 7 +- roles/projects/tasks/main.yml | 46 +++++---- roles/roles/README.md | 2 +- roles/roles/meta/main.yml | 7 +- roles/roles/tasks/main.yml | 30 +++--- roles/schedules/README.md | 2 +- roles/schedules/meta/main.yml | 7 +- roles/schedules/tasks/main.yml | 32 +++--- roles/teams/README.md | 2 +- roles/teams/meta/main.yml | 7 +- roles/teams/tasks/main.yml | 10 +- roles/users/README.md | 2 +- roles/users/meta/main.yml | 7 +- roles/users/tasks/main.yml | 16 +-- roles/workflow_job_templates/README.md | 2 +- roles/workflow_job_templates/meta/main.yml | 7 +- .../tasks/add_workflows_schema.yml | 4 +- roles/workflow_job_templates/tasks/main.yml | 61 ++++++------ tests/configure_controller.yml | 2 +- .../templated_role_example/defaults/main.yml | 2 +- 76 files changed, 535 insertions(+), 319 deletions(-) create mode 100644 .ansible-lint-ignore create mode 100644 roles/global_vars/README.md create mode 100644 roles/global_vars/defaults/main.yml create mode 100644 roles/global_vars/meta/main.yml create mode 100644 roles/global_vars/vars/main.yml diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore new file mode 100644 index 000000000..b13484a1d --- /dev/null +++ b/.ansible-lint-ignore @@ -0,0 +1,2 @@ +plugins/lookup/controller_object_diff.py yaml[document-end] +plugins/modules/controller_export_diff.py yaml[document-end] diff --git a/EXPORT_README.md b/EXPORT_README.md index 0a85a767b..b63fa3aa1 100644 --- a/EXPORT_README.md +++ b/EXPORT_README.md @@ -50,7 +50,7 @@ awx export --conf.host https://localhost --conf.username admin --conf.password * - name: Export projects to file ansible.builtin.copy: - content: "{{ export_results | to_nice_yaml( width=50, explicit_start=True, explicit_end=True) }}" + content: "{{ export_results | to_nice_yaml(width=50, explicit_start=True, explicit_end=True) }}" dest: projects.yaml ... ``` diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index b9926cea1..47b5821a8 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -69,14 +69,13 @@ set_fact: project_difference: "{{ query('infra.controller_configuration.controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, - with_present=true, set_absent=true ) }}" + with_present=true, set_absent=true) }}" - name: Add Projects include_role: name: infra.controller_configuration.projects vars: controller_projects: "{{ project_difference }}" - """ RETURN = """ diff --git a/plugins/modules/controller_export_diff.py b/plugins/modules/controller_export_diff.py index 4150267ef..4b0b0d344 100644 --- a/plugins/modules/controller_export_diff.py +++ b/plugins/modules/controller_export_diff.py @@ -192,7 +192,7 @@ scm_url: https://github.com/ansible/ansible-examples.git description: ansible-examples organization: - name: Satellite + name: Satellite credential: gitlab-personal-access-token for satqe_auto_droid wait: false controller_host: https://controller diff --git a/roles/applications/README.md b/roles/applications/README.md index a37f682f6..68c69d618 100644 --- a/roles/applications/README.md +++ b/roles/applications/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Applications on Ansible Controller. +An Ansible Role to create/update/remove Applications on Ansible Controller. ## Requirements diff --git a/roles/applications/meta/main.yml b/roles/applications/meta/main.yml index 391b3f678..44b002e81 100644 --- a/roles/applications/meta/main.yml +++ b/roles/applications/meta/main.yml @@ -41,7 +41,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index 43394d54f..ad046c9f8 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -1,6 +1,6 @@ --- # Create Controller applications -- name: Add Controller Applications +- name: "Managing Controller Applications" application: name: "{{ __application_item.name | mandatory }}" new_name: "{{ __application_item.new_name | default(omit, true) }}" @@ -23,15 +23,17 @@ loop: "{{ applications if applications is defined else controller_applications }}" loop_control: loop_var: "__application_item" + label: "{{ __operation.verb }} Controller Application {{ __application_item.name }}" no_log: "{{ controller_configuration_applications_secure_logging }}" async: 1000 poll: 0 register: __applications_job_async changed_when: not __applications_job_async.changed vars: + __operation: "{{ operation_translate[__application_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create Applications | Wait for finish the Applications creation" +- name: "Managing Controller Applications | Wait for finish the Application management" ansible.builtin.async_status: jid: "{{ __applications_job_async_results_item.ansible_job_id }}" register: __applications_job_async_result @@ -41,8 +43,10 @@ loop: "{{ __applications_job_async.results }}" loop_control: loop_var: __applications_job_async_results_item + label: "{{ __operation.verb }} Controller Application {{ __applications_job_async_results_item.__application_item.name }} | Wait for finish the Application {{ __operation.action }}" when: __applications_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_applications_secure_logging }}" vars: + __operation: "{{ operation_translate[__applications_job_async_results_item.__application_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credential_input_sources/README.md b/roles/credential_input_sources/README.md index d74ad2bbd..963f34f4c 100644 --- a/roles/credential_input_sources/README.md +++ b/roles/credential_input_sources/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create credential input sources on Ansible Controller, the below example is for CyberArk as an input source, change accordingly to match your input source type. +An Ansible Role to create/update/remove credential input sources on Ansible Controller, the below example is for CyberArk as an input source, change accordingly to match your input source type. ## Requirements diff --git a/roles/credential_input_sources/meta/main.yml b/roles/credential_input_sources/meta/main.yml index 444fdf8fb..c4c085400 100644 --- a/roles/credential_input_sources/meta/main.yml +++ b/roles/credential_input_sources/meta/main.yml @@ -45,7 +45,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index c5e6139ad..854718ade 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Add Controller Credential Input Sources +- name: "Managing Controller Credential Input Sources" credential_input_source: target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" @@ -19,15 +19,17 @@ loop: "{{ controller_credential_input_sources }}" loop_control: loop_var: "__cred_input_src_item" + label: "{{ __operation.verb }} Controller Credential Input Source for Credential {{ __cred_input_src_item.target_credential }}" no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" async: 1000 poll: 0 register: __credential_input_sources_job_async changed_when: not __credential_input_sources_job_async.changed vars: + __operation: "{{ operation_translate[__cred_input_src_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources creation" +- name: "Managing Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources management" ansible.builtin.async_status: jid: "{{ __credential_input_sources_job_async_results_item.ansible_job_id }}" register: __credential_input_sources_job_async_result @@ -37,8 +39,10 @@ loop: "{{ __credential_input_sources_job_async.results }}" loop_control: loop_var: __credential_input_sources_job_async_results_item + label: "{{ __operation.verb }} Controller Credential Input Source for Credential {{ __credential_input_sources_job_async_results_item.__cred_input_src_item.target_credential }}" when: __credential_input_sources_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" vars: + __operation: "{{ operation_translate[__credential_input_sources_job_async_results_item.__cred_input_src_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credential_types/README.md b/roles/credential_types/README.md index 8cb81cac8..0443f91a8 100644 --- a/roles/credential_types/README.md +++ b/roles/credential_types/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Credential Types on Ansible Controller. +An Ansible Role to create/update/remove Credential Types on Ansible Controller. ## Requirements diff --git a/roles/credential_types/meta/main.yml b/roles/credential_types/meta/main.yml index ea9933c0e..8617a76d0 100644 --- a/roles/credential_types/meta/main.yml +++ b/roles/credential_types/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 21f085af4..9b09bab67 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Add Credential Types +- name: "Managing Credential Types" credential_type: name: "{{ __controller_credential_type_item.name | mandatory }}" new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" @@ -20,15 +20,17 @@ loop: "{{ credential_types if credential_types is defined else controller_credential_types }}" loop_control: loop_var: __controller_credential_type_item + label: "{{ __operation.verb }} Credential Type {{ __controller_credential_type_item.name }}" no_log: "{{ controller_configuration_credential_types_secure_logging }}" async: 1000 poll: 0 register: __credentialtypes_job_async changed_when: not __credentialtypes_job_async.changed vars: + __operation: "{{ operation_translate[__controller_credential_type_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Credential Types | Wait for finish the credential types creation" +- name: "Managing Controller Credential Types | Wait for finish the credential types management" ansible.builtin.async_status: jid: "{{ __credentialtypes_job_async_result_item.ansible_job_id }}" register: __credentialtypes_job_async_result @@ -38,8 +40,10 @@ loop: "{{ __credentialtypes_job_async.results }}" loop_control: loop_var: __credentialtypes_job_async_result_item + label: "{{ __operation.verb }} Controller Credential Type {{ __credentialtypes_job_async_result_item }} | Wait for finish the credential type {{ __operation.action }}" when: __credentialtypes_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_types_secure_logging }}" vars: + __operation: "{{ operation_translate[__credentialtypes_job_async_result_item.__controller_credential_type_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/credentials/README.md b/roles/credentials/README.md index dfc307380..4a7c61fd6 100644 --- a/roles/credentials/README.md +++ b/roles/credentials/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Credentials on Ansible Controller. +An Ansible Role to create/update/remove Credentials on Ansible Controller. ## Requirements diff --git a/roles/credentials/meta/main.yml b/roles/credentials/meta/main.yml index 96e0f7f84..a3ab27bfb 100644 --- a/roles/credentials/meta/main.yml +++ b/roles/credentials/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 108fc691d..810c09a43 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -1,12 +1,12 @@ --- -- name: Add Credentials +- name: "Managing Credentials" credential: name: "{{ __controller_credentials_item.name | mandatory }}" new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" description: "{{ __controller_credentials_item.description | default(('' if controller_configuration_credentials_enforce_defaults else omit), true) }}" organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" - credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory ) }}" + credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory) }}" inputs: "{{ __controller_credentials_item.inputs | default(({} if controller_configuration_credentials_enforce_defaults else omit), true) }}" user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(('' if controller_configuration_credentials_enforce_defaults else omit), true)) }}" @@ -23,16 +23,17 @@ loop: "{{ credentials if credentials is defined else controller_credentials }}" loop_control: loop_var: __controller_credentials_item - label: "{{ __controller_credentials_item.name | mandatory }}" + label: "{{ __operation.verb }} Credential {{ __controller_credentials_item.name }}" no_log: "{{ controller_configuration_credentials_secure_logging }}" async: 1000 poll: 0 register: __credentials_job_async changed_when: not __credentials_job_async.changed vars: + __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Credentials | Wait for finish the credential creation" +- name: "Managing Controller Credentials | Wait for finish the credential management" ansible.builtin.async_status: jid: "{{ __credentials_job_async_results_item.ansible_job_id }}" register: __credentials_job_async_result @@ -42,9 +43,10 @@ loop: "{{ __credentials_job_async.results }}" loop_control: loop_var: __credentials_job_async_results_item - label: "{{ __credentials_job_async_results_item.__controller_credentials_item.name }}" + label: "{{ __operation.verb }} Credential {{ __credentials_job_async_results_item.__controller_credentials_item.name }} | Wait for finish the credential {{ __operation.action }}" when: __credentials_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credentials_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index 0a0273087..34a25fba0 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: "Run infra.controller_configuration.{{ __role.role }}" +- name: "Run the following infra.controller_configuration roles: {{ controller_configuration_dispatcher_roles | map(attribute='role') | join(', ') }}" ansible.builtin.include_role: name: "{{ __role.role }}" apply: diff --git a/roles/execution_environments/README.md b/roles/execution_environments/README.md index d37728813..268bfdb5b 100644 --- a/roles/execution_environments/README.md +++ b/roles/execution_environments/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create execution_environments on Ansible Controller. +An Ansible Role to create/update/remove execution_environments on Ansible Controller. ## Requirements diff --git a/roles/execution_environments/meta/main.yml b/roles/execution_environments/meta/main.yml index a4b64a4f5..921f946cd 100644 --- a/roles/execution_environments/meta/main.yml +++ b/roles/execution_environments/meta/main.yml @@ -41,7 +41,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index 0012b2861..85c509091 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -1,14 +1,14 @@ --- # Create Controller Execution Environments -- name: Add Controller Execution Environments +- name: "Managing Controller Execution Environments" execution_environment: name: "{{ __execution_environments_item.name | mandatory }}" new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" - description: "{{ __execution_environments_item.description | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + description: "{{ __execution_environments_item.description | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" image: "{{ __execution_environments_item.image | mandatory }}" - organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" - credential: "{{ __execution_environments_item.credential | default(( '' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" - pull: "{{ __execution_environments_item.pull | default(( 'missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" + credential: "{{ __execution_environments_item.credential | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + pull: "{{ __execution_environments_item.pull | default(('missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" state: "{{ __execution_environments_item.state | default(controller_state | default('present')) }}" # Role specific options @@ -22,6 +22,7 @@ loop: "{{ execution_environments if execution_environments is defined else controller_execution_environments }}" loop_control: loop_var: "__execution_environments_item" + label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_item }}" no_log: "{{ controller_configuration_execution_environments_secure_logging }}" when: controller_execution_environments is defined async: 1000 @@ -29,9 +30,10 @@ register: __execution_environments_job_async changed_when: not __execution_environments_job_async.changed vars: + __operation: "{{ operation_translate[__execution_environments_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create Controller Execution Environments | Wait for finish the Controller Execution Environments creation" +- name: "Managing Controller Execution Environments | Wait for finish the Controller Execution Environments management" ansible.builtin.async_status: jid: "{{ __execution_environments_job_async_results_item.ansible_job_id }}" register: __execution_environments_job_async_result @@ -41,8 +43,10 @@ loop: "{{ __execution_environments_job_async.results }}" loop_control: loop_var: __execution_environments_job_async_results_item + label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_job_async_results_item.__execution_environments_item.name }} | Wait for finish the Controller Execution Environment {{ __operation.action }}" when: __execution_environments_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_execution_environments_secure_logging }}" vars: + __operation: "{{ operation_translate[__execution_environments_job_async_results_item.__execution_environments_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/filetree_create/templates/current_notification_templates.j2 b/roles/filetree_create/templates/current_notification_templates.j2 index 18008c56a..c98d04497 100644 --- a/roles/filetree_create/templates/current_notification_templates.j2 +++ b/roles/filetree_create/templates/current_notification_templates.j2 @@ -12,7 +12,7 @@ controller_notifications: {% elif (value | lower) is match('true') or (value | lower) is match('false') %} {{ key }}: {{ value | bool }} {% else %} - {{ key }}: {{ '!unsafe ' if ( value | regex_search('{{')) }}"{{ value | replace('\n','\\n') | replace('"', '\\"') }}" + {{ key }}: {{ '!unsafe ' if (value | regex_search('{{')) }}"{{ value | replace('\n','\\n') | replace('"', '\\"') }}" {% endif %} {% endfor %} {% if current_notification_templates_asset_value.messages is defined and current_notification_templates_asset_value.messages %} diff --git a/roles/global_vars/README.md b/roles/global_vars/README.md new file mode 100644 index 000000000..2c9106280 --- /dev/null +++ b/roles/global_vars/README.md @@ -0,0 +1,45 @@ +# controller_configuration.global_vars + +## Description + +An ansible role to define global variables that will be available to all of the +roles in the collection, if they are configured as follows: + +```console +# tail -4 meta/main.yml + +dependencies: +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. + - global_vars +``` + +## Provided Variables + +This is currently providing the following variables: + +| Variable Name | Default Value | Required | Description | +|:---|:---:|:---:|:---| +| `operation_translate` | [See the default value below](#operation_translate-default-value) | Yes | Provides translation from object states to human interpretation | + +### operation_translate Default value + +```yaml +--- +operation_translate: + present: + verb: "Create/Update" + action: "creation" + absent: + verb: "Remove" + action: "deletion" +... +``` + +## License + +[MIT](https://github.com/redhat-cop/controller_configuration#licensing) + +## Author + +[Ivan Aragonés](https://github.com/ivarmu) diff --git a/roles/global_vars/defaults/main.yml b/roles/global_vars/defaults/main.yml new file mode 100644 index 000000000..1abfda9ab --- /dev/null +++ b/roles/global_vars/defaults/main.yml @@ -0,0 +1,10 @@ +--- +# defaults file for global_vars +operation_translate: + present: + verb: "Create/Update" + action: "creation" + absent: + verb: "Remove" + action: "deletion" +... diff --git a/roles/global_vars/meta/main.yml b/roles/global_vars/meta/main.yml new file mode 100644 index 000000000..eb87d9e61 --- /dev/null +++ b/roles/global_vars/meta/main.yml @@ -0,0 +1,54 @@ +--- +galaxy_info: + author: "Ivan Aragonés" + description: "Global variables to be consumed by any other role in the collection" + company: "Red Hat" + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: MIT + + min_ansible_version: "2.1" + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +... diff --git a/roles/global_vars/vars/main.yml b/roles/global_vars/vars/main.yml new file mode 100644 index 000000000..3e4311bb5 --- /dev/null +++ b/roles/global_vars/vars/main.yml @@ -0,0 +1,3 @@ +--- +# vars file for global_vars +... diff --git a/roles/groups/README.md b/roles/groups/README.md index de6e6c810..4153ceabc 100644 --- a/roles/groups/README.md +++ b/roles/groups/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Groups on Ansible Controller. +An Ansible Role to create/update/remove Groups on Ansible Controller. ## Requirements diff --git a/roles/groups/meta/main.yml b/roles/groups/meta/main.yml index c5464bb13..33ea29973 100644 --- a/roles/groups/meta/main.yml +++ b/roles/groups/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index dd7fb126f..3a1a77e87 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -1,18 +1,18 @@ --- # The group module is also an ansible.builtin module, but due to supporting both the awx.awx and automation.controller collections # the FQCN cannot be used here. -- name: Add controller group # noqa fqcn[action-core] +- name: "Managing Controller Groups" # noqa fqcn[action-core] group: - name: "{{ controller_groups_item.name | mandatory }}" - new_name: "{{ controller_groups_item.new_name | default(omit, true) }}" - description: "{{ controller_groups_item.description | default(( '' if controller_configuration_groups_enforce_defaults else omit), true) }}" - inventory: "{{ controller_groups_item.inventory | mandatory }}" - variables: "{{ controller_groups_item.variables | default(( {} if controller_configuration_groups_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" - hosts: "{{ controller_groups_item.hosts | default(( [] if controller_configuration_groups_enforce_defaults else omit), true) }}" - children: "{{ controller_groups_item.children | default(( [] if controller_configuration_groups_enforce_defaults else omit), true) }}" - preserve_existing_hosts: "{{ controller_groups_item.preserve_existing_hosts | default(( false if controller_configuration_groups_enforce_defaults else omit)) }}" - preserve_existing_children: "{{ controller_groups_item.preserve_existing_children | default(( false if controller_configuration_groups_enforce_defaults else omit)) }}" - state: "{{ controller_groups_item.state | default(controller_state | default('present')) }}" + name: "{{ __controller_groups_item.name | mandatory }}" + new_name: "{{ __controller_groups_item.new_name | default(omit, true) }}" + description: "{{ __controller_groups_item.description | default(('' if controller_configuration_groups_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_groups_item.inventory | mandatory }}" + variables: "{{ __controller_groups_item.variables | default(({} if controller_configuration_groups_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + hosts: "{{ __controller_groups_item.hosts | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" + children: "{{ __controller_groups_item.children | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" + preserve_existing_hosts: "{{ __controller_groups_item.preserve_existing_hosts | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" + preserve_existing_children: "{{ __controller_groups_item.preserve_existing_children | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" + state: "{{ __controller_groups_item.state | default(controller_state | default('present')) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" @@ -24,16 +24,18 @@ validate_certs: "{{ controller_validate_certs | default(omit) }}" loop: "{{ controller_groups }}" loop_control: - loop_var: controller_groups_item + loop_var: __controller_groups_item + label: "{{ __operation.verb }} Controller Group {{ __controller_groups_item.name }}" no_log: "{{ controller_configuration_group_secure_logging }}" async: 1000 poll: 0 register: __group_job_async changed_when: not __group_job_async.changed vars: + __operation: "{{ operation_translate[__controller_groups_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create Controller Group | Wait for finish the Controller Group creation" +- name: "Managing Controller Groups | Wait for finish the Controller Groups management" ansible.builtin.async_status: jid: "{{ __group_job_async_results_item.ansible_job_id }}" register: __group_job_async_result @@ -43,8 +45,10 @@ loop: "{{ __group_job_async.results }}" loop_control: loop_var: __group_job_async_results_item + label: "{{ __operation.verb }} Controller Group {{ __group_job_async_results_item.__controller_groups_item.name }} | Wait for finish the Controller Group {{ __operation.action }}" when: __group_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_group_secure_logging }}" vars: + __operation: "{{ operation_translate[__group_job_async_results_item.__controller_groups_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/hosts/README.md b/roles/hosts/README.md index 1cf4357df..eade78f2f 100644 --- a/roles/hosts/README.md +++ b/roles/hosts/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to add hosts on Ansible Controller. +An Ansible Role to add/update/remove hosts on Ansible Controller. ## Requirements diff --git a/roles/hosts/meta/main.yml b/roles/hosts/meta/main.yml index 445ed9941..6a95ef857 100644 --- a/roles/hosts/meta/main.yml +++ b/roles/hosts/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index 7fbca6f07..f0dae5d5c 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -1,13 +1,13 @@ --- -- name: Add Controller host +- name: "Managing Controller Hosts" host: name: "{{ __controller_host_item.name | mandatory }}" new_name: "{{ __controller_host_item.new_name | default(omit, true) }}" - description: "{{ __controller_host_item.description | default(( '' if controller_configuration_host_enforce_defaults else omit), true) }}" + description: "{{ __controller_host_item.description | default(('' if controller_configuration_host_enforce_defaults else omit), true) }}" inventory: "{{ __controller_host_item.inventory | mandatory }}" - enabled: "{{ __controller_host_item.enabled | default(( false if controller_configuration_host_enforce_defaults else omit), true) }}" + enabled: "{{ __controller_host_item.enabled | default((false if controller_configuration_host_enforce_defaults else omit), true) }}" state: "{{ __controller_host_item.state | default(controller_state | default('present')) }}" - variables: "{{ __controller_host_item.variables | default(( {} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + variables: "{{ __controller_host_item.variables | default(({} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" # Role Standard Options controller_host: "{{ controller_hostname | default(omit, true) }}" @@ -20,15 +20,17 @@ loop: "{{ controller_hosts }}" loop_control: loop_var: __controller_host_item + label: "{{ __operation.verb }} Controller host {{ __controller_host_item.name }}" no_log: "{{ controller_configuration_hosts_secure_logging }}" async: 1000 poll: 0 register: __host_job_async changed_when: not __host_job_async.changed vars: + __operation: "{{ operation_translate[__controller_host_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Hosts | Wait for finish the Hosts creation" +- name: "Managing Controller Hosts | Wait for finish the Hosts management" ansible.builtin.async_status: jid: "{{ __host_job_async_results_item.ansible_job_id }}" register: __host_job_async_result @@ -38,8 +40,10 @@ loop: "{{ __host_job_async.results }}" loop_control: loop_var: __host_job_async_results_item + label: "{{ __operation.verb }} Controller Host {{ __host_job_async_results_item.__controller_host_item.name }} | Wait for finish the Hosts {{ __operation.action }}" when: __host_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_hosts_secure_logging }}" vars: + __operation: "{{ operation_translate[__host_job_async_results_item.__controller_host_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/instance_groups/README.md b/roles/instance_groups/README.md index 9500e7406..bab234a25 100644 --- a/roles/instance_groups/README.md +++ b/roles/instance_groups/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create instance groups on Ansible Controller. +An Ansible Role to create/update/remove instance groups on Ansible Controller. ## Requirements diff --git a/roles/instance_groups/meta/main.yml b/roles/instance_groups/meta/main.yml index ca726137e..b8a6c949b 100644 --- a/roles/instance_groups/meta/main.yml +++ b/roles/instance_groups/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index cfeee70fe..6454ec12e 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -1,18 +1,17 @@ --- -# Add Controller Instance Group -- name: Add Controller Instance Group +- name: "Managing Controller Instance Groups" instance_group: name: "{{ __controller_instance_group_item.name | mandatory }}" new_name: "{{ __controller_instance_group_item.new_name | default(omit, true) }}" - credential: "{{ __controller_instance_group_item.credential | default(( '' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - is_container_group: "{{ __controller_instance_group_item.is_container_group | default(( false if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(( [] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - max_forks: "{{ __controller_instance_group_item.max_forks | default(( 0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(( '' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - instances: "{{ __controller_instance_group_item.instances | default(( [] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + credential: "{{ __controller_instance_group_item.credential | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + is_container_group: "{{ __controller_instance_group_item.is_container_group | default((false if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default((0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default((0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default((0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + max_forks: "{{ __controller_instance_group_item.max_forks | default((0 if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + instances: "{{ __controller_instance_group_item.instances | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" state: "{{ __controller_instance_group_item.state | default(controller_state | default('present')) }}" # Role Standard Options @@ -26,6 +25,7 @@ loop: "{{ controller_instance_groups }}" loop_control: loop_var: __controller_instance_group_item + label: "{{ __operation.verb }} Controller Instance Group {{ __controller_instance_group_item.name }}" no_log: "{{ controller_configuration_instance_groups_secure_logging }}" when: controller_instance_groups is defined async: 1000 @@ -33,9 +33,10 @@ register: __instance_groups_job_async changed_when: not __instance_groups_job_async.changed vars: + __operation: "{{ operation_translate[__controller_instance_group_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller instance groups | Wait for finish the instance groups creation" +- name: "Managing Controller instance groups | Wait for finish the instance groups management" ansible.builtin.async_status: jid: "{{ __instance_groups_job_async_results_item.ansible_job_id }}" register: __instance_groups_job_async_result @@ -45,8 +46,10 @@ loop: "{{ __instance_groups_job_async.results }}" loop_control: loop_var: __instance_groups_job_async_results_item + label: "{{ __operation.verb }} Controller instance group {{ __instance_groups_job_async_results_item.