Merge branch 'main' into use_defaults

ansible · Aug 14, 2023 · 16cb03f · 16cb03f
2 parents cc989ef + f7f95f2
commit 16cb03f
Show file tree

Hide file tree

Showing 11 changed files with 89 additions and 56 deletions.
diff --git a/cloud/README.md b/cloud/README.md
@@ -40,7 +40,7 @@ After running the setup job template, there are a few steps required to make the
 
 ### Add Workshop Credential Password
 
-1) Add the password used to login to Controller. This allows you to connect to Windows Servers provisioned with Create VM job. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
+1) Add a password that meets the [default complexity requirements](https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements#reference). This allows you to connect to Windows Servers provisioned with Create VM job. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
 
 ### Remove Inventory Variables
 

diff --git a/cloud/blueprints/al2023.yml b/cloud/blueprints/al2023.yml
@@ -0,0 +1,6 @@
+---
+vm_providers:
+  - aws
+aws_instance_size: t3.micro
+aws_image_architecture: x86_64
+aws_image_filter: 'al2023-ami-2023*'
diff --git a/cloud/create_infra.yml b/cloud/create_infra.yml
diff --git a/cloud/create_vm.yml b/cloud/create_vm.yml
diff --git a/cloud/setup.yml b/cloud/setup.yml
@@ -19,8 +19,7 @@ controller_projects:
     organization: Default
     scm_type: git
     wait: true
-    # scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
-    scm_url: https://github.com/willtome/aws.infrastructure_config_demos.git
+    scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
     default_environment: Cloud Services Execution Environment
 
 controller_credentials:
@@ -191,16 +190,13 @@ controller_templates:
     notification_templates_error: Telemetry
     survey_enabled: true
     allow_simultaneous: true
-    extra_vars:
-      aws_region: us-east-1
-      aws_keypair_name: aws-test-key
     survey:
       name: ''
       description: ''
       spec:
         - question_name: AWS Region
           type: multiplechoice
-          variable: aws_region
+          variable: create_vm_aws_region
           required: true
           choices:
             - us-east-1
@@ -209,19 +205,19 @@ controller_templates:
             - us-west-2
         - question_name: Name
           type: text
-          variable: vm_name
+          variable: create_vm_vm_name
           required: true
         - question_name: Owner
           type: text
-          variable: vm_owner
+          variable: create_vm_vm_owner
           required: true
         - question_name: Deployment
           type: text
-          variable: vm_deployment
+          variable: create_vm_vm_deployment
           required: true
         - question_name: Environment
           type: multiplechoice
-          variable: vm_environment
+          variable: create_vm_vm_environment
           required: true
           choices:
             - Dev
@@ -237,16 +233,22 @@ controller_templates:
             - rhel9
             - rhel8
             - rhel7
+            - al2023
         - question_name: Subnet
           type: text
-          variable: aws_vpc_subnet_name
+          variable: create_vm_aws_vpc_subnet_name
           required: true
           default: aws-test-subnet
         - question_name: Security Group
           type: text
-          variable: aws_securitygroup_name
+          variable: create_vm_aws_securitygroup_name
           required: true
           default: aws-test-sg
+        - question_name: SSH Keypair
+          type: text
+          variable: create_vm_aws_keypair_name
+          required: true
+          default: aws-test-key
 
   - name: Cloud / AWS / Delete VM
     job_type: run

diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml
@@ -15,7 +15,7 @@
 
 - name: Copy logos over
   ansible.builtin.copy:
-    src: "{{ item }}"
+    src: "{{ logo }}"
     dest: "{{ file_path }}"
     directory_mode: true
     mode: "0644"
@@ -24,6 +24,8 @@
     - "redhat-ansible-logo.svg"
     - "server.png"
   check_mode: false
+  loop_control:
+    loop_var: logo
 
 - name: Display link to inventory report
   ansible.builtin.debug:

diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml
@@ -14,14 +14,16 @@
 
 - name: Copy logos over
   ansible.windows.win_copy:
-    src: "{{ item }}"
+    src: "{{ logo }}"
     dest: "{{ file_path }}"
     directory_mode: true
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"
     - "server.png"
   check_mode: false
+  loop_control:
+    loop_var: logo
 
