forked from redhat-cop/infra.aap_configuration
-
Notifications
You must be signed in to change notification settings - Fork 0
/
drop_diff.yml
68 lines (64 loc) · 3.09 KB
/
drop_diff.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
---
- name: Test playbook
hosts: all
connection: local
gather_facts: false
vars:
controller_username: "{{ vault_controller_username | default(lookup('env', 'CONTROLLER_USERNAME')) }}"
controller_password: "{{ vault_controller_password | default(lookup('env', 'CONTROLLER_PASSWORD')) }}"
controller_hostname: "{{ vault_controller_hostname | default(lookup('env', 'CONTROLLER_HOST')) }}"
controller_validate_certs: "{{ vault_controller_validate_certs | default(lookup('env', 'CONTROLLER_VERIFY_SSL')) }}"
pre_tasks:
- name: "Setup authentication (block)"
no_log: "{{ controller_configuration_object_diff_secure_logging }}"
when: controller_oauthtoken is not defined
tags:
- always
block:
- name: "Get the Authentication Token for the future requests"
ansible.builtin.uri:
url: "https://{{ controller_hostname }}/api/v2/tokens/"
user: "{{ controller_username }}"
password: "{{ controller_password }}"
method: POST
force_basic_auth: true
validate_certs: "{{ controller_validate_certs }}"
status_code: 201
register: authtoken_res
- name: "Set the oauth token to be used since now"
ansible.builtin.set_fact:
controller_oauthtoken: "{{ authtoken_res.json.token }}"
controller_oauthtoken_url: "{{ authtoken_res.json.url }}"
roles:
- role: infra.controller_configuration.filetree_read
- role: infra.controller_configuration.object_diff
- role: infra.controller_configuration.dispatch
vars:
controller_configuration_dispatcher_roles:
- {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates}
- {role: job_templates, var: controller_templates, tags: job_templates}
- {role: roles, var: controller_roles, tags: roles}
- {role: teams, var: controller_teams, tags: teams}
- {role: users, var: controller_user_accounts, tags: users}
- {role: groups, var: controller_groups, tags: inventories}
- {role: hosts, var: controller_hosts, tags: hosts}
- {role: inventory_sources, var: controller_inventory_sources, tags: inventory_sources}
- {role: inventories, var: controller_inventories, tags: inventories}
- {role: projects, var: controller_projects, tags: projects}
- {role: credentials, var: controller_credentials, tags: credentials}
- {role: credential_types, var: controller_credential_types, tags: credential_types}
- {role: organizations, var: controller_organizations, tags: organizations}
post_tasks:
- name: "Delete the Authentication Token used"
ansible.builtin.uri:
url: "https://{{ controller_hostname }}{{ controller_oauthtoken_url }}"
user: "{{ controller_username }}"
password: "{{ controller_password }}"
method: DELETE
force_basic_auth: true
validate_certs: "{{ controller_validate_certs }}"
status_code: 204
when: controller_oauthtoken_url is defined
tags:
- always
...