__controller_instance_group_item.name }} | Wait for finish the instance groups {{ __operation.action }}" when: __instance_groups_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instance_groups_secure_logging }}" vars: + __operation: "{{ operation_translate[__instance_groups_job_async_results_item.__controller_instance_group_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 033cd4909..6e50fcc54 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -3,12 +3,12 @@ - name: Add Controller Instance instance: hostname: "{{ __controller_instance_item.hostname | mandatory }}" - capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default(( 1.0 if controller_configuration_instances_enforce_defaults else omit), true) }}" - enabled: "{{ __controller_instance_item.enabled | default(( true if controller_configuration_instances_enforce_defaults else omit), true) }}" - managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default(( true if controller_configuration_instances_enforce_defaults else omit), true) }}" + capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default((1.0 if controller_configuration_instances_enforce_defaults else omit), true) }}" + enabled: "{{ __controller_instance_item.enabled | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" + managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" node_type: "{{ __controller_instance_item.node_type | default(omit, true) }}" node_state: "{{ __controller_instance_item.node_state | default(omit, true) }}" - listener_port: "{{ __controller_instance_item.listener_port | default(( 27199 if controller_configuration_instances_enforce_defaults else omit), true) }}" + listener_port: "{{ __controller_instance_item.listener_port | default((27199 if controller_configuration_instances_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" diff --git a/roles/inventories/README.md b/roles/inventories/README.md index 13dbaa0fe..fe3ea718e 100644 --- a/roles/inventories/README.md +++ b/roles/inventories/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create inventories on Ansible Controller. +An Ansible Role to create/update/remove inventories on Ansible Controller. ## Requirements diff --git a/roles/inventories/meta/main.yml b/roles/inventories/meta/main.yml index c02f4191b..41ca95146 100644 --- a/roles/inventories/meta/main.yml +++ b/roles/inventories/meta/main.yml @@ -26,4 +26,9 @@ galaxy_info: collections: - ansible.controller - awx.awx + +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index 403678e20..e3b9f88c8 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -1,17 +1,17 @@ --- -- name: Create inventory +- name: "Managing Inventories" inventory: name: "{{ __controller_inventory_item.name | mandatory }}" new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" - description: "{{ __controller_inventory_item.description | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + description: "{{ __controller_inventory_item.description | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" - instance_groups: "{{ __controller_inventory_item.instance_groups | default(( [] if controller_configuration_inventories_enforce_defaults else omit), true) }}" - input_inventories: "{{ __controller_inventory_item.input_inventories | default(( [] if controller_configuration_inventories_enforce_defaults else omit), true) }}" - variables: "{{ __controller_inventory_item.variables | default(( {} if controller_configuration_inventories_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" - kind: "{{ __controller_inventory_item.kind | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" - host_filter: "{{ __controller_inventory_item.host_filter | default(( '' if controller_configuration_inventories_enforce_defaults else omit), true) }}" - prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default(( false if controller_configuration_inventories_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_inventory_item.instance_groups | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + input_inventories: "{{ __controller_inventory_item.input_inventories | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + variables: "{{ __controller_inventory_item.variables | default(({} if controller_configuration_inventories_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + kind: "{{ __controller_inventory_item.kind | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_inventory_item.host_filter | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default((false if controller_configuration_inventories_enforce_defaults else omit), true) }}" state: "{{ __controller_inventory_item.state | default(controller_state | default('present')) }}" # Role Standard Options @@ -25,15 +25,17 @@ loop: "{{ inventory if inventory is defined else controller_inventories }}" loop_control: loop_var: __controller_inventory_item + label: "{{ __operation.verb }} inventory {{ __controller_inventory_item.name }}" no_log: "{{ controller_configuration_inventories_secure_logging }}" async: 1000 poll: 0 register: __inventories_job_async changed_when: not __inventories_job_async.changed vars: + __operation: "{{ operation_translate[__controller_inventory_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create Controller inventories | Wait for finish the inventories creation" +- name: "Managing Controller Inventories | Wait for finish the inventories management" ansible.builtin.async_status: jid: "{{ __inventories_job_async_result_item.ansible_job_id }}" register: __inventories_job_async_result @@ -43,8 +45,10 @@ loop: "{{ __inventories_job_async.results }}" loop_control: loop_var: __inventories_job_async_result_item + label: "{{ __operation.verb }} Controller inventorie {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories {{ __operation.action }}" when: __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: + __operation: "{{ operation_translate[__inventories_job_async_result_item.__controller_inventory_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 630e2ead8..0a9ba43d8 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible role to create inventory sources on Ansible Controller. +An Ansible Role to create/update/remove inventory sources on Ansible Controller. ## Requirements diff --git a/roles/inventory_sources/meta/main.yml b/roles/inventory_sources/meta/main.yml index 6dcc6b3de..78fdc7af8 100644 --- a/roles/inventory_sources/meta/main.yml +++ b/roles/inventory_sources/meta/main.yml @@ -26,4 +26,9 @@ galaxy_info: collections: - ansible.controller - awx.awx + +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index d94ee19e1..652e1053c 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -1,33 +1,33 @@ --- -- name: Add an inventory source +- name: "Managing Inventory Sources" inventory_source: name: "{{ __controller_source_item.name | mandatory }}" new_name: "{{ __controller_source_item.new_name | default(omit, true) }}" - description: "{{ __controller_source_item.description | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + description: "{{ __controller_source_item.description | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" inventory: "{{ __controller_source_item.inventory.name | default(__controller_source_item.inventory) | mandatory }}" - organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" - source: "{{ __controller_source_item.source | default(( 'scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - source_path: "{{ __controller_source_item.source_path | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - source_vars: "{{ __controller_source_item.source_vars | default(( {} if controller_configuration_inventory_sources_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" - enabled_var: "{{ __controller_source_item.enabled_var | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - enabled_value: "{{ __controller_source_item.enabled_value | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - host_filter: "{{ __controller_source_item.host_filter | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - limit: "{{ __controller_source_item.limit | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + source: "{{ __controller_source_item.source | default(('scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_path: "{{ __controller_source_item.source_path | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_vars: "{{ __controller_source_item.source_vars | default(({} if controller_configuration_inventory_sources_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + enabled_var: "{{ __controller_source_item.enabled_var | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + enabled_value: "{{ __controller_source_item.enabled_value | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_source_item.host_filter | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + limit: "{{ __controller_source_item.limit | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" credential: "{{ __controller_source_item.credential | default(omit, true) }}" execution_environment: "{{ __controller_source_item.execution_environment | default(omit, true) }}" - overwrite: "{{ __controller_source_item.overwrite | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - overwrite_vars: "{{ __controller_source_item.overwrite_vars | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - timeout: "{{ __controller_source_item.timeout | default(( 0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - verbosity: "{{ __controller_source_item.verbosity | default(( 1 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - update_on_launch: "{{ __controller_source_item.update_on_launch | default(( false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(( 0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" - scm_branch: "{{ __controller_source_item.scm_branch | default(( '' if controller_configuration_inventory_sources_enforce_defaults else omit), true ) }}" + overwrite: "{{ __controller_source_item.overwrite | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + overwrite_vars: "{{ __controller_source_item.overwrite_vars | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_source_item.timeout | default((0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + verbosity: "{{ __controller_source_item.verbosity | default((1 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + update_on_launch: "{{ __controller_source_item.update_on_launch | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default((0 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + scm_branch: "{{ __controller_source_item.scm_branch | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(( [] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" # Role Standard Options controller_config_file: "{{ controller_config_file | default(omit, true) }}" @@ -40,15 +40,17 @@ loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: loop_var: __controller_source_item + label: "{{ __operation.verb }} an Inventory Source {{ __controller_source_item.name }}" no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" async: 1000 poll: 0 register: __inventory_source_job_async changed_when: not __inventory_source_job_async.changed vars: + __operation: "{{ operation_translate[__controller_source_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Inventory Source | Wait for finish the Inventory Source creation" +- name: "Managing Inventory Sources | Wait for finish the Inventory Sources management" ansible.builtin.async_status: jid: "{{ __inventory_source_job_async_results_item.ansible_job_id }}" register: __inventory_source_job_async_result @@ -58,8 +60,10 @@ loop: "{{ __inventory_source_job_async.results }}" loop_control: loop_var: __inventory_source_job_async_results_item + label: "{{ __operation.verb }} Inventory Source {{ __inventory_source_job_async_results_item }} | Wait for finish the Inventory Source {{ __operation.action }}" when: __inventory_source_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" vars: + __operation: "{{ operation_translate[__inventory_source_job_async_results_item.__controller_source_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/job_templates/README.md b/roles/job_templates/README.md index e839d0dd8..68e2dd9c0 100644 --- a/roles/job_templates/README.md +++ b/roles/job_templates/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Job Templates on Ansible Controller. +An Ansible Role to create/update/remove Job Templates on Ansible Controller. ## Requirements diff --git a/roles/job_templates/meta/main.yml b/roles/job_templates/meta/main.yml index 4817f30f0..902407dd5 100644 --- a/roles/job_templates/meta/main.yml +++ b/roles/job_templates/meta/main.yml @@ -39,7 +39,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index 0a156daf5..1709ca32b 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -1,62 +1,61 @@ --- -# Create Controller Template -- name: Add Controller Job Templates +- name: "Managing Controller Job Templates" job_template: name: "{{ __controller_template_item.name | mandatory }}" new_name: "{{ __controller_template_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_template_item.copy_from | default(omit, true) }}" - description: "{{ __controller_template_item.description | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + description: "{{ __controller_template_item.description | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" execution_environment: "{{ __controller_template_item.execution_environment.name | default(__controller_template_item.execution_environment | default(omit, true)) }}" - custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" job_type: "{{ __controller_template_item.job_type | default('run') }}" inventory: "{{ __controller_template_item.inventory.name | default(__controller_template_item.inventory | default(omit, true)) }}" - organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true)) }}" + organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true)) }}" project: "{{ __controller_template_item.project.name | default(__controller_template_item.project | default(omit, true)) }}" playbook: "{{ __controller_template_item.playbook | default(omit, true) }}" credentials: "{{ __controller_template_item.credentials | default(__controller_template_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" - forks: "{{ __controller_template_item.forks | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - limit: "{{ __controller_template_item.limit | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - verbosity: "{{ __controller_template_item.verbosity | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - extra_vars: "{{ __controller_template_item.extra_vars | default(( {} if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - job_tags: "{{ __controller_template_item.job_tags | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - force_handlers: "{{ __controller_template_item.force_handlers | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - skip_tags: "{{ __controller_template_item.skip_tags | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - start_at_task: "{{ __controller_template_item.start_at_task | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - diff_mode: "{{ __controller_template_item.diff_mode | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - use_fact_cache: "{{ __controller_template_item.use_fact_cache | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - host_config_key: "{{ __controller_template_item.host_config_key | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit))) }}" - ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit))) }}" - ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - survey_enabled: "{{ __controller_template_item.survey_enabled | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(( {} if controller_configuration_job_templates_enforce_defaults else omit), true))) }}" - become_enabled: "{{ __controller_template_item.become_enabled | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default(( false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - timeout: "{{ __controller_template_item.timeout | default(( 0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - instance_groups: "{{ __controller_template_item.instance_groups | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - job_slice_count: "{{ __controller_template_item.job_slice_count | default(( 1 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - webhook_service: "{{ __controller_template_item.webhook_service | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + forks: "{{ __controller_template_item.forks | default((0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + limit: "{{ __controller_template_item.limit | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + verbosity: "{{ __controller_template_item.verbosity | default((0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + extra_vars: "{{ __controller_template_item.extra_vars | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_tags: "{{ __controller_template_item.job_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + force_handlers: "{{ __controller_template_item.force_handlers | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + skip_tags: "{{ __controller_template_item.skip_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + start_at_task: "{{ __controller_template_item.start_at_task | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + diff_mode: "{{ __controller_template_item.diff_mode | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + use_fact_cache: "{{ __controller_template_item.use_fact_cache | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + host_config_key: "{{ __controller_template_item.host_config_key | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_enabled: "{{ __controller_template_item.survey_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true))) }}" + become_enabled: "{{ __controller_template_item.become_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + timeout: "{{ __controller_template_item.timeout | default((0 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_template_item.instance_groups | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_slice_count: "{{ __controller_template_item.job_slice_count | default((1 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + webhook_service: "{{ __controller_template_item.webhook_service | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" - scm_branch: "{{ __controller_template_item.scm_branch | default(( '' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + scm_branch: "{{ __controller_template_item.scm_branch | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(( [] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" @@ -69,15 +68,17 @@ loop: "{{ job_templates if job_templates is defined else controller_templates }}" loop_control: loop_var: __controller_template_item + label: "{{ __operation.verb }} Controller Job Template {{ __controller_template_item.name }}" no_log: "{{ controller_configuration_job_templates_secure_logging }}" async: 1000 poll: 0 register: __job_templates_job_async changed_when: not __job_templates_job_async.changed vars: + __operation: "{{ operation_translate[__controller_template_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Job Templates | Wait for finish the job templates creation" +- name: "Managing Controller Job Templates | Wait for finish the Job Templates management" ansible.builtin.async_status: jid: "{{ __job_templates_job_async_result_item.ansible_job_id }}" register: __job_templates_job_async_result @@ -87,8 +88,10 @@ loop: "{{ __job_templates_job_async.results }}" loop_control: loop_var: __job_templates_job_async_result_item + label: "{{ __operation.verb }} Controller Job Template {{ __job_templates_job_async_result_item.__controller_template_item.name }} | Wait for finish the job templates {{ __operation.action }}" when: __job_templates_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_job_templates_secure_logging }}" vars: + __operation: "{{ operation_translate[__job_templates_job_asycn_result_item.__controller_template_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/labels/README.md b/roles/labels/README.md index dd5dba001..51786ec4d 100644 --- a/roles/labels/README.md +++ b/roles/labels/README.md @@ -1,6 +1,6 @@ # controller_configuration.labels -An Ansible role to create labels for templates on Ansible Controller. +An Ansible role to create/update/remove labels for templates on Ansible Controller. ## Requirements diff --git a/roles/labels/meta/main.yml b/roles/labels/meta/main.yml index 0ebc16986..0947e0d49 100644 --- a/roles/labels/meta/main.yml +++ b/roles/labels/meta/main.yml @@ -25,4 +25,9 @@ galaxy_info: collections: - ansible.controller - awx.awx + +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/labels/tasks/main.yml b/roles/labels/tasks/main.yml index 1caab28f2..e6adbc421 100644 --- a/roles/labels/tasks/main.yml +++ b/roles/labels/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Add a label to Controller +- name: "Managing Labels" label: name: "{{ __controller_label_item.name | mandatory }}" new_name: "{{ __controller_label_item.new_name | default(omit, true) }}" @@ -17,15 +17,17 @@ loop: "{{ controller_labels }}" loop_control: loop_var: __controller_label_item + label: "{{ __operation.verb }} the label {{ __controller_label_item.name }} to Controller" no_log: "{{ controller_configuration_labels_secure_logging }}" async: 1000 poll: 0 register: __controller_label_job_async changed_when: not __controller_label_job_async.changed vars: + __operation: "{{ operation_translate[__controller_label_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Labels | Wait for finish the Label creation" +- name: "Managing Labels | Wait for finish the Labels management" ansible.builtin.async_status: jid: "{{ __controller_label_job_async_results_item.ansible_job_id }}" register: __controller_label_job_async_result @@ -35,8 +37,10 @@ loop: "{{ __controller_label_job_async.results }}" loop_control: loop_var: __controller_label_job_async_results_item + label: "{{ __operation.verb }} Label {{ __controller_label_job_async_results_item.__controller_label_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __controller_label_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_labels_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_label_job_async_results_item.__controller_label_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/license/tasks/subscription.yml b/roles/license/tasks/subscription.yml index f91f8301c..e1d8ab1ac 100644 --- a/roles/license/tasks/subscription.yml +++ b/roles/license/tasks/subscription.yml @@ -21,7 +21,7 @@ - name: Install the Controller license license: - pool_id: "{{ controller_license.pool_id | default(subscription.subscriptions[(controller_license.list_num | default(0))].pool_id)}}" + pool_id: "{{ controller_license.pool_id | default(subscription.subscriptions[(controller_license.list_num | default(0))].pool_id) }}" force: "{{ controller_license.force | default(omit) }}" state: "{{ controller_license.state | default(omit) }}" diff --git a/roles/notification_templates/README.md b/roles/notification_templates/README.md index 7e0954343..f5c8fbb12 100644 --- a/roles/notification_templates/README.md +++ b/roles/notification_templates/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to add notification templates on Ansible Controller. +An Ansible Role to add/update/remove notification templates on Ansible Controller. ## Requirements diff --git a/roles/notification_templates/meta/main.yml b/roles/notification_templates/meta/main.yml index b4aafd405..03fa67280 100644 --- a/roles/notification_templates/meta/main.yml +++ b/roles/notification_templates/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index e52d1e54b..259f4b9d3 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -1,14 +1,14 @@ --- -- name: Add Controller notifications +- name: "Managing Controller Notifications" notification_template: name: "{{ __controller_notification_item.name | mandatory }}" new_name: "{{ __controller_notification_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_notification_item.copy_from | default(omit, true) }}" - description: "{{ __controller_notification_item.description | default(( '' if controller_configuration_notifications_enforce_defaults else omit), true) }}" + description: "{{ __controller_notification_item.description | default(('' if controller_configuration_notifications_enforce_defaults else omit), true) }}" organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) | mandatory }}" - notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory}}" - notification_configuration: "{{ __controller_notification_item.notification_configuration | default(( {} if controller_configuration_notifications_enforce_defaults else omit), true) }}" - messages: "{{ __controller_notification_item.messages | default(( {} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" + notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory }}" + notification_configuration: "{{ __controller_notification_item.notification_configuration | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) }}" + messages: "{{ __controller_notification_item.messages | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('[ ]{2,}', '') }}" state: "{{ __controller_notification_item.state | default(controller_state | default('present')) }}" # Role Standard Options @@ -22,15 +22,17 @@ loop: "{{ notification_templates if notification_templates is defined else controller_notifications }}" loop_control: loop_var: __controller_notification_item + label: "{{ __operation.verb }} Controller notification {{ __controller_notification_item.name }}" no_log: "{{ controller_configuration_notifications_secure_logging }}" async: 1000 poll: 0 register: __controller_notification_job_async changed_when: not __controller_notification_job_async.changed vars: + __operation: "{{ operation_translate[__controller_notification_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure notifications | Wait for finish the notifications creation" +- name: "Managing Notifications | Wait for finish the Notifications management" ansible.builtin.async_status: jid: "{{ __controller_notification_job_async_results_item.ansible_job_id }}" register: __controller_notification_job_async_result @@ -40,8 +42,10 @@ loop: "{{ __controller_notification_job_async.results }}" loop_control: loop_var: __controller_notification_job_async_results_item + label: "{{ __operation.verb }} notification {{ __controller_notification_job_async_results_item.__controller_notification_item.name }} | Wait for finish the notifications {{ __operation.action }}" when: __controller_notification_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_notifications_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_notification_job_async_results_item.__controller_notification_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index dcc3e3bb7..82572428f 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -5,14 +5,10 @@ host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs) }}" no_log: "{{ controller_configuration_object_diff_secure_logging }}" - tags: - - always - name: "Role differences (block)" when: - __controller_api_current_user_check_is_admin.is_superuser - tags: - - always block: - name: "Get the API list of all roles" # noqa jinja[spacing] diff --git a/roles/organizations/README.md b/roles/organizations/README.md index f9a7603e2..e91f11aca 100644 --- a/roles/organizations/README.md +++ b/roles/organizations/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Organizations on Ansible Controller. +An Ansible Role to create/update/remove Organizations on Ansible Controller. ## Requirements diff --git a/roles/organizations/meta/main.yml b/roles/organizations/meta/main.yml index 457622ad8..904560007 100644 --- a/roles/organizations/meta/main.yml +++ b/roles/organizations/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index c474531a6..7a08e9c07 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -1,17 +1,17 @@ --- -- name: Add organizations +- name: "Managing Organizations" organization: name: "{{ __controller_organizations_item.name | mandatory }}" - description: "{{ __controller_organizations_item.description | default(( '' if controller_configuration_organizations_enforce_defaults else omit), true) }}" + description: "{{ __controller_organizations_item.description | default(('' if controller_configuration_organizations_enforce_defaults else omit), true) }}" custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" max_hosts: "{{ __controller_organizations_item.max_hosts | default(omit, true) }}" - instance_groups: "{{ __controller_organizations_item.instance_groups | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_organizations_item.instance_groups | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) }}" default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.default_environment | default(__controller_organizations_item.execution_environment | default(omit)))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" - galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(( [] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(([] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" + notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) }}" state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" # Role Standard Options @@ -25,15 +25,17 @@ loop: "{{ organizations if organizations is defined else controller_organizations }}" loop_control: loop_var: __controller_organizations_item + label: "{{ __operation.verb }} organization {{ __controller_organizations_item.name }}" no_log: "{{ controller_configuration_organizations_secure_logging }}" async: 1000 poll: 0 register: __organizations_job_async changed_when: not __organizations_job_async.changed vars: + __operation: "{{ operation_translate[__controller_organizations_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Organizations | Wait for finish the organization creation" +- name: "Managing Controller Organizations | Wait for finish the Organizations management" ansible.builtin.async_status: jid: "{{ __organizations_job_async_results_item.ansible_job_id }}" register: __organizations_job_async_result @@ -43,8 +45,10 @@ loop: "{{ __organizations_job_async.results }}" loop_control: loop_var: __organizations_job_async_results_item + label: "{{ __operation.verb }} Controller Organization {{ __organizations_job_async_results_item.__controller_organizations_item.name }} | Wait for finish the organization {{ __operation.action }}" when: __organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_organizations_secure_logging }}" vars: + __operation: "{{ operation_translate[__organizations_job_async_results_item.