 # - name: display link to inventory report
 #   ansible.builtin.debug:

diff --git a/satellite/setup.yml b/satellite/setup.yml
@@ -112,7 +112,7 @@ controller_templates:
     project: Ansible official demo project
     playbook: satellite/server_openscap.yml
     inventory: Demo Inventory
-    #execution_environment: Ansible Engine 2.9 execution environment
+    # execution_environment: Ansible Engine 2.9 execution environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry

diff --git a/windows/README.md b/windows/README.md
@@ -19,11 +19,14 @@ This category of demos shows examples of Windows Server operations and managemen
 - [**WINDOWS / Arbitrary Powershell**](arbitrary_powershell.yml) - Run given Powershell script (default: retrieve cat fact from API)
 - [**WINDOWS / Powershell Script**](powershell_script.yml) - Run a Powershell script stored in source control to query services
 - [**WINDOWS / Powershell DSC configuring password requirements**](powershell_dsc.yml) - Configure password complexity with Powershell desired state config
-- [**WINDOWS / Create Active Directory Domain**](active_directory/create_ad_domain.yml) - Create a new AD Domain
-- [**WINDOWS / Helpdesk new user portal**](active_directory/helpdesk_new_user_portal.yml) - Create user in AD Domain
+- [**WINDOWS / Create Active Directory Domain**](create_ad_domain.yml) - Create a new AD Domain
+- [**WINDOWS / Helpdesk new user portal**](helpdesk_new_user_portal.yml) - Create user in AD Domain
+- [**WINDOWS / Join Active Directory Domain**](join_ad_domain.yml) - Join computer to AD Domain
 
 ## Suggested Usage
 
 **WINDOWS / Create Active Directory Domain** - This job can take some to complete. It is recommended to run ahead of time if you would like to demo creating a helpdesk user.
 
 **WINDOWS / Helpdesk new user portal** - This job is dependant on the Create Active Directory Domain completing before users can be created.
+
+**WINDOWS / Join Active Directory Domain** - This job is dependant on the Create Active Directory Domain completing before computers can be joined.
diff --git a/windows/join_ad_domain.yml b/windows/join_ad_domain.yml
@@ -0,0 +1,30 @@
+---
+- name: Join Active Directory domain
+  hosts: "{{ _hosts | default(omit) }}"
+  gather_facts: false
+
+  tasks:
+    - name: Set a single address on the adapter named Ethernet
+      ansible.windows.win_dns_client:
+        adapter_names: 'Ethernet*'
+        dns_servers: "{{ hostvars[domain_controller]['private_ip_address'] }}"
+
+    - name: Ensure Demo OU exists
+      delegate_to: "{{ domain_controller }}"
+      community.windows.win_domain_ou:
+        name: Demo
+        state: present
+
+    - name: Join ansible.local domain
+      register: r_domain_membership
+      ansible.windows.win_domain_membership:
+        dns_domain_name: ansible.local
+        hostname: "{{ inventory_hostname }}"
+        domain_admin_user: "{{ ansible_user }}@ansible.local"
+        domain_admin_password: "{{ ansible_password }}"
+        domain_ou_path: "OU=Demo,DC=ansible,DC=local"
+        state: domain
+
+    - name: Reboot windows machine
+      when: r_domain_membership.reboot_required
+      ansible.windows.win_reboot:
diff --git a/windows/setup.yml b/windows/setup.yml
@@ -202,7 +202,7 @@ controller_templates:
           variable: _hosts
           required: false
 
-  - name: "WINDOWS / AD /Create Domain"
+  - name: "WINDOWS / AD / Create Domain"
     job_type: run
     inventory: "Demo Inventory"
     project: "Ansible official demo project"
@@ -222,6 +222,31 @@ controller_templates:
           variable: _hosts
           required: false
 
+  - name: "WINDOWS / AD / Join Domain"
+    job_type: run
+    inventory: "Demo Inventory"
+    project: "Ansible official demo project"
+    playbook: "windows/join_ad_domain.yml"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    credentials:
+      - "Workshop Credential"
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Server Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+        - question_name: Domain Controller Inventory Hostname
+          type: text
+          variable: domain_controller
+          required: true
+          description: Inventory hostname for domain controller previously established using the Create Domain template
+
   - name: "WINDOWS / AD / New User"
     job_type: run
     inventory: "Demo Inventory"