__controller_organizations_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/projects/README.md b/roles/projects/README.md index 45b2059de..5655a98e3 100644 --- a/roles/projects/README.md +++ b/roles/projects/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Projects on Ansible Controller. +An Ansible Role to create/update/remove Projects on Ansible Controller. ## Requirements diff --git a/roles/projects/meta/main.yml b/roles/projects/meta/main.yml index b94267153..8de201683 100644 --- a/roles/projects/meta/main.yml +++ b/roles/projects/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 6ed6879bd..493783c15 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -1,34 +1,34 @@ --- -- name: Add Projects +- name: "Managing Projects" project: name: "{{ __controller_project_item.name | mandatory }}" new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" - description: "{{ __controller_project_item.description | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" + description: "{{ __controller_project_item.description | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" - scm_url: "{{ __controller_project_item.scm_url | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" + scm_url: "{{ __controller_project_item.scm_url | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" default_environment: "{{ __controller_project_item.default_environment | default(omit, true) }}" - local_path: "{{ __controller_project_item.local_path | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" - scm_branch: "{{ __controller_project_item.scm_branch | default(( '' if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_refspec: "{{ __controller_project_item.scm_refspec | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" + local_path: "{{ __controller_project_item.local_path | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + scm_branch: "{{ __controller_project_item.scm_branch | default(('' if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_refspec: "{{ __controller_project_item.scm_refspec | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" credential: "{{ __controller_project_item.credential.name | default(__controller_project_item.credential | default(__controller_project_item.scm_credential | default(omit, true))) }}" signature_validation_credential: "{{ __controller_project_item.signature_validation_credential.name | default(__controller_project_item.signature_validation_credential | default(omit, true)) }}" - scm_clean: "{{ __controller_project_item.scm_clean | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(( 0 if controller_configuration_projects_enforce_defaults else omit), true) }}" - allow_override: "{{ __controller_project_item.allow_override | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" - timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(( 0 if controller_configuration_projects_enforce_defaults else omit), true)) }}" - custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(( '' if controller_configuration_projects_enforce_defaults else omit), true) }}" - organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(( '' if controller_configuration_projects_enforce_defaults else omit))) }}" + scm_clean: "{{ __controller_project_item.scm_clean | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default((0 if controller_configuration_projects_enforce_defaults else omit), true) }}" + allow_override: "{{ __controller_project_item.allow_override | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default((0 if controller_configuration_projects_enforce_defaults else omit), true)) }}" + custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(('' if controller_configuration_projects_enforce_defaults else omit))) }}" state: "{{ __controller_project_item.state | default(controller_state | default('present')) }}" - wait: "{{ __controller_project_item.wait | default(( true if controller_configuration_projects_enforce_defaults else omit)) }}" - update_project: "{{ __controller_project_item.update_project | default(( false if controller_configuration_projects_enforce_defaults else omit)) }}" + wait: "{{ __controller_project_item.wait | default((true if controller_configuration_projects_enforce_defaults else omit)) }}" + update_project: "{{ __controller_project_item.update_project | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" - notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined) | default(__controller_project_item.notification_templates_started) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined) | default(__controller_project_item.notification_templates_success) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(( [] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined) | default(__controller_project_item.notification_templates_started) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined) | default(__controller_project_item.notification_templates_success) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" @@ -41,15 +41,17 @@ loop: "{{ projects if projects is defined else controller_projects }}" loop_control: loop_var: __controller_project_item + label: "{{ __operation.verb }} Project {{ __controller_project_item.name }}" no_log: "{{ controller_configuration_projects_secure_logging }}" async: 1000 poll: 0 register: __projects_job_async changed_when: not __projects_job_async.changed vars: + __operation: "{{ operation_translate[__controller_project_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Controller Projects | Wait for finish the projects creation" +- name: "Managing Projects | Wait for finish the projects management" ansible.builtin.async_status: jid: "{{ __projects_job_async_results_item.ansible_job_id }}" register: __projects_job_async_result @@ -59,8 +61,10 @@ loop: "{{ __projects_job_async.results }}" loop_control: loop_var: __projects_job_async_results_item + label: "{{ __operation.verb }} Project {{ __projects_job_async_results_item.__controller_project_item.name }} | Wait for finish the project {{ __operation.action }}" when: __projects_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_projects_secure_logging }}" vars: + __operation: "{{ operation_translate[__projects_job_async_results_item.__controller_project_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/roles/README.md b/roles/roles/README.md index 296f2abff..786daec6e 100644 --- a/roles/roles/README.md +++ b/roles/roles/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create RBAC Entries on Ansible Controller. +An Ansible Role to create/update/remove RBAC Entries on Ansible Controller. ## Requirements diff --git a/roles/roles/meta/main.yml b/roles/roles/meta/main.yml index 9028cd25c..10e09fc7c 100644 --- a/roles/roles/meta/main.yml +++ b/roles/roles/meta/main.yml @@ -66,7 +66,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index 278b814a4..c52142d04 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -1,27 +1,27 @@ --- -- name: Create Role Based Access Entry on Controller +- name: "Managing Role Based Access Entries on Controller" role: user: "{{ __controller_role_item.0.user | default(__controller_role_item.user) | default(omit, true) }}" - users: "{{ __controller_role_item.0.users | default(__controller_role_item.users) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + users: "{{ __controller_role_item.0.users | default(__controller_role_item.users) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" team: "{{ __controller_role_item.0.team | default(__controller_role_item.team) | default(omit, true) }}" - teams: "{{ __controller_role_item.0.teams | default(__controller_role_item.teams) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + teams: "{{ __controller_role_item.0.teams | default(__controller_role_item.teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" role: "{{ __controller_role_item.1 | default(__controller_role_item.role) | mandatory }}" target_team: "{{ __controller_role_item.0.target_team | default(__controller_role_item.target_team) | default(omit, true) }}" - target_teams: "{{ __controller_role_item.0.target_teams | default(__controller_role_item.target_teams) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + target_teams: "{{ __controller_role_item.0.target_teams | default(__controller_role_item.target_teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" inventory: "{{ __controller_role_item.0.inventory | default(__controller_role_item.inventory) | default(omit, true) }}" - inventories: "{{ __controller_role_item.0.inventories | default(__controller_role_item.inventories) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + inventories: "{{ __controller_role_item.0.inventories | default(__controller_role_item.inventories) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" job_template: "{{ __controller_role_item.0.job_template | default(__controller_role_item.job_template) | default(omit, true) }}" - job_templates: "{{ __controller_role_item.0.job_templates | default(__controller_role_item.job_templates) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + job_templates: "{{ __controller_role_item.0.job_templates | default(__controller_role_item.job_templates) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" workflow: "{{ __controller_role_item.0.workflow | default(__controller_role_item.workflow) | default(omit, true) }}" - workflows: "{{ __controller_role_item.0.workflows | default(__controller_role_item.workflows) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + workflows: "{{ __controller_role_item.0.workflows | default(__controller_role_item.workflows) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" credential: "{{ __controller_role_item.0.credential | default(__controller_role_item.credential) | default(omit, true) }}" - credentials: "{{ __controller_role_item.0.credentials | default(__controller_role_item.credentials) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + credentials: "{{ __controller_role_item.0.credentials | default(__controller_role_item.credentials) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" organization: "{{ __controller_role_item.0.organization | default(__controller_role_item.organization) | default(omit, true) }}" - organizations: "{{ __controller_role_item.0.organizations | default(__controller_role_item.organizations) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + organizations: "{{ __controller_role_item.0.organizations | default(__controller_role_item.organizations) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(__controller_role_item.lookup_organization) | default(omit, true) }}" project: "{{ __controller_role_item.0.project | default(__controller_role_item.project) | default(omit, true) }}" - projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" - instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(( [] if controller_configuration_role_enforce_defaults else omit), true) }}" + projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(controller_state | default('present')) }}" # Role Standard Options @@ -32,18 +32,20 @@ controller_host: "{{ controller_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" validate_certs: "{{ controller_validate_certs | default(omit) }}" - loop: "{{ ( controller_roles | subelements(['roles'], skip_missing=true)) + controller_roles | selectattr('roles', 'undefined') }}" + loop: "{{ (controller_roles | subelements(['roles'], skip_missing=true)) + controller_roles | selectattr('roles', 'undefined') }}" loop_control: loop_var: __controller_role_item + label: "{{ __operation.verb }} Role Based Access Entry on Controller {{ __controller_role_item.1 | default(__controller_role_item.role) }}" no_log: "{{ controller_configuration_role_secure_logging }}" async: 1000 poll: 0 register: __controller_role_job_async changed_when: not __controller_role_job_async.changed vars: + __operation: "{{ operation_translate[__controller_role_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Roles | Wait for finish the Roles creation" +- name: "Managing Roles | Wait for finish the Roles management" ansible.builtin.async_status: jid: "{{ __controller_role_job_async_results_item.ansible_job_id }}" register: __controller_role_job_async_result @@ -53,8 +55,10 @@ loop: "{{ __controller_role_job_async.results }}" loop_control: loop_var: __controller_role_job_async_results_item + label: "{{ __operation.verb }} Role {{ __controller_role_job_async_results_item.__controller_role_item.1 | default(__controller_role_job_async_results_item.__controller_role_item.role) }} | Wait for finish the Roles {{ __operation.action }}" when: __controller_role_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_role_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_role_job_async_results_item.__controller_role_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/schedules/README.md b/roles/schedules/README.md index 2bebff6b6..9d5df9d64 100644 --- a/roles/schedules/README.md +++ b/roles/schedules/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Schedules on Ansible Controller. +An Ansible Role to create/update/remove Schedules on Ansible Controller. ## Requirements diff --git a/roles/schedules/meta/main.yml b/roles/schedules/meta/main.yml index 5f4cdc3cd..8950f55ec 100644 --- a/roles/schedules/meta/main.yml +++ b/roles/schedules/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 72a534285..1a869acb8 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -1,29 +1,29 @@ --- -- name: Add Controller Schedule +- name: "Managing Controller Schedules" schedule: name: "{{ __controller_schedule_item.name | mandatory }}" new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" - description: "{{ __controller_schedule_item.description | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + description: "{{ __controller_schedule_item.description | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" rrule: "{{ __controller_schedule_item.rrule | default(omit, true) }}" - extra_data: "{{ __controller_schedule_item.extra_data | default(( {} if controller_configuration_schedules_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_schedule_item.inventory | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + extra_data: "{{ __controller_schedule_item.extra_data | default(({} if controller_configuration_schedules_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_schedule_item.inventory | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" - scm_branch: "{{ __controller_schedule_item.scm_branch | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" + scm_branch: "{{ __controller_schedule_item.scm_branch | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(('' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __controller_schedule_item.job_slice_count | default(( 1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined) | default(__controller_schedule_item.labels) | default(( [] if controller_configuration_schedules_enforce_defaults else omit), true) }}" + job_slice_count: "{{ __controller_schedule_item.job_slice_count | default((1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined) | default(__controller_schedule_item.labels) | default(([] if controller_configuration_schedules_enforce_defaults else omit), true) }}" timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" - job_tags: "{{ __controller_schedule_item.job_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - skip_tags: "{{ __controller_schedule_item.skip_tags | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + job_tags: "{{ __controller_schedule_item.job_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + skip_tags: "{{ __controller_schedule_item.skip_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" limit: "{{ __controller_schedule_item.limit | default(omit, true) }}" - diff_mode: "{{ __controller_schedule_item.diff_mode | default(( false if controller_configuration_schedules_enforce_defaults else omit)) }}" + diff_mode: "{{ __controller_schedule_item.diff_mode | default((false if controller_configuration_schedules_enforce_defaults else omit)) }}" verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" - organization: "{{ __controller_schedule_item.organization | default(( '' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + organization: "{{ __controller_schedule_item.organization | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" - enabled: "{{ __controller_schedule_item.enabled | default(( true if controller_configuration_schedules_enforce_defaults else omit)) }}" + enabled: "{{ __controller_schedule_item.enabled | default((true if controller_configuration_schedules_enforce_defaults else omit)) }}" state: "{{ __controller_schedule_item.state | default(controller_state | default('present')) }}" # Role Standard Options @@ -37,15 +37,17 @@ loop: "{{ schedules if schedules is defined else controller_schedules }}" loop_control: loop_var: "__controller_schedule_item" + label: "{{ __operation.verb }} Controller Schedule {{ __controller_schedule_item.name }}" no_log: "{{ controller_configuration_schedules_secure_logging }}" async: 1000 poll: 0 register: __controller_schedule_job_async changed_when: not __controller_schedule_job_async.changed vars: + __operation: "{{ operation_translate[__controller_schedule_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Schedules | Wait for finish the Schedules creation" +- name: "Managing Schedules | Wait for finish the Schedules management" ansible.builtin.async_status: jid: "{{ __controller_schedule_job_async_results_item.ansible_job_id }}" register: __controller_schedule_job_async_result @@ -55,8 +57,10 @@ loop: "{{ __controller_schedule_job_async.results }}" loop_control: loop_var: __controller_schedule_job_async_results_item + label: "{{ __operation.verb }} Schedule {{ __controller_schedule_job_async_results_item.__controller_schedule_item.name }} | Wait for finish the Schedules {{ __operation.action }}" when: __controller_schedule_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_schedules_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_schedule_job_async_results_item.__controller_schedule_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/teams/README.md b/roles/teams/README.md index 2b891d700..3b575426c 100644 --- a/roles/teams/README.md +++ b/roles/teams/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Teams on Ansible Controller. +An Ansible Role to create/update/remove Teams on Ansible Controller. ## Requirements diff --git a/roles/teams/meta/main.yml b/roles/teams/meta/main.yml index 5f9dc5b7e..dd09b4a32 100644 --- a/roles/teams/meta/main.yml +++ b/roles/teams/meta/main.yml @@ -68,7 +68,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index f128471bb..4e199d77a 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -1,9 +1,9 @@ --- -- name: Create Ansible Controller Team +- name: "Managing Ansible Controller Teams" team: name: "{{ __controller_team_item.name | mandatory }}" new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" - description: "{{ __controller_team_item.description | default(( '' if controller_configuration_teams_enforce_defaults else omit), true) }}" + description: "{{ __controller_team_item.description | default(('' if controller_configuration_teams_enforce_defaults else omit), true) }}" organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" state: "{{ __controller_team_item.state | default(controller_state | default('present')) }}" @@ -18,15 +18,17 @@ loop: "{{ teams if teams is defined else controller_teams }}" loop_control: loop_var: __controller_team_item + label: "{{ __operation.verb }} Ansible Controller Team {{ __controller_team_item.name }}" no_log: "{{ controller_configuration_teams_secure_logging }}" async: 1000 poll: 0 register: __controller_team_job_async changed_when: not __controller_team_job_async.changed vars: + __operation: "{{ operation_translate[__controller_team_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Teams | Wait for finish the Teams creation" +- name: "Managing Teams | Wait for finish the Teams management" ansible.builtin.async_status: jid: "{{ __controller_team_job_async_results_item.ansible_job_id }}" register: __controller_team_job_async_result @@ -36,8 +38,10 @@ loop: "{{ __controller_team_job_async.results }}" loop_control: loop_var: __controller_team_job_async_results_item + label: "{{ __operation.verb }} Teams | Wait for finish the Teams {{ __operation.action }}" when: __controller_team_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_teams_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_team_job_asycn_results_item.__controller_team_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/users/README.md b/roles/users/README.md index bc149fd7f..5ef0258a4 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to add users to on Ansible Controller. +An Ansible Role to add/update/remove users to on Ansible Controller. ## Requirements diff --git a/roles/users/meta/main.yml b/roles/users/meta/main.yml index 53efaeade..2217124a4 100644 --- a/roles/users/meta/main.yml +++ b/roles/users/meta/main.yml @@ -40,7 +40,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index 9856407fa..ef376e864 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -1,7 +1,7 @@ --- -# The user module is also an ansible.builtin module, but due to supporting both the awx.awx and automation.controller collections +# The user module is also an ansible.builtin module, but due to supporting both the awx.awx and automation.Controller collections # the FQCN cannot be used here. -- name: Add controller user # noqa fqcn[action-core] +- name: "Managing Controller Users" # noqa fqcn[action-core] user: username: "{{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) | mandatory }}" new_username: "{{ __controller_user_accounts_item.new_username | default(omit, true) }}" @@ -10,9 +10,9 @@ email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" first_name: "{{ __controller_user_accounts_item.firstname | default(__controller_user_accounts_item.first_name | default(omit, true)) }}" last_name: "{{ __controller_user_accounts_item.lastname | default(__controller_user_accounts_item.last_name | default(omit, true)) }}" - is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default(( false if controller_configuration_users_enforce_defaults else omit))) }}" - is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default(( false if controller_configuration_users_enforce_defaults else omit))) }}" - update_secrets: "{{ __controller_user_accounts_item.update_secrets | default(( false if controller_configuration_users_enforce_defaults else omit)) }}" + is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default((false if controller_configuration_users_enforce_defaults else omit))) }}" + is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default((false if controller_configuration_users_enforce_defaults else omit))) }}" + update_secrets: "{{ __controller_user_accounts_item.update_secrets | default((false if controller_configuration_users_enforce_defaults else omit)) }}" organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" state: "{{ __controller_user_accounts_item.state | default(controller_state | default(omit, true)) }}" @@ -27,15 +27,17 @@ loop: "{{ users if users is defined else controller_user_accounts }}" loop_control: loop_var: __controller_user_accounts_item + label: "{{ __operation.verb }} Controller User {{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) }}" no_log: "{{ controller_configuration_users_secure_logging }}" async: 1000 poll: 0 register: __controller_user_accounts_job_async changed_when: not __controller_user_accounts_job_async.changed vars: + __operation: "{{ operation_translate[__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Configure Users | Wait for finish the Users creation" +- name: "Managing Users | Wait for finish the Users management" ansible.builtin.async_status: jid: "{{ __controller_user_accounts_job_async_results_item.ansible_job_id }}" register: __controller_user_accounts_job_async_result @@ -45,8 +47,10 @@ loop: "{{ __controller_user_accounts_job_async.results }}" loop_control: loop_var: __controller_user_accounts_job_async_results_item + label: "{{ __operation.verb }} User {{ __controller_user_accounts_job_async_results_item.__controller_user_accounts_item.user | default(__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.username) }} | Wait for finish the Users {{ __operation.action }}" when: __controller_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_users_secure_logging }}" vars: + __operation: "{{ operation_translate[__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' ... diff --git a/roles/workflow_job_templates/README.md b/roles/workflow_job_templates/README.md index 52692219b..b557d592b 100644 --- a/roles/workflow_job_templates/README.md +++ b/roles/workflow_job_templates/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create Workflow Job Templates on Ansible Controller. +An Ansible Role to create/update/remove Workflow Job Templates on Ansible Controller. ## Requirements diff --git a/roles/workflow_job_templates/meta/main.yml b/roles/workflow_job_templates/meta/main.yml index 563c01781..7e1f66594 100644 --- a/roles/workflow_job_templates/meta/main.yml +++ b/roles/workflow_job_templates/meta/main.yml @@ -41,7 +41,8 @@ collections: - ansible.controller - awx.awx -dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. +dependencies: + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + - role: global_vars ... diff --git a/roles/workflow_job_templates/tasks/add_workflows_schema.yml b/roles/workflow_job_templates/tasks/add_workflows_schema.yml index 5f83a9159..f7a010a94 100644 --- a/roles/workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/workflow_job_templates/tasks/add_workflows_schema.yml @@ -1,6 +1,6 @@ --- # Creating Workflow Node -- name: Create the Workflow Node +- name: Create the Workflow Nodes workflow_job_template_node: identifier: "{{ __workflow_loop_node_item.identifier | mandatory }}" # internal identification ID extra_data: "{{ __workflow_loop_node_item.extra_data | default(omit, true) }}" @@ -47,7 +47,7 @@ vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Manage Workflows | Wait for finish the workflow creation" +- name: "Create the Workflow Nodes | Wait for finish the Workflow Nodes creation" ansible.builtin.async_status: jid: "{{ __workflows_node_async_results_item.ansible_job_id }}" register: __workflows_node_async_result diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index 266eaaab7..d0ab05f6c 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -1,38 +1,37 @@ --- -# Create Workflow -- name: Manage Workflows +- name: "Managing Workflows" workflow_job_template: name: "{{ __workflow_loop_item.name | mandatory }}" new_name: "{{ __workflow_loop_item.new_name | default(omit, true) }}" copy_from: "{{ __workflow_loop_item.copy_from | default(omit, true) }}" - description: "{{ __workflow_loop_item.description | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - extra_vars: "{{ __workflow_loop_item.extra_vars | default(( {} if controller_configuration_workflows_enforce_defaults else omit), true) }}" - allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - limit: "{{ __workflow_loop_item.limit | default(( 0 if controller_configuration_workflows_enforce_defaults else omit), true) }}" - labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined) | default(__workflow_loop_item.labels) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - scm_branch: "{{ __workflow_loop_item.scm_branch | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" + description: "{{ __workflow_loop_item.description | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + extra_vars: "{{ __workflow_loop_item.extra_vars | default(({} if controller_configuration_workflows_enforce_defaults else omit), true) }}" + allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + limit: "{{ __workflow_loop_item.limit | default((0 if controller_configuration_workflows_enforce_defaults else omit), true) }}" + labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined) | default(__workflow_loop_item.labels) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + scm_branch: "{{ __workflow_loop_item.scm_branch | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" webhook_service: "{{ __workflow_loop_item.webhook_service | default(omit, true) }}" webhook_credential: "{{ __workflow_loop_item.webhook_credential.name | default(__workflow_loop_item.webhook_credential | default(omit, true)) }}" - survey_enabled: "{{ __workflow_loop_item.survey_enabled | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(( {} if controller_configuration_workflows_enforce_defaults else omit), true))) }}" - job_tags: "{{ __workflow_loop_item.job_tags | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - skip_tags: "{{ __workflow_loop_item.skip_tags | default(( '' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" - ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" - workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default(( false if controller_configuration_workflows_enforce_defaults else omit))) }}" + survey_enabled: "{{ __workflow_loop_item.survey_enabled | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(({} if controller_configuration_workflows_enforce_defaults else omit), true))) }}" + job_tags: "{{ __workflow_loop_item.job_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + skip_tags: "{{ __workflow_loop_item.skip_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" + ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" + workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(([] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" - notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(( [] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" # Role Standard Options controller_username: "{{ controller_username | default(omit, true) }}" @@ -45,15 +44,17 @@ loop: "{{ workflow_job_templates if workflow_job_templates is defined else controller_workflows }}" loop_control: loop_var: __workflow_loop_item + label: "{{ __operation.verb }} Workflow {{ __workflow_loop_item.name }}" no_log: "{{ workflow_job_templates_secure_logging }}" async: 1000 poll: 0 register: __workflows_job_async changed_when: not __workflows_job_async.changed vars: + __operation: "{{ operation_translate[__workflow_loop_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Manage Workflows | Wait for finish the workflow creation" +- name: "Managing Workflows | Wait for finish the workflow management" ansible.builtin.async_status: jid: "{{ __workflows_job_async_results_item.ansible_job_id }}" register: __workflows_job_async_result @@ -63,15 +64,17 @@ loop: "{{ __workflows_job_async.results }}" loop_control: loop_var: __workflows_job_async_results_item + label: "{{ __operation.verb }} Workflow {{ __workflows_job_async_results_item.__workflow_loop_item.name }} | Wait for finish the workflow {{ __operation.action }}" when: __workflows_job_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: + __operation: "{{ operation_translate[__workflows_job_async_results_item.__workflow_loop_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' # Create links between workflow node - name: Loop over nodes in schema to add to workflow templates ansible.builtin.include_tasks: "add_workflows_schema.yml" - loop: "{{ controller_workflows | default( workflow_job_templates ) }}" + loop: "{{ controller_workflows | default(workflow_job_templates) }}" loop_control: loop_var: __workflow_loop_item when: diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 31d52fdbc..281b48fd8 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -170,7 +170,7 @@ controller_password: "{{ controller_password }}" controller_host: "{{ controller_hostname }}" validate_certs: "{{ controller_validate_certs }}" - ignore_errors: true ## noqa ignore-errors + ignore_errors: true # noqa ignore-errors - name: Get the organization ID ansible.builtin.set_fact: diff --git a/tests/templated_role_example/defaults/main.yml b/tests/templated_role_example/defaults/main.yml index 4ea251aa9..345082a5e 100644 --- a/tests/templated_role_example/defaults/main.yml +++ b/tests/templated_role_example/defaults/main.yml @@ -1,5 +1,5 @@ --- -controller_configuration_*******_secure_logging: "{{controller_configuration_secure_logging | default('false')}}" +controller_configuration_*******_secure_logging: "{{controller_configuration_secure_logging | default('false') }}" controller_configuration_***********_async_retries: "{{ controller_configuration_async_retries | default(30) }}" controller_configuration_***********_async_delay: "{{ controller_configuration_async_delay | default(1) }}" controller_configuration_async_dir: null From 4596d83d524612e7fce5ffda5357de34563537d9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 31 Oct 2023 20:35:11 -0400 Subject: [PATCH 119/129] Update pre-commit (#717) Co-authored-by: sean-m-sullivan Co-authored-by: Sean Sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5811a5a26..76995d49e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.10.0 + rev: 23.10.1 hooks: - id: black name: black From bc6e8e5874f85ebda9bd02a43955c6c45aaf30a9 Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Wed, 1 Nov 2023 04:45:11 +0100 Subject: [PATCH 120/129] Change order of operations (#719) Add new/updated key to dict only after removing old ones Co-authored-by: Marges, RSY (Rick) Co-authored-by: Sean Sullivan --- plugins/lookup/controller_object_diff.py | 2 +- roles/object_diff/tasks/roles.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index 47b5821a8..b9eeaaf08 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -115,9 +115,9 @@ def create_present_list(self, compare_list): def map_item(self, item, new_attribute_name, attribute_value, dupitems): new_item = copy.deepcopy(item) - new_item.update({new_attribute_name: attribute_value}) for dupitem in [dupitem for dupitem in dupitems if dupitem in new_item]: new_item.pop(dupitem) + new_item.update({new_attribute_name: attribute_value}) return new_item def run(self, terms, variables=None, **kwargs): diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index 82572428f..f284ccbfa 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -11,7 +11,7 @@ - __controller_api_current_user_check_is_admin.is_superuser block: - - name: "Get the API list of all roles" # noqa jinja[spacing] + - name: "Get the API list of all roles" ansible.builtin.set_fact: __controller_api_roles: "{{ (__controller_api_roles | default([])) + [{ 'users': current_users, @@ -19,8 +19,8 @@ 'name': current_role.name, 'role': current_role.name, 'type': current_role.type, - 'resource_type': (current_role.summary_fields.resource_type|default('no_resource_type')), - (current_role.summary_fields.resource_type|default('no_resource_type')): (current_role.summary_fields.resource_name|default('no_resource_name')) + 'resource_type': (current_role.summary_fields.resource_type | default('no_resource_type')), + (current_role.summary_fields.resource_type | default('no_resource_type')): (current_role.summary_fields.resource_name | default('no_resource_name')) }] }}" vars: From f9ec9c739b8d6723346892fba00a58d71c12a131 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Thu, 2 Nov 2023 10:49:08 +0100 Subject: [PATCH 121/129] Added exportation from api/v2/constructed_inventories endpoint. (#712) * Added exportation from api/v2/constructed_inventories endpoint. Added exportation for the smart inventories * add changelog fragment * remove commented lines * minor typo fix --- ..._create_export_constructed_inventories.yml | 2 + roles/filetree_create/tasks/all.yml | 3 ++ .../tasks/constructed_inventory.yml | 41 +++++++++++++++++++ roles/filetree_create/tasks/inventory.yml | 9 ++-- .../templates/current_inventories.j2 | 20 ++++++++- roles/inventories/tasks/main.yml | 2 +- 6 files changed, 70 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/filetree_create_export_constructed_inventories.yml create mode 100644 roles/filetree_create/tasks/constructed_inventory.yml diff --git a/changelogs/fragments/filetree_create_export_constructed_inventories.yml b/changelogs/fragments/filetree_create_export_constructed_inventories.yml new file mode 100644 index 000000000..ca538f982 --- /dev/null +++ b/changelogs/fragments/filetree_create_export_constructed_inventories.yml @@ -0,0 +1,2 @@ +minor_changes: + - filetree_create - Add the constructed inventory exportation fields from the API endpoint `api/v2/constructed_inventories` diff --git a/roles/filetree_create/tasks/all.yml b/roles/filetree_create/tasks/all.yml index d00f00e67..b3059bd6d 100644 --- a/roles/filetree_create/tasks/all.yml +++ b/roles/filetree_create/tasks/all.yml @@ -30,6 +30,9 @@ - name: "Export Inventories and related Groups and Hosts" ansible.builtin.include_tasks: "inventory.yml" when: "'inventory' in input_tag or 'all' in input_tag" + - name: "Export Constructed Inventories" + ansible.builtin.include_tasks: "constructed_inventory.yml" + when: "'inventory' in input_tag or 'all' in input_tag" - name: "Export Credentials" ansible.builtin.include_tasks: "credentials.yml" when: "'credentials' in input_tag or 'all' in input_tag" diff --git a/roles/filetree_create/tasks/constructed_inventory.yml b/roles/filetree_create/tasks/constructed_inventory.yml new file mode 100644 index 000000000..1b35fa374 --- /dev/null +++ b/roles/filetree_create/tasks/constructed_inventory.yml @@ -0,0 +1,41 @@ +--- +- name: "Get the inventories from the API" + ansible.builtin.set_fact: + constructed_inventory_lookvar: "{{ query(controller_api_plugin, 'api/v2/constructed_inventories/', + query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + }}" + vars: + query_params: + order_by: 'organization,id' + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + +- name: "Create the /inventories output directory for inventories in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + inventory_organization: "{{ needed_path.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ needed_path.name | regex_replace('/', '_') }}" + __path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + loop: "{{ constructed_inventory_lookvar }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + +- name: "Add current constructed_inventories to the /inventories output yaml file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_inventories.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}/{{ current_inventories_asset_value.id }}_{{ inventory_name | regex_replace('/', '_') }}.yaml" + loop: "{{ constructed_inventory_lookvar }}" + loop_control: + loop_var: current_inventories_asset_value + label: "{{ __dest }}" +... diff --git a/roles/filetree_create/tasks/inventory.yml b/roles/filetree_create/tasks/inventory.yml index de03c090b..93f5e0d86 100644 --- a/roles/filetree_create/tasks/inventory.yml +++ b/roles/filetree_create/tasks/inventory.yml @@ -8,7 +8,7 @@ }}" vars: query_params: - not__kind: 'smart' + not__kind: 'constructed' order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" @@ -76,14 +76,15 @@ - name: "Set the inventory's groups" ansible.builtin.include_tasks: "groups.yml" + when: current_inventory_groups.total_groups > 0 vars: inventory_organization: "{{ current_inventory_groups.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" inventory_name: "{{ current_inventory_groups.name | regex_replace('/', '_') }}" groups_output_path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" current_groups_asset_value: "{{ query(controller_api_plugin, current_inventory_groups.related.groups, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - if not current_inventory_groups.has_inventory_sources else [] + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + if (not current_inventory_groups.has_inventory_sources or current_inventory_groups.kind is match('smart')) else [] }}" loop: "{{ inventory_lookvar }}" loop_control: diff --git a/roles/filetree_create/templates/current_inventories.j2 b/roles/filetree_create/templates/current_inventories.j2 index fadc76324..e82330541 100644 --- a/roles/filetree_create/templates/current_inventories.j2 +++ b/roles/filetree_create/templates/current_inventories.j2 @@ -3,13 +3,29 @@ controller_inventories: - name: "{{ current_inventories_asset_value.name }}" description: "{{ current_inventories_asset_value.description }}" organization: "{{ inventory_organization }}" -{% if current_inventories_asset_value.host_filter %} +{% if current_inventories_asset_value.host_filter is defined %} host_filter: "{{ current_inventories_asset_value.host_filter }}" {% endif %} {% if current_inventories_asset_value.kind %} kind: "{{ current_inventories_asset_value.kind }}" {% endif %} -{% if current_inventories_asset_value.variables and current_inventories_asset_value.variables != '---' and current_inventories_asset_value.variables != '' %} +{% if current_inventories_asset_value.prevent_instance_group_fallback is defined %} + prevent_instance_group_fallback: {{ current_inventories_asset_value.prevent_instance_group_fallback }} +{% endif %} +{% if current_inventories_asset_value.source_vars is defined %} + source_vars: + {{ current_inventories_asset_value.source_vars | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} +{% endif %} +{% if current_inventories_asset_value.update_cache_timeout is defined %} + update_cache_timeout: {{ current_inventories_asset_value.update_cache_timeout }} +{% endif %} +{% if current_inventories_asset_value.limit is defined %} + limit: "{{ current_inventories_asset_value.limit }}" +{% endif %} +{% if current_inventories_asset_value.verbosity is defined %} + verbosity: {{ current_inventories_asset_value.verbosity }} +{% endif %} +{% if current_inventories_asset_value.variables is defined and current_inventories_asset_value.variables != '---' and current_inventories_asset_value.variables != '' %} variables: {{ current_inventories_asset_value.variables | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index e3b9f88c8..7fe54b44d 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -45,7 +45,7 @@ loop: "{{ __inventories_job_async.results }}" loop_control: loop_var: __inventories_job_async_result_item - label: "{{ __operation.verb }} Controller inventorie {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories {{ __operation.action }}" + label: "{{ __operation.verb }} Controller inventory {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories {{ __operation.action }}" when: __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: From a20e97c31ab762017bb355ca1bd9a86b9f708331 Mon Sep 17 00:00:00 2001 From: Bob van Bokkem Date: Thu, 2 Nov 2023 13:00:35 +0100 Subject: [PATCH 122/129] Feature: improve checkmode outputs (#715) * Add tweaks for better checkmode readability * [squash] add trigger * [squash] remove trigger --- roles/applications/tasks/main.yml | 9 ++++++-- roles/bulk_host_create/tasks/main.yml | 9 ++++++-- roles/bulk_job_launch/tasks/main.yml | 1 + roles/credential_input_sources/tasks/main.yml | 9 ++++++-- roles/credential_types/tasks/main.yml | 9 ++++++-- roles/credentials/tasks/main.yml | 9 ++++++-- roles/dispatch/tasks/main.yml | 5 +++++ roles/execution_environments/tasks/main.yml | 9 ++++++-- .../templates/current_users.j2 | 2 +- roles/groups/tasks/main.yml | 9 ++++++-- roles/hosts/tasks/main.yml | 9 ++++++-- roles/instance_groups/tasks/main.yml | 9 ++++++-- roles/instances/tasks/main.yml | 10 +++++++-- roles/inventories/tasks/main.yml | 9 ++++++-- roles/inventory_source_update/tasks/main.yml | 14 ++++++++---- roles/inventory_sources/tasks/main.yml | 9 ++++++-- roles/job_launch/tasks/main.yml | 1 + roles/job_templates/tasks/main.yml | 9 ++++++-- roles/labels/tasks/main.yml | 9 ++++++-- roles/notification_templates/tasks/main.yml | 9 ++++++-- roles/organizations/tasks/main.yml | 9 ++++++-- roles/project_update/tasks/main.yml | 10 +++++++-- roles/projects/tasks/main.yml | 9 ++++++-- roles/roles/tasks/main.yml | 9 ++++++-- roles/schedules/tasks/main.yml | 9 ++++++-- roles/settings/tasks/main.yml | 10 +++++++-- roles/teams/tasks/main.yml | 9 ++++++-- roles/users/tasks/main.yml | 9 ++++++-- .../tasks/add_workflows_schema.yml | 22 ++++++++++++++----- roles/workflow_job_templates/tasks/main.yml | 9 ++++++-- roles/workflow_launch/tasks/main.yml | 3 ++- 31 files changed, 208 insertions(+), 59 deletions(-) diff --git a/roles/applications/tasks/main.yml b/roles/applications/tasks/main.yml index ad046c9f8..5f5eb7a0f 100644 --- a/roles/applications/tasks/main.yml +++ b/roles/applications/tasks/main.yml @@ -25,7 +25,7 @@ loop_var: "__application_item" label: "{{ __operation.verb }} Controller Application {{ __application_item.name }}" no_log: "{{ controller_configuration_applications_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __applications_job_async changed_when: not __applications_job_async.changed @@ -33,6 +33,11 @@ __operation: "{{ operation_translate[__application_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __applications_job_async.failed is defined and __applications_job_async.failed + - name: "Managing Controller Applications | Wait for finish the Application management" ansible.builtin.async_status: jid: "{{ __applications_job_async_results_item.ansible_job_id }}" @@ -44,7 +49,7 @@ loop_control: loop_var: __applications_job_async_results_item label: "{{ __operation.verb }} Controller Application {{ __applications_job_async_results_item.__application_item.name }} | Wait for finish the Application {{ __operation.action }}" - when: __applications_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __applications_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_applications_secure_logging }}" vars: __operation: "{{ operation_translate[__applications_job_async_results_item.__application_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/bulk_host_create/tasks/main.yml b/roles/bulk_host_create/tasks/main.yml index bc85adb99..412476df8 100644 --- a/roles/bulk_host_create/tasks/main.yml +++ b/roles/bulk_host_create/tasks/main.yml @@ -17,13 +17,18 @@ loop_control: loop_var: __controller_bulk_hosts_item no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_bulk_hosts_job_async changed_when: not __controller_bulk_hosts_job_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_bulk_hosts_job_async.failed is defined and __controller_bulk_hosts_job_async.failed + - name: "Configure bulk_hosts | Wait for finish the bulk_hosts creation" ansible.builtin.async_status: jid: "{{ __controller_bulk_hosts_job_async_results_item.ansible_job_id }}" @@ -34,7 +39,7 @@ loop: "{{ __controller_bulk_hosts_job_async.results }}" loop_control: loop_var: __controller_bulk_hosts_job_async_results_item - when: __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/bulk_job_launch/tasks/main.yml b/roles/bulk_job_launch/tasks/main.yml index a3446b567..3fb6237af 100644 --- a/roles/bulk_job_launch/tasks/main.yml +++ b/roles/bulk_job_launch/tasks/main.yml @@ -26,6 +26,7 @@ loop: "{{ controller_bulk_launch_jobs }}" loop_control: loop_var: "__bulk_job_launch_item" + label: "{{ (__bulk_job_launch_item.organization | default('')) }}/{{ __bulk_job_launch_item.name }}" no_log: "{{ controller_configuration_bulk_job_launch_secure_logging }}" register: bulk_launched_controller_jobs when: controller_bulk_launch_jobs is defined diff --git a/roles/credential_input_sources/tasks/main.yml b/roles/credential_input_sources/tasks/main.yml index 854718ade..462bd7f97 100644 --- a/roles/credential_input_sources/tasks/main.yml +++ b/roles/credential_input_sources/tasks/main.yml @@ -21,7 +21,7 @@ loop_var: "__cred_input_src_item" label: "{{ __operation.verb }} Controller Credential Input Source for Credential {{ __cred_input_src_item.target_credential }}" no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credential_input_sources_job_async changed_when: not __credential_input_sources_job_async.changed @@ -29,6 +29,11 @@ __operation: "{{ operation_translate[__cred_input_src_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __credential_input_sources_job_async.failed is defined and __credential_input_sources_job_async.failed + - name: "Managing Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources management" ansible.builtin.async_status: jid: "{{ __credential_input_sources_job_async_results_item.ansible_job_id }}" @@ -40,7 +45,7 @@ loop_control: loop_var: __credential_input_sources_job_async_results_item label: "{{ __operation.verb }} Controller Credential Input Source for Credential {{ __credential_input_sources_job_async_results_item.__cred_input_src_item.target_credential }}" - when: __credential_input_sources_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __credential_input_sources_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" vars: __operation: "{{ operation_translate[__credential_input_sources_job_async_results_item.__cred_input_src_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/credential_types/tasks/main.yml b/roles/credential_types/tasks/main.yml index 9b09bab67..9b79ced2f 100644 --- a/roles/credential_types/tasks/main.yml +++ b/roles/credential_types/tasks/main.yml @@ -22,7 +22,7 @@ loop_var: __controller_credential_type_item label: "{{ __operation.verb }} Credential Type {{ __controller_credential_type_item.name }}" no_log: "{{ controller_configuration_credential_types_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credentialtypes_job_async changed_when: not __credentialtypes_job_async.changed @@ -30,6 +30,11 @@ __operation: "{{ operation_translate[__controller_credential_type_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __credentialtypes_job_async.failed is defined and __credentialtypes_job_async.failed + - name: "Managing Controller Credential Types | Wait for finish the credential types management" ansible.builtin.async_status: jid: "{{ __credentialtypes_job_async_result_item.ansible_job_id }}" @@ -41,7 +46,7 @@ loop_control: loop_var: __credentialtypes_job_async_result_item label: "{{ __operation.verb }} Controller Credential Type {{ __credentialtypes_job_async_result_item }} | Wait for finish the credential type {{ __operation.action }}" - when: __credentialtypes_job_async_result_item.ansible_job_id is defined + when: not ansible_check_mode and __credentialtypes_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_types_secure_logging }}" vars: __operation: "{{ operation_translate[__credentialtypes_job_async_result_item.__controller_credential_type_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/credentials/tasks/main.yml b/roles/credentials/tasks/main.yml index 810c09a43..74e46d13e 100644 --- a/roles/credentials/tasks/main.yml +++ b/roles/credentials/tasks/main.yml @@ -25,7 +25,7 @@ loop_var: __controller_credentials_item label: "{{ __operation.verb }} Credential {{ __controller_credentials_item.name }}" no_log: "{{ controller_configuration_credentials_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credentials_job_async changed_when: not __credentials_job_async.changed @@ -33,6 +33,11 @@ __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __credentials_job_async.failed is defined and __credentials_job_async.failed + - name: "Managing Controller Credentials | Wait for finish the credential management" ansible.builtin.async_status: jid: "{{ __credentials_job_async_results_item.ansible_job_id }}" @@ -44,7 +49,7 @@ loop_control: loop_var: __credentials_job_async_results_item label: "{{ __operation.verb }} Credential {{ __credentials_job_async_results_item.__controller_credentials_item.name }} | Wait for finish the credential {{ __operation.action }}" - when: __credentials_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __credentials_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credentials_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index 34a25fba0..4c661165c 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -12,4 +12,9 @@ vars: assign_galaxy_credentials_to_org: "{{ __role.assign_galaxy_credentials_to_org | default(false) }}" assign_default_ee_to_org: "{{ __role.assign_default_ee_to_org | default(false) }}" + +- name: "Fail the playbook if there were errors (check mode only)" + ansible.builtin.fail: + msg: "The execution has failed because of errors (probably due to missing dependencies caused by check mode)." + when: ansible_check_mode and error_flag is defined and error_flag ... diff --git a/roles/execution_environments/tasks/main.yml b/roles/execution_environments/tasks/main.yml index 85c509091..fe6dc1d50 100644 --- a/roles/execution_environments/tasks/main.yml +++ b/roles/execution_environments/tasks/main.yml @@ -25,7 +25,7 @@ label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_item }}" no_log: "{{ controller_configuration_execution_environments_secure_logging }}" when: controller_execution_environments is defined - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __execution_environments_job_async changed_when: not __execution_environments_job_async.changed @@ -33,6 +33,11 @@ __operation: "{{ operation_translate[__execution_environments_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __execution_environments_job_async.failed is defined and __execution_environments_job_async.failed + - name: "Managing Controller Execution Environments | Wait for finish the Controller Execution Environments management" ansible.builtin.async_status: jid: "{{ __execution_environments_job_async_results_item.ansible_job_id }}" @@ -44,7 +49,7 @@ loop_control: loop_var: __execution_environments_job_async_results_item label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_job_async_results_item.__execution_environments_item.name }} | Wait for finish the Controller Execution Environment {{ __operation.action }}" - when: __execution_environments_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __execution_environments_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_execution_environments_secure_logging }}" vars: __operation: "{{ operation_translate[__execution_environments_job_async_results_item.__execution_environments_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/filetree_create/templates/current_users.j2 b/roles/filetree_create/templates/current_users.j2 index 89f64a148..fe98ce709 100644 --- a/roles/filetree_create/templates/current_users.j2 +++ b/roles/filetree_create/templates/current_users.j2 @@ -7,5 +7,5 @@ controller_user_accounts: last_name: "{{ current_users_asset_value.last_name }}" auditor: "{{ current_users_asset_value.is_system_auditor }}" superuser: "{{ current_users_asset_value.is_superuser }}" - update_secrets: False + update_secrets: false ... diff --git a/roles/groups/tasks/main.yml b/roles/groups/tasks/main.yml index 3a1a77e87..7848f0959 100644 --- a/roles/groups/tasks/main.yml +++ b/roles/groups/tasks/main.yml @@ -27,7 +27,7 @@ loop_var: __controller_groups_item label: "{{ __operation.verb }} Controller Group {{ __controller_groups_item.name }}" no_log: "{{ controller_configuration_group_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __group_job_async changed_when: not __group_job_async.changed @@ -35,6 +35,11 @@ __operation: "{{ operation_translate[__controller_groups_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __group_job_async.failed is defined and __group_job_async.failed + - name: "Managing Controller Groups | Wait for finish the Controller Groups management" ansible.builtin.async_status: jid: "{{ __group_job_async_results_item.ansible_job_id }}" @@ -46,7 +51,7 @@ loop_control: loop_var: __group_job_async_results_item label: "{{ __operation.verb }} Controller Group {{ __group_job_async_results_item.__controller_groups_item.name }} | Wait for finish the Controller Group {{ __operation.action }}" - when: __group_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __group_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_group_secure_logging }}" vars: __operation: "{{ operation_translate[__group_job_async_results_item.__controller_groups_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/hosts/tasks/main.yml b/roles/hosts/tasks/main.yml index f0dae5d5c..146458c4f 100644 --- a/roles/hosts/tasks/main.yml +++ b/roles/hosts/tasks/main.yml @@ -22,7 +22,7 @@ loop_var: __controller_host_item label: "{{ __operation.verb }} Controller host {{ __controller_host_item.name }}" no_log: "{{ controller_configuration_hosts_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __host_job_async changed_when: not __host_job_async.changed @@ -30,6 +30,11 @@ __operation: "{{ operation_translate[__controller_host_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __host_job_async.failed is defined and __host_job_async.failed + - name: "Managing Controller Hosts | Wait for finish the Hosts management" ansible.builtin.async_status: jid: "{{ __host_job_async_results_item.ansible_job_id }}" @@ -41,7 +46,7 @@ loop_control: loop_var: __host_job_async_results_item label: "{{ __operation.verb }} Controller Host {{ __host_job_async_results_item.__controller_host_item.name }} | Wait for finish the Hosts {{ __operation.action }}" - when: __host_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __host_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_hosts_secure_logging }}" vars: __operation: "{{ operation_translate[__host_job_async_results_item.__controller_host_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/instance_groups/tasks/main.yml b/roles/instance_groups/tasks/main.yml index 6454ec12e..f3d489d13 100644 --- a/roles/instance_groups/tasks/main.yml +++ b/roles/instance_groups/tasks/main.yml @@ -28,7 +28,7 @@ label: "{{ __operation.verb }} Controller Instance Group {{ __controller_instance_group_item.name }}" no_log: "{{ controller_configuration_instance_groups_secure_logging }}" when: controller_instance_groups is defined - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __instance_groups_job_async changed_when: not __instance_groups_job_async.changed @@ -36,6 +36,11 @@ __operation: "{{ operation_translate[__controller_instance_group_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __instance_groups_job_async.failed is defined and __instance_groups_job_async.failed + - name: "Managing Controller instance groups | Wait for finish the instance groups management" ansible.builtin.async_status: jid: "{{ __instance_groups_job_async_results_item.ansible_job_id }}" @@ -47,7 +52,7 @@ loop_control: loop_var: __instance_groups_job_async_results_item label: "{{ __operation.verb }} Controller instance group {{ __instance_groups_job_async_results_item.__controller_instance_group_item.name }} | Wait for finish the instance groups {{ __operation.action }}" - when: __instance_groups_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __instance_groups_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instance_groups_secure_logging }}" vars: __operation: "{{ operation_translate[__instance_groups_job_async_results_item.__controller_instance_group_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/instances/tasks/main.yml b/roles/instances/tasks/main.yml index 6e50fcc54..c80428771 100644 --- a/roles/instances/tasks/main.yml +++ b/roles/instances/tasks/main.yml @@ -21,15 +21,21 @@ loop: "{{ controller_instances }}" loop_control: loop_var: __controller_instance_item + label: "{{ __controller_instance_item.hostname }}" no_log: "{{ controller_configuration_instances_secure_logging }}" when: controller_instances is defined - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __instance_job_async changed_when: not __instance_job_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __instance_job_async.failed is defined and __instance_job_async.failed + - name: "Configure Controller instances | Wait for finish the instance creation" ansible.builtin.async_status: jid: "{{ __instance_job_async_results_item.ansible_job_id }}" @@ -40,7 +46,7 @@ loop: "{{ __instance_job_async.results }}" loop_control: loop_var: __instance_job_async_results_item - when: __instance_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __instance_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instances_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/inventories/tasks/main.yml b/roles/inventories/tasks/main.yml index 7fe54b44d..a9737351e 100644 --- a/roles/inventories/tasks/main.yml +++ b/roles/inventories/tasks/main.yml @@ -27,7 +27,7 @@ loop_var: __controller_inventory_item label: "{{ __operation.verb }} inventory {{ __controller_inventory_item.name }}" no_log: "{{ controller_configuration_inventories_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __inventories_job_async changed_when: not __inventories_job_async.changed @@ -35,6 +35,11 @@ __operation: "{{ operation_translate[__controller_inventory_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __inventories_job_async.failed is defined and __inventories_job_async.failed + - name: "Managing Controller Inventories | Wait for finish the inventories management" ansible.builtin.async_status: jid: "{{ __inventories_job_async_result_item.ansible_job_id }}" @@ -46,7 +51,7 @@ loop_control: loop_var: __inventories_job_async_result_item label: "{{ __operation.verb }} Controller inventory {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories {{ __operation.action }}" - when: __inventories_job_async_result_item.ansible_job_id is defined + when: not ansible_check_mode and __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: __operation: "{{ operation_translate[__inventories_job_async_result_item.__controller_inventory_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/inventory_source_update/tasks/main.yml b/roles/inventory_source_update/tasks/main.yml index a2c824b56..d9ccb5ef6 100644 --- a/roles/inventory_source_update/tasks/main.yml +++ b/roles/inventory_source_update/tasks/main.yml @@ -2,8 +2,8 @@ # Update Inventory sources - name: Run Controller inventory source update inventory_source_update: - name: "{{ __inventory_source_update_item.name }}" - inventory: "{{ __inventory_source_update_item.inventory }}" + name: "{{ __inventory_source_update_item.name | mandatory }}" + inventory: "{{ __inventory_source_update_item.inventory | mandatory }}" organization: "{{ __inventory_source_update_item.organization | default(omit, true) }}" wait: "{{ __inventory_source_update_item.wait | default(omit) }}" interval: "{{ __inventory_source_update_item.interval | default(controller_configuration_inventory_source_update_async_delay) }}" @@ -20,17 +20,23 @@ loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: loop_var: "__inventory_source_update_item" + label: "{{ (__inventory_source_update_item.organization | default('')) }}/{{ __inventory_source_update_item.inventory }}/{{ __inventory_source_update_item.name }}" no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" when: - controller_inventory_sources is defined - __inventory_source_update_item.state | default('present') != "absent" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __inventory_source_update_async changed_when: not __inventory_source_update_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __inventory_source_update_async.failed is defined and __inventory_source_update_async.failed + - name: "Controller inventory source update | Wait for finish of the inventory source update" ansible.builtin.async_status: jid: "{{ __inventory_source_update_async_results_item.ansible_job_id }}" @@ -41,7 +47,7 @@ loop: "{{ __inventory_source_update_async.results }}" loop_control: loop_var: __inventory_source_update_async_results_item - when: __inventory_source_update_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __inventory_source_update_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index 652e1053c..f057c1701 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -42,7 +42,7 @@ loop_var: __controller_source_item label: "{{ __operation.verb }} an Inventory Source {{ __controller_source_item.name }}" no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __inventory_source_job_async changed_when: not __inventory_source_job_async.changed @@ -50,6 +50,11 @@ __operation: "{{ operation_translate[__controller_source_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __inventory_source_job_async.failed is defined and __inventory_source_job_async.failed + - name: "Managing Inventory Sources | Wait for finish the Inventory Sources management" ansible.builtin.async_status: jid: "{{ __inventory_source_job_async_results_item.ansible_job_id }}" @@ -61,7 +66,7 @@ loop_control: loop_var: __inventory_source_job_async_results_item label: "{{ __operation.verb }} Inventory Source {{ __inventory_source_job_async_results_item }} | Wait for finish the Inventory Source {{ __operation.action }}" - when: __inventory_source_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __inventory_source_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" vars: __operation: "{{ operation_translate[__inventory_source_job_async_results_item.__controller_source_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/job_launch/tasks/main.yml b/roles/job_launch/tasks/main.yml index 0d5df39d4..d8e48afdf 100644 --- a/roles/job_launch/tasks/main.yml +++ b/roles/job_launch/tasks/main.yml @@ -36,6 +36,7 @@ loop: "{{ controller_launch_jobs }}" loop_control: loop_var: "__job_launch_item" + label: "{{ (__job_launch_item.organization | default('')) }}/{{ __job_launch_item.name }}" no_log: "{{ controller_configuration_job_launch_secure_logging }}" register: launched_controller_jobs when: controller_launch_jobs is defined diff --git a/roles/job_templates/tasks/main.yml b/roles/job_templates/tasks/main.yml index 1709ca32b..315c3ab73 100644 --- a/roles/job_templates/tasks/main.yml +++ b/roles/job_templates/tasks/main.yml @@ -70,7 +70,7 @@ loop_var: __controller_template_item label: "{{ __operation.verb }} Controller Job Template {{ __controller_template_item.name }}" no_log: "{{ controller_configuration_job_templates_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __job_templates_job_async changed_when: not __job_templates_job_async.changed @@ -78,6 +78,11 @@ __operation: "{{ operation_translate[__controller_template_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __job_templates_job_async.failed is defined and __job_templates_job_async.failed + - name: "Managing Controller Job Templates | Wait for finish the Job Templates management" ansible.builtin.async_status: jid: "{{ __job_templates_job_async_result_item.ansible_job_id }}" @@ -89,7 +94,7 @@ loop_control: loop_var: __job_templates_job_async_result_item label: "{{ __operation.verb }} Controller Job Template {{ __job_templates_job_async_result_item.__controller_template_item.name }} | Wait for finish the job templates {{ __operation.action }}" - when: __job_templates_job_async_result_item.ansible_job_id is defined + when: not ansible_check_mode and __job_templates_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_job_templates_secure_logging }}" vars: __operation: "{{ operation_translate[__job_templates_job_asycn_result_item.__controller_template_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/labels/tasks/main.yml b/roles/labels/tasks/main.yml index e6adbc421..33485e2c6 100644 --- a/roles/labels/tasks/main.yml +++ b/roles/labels/tasks/main.yml @@ -19,7 +19,7 @@ loop_var: __controller_label_item label: "{{ __operation.verb }} the label {{ __controller_label_item.name }} to Controller" no_log: "{{ controller_configuration_labels_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_label_job_async changed_when: not __controller_label_job_async.changed @@ -27,6 +27,11 @@ __operation: "{{ operation_translate[__controller_label_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_label_job_async.failed is defined and __controller_label_job_async.failed + - name: "Managing Labels | Wait for finish the Labels management" ansible.builtin.async_status: jid: "{{ __controller_label_job_async_results_item.ansible_job_id }}" @@ -38,7 +43,7 @@ loop_control: loop_var: __controller_label_job_async_results_item label: "{{ __operation.verb }} Label {{ __controller_label_job_async_results_item.__controller_label_item.name }} | Wait for finish the Label {{ __operation.action }}" - when: __controller_label_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_label_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_labels_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_label_job_async_results_item.__controller_label_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/notification_templates/tasks/main.yml b/roles/notification_templates/tasks/main.yml index 259f4b9d3..e837964da 100644 --- a/roles/notification_templates/tasks/main.yml +++ b/roles/notification_templates/tasks/main.yml @@ -24,7 +24,7 @@ loop_var: __controller_notification_item label: "{{ __operation.verb }} Controller notification {{ __controller_notification_item.name }}" no_log: "{{ controller_configuration_notifications_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_notification_job_async changed_when: not __controller_notification_job_async.changed @@ -32,6 +32,11 @@ __operation: "{{ operation_translate[__controller_notification_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_notification_job_async.failed is defined and __controller_notification_job_async.failed + - name: "Managing Notifications | Wait for finish the Notifications management" ansible.builtin.async_status: jid: "{{ __controller_notification_job_async_results_item.ansible_job_id }}" @@ -43,7 +48,7 @@ loop_control: loop_var: __controller_notification_job_async_results_item label: "{{ __operation.verb }} notification {{ __controller_notification_job_async_results_item.__controller_notification_item.name }} | Wait for finish the notifications {{ __operation.action }}" - when: __controller_notification_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_notification_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_notifications_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_notification_job_async_results_item.__controller_notification_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/organizations/tasks/main.yml b/roles/organizations/tasks/main.yml index 7a08e9c07..c1e75215e 100644 --- a/roles/organizations/tasks/main.yml +++ b/roles/organizations/tasks/main.yml @@ -27,7 +27,7 @@ loop_var: __controller_organizations_item label: "{{ __operation.verb }} organization {{ __controller_organizations_item.name }}" no_log: "{{ controller_configuration_organizations_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __organizations_job_async changed_when: not __organizations_job_async.changed @@ -35,6 +35,11 @@ __operation: "{{ operation_translate[__controller_organizations_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __organizations_job_async.failed is defined and __organizations_job_async.failed + - name: "Managing Controller Organizations | Wait for finish the Organizations management" ansible.builtin.async_status: jid: "{{ __organizations_job_async_results_item.ansible_job_id }}" @@ -46,7 +51,7 @@ loop_control: loop_var: __organizations_job_async_results_item label: "{{ __operation.verb }} Controller Organization {{ __organizations_job_async_results_item.__controller_organizations_item.name }} | Wait for finish the organization {{ __operation.action }}" - when: __organizations_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_organizations_secure_logging }}" vars: __operation: "{{ operation_translate[__organizations_job_async_results_item.__controller_organizations_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/project_update/tasks/main.yml b/roles/project_update/tasks/main.yml index ad1ccf02a..edbcb5f52 100644 --- a/roles/project_update/tasks/main.yml +++ b/roles/project_update/tasks/main.yml @@ -19,18 +19,24 @@ loop: "{{ projects if projects is defined else controller_projects }}" loop_control: loop_var: "__project_update_update_item" + label: "{{ (__project_update_update_item.organization | default('')) }}/{{ __project_update_update_item.name }}" no_log: "{{ controller_configuration_project_update_secure_logging }}" when: - controller_projects is defined - __project_update_update_item.update_project | default(true) - __project_update_update_item.state | default('present') != "absent" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __project_update_job_async changed_when: not __project_update_job_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __project_update_job_async.failed is defined and __project_update_job_async.failed + - name: "Configure Controller Projects | Wait for finish the projects creation" ansible.builtin.async_status: jid: "{{ __project_update_job_async_results_item.ansible_job_id }}" @@ -41,7 +47,7 @@ loop: "{{ __project_update_job_async.results }}" loop_control: loop_var: __project_update_job_async_results_item - when: __project_update_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __project_update_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_project_update_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/projects/tasks/main.yml b/roles/projects/tasks/main.yml index 493783c15..a0de767ee 100644 --- a/roles/projects/tasks/main.yml +++ b/roles/projects/tasks/main.yml @@ -43,7 +43,7 @@ loop_var: __controller_project_item label: "{{ __operation.verb }} Project {{ __controller_project_item.name }}" no_log: "{{ controller_configuration_projects_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __projects_job_async changed_when: not __projects_job_async.changed @@ -51,6 +51,11 @@ __operation: "{{ operation_translate[__controller_project_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __projects_job_async.failed is defined and __projects_job_async.failed + - name: "Managing Projects | Wait for finish the projects management" ansible.builtin.async_status: jid: "{{ __projects_job_async_results_item.ansible_job_id }}" @@ -62,7 +67,7 @@ loop_control: loop_var: __projects_job_async_results_item label: "{{ __operation.verb }} Project {{ __projects_job_async_results_item.__controller_project_item.name }} | Wait for finish the project {{ __operation.action }}" - when: __projects_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __projects_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_projects_secure_logging }}" vars: __operation: "{{ operation_translate[__projects_job_async_results_item.__controller_project_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/roles/tasks/main.yml b/roles/roles/tasks/main.yml index c52142d04..b60e3883c 100644 --- a/roles/roles/tasks/main.yml +++ b/roles/roles/tasks/main.yml @@ -37,7 +37,7 @@ loop_var: __controller_role_item label: "{{ __operation.verb }} Role Based Access Entry on Controller {{ __controller_role_item.1 | default(__controller_role_item.role) }}" no_log: "{{ controller_configuration_role_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_role_job_async changed_when: not __controller_role_job_async.changed @@ -45,6 +45,11 @@ __operation: "{{ operation_translate[__controller_role_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_role_job_async.failed is defined and __controller_role_job_async.failed + - name: "Managing Roles | Wait for finish the Roles management" ansible.builtin.async_status: jid: "{{ __controller_role_job_async_results_item.ansible_job_id }}" @@ -56,7 +61,7 @@ loop_control: loop_var: __controller_role_job_async_results_item label: "{{ __operation.verb }} Role {{ __controller_role_job_async_results_item.__controller_role_item.1 | default(__controller_role_job_async_results_item.__controller_role_item.role) }} | Wait for finish the Roles {{ __operation.action }}" - when: __controller_role_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_role_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_role_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_role_job_async_results_item.__controller_role_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/schedules/tasks/main.yml b/roles/schedules/tasks/main.yml index 1a869acb8..d646e3fd2 100644 --- a/roles/schedules/tasks/main.yml +++ b/roles/schedules/tasks/main.yml @@ -39,7 +39,7 @@ loop_var: "__controller_schedule_item" label: "{{ __operation.verb }} Controller Schedule {{ __controller_schedule_item.name }}" no_log: "{{ controller_configuration_schedules_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_schedule_job_async changed_when: not __controller_schedule_job_async.changed @@ -47,6 +47,11 @@ __operation: "{{ operation_translate[__controller_schedule_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_schedule_job_async.failed is defined and __controller_schedule_job_async.failed + - name: "Managing Schedules | Wait for finish the Schedules management" ansible.builtin.async_status: jid: "{{ __controller_schedule_job_async_results_item.ansible_job_id }}" @@ -58,7 +63,7 @@ loop_control: loop_var: __controller_schedule_job_async_results_item label: "{{ __operation.verb }} Schedule {{ __controller_schedule_job_async_results_item.__controller_schedule_item.name }} | Wait for finish the Schedules {{ __operation.action }}" - when: __controller_schedule_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_schedule_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_schedules_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_schedule_job_async_results_item.__controller_schedule_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/settings/tasks/main.yml b/roles/settings/tasks/main.yml index 2ce4582a2..f693436bd 100644 --- a/roles/settings/tasks/main.yml +++ b/roles/settings/tasks/main.yml @@ -18,14 +18,20 @@ loop: "{{ controller_settings is mapping | ternary([controller_settings], controller_settings) }}" loop_control: loop_var: __controller_setting_item + label: "{{ __controller_setting_item.name | default(__controller_setting_item.settings) }}" no_log: "{{ controller_configuration_settings_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_setting_job_async changed_when: not __controller_setting_job_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_setting_job_async.failed is defined and __controller_setting_job_async.failed + - name: "Configure Settings | Wait for finish the Settings creation" ansible.builtin.async_status: jid: "{{ __controller_setting_job_async_results_item.ansible_job_id }}" @@ -36,7 +42,7 @@ loop: "{{ __controller_setting_job_async.results }}" loop_control: loop_var: __controller_setting_job_async_results_item - when: __controller_setting_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_setting_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_settings_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml index 4e199d77a..ef917f07a 100644 --- a/roles/teams/tasks/main.yml +++ b/roles/teams/tasks/main.yml @@ -20,7 +20,7 @@ loop_var: __controller_team_item label: "{{ __operation.verb }} Ansible Controller Team {{ __controller_team_item.name }}" no_log: "{{ controller_configuration_teams_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_team_job_async changed_when: not __controller_team_job_async.changed @@ -28,6 +28,11 @@ __operation: "{{ operation_translate[__controller_team_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_team_job_async.failed is defined and __controller_team_job_async.failed + - name: "Managing Teams | Wait for finish the Teams management" ansible.builtin.async_status: jid: "{{ __controller_team_job_async_results_item.ansible_job_id }}" @@ -39,7 +44,7 @@ loop_control: loop_var: __controller_team_job_async_results_item label: "{{ __operation.verb }} Teams | Wait for finish the Teams {{ __operation.action }}" - when: __controller_team_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_team_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_teams_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_team_job_asycn_results_item.__controller_team_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index ef376e864..360236e04 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -29,7 +29,7 @@ loop_var: __controller_user_accounts_item label: "{{ __operation.verb }} Controller User {{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) }}" no_log: "{{ controller_configuration_users_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_user_accounts_job_async changed_when: not __controller_user_accounts_job_async.changed @@ -37,6 +37,11 @@ __operation: "{{ operation_translate[__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __controller_user_accounts_job_async.failed is defined and __controller_user_accounts_job_async.failed + - name: "Managing Users | Wait for finish the Users management" ansible.builtin.async_status: jid: "{{ __controller_user_accounts_job_async_results_item.ansible_job_id }}" @@ -48,7 +53,7 @@ loop_control: loop_var: __controller_user_accounts_job_async_results_item label: "{{ __operation.verb }} User {{ __controller_user_accounts_job_async_results_item.__controller_user_accounts_item.user | default(__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.username) }} | Wait for finish the Users {{ __operation.action }}" - when: __controller_user_accounts_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __controller_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_users_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/workflow_job_templates/tasks/add_workflows_schema.yml b/roles/workflow_job_templates/tasks/add_workflows_schema.yml index f7a010a94..549b499ed 100644 --- a/roles/workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/workflow_job_templates/tasks/add_workflows_schema.yml @@ -39,15 +39,21 @@ loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item + label: "{{ __workflow_loop_item.name }}/{{ __workflow_loop_node_item.identifier }}" no_log: "{{ workflow_job_templates_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __workflows_node_async changed_when: not __workflows_node_async.changed vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' -- name: "Create the Workflow Nodes | Wait for finish the Workflow Nodes creation" +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __workflows_node_async.failed is defined and __workflows_node_async.failed + +- name: "Manage Workflows | Wait for finish the workflow creation" ansible.builtin.async_status: jid: "{{ __workflows_node_async_results_item.ansible_job_id }}" register: __workflows_node_async_result @@ -56,7 +62,7 @@ loop: "{{ __workflows_node_async.results }}" loop_control: loop_var: __workflows_node_async_results_item - when: __workflows_node_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __workflows_node_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' @@ -81,17 +87,23 @@ loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item + label: "{{ __workflow_loop_node_item.identifier }}" no_log: "{{ workflow_job_templates_secure_logging }}" # Execute only the nodes that define links to the following when: ((__workflow_loop_node_item.always_nodes is defined and __workflow_loop_node_item.always_nodes | length > 0) or (__workflow_loop_node_item.success_nodes is defined and __workflow_loop_node_item.success_nodes | length > 0) or (__workflow_loop_node_item.failure_nodes is defined and __workflow_loop_node_item.failure_nodes | length > 0)) - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __workflows_link_async vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __workflows_link_async.failed is defined and __workflows_link_async.failed + - name: "Manage Workflows | Wait for finish the workflow creation" ansible.builtin.async_status: jid: "{{ __workflows_link_async_results_item.ansible_job_id }}" @@ -102,7 +114,7 @@ loop: "{{ __workflows_link_async.results }}" loop_control: loop_var: __workflows_link_async_results_item - when: __workflows_link_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __workflows_link_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/roles/workflow_job_templates/tasks/main.yml b/roles/workflow_job_templates/tasks/main.yml index d0ab05f6c..fa659c47c 100644 --- a/roles/workflow_job_templates/tasks/main.yml +++ b/roles/workflow_job_templates/tasks/main.yml @@ -46,7 +46,7 @@ loop_var: __workflow_loop_item label: "{{ __operation.verb }} Workflow {{ __workflow_loop_item.name }}" no_log: "{{ workflow_job_templates_secure_logging }}" - async: 1000 + async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __workflows_job_async changed_when: not __workflows_job_async.changed @@ -54,6 +54,11 @@ __operation: "{{ operation_translate[__workflow_loop_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' +- name: "Flag for errors (check mode only)" + ansible.builtin.set_fact: + error_flag: true + when: ansible_check_mode and __workflows_job_async.failed is defined and __workflows_job_async.failed + - name: "Managing Workflows | Wait for finish the workflow management" ansible.builtin.async_status: jid: "{{ __workflows_job_async_results_item.ansible_job_id }}" @@ -65,7 +70,7 @@ loop_control: loop_var: __workflows_job_async_results_item label: "{{ __operation.verb }} Workflow {{ __workflows_job_async_results_item.__workflow_loop_item.name }} | Wait for finish the workflow {{ __operation.action }}" - when: __workflows_job_async_results_item.ansible_job_id is defined + when: not ansible_check_mode and __workflows_job_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: __operation: "{{ operation_translate[__workflows_job_async_results_item.__workflow_loop_item.state | default(controller_state) | default('present')] }}" diff --git a/roles/workflow_launch/tasks/main.yml b/roles/workflow_launch/tasks/main.yml index 29e013928..d48e74e7c 100644 --- a/roles/workflow_launch/tasks/main.yml +++ b/roles/workflow_launch/tasks/main.yml @@ -2,7 +2,7 @@ # Launch Controller Workflow - name: Launch a Controller Workflow workflow_launch: - name: "{{ __workflow_launch_item.name }}" + name: "{{ __workflow_launch_item.name | mandatory }}" organization: "{{ __workflow_launch_item.organization | default(omit, true) }}" inventory: "{{ __workflow_launch_item.inventory | default(omit, true) }}" limit: "{{ __workflow_launch_item.limit | default(omit, true) }}" @@ -23,6 +23,7 @@ loop: "{{ controller_workflow_launch_jobs }}" loop_control: loop_var: "__workflow_launch_item" + label: "{{ (__workflow_launch_item.organization | default('')) }}/{{ __workflow_launch_item.name }}" no_log: "{{ controller_configuration_workflow_launch_secure_logging }}" register: launched_controller_workflows when: controller_workflow_launch_jobs is defined From a79f987765ae7d6ba5763c6d45c56ea7d325ec3f Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Sat, 4 Nov 2023 06:42:17 -0500 Subject: [PATCH 123/129] constructed inventory source skip (#720) --- .github/workflows/ci_standalone.yml | 8 ++++---- changelogs/fragments/checkmode.yml | 5 +++++ changelogs/fragments/constructed.yml | 4 ++++ roles/inventory_sources/README.md | 2 +- roles/inventory_sources/tasks/main.yml | 1 + tests/configs/differential_items.yml | 3 +++ tests/configs/inventories.yml | 5 +++++ tests/configs/inventory_sources.yml | 4 +++- tests/configs_export_model/differential_items.yml | 4 ++-- tests/configure_controller.yml | 2 -- tests/configure_controller_export_model.yml | 2 -- 11 files changed, 28 insertions(+), 12 deletions(-) create mode 100644 changelogs/fragments/checkmode.yml create mode 100644 changelogs/fragments/constructed.yml diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 38a0ffda6..6040a803d 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -19,10 +19,10 @@ jobs: matrix: awx_version: - devel - - 22.6.0 - - 22.5.0 - - 21.13.0 - - 21.11.0 + - 23.3.1 + - 23.3.0 + - 23.0.0 + - 22.7.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: awx_version: ${{ matrix.awx_version }} diff --git a/changelogs/fragments/checkmode.yml b/changelogs/fragments/checkmode.yml new file mode 100644 index 000000000..c4a03a114 --- /dev/null +++ b/changelogs/fragments/checkmode.yml @@ -0,0 +1,5 @@ +--- +minor_changes: + - added mandatory check to workflow launch name option + - added improvements to checkmod where it will run faster with the async tasks. In addition added an additional fail check at end of dispatch that will likely fail if dependencies are missing, as expected. +... diff --git a/changelogs/fragments/constructed.yml b/changelogs/fragments/constructed.yml new file mode 100644 index 000000000..d444c2af7 --- /dev/null +++ b/changelogs/fragments/constructed.yml @@ -0,0 +1,4 @@ +--- +bugfixes: + - The role 'inventory_sources' will now skip when the source parameter is `constructed`. These sources are auto created and not meant to be edited. However they can still be synced with the inventory_source_update. +... diff --git a/roles/inventory_sources/README.md b/roles/inventory_sources/README.md index 0a9ba43d8..f225a517a 100644 --- a/roles/inventory_sources/README.md +++ b/roles/inventory_sources/README.md @@ -99,7 +99,7 @@ The role will strip the double space between the curly bracket in order to provi |`description`|`False`|no|The description to use for the inventory source.| |`inventory`|""|yes|Inventory the group should be made a member of.| |`organization`|""|no|Organization the inventory belongs to.| -|`source`|""|no|The source to use for this group.| +|`source`|""|no|The source to use for this group. If set to `constructed` this role will be skipped as they are not meant to be edited.| |`source_path`|""|no|For an SCM based inventory source, the source path points to the file within the repo to use as an inventory.| |`source_vars`|""|no|The variables or environment fields to apply to this source type.| |`enabled_var`|""|no|The variable to use to determine enabled state e.g., "status.power_state".| diff --git a/roles/inventory_sources/tasks/main.yml b/roles/inventory_sources/tasks/main.yml index f057c1701..e778c6333 100644 --- a/roles/inventory_sources/tasks/main.yml +++ b/roles/inventory_sources/tasks/main.yml @@ -46,6 +46,7 @@ poll: 0 register: __inventory_source_job_async changed_when: not __inventory_source_job_async.changed + when: __controller_source_item.source != "constructed" vars: __operation: "{{ operation_translate[__controller_source_item.state | default(controller_state) | default('present')] }}" ansible_async_dir: '{{ controller_configuration_async_dir }}' diff --git a/tests/configs/differential_items.yml b/tests/configs/differential_items.yml index 770b8854c..3cb3c8ed5 100644 --- a/tests/configs/differential_items.yml +++ b/tests/configs/differential_items.yml @@ -106,6 +106,9 @@ differential_items: - name: satlab-admin-inventory organization: Default state: absent + - name: test_constructed + organization: Default + state: absent - name: Test Inventory - Smart organization: Default state: absent diff --git a/tests/configs/inventories.yml b/tests/configs/inventories.yml index e520b0c73..896103673 100644 --- a/tests/configs/inventories.yml +++ b/tests/configs/inventories.yml @@ -22,4 +22,9 @@ controller_inventories: description: created by Ansible Playbook kind: smart host_filter: "name__icontains=localhost" + - name: test_constructed + organization: Default + kind: constructed + input_inventories: + - localhost ... diff --git a/tests/configs/inventory_sources.yml b/tests/configs/inventory_sources.yml index 42a684172..cf0dbf448 100644 --- a/tests/configs/inventory_sources.yml +++ b/tests/configs/inventory_sources.yml @@ -40,5 +40,7 @@ controller_inventory_sources: organization: Satellite source: scm state: absent - # more options can be provided but for scm source we are using, we need only this much. + - name: "Auto-created source for: test_constructed" + inventory: test_constructed + source: constructed ... diff --git a/tests/configs_export_model/differential_items.yml b/tests/configs_export_model/differential_items.yml index 67fe77227..ec9b97fe9 100644 --- a/tests/configs_export_model/differential_items.yml +++ b/tests/configs_export_model/differential_items.yml @@ -337,7 +337,7 @@ differential_expected: credential: default_environment: description: ansible-examples - local_path: _19__test_inventory_source_project + local_path: _20__test_inventory_source_project name: Test Inventory source project natural_key: name: Test Inventory source project @@ -377,7 +377,7 @@ differential_expected: type: credential default_environment: description: ansible-examples - local_path: _20__test_inventory_source_project_with_credential + local_path: _21__test_inventory_source_project_with_credential name: Test Inventory source project with credential natural_key: name: Test Inventory source project with credential diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 281b48fd8..3f3f5c6b9 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -108,7 +108,6 @@ controller_bulk_hosts: "{{ temp_controller_bulk_hosts }}" when: - controller_bulk_launch_jobs is defined - - awx_version == "21.14.0" or awx_version == "devel" - name: Launch Controller Jobs ansible.builtin.include_role: @@ -150,7 +149,6 @@ wait: false when: - controller_bulk_launch_jobs is defined - - awx_version == "21.14.0" or awx_version == "22.0.0" or awx_version == "22.1.0" or awx_version == "devel" - name: Launch Controller workflows ansible.builtin.include_role: diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 0c3c22d34..5b9486c0b 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -113,6 +113,4 @@ ansible.builtin.assert: that: - differential_expected == export_results.difference - when: - - awx_version == "devel" # It works on earlier versions, the issue is new fields fail in the differential. ... From 7aec9956cde6d1fb1cdb4b5e164f163741c5b9ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Radovan=20Dra=C5=BEn=C3=BD?= Date: Sun, 19 Nov 2023 16:57:31 +0100 Subject: [PATCH 124/129] Fix calling manifest when manifest_url is defined (#725) --- roles/license/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/license/tasks/main.yml b/roles/license/tasks/main.yml index 88e3654bf..66fa17fe9 100644 --- a/roles/license/tasks/main.yml +++ b/roles/license/tasks/main.yml @@ -4,7 +4,7 @@ - name: Use manifest file ansible.builtin.include_tasks: "manifest.yml" when: - - controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_content is defined + - controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_content is defined or controller_license.manifest_url is defined - name: Use subscription pool id or subscription lookup ansible.builtin.include_tasks: "subscription.yml" From 0609b6936c7bfe69248927735bfad6ec565273e0 Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Sun, 19 Nov 2023 17:06:08 +0100 Subject: [PATCH 125/129] Fix usage of compare_list_reduced variable (#721) Co-authored-by: Marges, RSY (Rick) Co-authored-by: Sean Sullivan --- plugins/lookup/controller_object_diff.py | 2 +- tests/configs/differential_items.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index b9eeaaf08..b6ef4633d 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -320,7 +320,7 @@ def run(self, terms, variables=None, **kwargs): item.update({"state": "absent"}) # Combine Lists if self.get_option("with_present"): - for item in compare_list_reduced: + for item in compare_list: item.update({"state": "present"}) compare_list.extend(difference) # Return Compare list with difference attached diff --git a/tests/configs/differential_items.yml b/tests/configs/differential_items.yml index 3cb3c8ed5..14bc82ac4 100644 --- a/tests/configs/differential_items.yml +++ b/tests/configs/differential_items.yml @@ -45,20 +45,20 @@ differential_items: organization: Default scm_type: git scm_url: https://github.com/ansible/tower-example.git - # state: present + state: present - description: ansible-examples name: Test Inventory source project organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git - # state: present + state: present - credential: gitlab-personal-access-token for satqe_auto_droid description: ansible-examples name: Test Inventory source project with credential organization: Default scm_type: git scm_url: https://github.com/ansible/ansible-examples.git - # state: present + state: present wait: false - description: Test Project 1 name: Test Project @@ -67,7 +67,7 @@ differential_items: scm_clean: true scm_type: git scm_url: https://github.com/ansible/tower-example.git - # state: present + state: present - name: Demo Project organization: Default state: absent From 5e679c73893c68e834e73d25df1eebc7c503b06a Mon Sep 17 00:00:00 2001 From: Rickmarges Date: Sun, 19 Nov 2023 17:25:16 +0100 Subject: [PATCH 126/129] Provide 3 fixes for the diff plugin (#726) * Add instace_group info to diff plugin * Change way to compare dicts to ignore state key * Ensure that key is set to target_team in case of membership removal When adding or removing a user from a team you'd need to use target_team instead of team --------- Co-authored-by: Marges, RSY (Rick) Co-authored-by: Sean Sullivan --- changelogs/fragments/diff_plugin.yml | 6 ++++++ plugins/lookup/controller_object_diff.py | 18 +++++++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 changelogs/fragments/diff_plugin.yml diff --git a/changelogs/fragments/diff_plugin.yml b/changelogs/fragments/diff_plugin.yml new file mode 100644 index 000000000..90f868fee --- /dev/null +++ b/changelogs/fragments/diff_plugin.yml @@ -0,0 +1,6 @@ +--- +bugfixes: + - Fixed an issue where the usage access to instance_groups were removed + - Fixed an issue where the diff doesn't work correctly when explicitly setting state present + - Fixed member removal of teams +... diff --git a/plugins/lookup/controller_object_diff.py b/plugins/lookup/controller_object_diff.py index b6ef4633d..1dd43ce30 100644 --- a/plugins/lookup/controller_object_diff.py +++ b/plugins/lookup/controller_object_diff.py @@ -120,6 +120,11 @@ def map_item(self, item, new_attribute_name, attribute_value, dupitems): new_item.update({new_attribute_name: attribute_value}) return new_item + def equal_dicts(self, d1, d2, ignore_keys): + d1_filtered = {k: v for k, v in d1.items() if k not in ignore_keys} + d2_filtered = {k: v for k, v in d2.items() if k not in ignore_keys} + return d1_filtered == d2_filtered + def run(self, terms, variables=None, **kwargs): self.set_options(direct=kwargs) @@ -223,6 +228,8 @@ def run(self, terms, variables=None, **kwargs): for item in api_list_reduced: if item["resource_type"] == "organization": item.update({"organizations": [item[item["resource_type"]]]}) + if item["resource_type"] == "instance_group": + item.update({"instance_groups": [item[item["resource_type"]]]}) item.update({"role": item["name"].lower().replace(" ", "_")}) # Remove the extra fields item.pop("users") @@ -231,6 +238,8 @@ def run(self, terms, variables=None, **kwargs): item.pop("resource_type") if "organization" in item: item.pop("organization") + if "instance_group" in item: + item.pop("instance_group") if "type" in item: item.pop("type") list_to_extend = [] @@ -311,13 +320,20 @@ def run(self, terms, variables=None, **kwargs): else: difference = [] for item in api_list_reduced: - if item not in compare_list_reduced: + for compare_item in compare_list_reduced: + if self.equal_dicts(compare_item, item, "state"): + break + else: difference.append(item) # Set if self.get_option("set_absent"): for item in difference: item.update({"state": "absent"}) + if "team" in item and item["role"] == "member": + item.update({"target_team": item["team"]}) + item.pop("team") + # Combine Lists if self.get_option("with_present"): for item in compare_list: From ea993793b81422178e21ab7b4d6689ed9d456f17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ivan=20Aragon=C3=A9s=20Muniesa?= <26822043+ivarmu@users.noreply.github.com> Date: Mon, 20 Nov 2023 14:13:11 +0100 Subject: [PATCH 127/129] filetree_create generate unified files (#723) * playbook to convert from filetree_create to flat files. job_templates, teams and team_roles to direct flat output * all the objects has been updated to let flatten output * fix lintering issues * fix missing version for awx in the ci_standalone. Add ansible-playbook example command line for filetree_create * fix versions for awx in the ci_standalone and release * updated README.md. Added ansible-playbook command example * Fixed the wrong location for the new information. * Fixed the wrong location for the new information. Fix lintering --- .github/workflows/release.yml | 1 - .../filtree_create_flatten_output.yml | 4 + playbooks/flatten_filetree_create_output.yaml | 94 ++++++++++++ roles/filetree_create/README.md | 117 +++++++++++++++ roles/filetree_create/tasks/applications.yml | 87 +++++++---- .../tasks/constructed_inventory.yml | 99 +++++++++---- roles/filetree_create/tasks/credentials.yml | 87 +++++++---- roles/filetree_create/tasks/groups.yml | 47 ++++-- roles/filetree_create/tasks/hosts.yml | 47 ++++-- roles/filetree_create/tasks/inventory.yml | 126 ++++++++++++---- .../tasks/inventory_sources.yml | 49 +++++-- roles/filetree_create/tasks/job_templates.yml | 126 +++++++++++----- roles/filetree_create/tasks/labels.yml | 87 +++++++---- .../tasks/notification_templates.yml | 78 +++++++--- roles/filetree_create/tasks/organizations.yml | 113 ++++++++++----- roles/filetree_create/tasks/projects.yml | 117 ++++++++++----- roles/filetree_create/tasks/schedules.yml | 97 +++++++++---- roles/filetree_create/tasks/team_roles.yml | 60 ++++++-- roles/filetree_create/tasks/teams.yml | 91 ++++++++---- roles/filetree_create/tasks/user_roles.yml | 60 ++++++-- roles/filetree_create/tasks/users.yml | 84 +++++++---- .../tasks/workflow_job_templates.yml | 135 ++++++++++++------ .../templates/current_applications.j2 | 4 + .../templates/current_credentials.j2 | 6 + .../templates/current_groups.j2 | 4 + .../templates/current_hosts.j2 | 4 + .../templates/current_inventories.j2 | 4 + .../templates/current_inventory_sources.j2 | 4 + .../templates/current_job_templates.j2 | 15 +- .../templates/current_labels.j2 | 4 + .../current_notification_templates.j2 | 4 + .../templates/current_organizations.j2 | 4 + .../templates/current_projects.j2 | 4 + .../templates/current_schedules.j2 | 4 + .../templates/current_team_roles.j2 | 4 + .../templates/current_teams.j2 | 4 + .../templates/current_user_roles.j2 | 4 + .../templates/current_users.j2 | 4 + .../current_workflow_job_templates.j2 | 16 ++- .../filetree_create/tests/filetree_create.yml | 1 + roles/object_diff/tasks/roles.yml | 1 + 41 files changed, 1448 insertions(+), 453 deletions(-) create mode 100644 changelogs/fragments/filtree_create_flatten_output.yml create mode 100644 playbooks/flatten_filetree_create_output.yaml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d2ba3a0b4..ab4f63af7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,6 @@ jobs: - devel - 22.4.0 - 22.3.0 - - 21.13.0 - 21.11.0 uses: "./.github/workflows/ci_standalone_versioned.yml" with: diff --git a/changelogs/fragments/filtree_create_flatten_output.yml b/changelogs/fragments/filtree_create_flatten_output.yml new file mode 100644 index 000000000..99529272f --- /dev/null +++ b/changelogs/fragments/filtree_create_flatten_output.yml @@ -0,0 +1,4 @@ +--- +minor_changes: + - The role 'filetree_create' will now allow to export all the objects of one kind into a single file, so it can be loaded by both ansible `group_vars` syntax and `filetree_read` tool. +... diff --git a/playbooks/flatten_filetree_create_output.yaml b/playbooks/flatten_filetree_create_output.yaml new file mode 100644 index 000000000..474e0f81b --- /dev/null +++ b/playbooks/flatten_filetree_create_output.yaml @@ -0,0 +1,94 @@ +--- +- name: "Flatten the filetree_create output into unique files per each object type" + hosts: localhost + connection: local + gather_facts: false + vars: + filetree_controller_settings: &filetree_create_output_dir "{{ filetree_create_output_dir }}" + filetree_controller_organizations: *filetree_create_output_dir + filetree_controller_labels: *filetree_create_output_dir + filetree_controller_user_accounts: *filetree_create_output_dir + filetree_controller_teams: *filetree_create_output_dir + filetree_controller_credential_types: *filetree_create_output_dir + filetree_controller_credentials: *filetree_create_output_dir + filetree_controller_credential_input_sources: *filetree_create_output_dir + filetree_controller_notifications: *filetree_create_output_dir + filetree_controller_projects: *filetree_create_output_dir + filetree_controller_execution_environments: *filetree_create_output_dir + filetree_controller_applications: *filetree_create_output_dir + filetree_controller_inventories: *filetree_create_output_dir + filetree_controller_inventory_sources: *filetree_create_output_dir + filetree_controller_instance_groups: *filetree_create_output_dir + filetree_controller_hosts: *filetree_create_output_dir + filetree_controller_groups: *filetree_create_output_dir + filetree_controller_templates: *filetree_create_output_dir + filetree_controller_workflow_job_templates: *filetree_create_output_dir + filetree_controller_schedules: *filetree_create_output_dir + filetree_controller_roles: *filetree_create_output_dir + roles: + - infra.controller_configuration.filetree_read + post_tasks: + - name: "Create the output flatten dir" + ansible.builtin.file: + path: "{{ filetree_create_output_dir }}_flatten" + state: directory + mode: "0755" + + - name: "Write all the objects to the corresponding file" + ansible.builtin.copy: + dest: "{{ filetree_create_output_dir }}_flatten/{{ object_type.name }}.yaml" + mode: "0644" + content: | + --- + {{ object_type.value | to_nice_yaml(indent=2) }} + ... + loop_control: + loop_var: object_type + loop: + - name: controller_settings + value: "{{ controller_settings }}" + - name: controller_organizations + value: "{{ controller_organizations }}" + - name: controller_labels + value: "{{ controller_labels }}" + - name: controller_user_accounts + value: "{{ controller_user_accounts }}" + - name: controller_teams + value: "{{ controller_teams }}" + - name: controller_credential_types + value: "{{ controller_credential_types }}" + - name: controller_credentials + value: "{{ controller_credentials }}" + - name: controller_credential_input_sources + value: "{{ controller_credential_input_sources }}" + - name: controller_notifications + value: "{{ controller_notifications }}" + - name: controller_projects + value: "{{ controller_projects }}" + - name: controller_execution_environments + value: "{{ controller_execution_environments }}" + - name: controller_applications + value: "{{ controller_applications }}" + - name: controller_inventories + value: "{{ controller_inventories }}" + - name: controller_inventory_sources + value: "{{ controller_inventory_sources }}" + - name: controller_instance_groups + value: "{{ controller_instance_groups }}" + - name: controller_hosts + value: "{{ controller_hosts }}" + - name: controller_groups + value: "{{ controller_groups }}" + - name: controller_templates + value: "{{ controller_templates }}" + - name: controller_workflow_job_templates + value: "{{ controller_workflow_job_templates | default([]) }}" + - name: controller_schedules + value: "{{ controller_schedules }}" + - name: controller_roles + value: "{{ controller_roles }}" +... +# Sample usage: +# +# ansible-playbook infra.controller_configuration.flatten_filetree_create_output.yaml -e '{filetree_create_output_dir: /tmp/filetree_output}' +# diff --git a/roles/filetree_create/README.md b/roles/filetree_create/README.md index cfc66f5e9..893d30190 100644 --- a/roles/filetree_create/README.md +++ b/roles/filetree_create/README.md @@ -19,6 +19,7 @@ The following variables are required for that role to work properly: | `organization_id` | N/A | no | int | Alternative to `organization_filter`, but specifiying the current organization's ID to filter by. Exports only the objects belonging to the specified organization (applies to all the objects that can be assigned to an organization). | | `output_path` | `/tmp/filetree_output` | yes | str | The path to the output directory where all the generated `yaml` files with the corresponding Objects as code will be written to. | | `input_tag` | `['all']` | no | List of Strings | The tags which are applied to the 'sub-roles'. If 'all' is in the list (the default value) then all roles will be called. | +| `flatten_output` | N/A | no | bool | Whether to flatten the output in single files per each object type instead of the normal exportation structure | ## Dependencies @@ -78,6 +79,122 @@ A list of other roles hosted on Galaxy should go here, plus any details in regar ... ``` +This role can generate output files in two different ways: + +- **Structured output**: + + The output files are distributed in separate directories, by organization first, and then by object type. Into each of these directories, one file per object is generated. This way allows to organize the files using different criteria, for example, by funcionalities or applications. + + The expotation can be triggered with the following command: + + ```console + ansible-playbook -i localhost, filetree_create.yml -e '{controller_validate_certs: false, controller_hostname: localhost:8443, controller_username: admin, controller_password: password}' + ``` + + One example of this approach follows: + + ```console + /tmp/filetree_output_distributted + ├── current_credential_types.yaml + ├── current_execution_environments.yaml + ├── current_instance_groups.yaml + ├── current_settings.yaml + ├── Default + │   ├── applications + │   │   ├── 23_controller_application-app2.yaml + │   │   └── 24_controller_application-app3.yaml + │   ├── credentials + │   │   ├── 82_Demo Credential.yaml + │   │   └── 84_Demo Custom Credential.yaml + │   ├── current_organization.yaml + │   ├── inventories + │   │   ├── Demo Inventory + │   │   │   └── 81_Demo Inventory.yaml + │   │   └── Test Inventory - Smart + │   │   ├── 78_Test Inventory - Smart.yaml + │   │   └── current_hosts.yaml + │   ├── job_templates + │   │   ├── 177_test-template-1.yaml + │   │   └── 190_Demo Job Template.yaml + │   ├── labels + │   │   ├── 52_Prod.yaml + │   │   ├── 53_differential.yaml + │   ├── notification_templates + │   │   ├── Email notification differential.yaml + │   │   └── Email notification.yaml + │   ├── projects + │   │   ├── 169_Test Project.yaml + │   │   ├── 170_Demo Project.yaml + │   ├── teams + │   │   ├── 28_satellite-qe.yaml + │   │   └── 29_tower-team.yaml + │   └── workflow_job_templates + │   ├── 191_Simple workflow schema.yaml + │   └── 200_Complicated workflow schema.yaml + ├── ORGANIZATIONLESS + │   ├── credentials + │   │   ├── 2_Ansible Galaxy.yaml + │   │   └── 3_Default Execution Environment Registry Credential.yaml + │   └── users + │   ├── admin.yaml + │   ├── controller_user.yaml + ├── schedules + │   ├── 1_Cleanup Job Schedule.yaml + │   ├── 2_Cleanup Activity Schedule.yaml + │   ├── 4_Cleanup Expired Sessions.yaml + │   ├── 52_Demo Schedule.yaml + │   ├── 53_Demo Schedule 2.yaml + │   └── 5_Cleanup Expired OAuth 2 Tokens.yaml + ├── team_roles + │   ├── current_roles_satellite-qe.yaml + │   └── current_roles_tower-team.yaml + └── user_roles + └── current_roles_controller_user.yaml + ``` + +- **Flatten files**: + + The output files are all located in the same directory. Each file contains a YAML list with all the objects belonging to the same object type. This output format allows to load all the objects both from the standard Ansible `group_vars` and from the `infra.controller_configuration.filetree_read` role. + + The expotation can be triggered with the following command: + + ```console + ansible-playbook -i localhost, filetree_create.yml -e '{controller_validate_certs: false, controller_hostname: localhost:8443, controller_username: admin, controller_password: password, flatten_output: true}' + ``` + + One example of this approach follows: + + ```console + /tmp/filetree_output_flatten + ├── applications.yaml + ├── credentials.yaml + ├── current_credential_types.yaml + ├── current_execution_environments.yaml + ├── current_instance_groups.yaml + ├── current_settings.yaml + ├── groups.yaml + ├── hosts.yaml + ├── inventories.yaml + ├── inventory_sources.yaml + ├── job_templates.yaml + ├── labels.yaml + ├── notification_templates.yaml + ├── organizations.yaml + ├── projects.yaml + ├── schedules.yaml + ├── team_roles.yaml + ├── teams.yaml + ├── user_roles.yaml + ├── users.yaml + └── workflow_job_templates.yaml + ``` + +A playbook to convert from the structured output to the flattened one is provided, and can be executed with the following command: + +```console +ansible-playbook infra.controller_configuration.flatten_filetree_create_output.yaml -e '{filetree_create_output_dir: /tmp/filetree_output}' +``` + ## License GPLv3+ diff --git a/roles/filetree_create/tasks/applications.yml b/roles/filetree_create/tasks/applications.yml index 5fbcaf85d..1d8b7a9c9 100644 --- a/roles/filetree_create/tasks/applications.yml +++ b/roles/filetree_create/tasks/applications.yml @@ -11,32 +11,67 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /applications output directory for applications in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/applications" - loop: "{{ (applications_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((applications_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/applications.yaml" + block: + - name: "Add current applications to the applications flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_applications.j2') }}" + vars: + application_organization: "{{ current_applications_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + application_id: "{{ current_applications_asset_value.id }}" + application_name: "{{ current_applications_asset_value.name | regex_replace('/', '_') }}" + last_application: "{{ current_application_index == ((applications_lookvar | length) - 1) }}" + loop: "{{ applications_lookvar }}" + loop_control: + index_var: current_application_index + loop_var: current_applications_asset_value + label: "{{ __dest }}" -- name: "Add current applications to the /applications output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_applications.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - application_organization: "{{ current_applications_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" - application_id: "{{ current_applications_asset_value.id }}" - application_name: "{{ current_applications_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ application_organization | regex_replace('/', '_') }}/applications/{{ application_id }}_{{ application_name | regex_replace('/', '_') }}.yaml" - loop: "{{ applications_lookvar }}" - loop_control: - loop_var: current_applications_asset_value - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /applications output directory for applications in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/applications" + loop: "{{ (applications_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((applications_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current applications to the /applications output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_applications.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + application_organization: "{{ current_applications_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + application_id: "{{ current_applications_asset_value.id }}" + application_name: "{{ current_applications_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ application_organization | regex_replace('/', '_') }}/applications/{{ application_id }}_{{ application_name | regex_replace('/', '_') }}.yaml" + loop: "{{ applications_lookvar }}" + loop_control: + loop_var: current_applications_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/constructed_inventory.yml b/roles/filetree_create/tasks/constructed_inventory.yml index 1b35fa374..fdee02e91 100644 --- a/roles/filetree_create/tasks/constructed_inventory.yml +++ b/roles/filetree_create/tasks/constructed_inventory.yml @@ -1,5 +1,5 @@ --- -- name: "Get the inventories from the API" +- name: "Get the constructed inventories from the API" ansible.builtin.set_fact: constructed_inventory_lookvar: "{{ query(controller_api_plugin, 'api/v2/constructed_inventories/', query_params=(query_params | combine({'organization': organization_id})) if organization_id is defined else query_params, @@ -11,31 +11,78 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /inventories output directory for inventories in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - inventory_organization: "{{ needed_path.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - inventory_name: "{{ needed_path.name | regex_replace('/', '_') }}" - __path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" - loop: "{{ constructed_inventory_lookvar }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/inventories.yaml" + block: + - name: "Stat if the output file exists" + ansible.builtin.stat: + path: "{{ __dest }}" + register: __constructed_inventories_file -- name: "Add current constructed_inventories to the /inventories output yaml file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_inventories.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}/{{ current_inventories_asset_value.id }}_{{ inventory_name | regex_replace('/', '_') }}.yaml" - loop: "{{ constructed_inventory_lookvar }}" - loop_control: - loop_var: current_inventories_asset_value - label: "{{ __dest }}" + - name: "Remove the yaml finalizer if it's already present" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: "..." + state: absent + when: __constructed_inventories_file.stat.exists | bool + + - name: "Add current constructed inventory to the inventories flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_inventories.j2') }}" + vars: + inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" + first_inventory: "{{ not (__constructed_inventories_file.stat.exists | bool) }}" + last_inventory: "{{ current_inventory_index == ((constructed_inventory_lookvar | length) - 1) }}" + loop: "{{ constructed_inventory_lookvar }}" + loop_control: + index_var: current_inventory_index + loop_var: current_inventories_asset_value + label: "{{ __dest }}" + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /inventories output directory for inventories in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + inventory_organization: "{{ needed_path.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ needed_path.name | regex_replace('/', '_') }}" + __path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + loop: "{{ constructed_inventory_lookvar }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current constructed_inventories to the /inventories output yaml file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_inventories.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}/{{ current_inventories_asset_value.id }}_{{ inventory_name | regex_replace('/', '_') }}.yaml" + loop: "{{ constructed_inventory_lookvar }}" + loop_control: + loop_var: current_inventories_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/credentials.yml b/roles/filetree_create/tasks/credentials.yml index 5647b312b..97e27b956 100644 --- a/roles/filetree_create/tasks/credentials.yml +++ b/roles/filetree_create/tasks/credentials.yml @@ -11,32 +11,67 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /credentials output directory for credentials in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path }}/credentials" - loop: "{{ (credentials_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((credentials_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/credentials.yaml" + block: + - name: "Add current credentials to the credentials flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_credentials.j2') }}" + vars: + credentials_organization: "{{ current_credentials_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + credentials_id: "{{ current_credentials_asset_value.id }}" + credentials_name: "{{ current_credentials_asset_value.name | regex_replace('/', '_') }}" + last_credential: "{{ current_credential_index == ((credentials_lookvar | length) - 1) }}" + loop: "{{ credentials_lookvar }}" + loop_control: + index_var: current_credential_index + loop_var: current_credentials_asset_value + label: "{{ __dest }}" -- name: "Add current credentials to the /credentials output yaml file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_credentials.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - credentials_organization: "{{ current_credentials_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - credentials_id: "{{ current_credentials_asset_value.id }}" - credentials_name: "{{ current_credentials_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ credentials_organization | regex_replace('/', '_') }}/credentials/{{ credentials_id }}_{{ credentials_name | regex_replace('/', '_') }}.yaml" - loop: "{{ credentials_lookvar }}" - loop_control: - loop_var: current_credentials_asset_value - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /credentials output directory for credentials in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path }}/credentials" + loop: "{{ (credentials_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((credentials_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current credentials to the /credentials output yaml file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_credentials.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + credentials_organization: "{{ current_credentials_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + credentials_id: "{{ current_credentials_asset_value.id }}" + credentials_name: "{{ current_credentials_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ credentials_organization | regex_replace('/', '_') }}/credentials/{{ credentials_id }}_{{ credentials_name | regex_replace('/', '_') }}.yaml" + loop: "{{ credentials_lookvar }}" + loop_control: + loop_var: current_credentials_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/groups.yml b/roles/filetree_create/tasks/groups.yml index 529e605b3..cec0dbfb7 100644 --- a/roles/filetree_create/tasks/groups.yml +++ b/roles/filetree_create/tasks/groups.yml @@ -1,14 +1,39 @@ --- -- name: "Create the output directory for groups: {{ groups_output_path }}" - ansible.builtin.file: - path: "{{ groups_output_path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool + vars: + __dest: "{{ groups_output_path }}" + block: + - name: "Add current groups to the groups flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_groups.j2') }}" -- name: "Add current groups to the current_groups.yaml output file in {{ groups_output_path }}" - ansible.builtin.template: - src: "templates/current_groups.j2" - dest: "{{ groups_output_path }}/current_groups.yaml" - mode: '0644' - when: current_groups_asset_value | length > 0 + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for groups: {{ groups_output_path }}" + ansible.builtin.file: + path: "{{ groups_output_path }}" + state: directory + mode: '0755' + + - name: "Add current groups to the current_groups.yaml output file in {{ groups_output_path }}" + ansible.builtin.template: + src: "templates/current_groups.j2" + dest: "{{ groups_output_path }}/current_groups.yaml" + mode: '0644' + when: current_groups_asset_value | length > 0 ... diff --git a/roles/filetree_create/tasks/hosts.yml b/roles/filetree_create/tasks/hosts.yml index 8ef5a38f5..514929fcf 100644 --- a/roles/filetree_create/tasks/hosts.yml +++ b/roles/filetree_create/tasks/hosts.yml @@ -1,14 +1,39 @@ --- -- name: "Create the output directory for hosts: {{ hosts_output_path }}" - ansible.builtin.file: - path: "{{ hosts_output_path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool + vars: + __dest: "{{ hosts_output_path }}" + block: + - name: "Add current hosts to the hosts flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_hosts.j2') }}" -- name: "Add current hosts to the current_hosts.yaml output file in {{ hosts_output_path }}" - ansible.builtin.template: - src: "templates/current_hosts.j2" - dest: "{{ hosts_output_path }}/current_hosts.yaml" - mode: '0644' - when: current_hosts_asset_value | length > 0 + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for hosts: {{ hosts_output_path }}" + ansible.builtin.file: + path: "{{ hosts_output_path }}" + state: directory + mode: '0755' + + - name: "Add current hosts to the current_hosts.yaml output file in {{ hosts_output_path }}" + ansible.builtin.template: + src: "templates/current_hosts.j2" + dest: "{{ hosts_output_path }}/current_hosts.yaml" + mode: '0644' + when: current_hosts_asset_value | length > 0 ... diff --git a/roles/filetree_create/tasks/inventory.yml b/roles/filetree_create/tasks/inventory.yml index 93f5e0d86..fd05db1f9 100644 --- a/roles/filetree_create/tasks/inventory.yml +++ b/roles/filetree_create/tasks/inventory.yml @@ -12,47 +12,99 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /inventories output directory for inventories in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - inventory_organization: "{{ needed_path.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - inventory_name: "{{ needed_path.name | regex_replace('/', '_') }}" - __path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" - loop: "{{ inventory_lookvar }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/inventories.yaml" + block: + - name: "Stat if the output file exists" + ansible.builtin.stat: + path: "{{ __dest }}" + register: __inventories_file -- name: "Add current inventories to the /inventories output yaml file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_inventories.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}/{{ current_inventories_asset_value.id }}_{{ inventory_name | regex_replace('/', '_') }}.yaml" - loop: "{{ inventory_lookvar }}" - loop_control: - loop_var: current_inventories_asset_value - label: "{{ __dest }}" + - name: "Remove the yaml finalizer if it's already present" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: "..." + state: absent + when: __inventories_file.stat.exists | bool + + - name: "Add current inventories to the inventories flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: '' + block: "{{ lookup('template', 'templates/current_inventories.j2') }}" + vars: + inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" + first_inventory: "{{ not (__inventories_file.stat.exists | bool) }}" + last_inventory: "{{ current_inventory_index == ((inventory_lookvar | length) - 1) }}" + loop: "{{ inventory_lookvar }}" + loop_control: + index_var: current_inventory_index + loop_var: current_inventories_asset_value + label: "{{ __dest }}" + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /inventories output directory for inventories in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + inventory_organization: "{{ needed_path.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ needed_path.name | regex_replace('/', '_') }}" + __path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + loop: "{{ inventory_lookvar }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current inventories to the /inventories output yaml file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_inventories.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + inventory_organization: "{{ current_inventories_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + inventory_name: "{{ current_inventories_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}/{{ current_inventories_asset_value.id }}_{{ inventory_name | regex_replace('/', '_') }}.yaml" + loop: "{{ inventory_lookvar }}" + loop_control: + loop_var: current_inventories_asset_value + label: "{{ __dest }}" - name: "Set the inventory's inventory sources" ansible.builtin.include_tasks: "inventory_sources.yml" vars: inventory_organization: "{{ current_inventory_sources.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" inventory_name: "{{ current_inventory_sources.name | regex_replace('/', '_') }}" - inventory_sources_output_path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + inventory_sources_output_path: "{{ (output_path + '/' + inventory_organization | regex_replace('/', '_') + '/inventories/' + inventory_name | regex_replace('/', '_')) + if (flatten_output is not defined or (flatten_output | bool) == false) + else + output_path + '/inventory_sources.yaml' }}" current_inventory_sources_asset_value: "{{ query(controller_api_plugin, current_inventory_sources.related.inventory_sources, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) if current_inventory_sources.has_inventory_sources else [] }}" + last_inventory: "{{ current_inventory_index == ((inventory_lookvar | length) - 1) }}" loop: "{{ inventory_lookvar }}" loop_control: + index_var: current_inventory_index loop_var: current_inventory_sources label: "{{ inventory_sources_output_path }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" @@ -62,14 +114,20 @@ vars: inventory_organization: "{{ current_inventory_hosts.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" inventory_name: "{{ current_inventory_hosts.name | regex_replace('/', '_') }}" - hosts_output_path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + hosts_output_path: "{{ (output_path + '/' + inventory_organization | regex_replace('/', '_') + '/inventories/' + inventory_name | regex_replace('/', '_')) + if (flatten_output is not defined or (flatten_output | bool) == false) + else + output_path + '/hosts.yaml' }}" current_hosts_asset_value: "{{ query(controller_api_plugin, current_inventory_hosts.related.hosts, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) - if not current_inventory_hosts.has_inventory_sources else [] + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) + if not current_inventory_hosts.has_inventory_sources else [] }}" + first_inventory: "{{ not (__inventories_file.stat.exists | bool) }}" + last_inventory: "{{ current_inventory_index == ((inventory_lookvar | length) - 1) }}" loop: "{{ inventory_lookvar }}" loop_control: + index_var: current_inventory_index loop_var: current_inventory_hosts label: "{{ hosts_output_path }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" @@ -80,14 +138,20 @@ vars: inventory_organization: "{{ current_inventory_groups.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" inventory_name: "{{ current_inventory_groups.name | regex_replace('/', '_') }}" - groups_output_path: "{{ output_path }}/{{ inventory_organization | regex_replace('/', '_') }}/inventories/{{ inventory_name | regex_replace('/', '_') }}" + groups_output_path: "{{ (output_path + '/' + inventory_organization | regex_replace('/', '_') + '/inventories/' + inventory_name | regex_replace('/', '_')) + if (flatten_output is not defined or (flatten_output | bool) == false) + else + output_path + '/groups.yaml' }}" current_groups_asset_value: "{{ query(controller_api_plugin, current_inventory_groups.related.groups, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) if (not current_inventory_groups.has_inventory_sources or current_inventory_groups.kind is match('smart')) else [] }}" + first_inventory: "{{ not (__inventories_file.stat.exists | bool) }}" + last_inventory: "{{ current_inventory_index == ((inventory_lookvar | length) - 1) }}" loop: "{{ inventory_lookvar }}" loop_control: + index_var: current_inventory_index loop_var: current_inventory_groups label: "{{ groups_output_path }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" diff --git a/roles/filetree_create/tasks/inventory_sources.yml b/roles/filetree_create/tasks/inventory_sources.yml index 5092d2ee6..0c67ca6cf 100644 --- a/roles/filetree_create/tasks/inventory_sources.yml +++ b/roles/filetree_create/tasks/inventory_sources.yml @@ -1,15 +1,40 @@ --- -- name: "Create the output directory for inventory sources: {{ inventory_sources_output_path }}" - ansible.builtin.file: - path: "{{ inventory_sources_output_path }}" - state: directory - mode: '0755' - -- name: "Add current inventory source to the current_inventory_sources.yaml output file in {{ inventory_sources_output_path }}" - ansible.builtin.template: - src: "templates/current_inventory_sources.j2" - dest: "{{ inventory_sources_output_path }}/current_inventory_sources.yaml" - mode: '0644' +- name: "Block for to generate flatten output" when: - - current_inventory_sources_asset_value | length > 0 + - flatten_output is defined + - flatten_output | bool + block: + - name: "Add current inventory source to the inventory sources flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ inventory_sources_output_path }}" + marker: "" + block: "{{ lookup('template', 'templates/current_inventory_sources.j2') }}" + vars: + last_inventory: "{{ current_inventory_for_sources_index == ((inventory_lookvar | length) - 1) }}" + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ inventory_sources_output_path }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for inventory sources: {{ inventory_sources_output_path }}" + ansible.builtin.file: + path: "{{ inventory_sources_output_path }}" + state: directory + mode: '0755' + + - name: "Add current inventory source to the current_inventory_sources.yaml output file in {{ inventory_sources_output_path }}" + ansible.builtin.template: + src: "templates/current_inventory_sources.j2" + dest: "{{ inventory_sources_output_path }}/current_inventory_sources.yaml" + mode: '0644' + when: + - current_inventory_sources_asset_value | length > 0 ... diff --git a/roles/filetree_create/tasks/job_templates.yml b/roles/filetree_create/tasks/job_templates.yml index 3a5125052..90f7076bf 100644 --- a/roles/filetree_create/tasks/job_templates.yml +++ b/roles/filetree_create/tasks/job_templates.yml @@ -11,45 +11,93 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the output directories for job templates in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/job_templates" - loop: "{{ (job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/job_templates.yaml" + block: + - name: "Add current job_templates to the job_templates flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_job_templates.j2') }}" + vars: + job_template_organization: "{{ current_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + job_template_id: "{{ current_job_templates_asset_value.id }}" + job_template_name: "{{ current_job_templates_asset_value.name | regex_replace('/', '_') }}" + query_labels: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_error: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + last_job_template: "{{ current_job_template_index == ((job_templates_lookvar | length) - 1) }}" + loop: "{{ job_templates_lookvar }}" + loop_control: + index_var: current_job_template_index + loop_var: current_job_templates_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Add current job_templates to the /job_templates output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_job_templates.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - job_template_organization: "{{ current_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - job_template_id: "{{ current_job_templates_asset_value.id }}" - job_template_name: "{{ current_job_templates_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ job_template_organization | regex_replace('/', '_') }}/job_templates/{{ job_template_id }}_{{ job_template_name | regex_replace('/', '_') }}.yaml" - query_labels: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.labels, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_error: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_error, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_started: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_started, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_success: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_success, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - loop: "{{ job_templates_lookvar }}" - loop_control: - loop_var: current_job_templates_asset_value - label: "{{ __dest }}" - no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directories for job templates in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/job_templates" + loop: "{{ (job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current job_templates to the /job_templates output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_job_templates.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + job_template_organization: "{{ current_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + job_template_id: "{{ current_job_templates_asset_value.id }}" + job_template_name: "{{ current_job_templates_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ job_template_organization | regex_replace('/', '_') }}/job_templates/{{ job_template_id }}_{{ job_template_name | regex_replace('/', '_') }}.yaml" + query_labels: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_error: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_job_templates_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + loop: "{{ job_templates_lookvar }}" + loop_control: + loop_var: current_job_templates_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" ... diff --git a/roles/filetree_create/tasks/labels.yml b/roles/filetree_create/tasks/labels.yml index db9f44fcc..d54144e74 100644 --- a/roles/filetree_create/tasks/labels.yml +++ b/roles/filetree_create/tasks/labels.yml @@ -11,32 +11,67 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /labels output directory for labels in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/labels" - loop: "{{ (labels_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((labels_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/labels.yaml" + block: + - name: "Add current labels to the labels flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_labels.j2') }}" + vars: + label_organization: "{{ current_labels_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + label_id: "{{ current_labels_asset_value.id }}" + label_name: "{{ current_labels_asset_value.name | regex_replace('/', '_') }}" + last_label: "{{ current_label_index == ((labels_lookvar | length) - 1) }}" + loop: "{{ labels_lookvar }}" + loop_control: + index_var: current_label_index + loop_var: current_labels_asset_value + label: "{{ __dest }}" -- name: "Add current labels to the /labels output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_labels.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - label_organization: "{{ current_labels_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" - label_id: "{{ current_labels_asset_value.id }}" - label_name: "{{ current_labels_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ label_organization | regex_replace('/', '_') }}/labels/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" - loop: "{{ labels_lookvar }}" - loop_control: - loop_var: current_labels_asset_value - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /labels output directory for labels in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/labels" + loop: "{{ (labels_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((labels_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current labels to the /labels output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_labels.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + label_organization: "{{ current_labels_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + label_id: "{{ current_labels_asset_value.id }}" + label_name: "{{ current_labels_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ label_organization | regex_replace('/', '_') }}/labels/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" + loop: "{{ labels_lookvar }}" + loop_control: + loop_var: current_labels_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/notification_templates.yml b/roles/filetree_create/tasks/notification_templates.yml index 20e87e11b..5aa2da2d9 100644 --- a/roles/filetree_create/tasks/notification_templates.yml +++ b/roles/filetree_create/tasks/notification_templates.yml @@ -11,29 +11,61 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /notification_templates output directory for notification templates in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/notification_templates" - loop: "{{ (notification_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((notification_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/notification_templates.yaml" + block: + - name: "Add current notification_templates to the notification_templates flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_notification_templates.j2') }}" + vars: + last_notification_template: "{{ current_notification_template_index == ((notification_templates_lookvar | length) - 1) }}" + loop: "{{ notification_templates_lookvar }}" + loop_control: + index_var: current_notification_template_index + loop_var: current_notification_templates_asset_value + label: "{{ __dest }}" -- name: "Add current notification templates to the /current_notification_templates.yaml output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_notification_templates.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - __dest: "{{ output_path }}/{{ (current_notification_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}/notification_templates/{{ current_notification_templates_asset_value.name | regex_replace('/', '_') }}.yaml" - loop: "{{ notification_templates_lookvar }}" - loop_control: - loop_var: current_notification_templates_asset_value - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /notification_templates output directory for notification templates in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/notification_templates" + loop: "{{ (notification_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((notification_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current notification templates to the /current_notification_templates.yaml output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_notification_templates.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + __dest: "{{ output_path }}/{{ (current_notification_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}/notification_templates/{{ current_notification_templates_asset_value.name | regex_replace('/', '_') }}.yaml" + loop: "{{ notification_templates_lookvar }}" + loop_control: + loop_var: current_notification_templates_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/organizations.yml b/roles/filetree_create/tasks/organizations.yml index 54c2f0266..f2de44b6f 100644 --- a/roles/filetree_create/tasks/organizations.yml +++ b/roles/filetree_create/tasks/organizations.yml @@ -11,40 +11,85 @@ order_by: 'id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the output directory for organizations: {{ output_path + '/' + current_organization_dir.name }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ current_organization_dir.name | regex_replace('/', '_') }}" - loop: "{{ orgs_lookvar }}" - loop_control: - loop_var: current_organization_dir - label: "{{ __path }}" + __dest: "{{ output_path }}/organizations.yaml" + block: + - name: "Add current organizations to the organizations flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_organizations.j2') }}" + vars: + query_notification_error: "{{ query(controller_api_plugin, current_organization.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_organization.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_organization.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_approvals: "{{ query(controller_api_plugin, current_organization.related.notification_templates_approvals, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + last_organization: "{{ current_organization_index == ((orgs_lookvar | length) - 1) }}" + loop: "{{ orgs_lookvar }}" + loop_control: + index_var: current_organization_index + loop_var: current_organization + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Add current organizations to the output yaml file" - ansible.builtin.template: - src: "templates/current_organizations.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - __dest: "{{ output_path }}/{{ current_organization.name | regex_replace('/', '_') }}/current_organization.yaml" - query_notification_error: "{{ query(controller_api_plugin, current_organization.related.notification_templates_error, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_started: "{{ query(controller_api_plugin, current_organization.related.notification_templates_started, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_success: "{{ query(controller_api_plugin, current_organization.related.notification_templates_success, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_approvals: "{{ query(controller_api_plugin, current_organization.related.notification_templates_approvals, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - loop: "{{ orgs_lookvar }}" - loop_control: - loop_var: current_organization - label: "{{ __dest }}" - no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for organizations: {{ output_path + '/' + current_organization_dir.name }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ current_organization_dir.name | regex_replace('/', '_') }}" + loop: "{{ orgs_lookvar }}" + loop_control: + loop_var: current_organization_dir + label: "{{ __path }}" + + - name: "Add current organizations to the output yaml file" + ansible.builtin.template: + src: "templates/current_organizations.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + __dest: "{{ output_path }}/{{ current_organization.name | regex_replace('/', '_') }}/current_organization.yaml" + query_notification_error: "{{ query(controller_api_plugin, current_organization.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_organization.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_organization.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_approvals: "{{ query(controller_api_plugin, current_organization.related.notification_templates_approvals, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + loop: "{{ orgs_lookvar }}" + loop_control: + loop_var: current_organization + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" ... diff --git a/roles/filetree_create/tasks/projects.yml b/roles/filetree_create/tasks/projects.yml index 5bbcfeca6..4cf7a838b 100644 --- a/roles/filetree_create/tasks/projects.yml +++ b/roles/filetree_create/tasks/projects.yml @@ -11,42 +11,87 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /projects output directory for projects in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/projects" - loop: "{{ (projects_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((projects_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/projects.yaml" + block: + - name: "Add current projects to the projects flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_projects.j2') }}" + vars: + project_organization: "{{ current_projects_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + project_id: "{{ current_projects_asset_value.id }}" + project_name: "{{ current_projects_asset_value.name | regex_replace('/', '_') }}" + query_notification_error: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + last_project: "{{ current_project_index == ((projects_lookvar | length) - 1) }}" + loop: "{{ projects_lookvar }}" + loop_control: + index_var: current_project_index + loop_var: current_projects_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Add current projects to the /projects output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_projects.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - project_organization: "{{ current_projects_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" - project_id: "{{ current_projects_asset_value.id }}" - project_name: "{{ current_projects_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ project_organization | regex_replace('/', '_') }}/projects/{{ project_id }}_{{ project_name | regex_replace('/', '_') }}.yaml" - query_notification_error: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_error, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_started: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_started, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_success: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_success, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - loop: "{{ projects_lookvar }}" - loop_control: - loop_var: current_projects_asset_value - label: "{{ __dest }}" - no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /projects output directory for projects in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/projects" + loop: "{{ (projects_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((projects_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current projects to the /projects output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_projects.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + project_organization: "{{ current_projects_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true) }}" + project_id: "{{ current_projects_asset_value.id }}" + project_name: "{{ current_projects_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ project_organization | regex_replace('/', '_') }}/projects/{{ project_id }}_{{ project_name | regex_replace('/', '_') }}.yaml" + query_notification_error: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_projects_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + loop: "{{ projects_lookvar }}" + loop_control: + loop_var: current_projects_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" ... diff --git a/roles/filetree_create/tasks/schedules.yml b/roles/filetree_create/tasks/schedules.yml index 83a110e05..0fc38b364 100644 --- a/roles/filetree_create/tasks/schedules.yml +++ b/roles/filetree_create/tasks/schedules.yml @@ -7,32 +7,75 @@ }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the schedules output directory for schedules in {{ output_path }}" - ansible.builtin.file: - path: "{{ output_path }}/schedules" - state: directory - mode: '0755' - -- name: "Add current schedules to the schedules output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_schedules.j2" - dest: "{{ __dest }}" - mode: '0644' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - label_id: "{{ current_schedules_asset_value.id }}" - label_name: "{{ current_schedules_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/schedules/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" - query_credentials: "{{ query(controller_api_plugin, current_schedules_asset_value.related.credentials, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.credentials is defined else [] }}" - query_instance_groups: "{{ query(controller_api_plugin, current_schedules_asset_value.related.instance_groups, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.instance_groups is defined else [] }}" - query_labels: "{{ query(controller_api_plugin, current_schedules_asset_value.related.labels, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.labels is defined else [] }}" - loop: "{{ schedules_lookvar }}" - loop_control: - loop_var: current_schedules_asset_value - label: "{{ __dest }}" + __dest: "{{ output_path }}/schedules.yaml" + block: + - name: "Add current schedules to the schedules flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_schedules.j2') }}" + vars: + label_id: "{{ current_schedules_asset_value.id }}" + label_name: "{{ current_schedules_asset_value.name | regex_replace('/', '_') }}" + query_credentials: "{{ query(controller_api_plugin, current_schedules_asset_value.related.credentials, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.credentials is defined else [] }}" + query_instance_groups: "{{ query(controller_api_plugin, current_schedules_asset_value.related.instance_groups, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.instance_groups is defined else [] }}" + query_labels: "{{ query(controller_api_plugin, current_schedules_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.labels is defined else [] }}" + last_schedule: "{{ current_schedule_index == ((schedules_lookvar | length) - 1) }}" + loop: "{{ schedules_lookvar }}" + loop_control: + index_var: current_schedule_index + loop_var: current_schedules_asset_value + label: "{{ __dest }}" + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the schedules output directory for schedules in {{ output_path }}" + ansible.builtin.file: + path: "{{ output_path }}/schedules" + state: directory + mode: '0755' + + - name: "Add current schedules to the schedules output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_schedules.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + label_id: "{{ current_schedules_asset_value.id }}" + label_name: "{{ current_schedules_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/schedules/{{ label_id }}_{{ label_name | regex_replace('/', '_') }}.yaml" + query_credentials: "{{ query(controller_api_plugin, current_schedules_asset_value.related.credentials, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.credentials is defined else [] }}" + query_instance_groups: "{{ query(controller_api_plugin, current_schedules_asset_value.related.instance_groups, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.instance_groups is defined else [] }}" + query_labels: "{{ query(controller_api_plugin, current_schedules_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) if current_schedules_asset_value.related.labels is defined else [] }}" + loop: "{{ schedules_lookvar }}" + loop_control: + loop_var: current_schedules_asset_value + label: "{{ __dest }}" ... diff --git a/roles/filetree_create/tasks/team_roles.yml b/roles/filetree_create/tasks/team_roles.yml index 1db22c86d..19a003d6f 100644 --- a/roles/filetree_create/tasks/team_roles.yml +++ b/roles/filetree_create/tasks/team_roles.yml @@ -7,18 +7,52 @@ }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the output directory for team roles: {{ output_path }}" - ansible.builtin.file: - path: "{{ output_path }}/team_roles" - state: directory - mode: '0755' - -- name: "Add current roles to the output yaml file" - ansible.builtin.template: - src: "templates/current_team_roles.j2" - dest: "{{ output_path }}/team_roles/current_roles_{{ teamname | regex_replace('/', '_') }}.yaml" - mode: '0644' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - current_team_roles_asset_value: "{{ team_roles_lookvar }}" - when: team_roles_lookvar | length > 0 + __dest: "{{ output_path }}/team_roles.yaml" + block: + - name: "Stat if the output file exists" + ansible.builtin.stat: + path: "{{ __dest }}" + register: team_roles_file + + - name: "Add current team roles to the team roles flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_team_roles.j2') }}" + vars: + current_team_roles_asset_value: "{{ team_roles_lookvar }}" + first_team_role: "{{ not team_roles_file.stat.exists }}" + when: team_roles_lookvar | length > 0 + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for team roles: {{ output_path }}" + ansible.builtin.file: + path: "{{ output_path }}/team_roles" + state: directory + mode: '0755' + + - name: "Add current roles to the output yaml file" + ansible.builtin.template: + src: "templates/current_team_roles.j2" + dest: "{{ output_path }}/team_roles/current_roles_{{ teamname | regex_replace('/', '_') }}.yaml" + mode: '0644' + vars: + current_team_roles_asset_value: "{{ team_roles_lookvar }}" + when: team_roles_lookvar | length > 0 ... diff --git a/roles/filetree_create/tasks/teams.yml b/roles/filetree_create/tasks/teams.yml index 4435aa571..e84807768 100644 --- a/roles/filetree_create/tasks/teams.yml +++ b/roles/filetree_create/tasks/teams.yml @@ -11,42 +11,79 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /teams output directory for teams in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/teams" - loop: "{{ (teams_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((teams_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/teams.yaml" + block: + - name: "Add current teams to the teams flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_teams.j2') }}" + vars: + team_organization: "{{ (current_teams_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" + team_id: "{{ current_teams_asset_value.id }}" + team_name: "{{ current_teams_asset_value.name | regex_replace('/', '_') }}" + last_team: "{{ current_team_index == ((teams_lookvar | length) - 1) }}" + loop: "{{ teams_lookvar }}" + loop_control: + index_var: current_team_index + loop_var: current_teams_asset_value + label: "{{ __dest }}" -- name: "Add current teams to the /teams output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_teams.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - team_organization: "{{ (current_teams_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" - team_id: "{{ current_teams_asset_value.id }}" - team_name: "{{ current_teams_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ team_organization | regex_replace('/', '_') }}/teams/{{ team_id }}_{{ team_name | regex_replace('/', '_') }}.yaml" - loop: "{{ teams_lookvar }}" - loop_control: - loop_var: current_teams_asset_value - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /teams output directory for teams in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/teams" + loop: "{{ (teams_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((teams_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current teams to the /teams output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_teams.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + team_organization: "{{ (current_teams_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" + team_id: "{{ current_teams_asset_value.id }}" + team_name: "{{ current_teams_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ team_organization | regex_replace('/', '_') }}/teams/{{ team_id }}_{{ team_name | regex_replace('/', '_') }}.yaml" + loop: "{{ teams_lookvar }}" + loop_control: + loop_var: current_teams_asset_value + label: "{{ __dest }}" - name: "Set the team's roles" ansible.builtin.include_tasks: "team_roles.yml" vars: - team_organization: "{{ (current_teams_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" + team_organization: "{{ (current_team.summary_fields.organization.name | default('ORGANIZATIONLESS', true)) | regex_replace('/', '_') }}" teamname: "{{ current_team.name }}" teamid: "{{ current_team.id }}" + last_team_role: "{{ current_team_index_for_roles == ((teams_lookvar | length) - 1) }}" loop: "{{ teams_lookvar }}" loop_control: + index_var: current_team_index_for_roles loop_var: current_team ... diff --git a/roles/filetree_create/tasks/user_roles.yml b/roles/filetree_create/tasks/user_roles.yml index cd4335327..24eab4c86 100644 --- a/roles/filetree_create/tasks/user_roles.yml +++ b/roles/filetree_create/tasks/user_roles.yml @@ -7,18 +7,52 @@ }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the output directory for user roles: {{ output_path }}" - ansible.builtin.file: - path: "{{ output_path }}/user_roles" - state: directory - mode: '0755' - -- name: "Add current roles to the output yaml file" - ansible.builtin.template: - src: "templates/current_user_roles.j2" - dest: "{{ output_path }}/user_roles/current_roles_{{ username | regex_replace('/', '_') }}.yaml" - mode: '0644' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - current_user_roles_asset_value: "{{ user_roles_lookvar }}" - when: user_roles_lookvar | length > 0 + __dest: "{{ output_path }}/user_roles.yaml" + block: + - name: "Stat if the output file exists" + ansible.builtin.stat: + path: "{{ __dest }}" + register: user_roles_file + + - name: "Add current user roles to the user roles flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_user_roles.j2') }}" + vars: + current_user_roles_asset_value: "{{ user_roles_lookvar }}" + first_user_role: "{{ not user_roles_file.stat.exists }}" + when: user_roles_lookvar | length > 0 + + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for user roles: {{ output_path }}" + ansible.builtin.file: + path: "{{ output_path }}/user_roles" + state: directory + mode: '0755' + + - name: "Add current roles to the output yaml file" + ansible.builtin.template: + src: "templates/current_user_roles.j2" + dest: "{{ output_path }}/user_roles/current_roles_{{ username | regex_replace('/', '_') }}.yaml" + mode: '0644' + vars: + current_user_roles_asset_value: "{{ user_roles_lookvar }}" + when: user_roles_lookvar | length > 0 ... diff --git a/roles/filetree_create/tasks/users.yml b/roles/filetree_create/tasks/users.yml index 79fbbe938..aee2d8f17 100644 --- a/roles/filetree_create/tasks/users.yml +++ b/roles/filetree_create/tasks/users.yml @@ -22,41 +22,77 @@ label: "User {{ user_lookvar_item.username }}" no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the output directory for users in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ current_user_dir | regex_replace('/', '_') }}/users" - when: organization_filter is not defined or (current_user_dir is match(organization_filter)) - loop: "{{ current_users | selectattr('organizations', 'defined') | map(attribute='organizations') | flatten | unique }}" - loop_control: - loop_var: current_user_dir - label: "{{ __path }}" + __dest: "{{ output_path }}/users.yaml" + block: + - name: "Add current users to the users flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_users.j2') }}" + vars: + current_users_asset_value: "{{ current_user_dir.0 }}" + last_user: "{{ current_user_index == ((users_lookvar | length) - 1) }}" + when: organization_filter is not defined or (current_user_dir.1 is match(organization_filter)) + loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" + loop_control: + index_var: current_user_index + loop_var: current_user_dir + label: "{{ __dest }}" -- name: "Add current users to the /.yaml output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_users.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - current_users_asset_value: "{{ current_user_dir.0 }}" - __dest: "{{ output_path }}/{{ current_user_dir.1 | regex_replace('/', '_') }}/users/{{ current_user_dir.0.username | regex_replace('/', '_') }}.yaml" - when: organization_filter is not defined or (current_user_dir.1 is match(organization_filter)) - loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" - loop_control: - loop_var: current_user_dir - label: "{{ __dest }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the output directory for users in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ current_user_dir | regex_replace('/', '_') }}/users" + when: organization_filter is not defined or (current_user_dir is match(organization_filter)) + loop: "{{ current_users | selectattr('organizations', 'defined') | map(attribute='organizations') | flatten | unique }}" + loop_control: + loop_var: current_user_dir + label: "{{ __path }}" + + - name: "Add current users to the /.yaml output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_users.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + current_users_asset_value: "{{ current_user_dir.0 }}" + __dest: "{{ output_path }}/{{ current_user_dir.1 | regex_replace('/', '_') }}/users/{{ current_user_dir.0.username | regex_replace('/', '_') }}.yaml" + when: organization_filter is not defined or (current_user_dir.1 is match(organization_filter)) + loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" + loop_control: + loop_var: current_user_dir + label: "{{ __dest }}" - name: "Set the user's roles" ansible.builtin.include_tasks: "user_roles.yml" vars: username: "{{ current_user.0.username }}" + last_user_role: "{{ current_user_index_for_roles == ((current_users | default([]) | subelements('organizations', skip_missing=true) | length) - 1) }}" when: - not current_user.0.is_superuser - organization_filter is not defined or (current_user.1 is match(organization_filter)) loop: "{{ current_users | default([]) | subelements('organizations', skip_missing=true) }}" loop_control: + index_var: current_user_index_for_roles loop_var: current_user ... diff --git a/roles/filetree_create/tasks/workflow_job_templates.yml b/roles/filetree_create/tasks/workflow_job_templates.yml index c66d3a156..32e3c56ef 100644 --- a/roles/filetree_create/tasks/workflow_job_templates.yml +++ b/roles/filetree_create/tasks/workflow_job_templates.yml @@ -11,48 +11,99 @@ order_by: 'organization,id' no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Create the /workflow_job_templates output directory for workflow job templates in {{ output_path }}" - ansible.builtin.file: - path: "{{ __path }}" - state: directory - mode: '0755' +- name: "Block for to generate flatten output" + when: + - flatten_output is defined + - flatten_output | bool vars: - __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/workflow_job_templates/" - loop: "{{ (workflow_job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) - + (['ORGANIZATIONLESS'] if ((workflow_job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) - }}" - loop_control: - loop_var: needed_path - label: "{{ __path }}" + __dest: "{{ output_path }}/workflow_job_templates.yaml" + block: + - name: "Add current workflow_job_templates to the workflow_job_templates flat file" + ansible.builtin.blockinfile: + create: true + mode: "0644" + insertafter: EOF + path: "{{ __dest }}" + marker: "" + block: "{{ lookup('template', 'templates/current_workflow_job_templates.j2') }}" + vars: + workflow_job_template_organization: "{{ current_workflow_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + workflow_job_template_id: "{{ current_workflow_job_templates_asset_value.id }}" + workflow_job_template_name: "{{ current_workflow_job_templates_asset_value.name | regex_replace('/', '_') }}" + query_labels: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_error: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_approvals: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_approvals, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + last_workflow_job_template: "{{ current_workflow_job_template_index == ((workflow_job_templates_lookvar | length) - 1) }}" + loop: "{{ workflow_job_templates_lookvar }}" + loop_control: + index_var: current_workflow_job_template_index + loop_var: current_workflow_job_templates_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" -- name: "Add current workflow job templates to the /workflow_job_templates output file in {{ output_path }}" - ansible.builtin.template: - src: "templates/current_workflow_job_templates.j2" - dest: "{{ __dest }}" - mode: '0644' - vars: - workflow_job_template_organization: "{{ current_workflow_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" - workflow_job_template_id: "{{ current_workflow_job_templates_asset_value.id }}" - workflow_job_template_name: "{{ current_workflow_job_templates_asset_value.name | regex_replace('/', '_') }}" - __dest: "{{ output_path }}/{{ workflow_job_template_organization | regex_replace('/', '_') }}/workflow_job_templates/{{ workflow_job_template_id }}_{{ workflow_job_template_name | regex_replace('/', '_') }}.yaml" - query_labels: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.labels, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_error: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_error, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_started: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_started, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_success: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_success, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - query_notification_approvals: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_approvals, - host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, - return_all=true, max_objects=query_controller_api_max_objects) }}" - loop: "{{ workflow_job_templates_lookvar }}" - loop_control: - loop_var: current_workflow_job_templates_asset_value - label: "{{ __dest }}" - no_log: "{{ controller_configuration_filetree_create_secure_logging }}" + - name: "Remove all the blank lines introduced by the last task" + ansible.builtin.lineinfile: + path: "{{ __dest }}" + line: '' + state: absent + +- name: "Block for to generate the filetre_create normal output" + when: flatten_output is not defined or not (flatten_output | bool) + block: + - name: "Create the /workflow_job_templates output directory for workflow job templates in {{ output_path }}" + ansible.builtin.file: + path: "{{ __path }}" + state: directory + mode: '0755' + vars: + __path: "{{ output_path }}/{{ needed_path | regex_replace('/', '_') }}/workflow_job_templates/" + loop: "{{ (workflow_job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'defined') | map(attribute='organization') | map(attribute='name') | list | flatten | unique) + + (['ORGANIZATIONLESS'] if ((workflow_job_templates_lookvar | map(attribute='summary_fields') | selectattr('organization', 'undefined') | list | flatten) | length > 0) else []) + }}" + loop_control: + loop_var: needed_path + label: "{{ __path }}" + + - name: "Add current workflow job templates to the /workflow_job_templates output file in {{ output_path }}" + ansible.builtin.template: + src: "templates/current_workflow_job_templates.j2" + dest: "{{ __dest }}" + mode: '0644' + vars: + workflow_job_template_organization: "{{ current_workflow_job_templates_asset_value.summary_fields.organization.name | default('ORGANIZATIONLESS') }}" + workflow_job_template_id: "{{ current_workflow_job_templates_asset_value.id }}" + workflow_job_template_name: "{{ current_workflow_job_templates_asset_value.name | regex_replace('/', '_') }}" + __dest: "{{ output_path }}/{{ workflow_job_template_organization | regex_replace('/', '_') }}/workflow_job_templates/{{ workflow_job_template_id }}_{{ workflow_job_template_name | regex_replace('/', '_') }}.yaml" + query_labels: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.labels, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_error: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_error, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_started: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_started, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_success: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_success, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + query_notification_approvals: "{{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.notification_templates_approvals, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, + return_all=true, max_objects=query_controller_api_max_objects) }}" + loop: "{{ workflow_job_templates_lookvar }}" + loop_control: + loop_var: current_workflow_job_templates_asset_value + label: "{{ __dest }}" + no_log: "{{ controller_configuration_filetree_create_secure_logging }}" ... diff --git a/roles/filetree_create/templates/current_applications.j2 b/roles/filetree_create/templates/current_applications.j2 index c27915117..246ba3ed4 100644 --- a/roles/filetree_create/templates/current_applications.j2 +++ b/roles/filetree_create/templates/current_applications.j2 @@ -1,5 +1,7 @@ +{% if (current_application_index | default(0)) == 0 %} --- controller_applications: +{% endif %} - name: "{{ current_applications_asset_value.name }}" description: "{{ current_applications_asset_value.description }}" organization: "{{ current_applications_asset_value.summary_fields.organization.name | default('ToDo: The application \'' + current_applications_asset_value.name + '\' must have an organization') }}" @@ -8,4 +10,6 @@ controller_applications: skip_authorization: "{{ current_applications_asset_value.skip_authorization }}" client_id: "{{ current_applications_asset_value.client_id }}" client_type: "{{ current_applications_asset_value.client_type }}" +{% if last_application | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_credentials.j2 b/roles/filetree_create/templates/current_credentials.j2 index 1eed4841c..d208a5d4e 100644 --- a/roles/filetree_create/templates/current_credentials.j2 +++ b/roles/filetree_create/templates/current_credentials.j2 @@ -1,5 +1,7 @@ +{% if (current_credential_index | default(0)) == 0 %} --- controller_credentials: +{% endif %} - name: "{{ current_credentials_asset_value.name }}" description: "{{ current_credentials_asset_value.description }}" credential_type: "{{ current_credentials_asset_value.summary_fields.credential_type.name }}" @@ -8,6 +10,10 @@ controller_credentials: {% else %} organization: "ORGANIZATIONLESS" {% endif %} +{% if current_credentials_asset_value.inputs is defined and current_credentials_asset_value.inputs is not match('{}') %} inputs: {{ current_credentials_asset_value.inputs | to_nice_yaml(indent=2) | indent(width=6, first=True) | replace("$encrypted$", "\'\'") }} +{% endif %} +{% if last_credential | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_groups.j2 b/roles/filetree_create/templates/current_groups.j2 index de8858bb5..a043e645e 100644 --- a/roles/filetree_create/templates/current_groups.j2 +++ b/roles/filetree_create/templates/current_groups.j2 @@ -1,5 +1,7 @@ +{% if ((first_inventory | default(true) | bool) and ((current_inventory_index | default(0)) == 0)) %} --- controller_groups: +{% endif %} {% for group in current_groups_asset_value %} - name: "{{ group.name }}" description: "{{ group.description }}" @@ -15,4 +17,6 @@ controller_groups: ) | selectattr("name", "defined") | map(attribute="name") | to_nice_yaml(indent=2) | indent(width=6, first=True) }} {%- endfor -%} +{% if last_inventory | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_hosts.j2 b/roles/filetree_create/templates/current_hosts.j2 index 3a3d4abef..7ef807915 100644 --- a/roles/filetree_create/templates/current_hosts.j2 +++ b/roles/filetree_create/templates/current_hosts.j2 @@ -1,5 +1,7 @@ +{% if ((first_inventory | default(true) | bool) and ((current_inventory_index | default(0)) == 0)) %} --- controller_hosts: +{% endif %} {% for host in current_hosts_asset_value if not host.has_inventory_sources %} - name: "{{ host.name }}" description: "{{ host.description }}" @@ -9,4 +11,6 @@ controller_hosts: {{ host.variables | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} {% endfor %} +{% if last_inventory | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_inventories.j2 b/roles/filetree_create/templates/current_inventories.j2 index e82330541..91c243bc3 100644 --- a/roles/filetree_create/templates/current_inventories.j2 +++ b/roles/filetree_create/templates/current_inventories.j2 @@ -1,5 +1,7 @@ +{% if (first_inventory | default(true) | bool) and (current_inventory_index | default(0) == 0) %} --- controller_inventories: +{% endif %} - name: "{{ current_inventories_asset_value.name }}" description: "{{ current_inventories_asset_value.description }}" organization: "{{ inventory_organization }}" @@ -29,4 +31,6 @@ controller_inventories: variables: {{ current_inventories_asset_value.variables | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} +{% if last_inventory | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_inventory_sources.j2 b/roles/filetree_create/templates/current_inventory_sources.j2 index 5c7887148..ab1c93936 100644 --- a/roles/filetree_create/templates/current_inventory_sources.j2 +++ b/roles/filetree_create/templates/current_inventory_sources.j2 @@ -1,5 +1,7 @@ +{% if (current_inventory_index | default(0)) == 0 %} --- controller_inventory_sources: +{% endif %} {% for inventory_source in current_inventory_sources_asset_value %} - name: "{{ inventory_source.name }}" description: "{{ inventory_source.description }}" @@ -51,4 +53,6 @@ controller_inventory_sources: {% endfor %} {% endif %} {% endfor %} +{% if last_inventory | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_job_templates.j2 b/roles/filetree_create/templates/current_job_templates.j2 index a5e848b41..c9c160cbc 100644 --- a/roles/filetree_create/templates/current_job_templates.j2 +++ b/roles/filetree_create/templates/current_job_templates.j2 @@ -1,5 +1,7 @@ +{% if (current_job_template_index | default(0)) == 0 %} --- controller_templates: +{% endif %} - name: "{{ current_job_templates_asset_value.name }}" description: "{{ current_job_templates_asset_value.description }}" organization: "{{ current_job_templates_asset_value.summary_fields.organization.name | default('ToDo: The job template \'' + current_job_templates_asset_value.name + '\' must belong to an organization') }}" @@ -50,7 +52,7 @@ controller_templates: {% if current_job_templates_asset_value.ask_instance_groups_on_launch is defined %} ask_instance_groups_on_launch: {{ current_job_templates_asset_value.ask_instance_groups_on_launch | bool }} {% endif %} -{% if current_job_templates_asset_value.extra_vars and current_job_templates_asset_value.extra_vars != '---' and current_job_templates_asset_value.extra_vars != '' %} +{% if current_job_templates_asset_value.extra_vars and current_job_templates_asset_value.extra_vars | length > 3 %} extra_vars: {{ current_job_templates_asset_value.extra_vars | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} @@ -91,7 +93,14 @@ controller_templates: {% endfor %} {% endif %} survey_enabled: {{ current_job_templates_asset_value.survey_enabled | bool }} - survey_spec: {{ query(controller_api_plugin, current_job_templates_asset_value.related.survey_spec, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0] }} +{% set survey_spec_contents = query(controller_api_plugin, current_job_templates_asset_value.related.survey_spec, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0] | + from_yaml | to_nice_yaml(indent=2,width=500) | regex_replace("\n\n[ ]*", "\\\\n") | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") | replace("^$", "") +-%} +{% if current_job_templates_asset_value.related.survey_spec is defined and survey_spec_contents | length > 3 %} + survey_spec: + {{ survey_spec_contents }} +{% endif %} become_enabled: {{ current_job_templates_asset_value.become_enabled | bool }} diff_mode: {{ current_job_templates_asset_value.diff_mode | bool }} webhook_service: "{{ current_job_templates_asset_value.webhook_service }}" @@ -101,4 +110,6 @@ controller_templates: {% if current_job_templates_asset_value.prevent_instance_group_fallback is defined %} prevent_instance_group_fallback: {{ current_job_templates_asset_value.prevent_instance_group_fallback | bool }} {% endif %} +{% if last_job_template | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_labels.j2 b/roles/filetree_create/templates/current_labels.j2 index 727cf90d8..fff70f1a6 100644 --- a/roles/filetree_create/templates/current_labels.j2 +++ b/roles/filetree_create/templates/current_labels.j2 @@ -1,5 +1,9 @@ +{% if (current_label_index | default(0)) == 0 %} --- controller_labels: +{% endif %} - name: "{{ current_labels_asset_value.name }}" organization: "{{ current_labels_asset_value.summary_fields.organization.name | default('ToDo: The label \'' + current_labels_asset_value.name + '\' must have an organization') }}" +{% if last_label | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_notification_templates.j2 b/roles/filetree_create/templates/current_notification_templates.j2 index c98d04497..ad60cb4cc 100644 --- a/roles/filetree_create/templates/current_notification_templates.j2 +++ b/roles/filetree_create/templates/current_notification_templates.j2 @@ -1,5 +1,7 @@ +{% if (current_notification_template_index | default(0)) == 0 %} --- controller_notifications: +{% endif %} - name: "{{ current_notification_templates_asset_value.name }}" organization: "{{ current_notification_templates_asset_value.summary_fields.organization.name }}" notification_type: "{{ current_notification_templates_asset_value.notification_type }}" @@ -19,4 +21,6 @@ controller_notifications: messages: {{ current_notification_templates_asset_value.messages | to_nice_yaml(indent=2) | indent(width=6, first=True) | replace("'{{", "!unsafe \'{{") }} {% endif %} +{% if last_notification_template | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_organizations.j2 b/roles/filetree_create/templates/current_organizations.j2 index 3836f6ced..ea103a9cc 100644 --- a/roles/filetree_create/templates/current_organizations.j2 +++ b/roles/filetree_create/templates/current_organizations.j2 @@ -1,5 +1,7 @@ +{% if (current_organization_index | default(0)) == 0 %} --- controller_organizations: +{% endif %} - name: "{{ current_organization.name }}" description: "{{ current_organization.description }}" {% if query_notification_error | length > 0 %} @@ -26,4 +28,6 @@ controller_organizations: - "{{ notification_approval.name }}" {% endfor %} {% endif %} +{% if last_organization | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_projects.j2 b/roles/filetree_create/templates/current_projects.j2 index 5e9554006..9526f3356 100644 --- a/roles/filetree_create/templates/current_projects.j2 +++ b/roles/filetree_create/templates/current_projects.j2 @@ -1,5 +1,7 @@ +{% if (current_project_index | default(0)) == 0 %} --- controller_projects: +{% endif %} - name: "{{ current_projects_asset_value.name }}" description: "{{ current_projects_asset_value.description }}" organization: "{{ current_projects_asset_value.summary_fields.organization.name | default('ToDo: The project \'' + current_projects_asset_value.name + '\' must have an organization') }}" @@ -35,4 +37,6 @@ controller_projects: - "{{ notification_success.name }}" {% endfor %} {% endif %} +{% if last_project | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_schedules.j2 b/roles/filetree_create/templates/current_schedules.j2 index 367af3851..8c7506815 100644 --- a/roles/filetree_create/templates/current_schedules.j2 +++ b/roles/filetree_create/templates/current_schedules.j2 @@ -1,5 +1,7 @@ +{% if (current_schedule_index | default(0)) == 0 %} --- controller_schedules: +{% endif %} - name: "{{ current_schedules_asset_value.name }}" {% if current_schedules_asset_value.description is defined %} description: "{{ current_schedules_asset_value.description }}" @@ -76,4 +78,6 @@ controller_schedules: {% if current_schedules_asset_value.verbosity is defined %} verbosity: {{ current_schedules_asset_value.verbosity | int }} {% endif %} +{% if last_schedule | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_team_roles.j2 b/roles/filetree_create/templates/current_team_roles.j2 index 61dda0ae9..d70d0a080 100644 --- a/roles/filetree_create/templates/current_team_roles.j2 +++ b/roles/filetree_create/templates/current_team_roles.j2 @@ -1,5 +1,7 @@ +{% if first_team_role | default(true) | bool %} --- controller_roles: +{% endif %} {% for role in team_roles_lookvar %} {% if role.summary_fields.resource_type is defined %} - team: "{{ teamname }}" @@ -23,4 +25,6 @@ controller_roles: role: "{{ role.name | lower }}" {% endif %} {% endfor %} +{% if last_team_role | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_teams.j2 b/roles/filetree_create/templates/current_teams.j2 index d8f471e24..259c47df8 100644 --- a/roles/filetree_create/templates/current_teams.j2 +++ b/roles/filetree_create/templates/current_teams.j2 @@ -1,6 +1,10 @@ +{% if (current_team_index | default(0)) == 0 %} --- controller_teams: +{% endif %} - name: "{{ current_teams_asset_value.name }}" description: "{{ current_teams_asset_value.description }}" organization: "{{ current_teams_asset_value.summary_fields.organization.name }}" +{% if last_team | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_user_roles.j2 b/roles/filetree_create/templates/current_user_roles.j2 index 2a037a5a7..2170e99d6 100644 --- a/roles/filetree_create/templates/current_user_roles.j2 +++ b/roles/filetree_create/templates/current_user_roles.j2 @@ -1,5 +1,7 @@ +{% if first_user_role | default(true) | bool %} --- controller_roles: +{% endif %} {% for role in user_roles_lookvar %} {% if role.summary_fields.resource_type is defined %} - user: "{{ username }}" @@ -23,4 +25,6 @@ controller_roles: role: "{{ role.name | lower }}" {% endif %} {% endfor %} +{% if last_user_role | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_users.j2 b/roles/filetree_create/templates/current_users.j2 index fe98ce709..59f766c2f 100644 --- a/roles/filetree_create/templates/current_users.j2 +++ b/roles/filetree_create/templates/current_users.j2 @@ -1,5 +1,7 @@ +{% if (current_user_index | default(0)) == 0 %} --- controller_user_accounts: +{% endif %} - username: "{{ current_users_asset_value.username }}" password: "INITIAL" email: "{{ current_users_asset_value.email }}" @@ -8,4 +10,6 @@ controller_user_accounts: auditor: "{{ current_users_asset_value.is_system_auditor }}" superuser: "{{ current_users_asset_value.is_superuser }}" update_secrets: false +{% if last_user | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/templates/current_workflow_job_templates.j2 b/roles/filetree_create/templates/current_workflow_job_templates.j2 index 90fdb512f..6800a4215 100644 --- a/roles/filetree_create/templates/current_workflow_job_templates.j2 +++ b/roles/filetree_create/templates/current_workflow_job_templates.j2 @@ -1,5 +1,7 @@ +{% if (current_workflow_job_template_index | default(0)) == 0 %} --- controller_workflows: +{% endif %} - name: "{{ current_workflow_job_templates_asset_value.name }}" description: "{{ current_workflow_job_templates_asset_value.description }}" organization: "{{ current_workflow_job_templates_asset_value.summary_fields.organization.name | default('ToDo: The WF \'' + current_workflow_job_templates_asset_value.name + '\' must belong to an organization') }}" @@ -36,12 +38,11 @@ controller_workflows: {% endfor %} {% endif %} {% endfor %} - survey_enabled: "{{ current_workflow_job_templates_asset_value.survey_enabled }}" ask_variables_on_launch: "{{ current_workflow_job_templates_asset_value.ask_variables_on_launch }}" allow_simultaneous: "{{ current_workflow_job_templates_asset_value.allow_simultaneous }}" scm_branch: "{{ current_workflow_job_templates_asset_value.scm_branch }}" webhook_service: "{{ current_workflow_job_templates_asset_value.webhook_service }}" -{% if current_workflow_job_templates_asset_value.extra_vars and current_workflow_job_templates_asset_value.extra_vars != '---' and current_workflow_job_templates_asset_value.extra_vars != '' %} +{% if current_workflow_job_templates_asset_value.extra_vars and current_workflow_job_templates_asset_value.extra_vars | length > 3 %} extra_vars: {{ current_workflow_job_templates_asset_value.extra_vars | from_yaml | to_nice_yaml(indent=2) | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") }} {%- endif %} @@ -76,5 +77,14 @@ controller_workflows: {% endfor %} {% endif %} survey_enabled: {{ current_workflow_job_templates_asset_value.survey_enabled }} - survey_spec: {{ query(controller_api_plugin, current_workflow_job_templates_asset_value.related.survey_spec, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0] }} +{% set survey_spec_contents = query(controller_api_plugin, current_workflow_job_templates_asset_value.related.survey_spec, + host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0] | + from_yaml | to_nice_yaml(indent=2,width=500) | regex_replace("\n\n[ ]*", "\\\\n") | indent(width=6, first=False) | replace("'{{", "!unsafe \'{{") | replace("^$", "") +-%} +{% if current_workflow_job_templates_asset_value.related.survey_spec is defined and survey_spec_contents | length > 3 %} + survey_spec: + {{ survey_spec_contents }} +{% endif %} +{% if last_workflow_job_template | default(true) | bool %} ... +{% endif %} diff --git a/roles/filetree_create/tests/filetree_create.yml b/roles/filetree_create/tests/filetree_create.yml index e54608a39..19e64aba7 100644 --- a/roles/filetree_create/tests/filetree_create.yml +++ b/roles/filetree_create/tests/filetree_create.yml @@ -47,3 +47,4 @@ status_code: 204 when: controller_oauthtoken_url is defined ... +# ansible-playbook -i localhost, filetree_create.yml -e '{controller_configuration_inventories_enforce_defaults: false, controller_configuration_inventory_sources_enforce_defaults: false, controller_validate_certs: false, controller_hostname: localhost:8443, controller_username: , controller_password: , flatten_output: true}' diff --git a/roles/object_diff/tasks/roles.yml b/roles/object_diff/tasks/roles.yml index f284ccbfa..97d56dabc 100644 --- a/roles/object_diff/tasks/roles.yml +++ b/roles/object_diff/tasks/roles.yml @@ -13,6 +13,7 @@ - name: "Get the API list of all roles" ansible.builtin.set_fact: + # noqa jinja[spacing] __controller_api_roles: "{{ (__controller_api_roles | default([])) + [{ 'users': current_users, 'teams': current_teams, From ad50b94f947807263c1df4caf8143a4b8398799c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 08:13:42 -0500 Subject: [PATCH 128/129] Update pre-commit (#727) Co-authored-by: sean-m-sullivan Co-authored-by: Sean Sullivan --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 76995d49e..163397cc5 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -14,7 +14,7 @@ repos: # types: # - yaml - repo: 'https://github.com/ansible-community/ansible-lint.git' - rev: v6.21.1 + rev: v6.22.0 hooks: # see discussions here about what arguments are used, and behavior # https://github.com/ansible/ansible-lint/issues/649 @@ -34,7 +34,7 @@ repos: hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black - rev: 23.10.1 + rev: 23.11.0 hooks: - id: black name: black From a85c4a529cbc937a2c16eb7b54b256cb1e716b96 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 21 Nov 2023 01:29:07 -0500 Subject: [PATCH 129/129] Update pre-commit (#728) Co-authored-by: sean-m-sullivan --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 163397cc5..3d85fda46 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,7 +30,7 @@ repos: - "ansible-core>=2.13" - "yamllint>=1.26,<2.0" - repo: https://github.com/DavidAnson/markdownlint-cli2 - rev: v0.10.0 + rev: v0.11.0 hooks: - id: markdownlint-cli2 - repo: https://github.com/ambv/black