Skip to content

Commit

Permalink
Revert "Renaming to platform variables" (#932)
Browse files Browse the repository at this point in the history
Co-authored-by: Sean Sullivan <[email protected]>
  • Loading branch information
Tompage1994 and sean-m-sullivan authored Oct 15, 2024
1 parent 4ee004b commit 4a380f3
Show file tree
Hide file tree
Showing 452 changed files with 5,271 additions and 3,461 deletions.
2 changes: 1 addition & 1 deletion .github/files/ansible.cfg
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
[defaults]
collections_path=/home/runner/collections
collections_paths=/home/runner/collections
roles_path=roles/
lookup_plugins=plugins/lookup/
2 changes: 1 addition & 1 deletion .github/workflows/pre-commit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
with:
collection_namespace: infra
collection_name: controller_configuration
collection_version: 1.0.0
collection_version: 2.10.0
collection_repo: https://github.com/redhat-cop/aap_configuration/
collection_dependencies: awx.awx
...
3 changes: 0 additions & 3 deletions changelogs/fragments/Rewrite.yml

This file was deleted.

3 changes: 3 additions & 0 deletions changelogs/fragments/filetree_node_schedule_survey.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
minor_changes:
- filetree_create able export WF nodes and schedules without encrypted value in survey
3 changes: 1 addition & 2 deletions galaxy.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
namespace: infra
name: aap_configuration
version: 1.0.0
version: 3.0.0
description: A collection of roles to manage Ansible Controller
readme: README.md
authors:
Expand All @@ -18,7 +18,6 @@ build_ignore:
- release.yml
- .github
- '*.tar.gz'
- tests/*
license:
- GPL-3.0-or-later
tags:
Expand Down
24 changes: 12 additions & 12 deletions roles/controller_ad_hoc_command/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,26 @@ Currently:

|Variable Name|Default Value|Required|Description|Example|
|:---|:---:|:---:|:---|:---|
|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
|`platform_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1|
|`platform_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.||
|`platform_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.||
|`platform_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.||
|`platform_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`platform_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1|
|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.||
|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.||
|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
|`controller_ad_hoc_commands`|`see below`|yes|Data structure describing your ad hoc commands to run Described below.||

### Secure Logging Variables

The following Variables compliment each other.
If Both variables are not set, secure logging defaults to false.
The role defaults to False as normally the add ad hoc commands task does not include sensitive information.
controller_configuration_ad_hoc_command_secure_logging defaults to the value of platform_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.
controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.

|Variable Name|Default Value|Required|Description|
|:---:|:---:|:---:|:---:|
|`controller_configuration_ad_hoc_command_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.|
|`platform_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|

## Data Structure

Expand Down Expand Up @@ -83,12 +83,12 @@ controller_ad_hoc_commands:
- name: Playbook to configure ansible controller post installation
hosts: localhost
connection: local
# Define following vars here, or in platform_configs/controller_auth.yml
# Define following vars here, or in controller_configs/controller_auth.yml
# controller_hostname: ansible-controller-web-svc-test-project.example.com
# platform_username: admin
# controller_username: admin
# controller_password: changeme
pre_tasks:
- name: Include vars from platform_configs directory
- name: Include vars from controller_configs directory
ansible.builtin.include_vars:
dir: ./yaml
ignore_files: [controller_config.yml.template]
Expand Down
2 changes: 1 addition & 1 deletion roles/controller_ad_hoc_command/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
---
# These are the default variables specific to the ad_hoc_command role
controller_configuration_ad_hoc_command_secure_logging: "{{ platform_configuration_secure_logging | default('false') }}"
controller_configuration_ad_hoc_command_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}"
...
26 changes: 13 additions & 13 deletions roles/controller_ad_hoc_command/meta/argument_specs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -76,45 +76,45 @@ argument_specs:

# No_log variables
controller_configuration_ad_hoc_command_secure_logging:
default: "{{ platform_configuration_secure_logging | default(false) }}"
default: "{{ controller_configuration_secure_logging | default(false) }}"
required: false
type: bool
description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.
platform_configuration_secure_logging:
controller_configuration_secure_logging:
default: false
required: false
type: bool
description: This variable enables secure logging across all roles as a default.

# Generic across all roles
platform_state:
controller_state:
default: present
required: false
description: The state all objects will take unless overridden by object default
type: str
platform_hostname:
controller_hostname:
default: None
required: false
description: URL to the Ansible Automation Platform Server.
description: URL to the Ansible Controller Server.
type: str
platform_validate_certs:
controller_validate_certs:
default: true
required: false
description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate.
description: Whether or not to validate the Ansible Controller Server's SSL certificate.
type: str
platform_username:
controller_username:
default: None
required: false
description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.
description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.
type: str
platform_password:
controller_password:
default: None
required: false
description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.
description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
type: str
platform_token:
controller_oauthtoken:
default: None
required: false
description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
type: str
...
13 changes: 7 additions & 6 deletions roles/controller_ad_hoc_command/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,13 @@
timeout: "{{ __ad_hoc_command_item.timeout | default(omit, true) }}"

# Role Standard Options
controller_username: "{{ platform_username | default(omit, true) }}"
controller_password: "{{ platform_password | default(omit, true) }}"
controller_oauthtoken: "{{ platform_token | default(omit, true) }}"
request_timeout: "{{ platform_request_timeout | default(omit, true) }}"
controller_host: "{{ platform_hostname | default(omit, true) }}"
validate_certs: "{{ platform_validate_certs | default(omit) }}"
controller_username: "{{ controller_username | default(omit, true) }}"
controller_password: "{{ controller_password | default(omit, true) }}"
controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}"
request_timeout: "{{ controller_request_timeout | default(omit, true) }}"
controller_host: "{{ controller_hostname | default(omit, true) }}"
controller_config_file: "{{ controller_config_file | default(omit, true) }}"
validate_certs: "{{ controller_validate_certs | default(omit) }}"
loop: "{{ controller_ad_hoc_commands }}"
loop_control:
loop_var: "__ad_hoc_command_item"
Expand Down
4 changes: 2 additions & 2 deletions roles/controller_ad_hoc_command/tests/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,14 @@
vars:
controller_validate_certs: false
controller_hostname: controller.example.com
platform_username: admin
controller_username: admin
controller_password: changeme

collections:
- awx.awx

pre_tasks:
- name: Include vars from platform_configs directory
- name: Include vars from controller_configs directory
ansible.builtin.include_vars:
dir: ./configs
extensions: ["yml"]
Expand Down
24 changes: 12 additions & 12 deletions roles/controller_ad_hoc_command_cancel/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,26 @@ Currently:

|Variable Name|Default Value|Required|Description|Example|
|:---|:---:|:---:|:---|:---|
|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
|`platform_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1|
|`platform_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.||
|`platform_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.||
|`platform_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.||
|`platform_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`platform_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1|
|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.||
|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.||
|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
|`controller_ad_hoc_commands_cancel`|`see below`|yes|Data structure describing your ad hoc jobs to cancel Described below.||

### Secure Logging Variables

The following Variables compliment each other.
If Both variables are not set, secure logging defaults to false.
The role defaults to False as normally the add ad hoc commands cancel task does not include sensitive information.
controller_configuration_ad_hoc_command_secure_logging defaults to the value of platform_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.
controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.

|Variable Name|Default Value|Required|Description|
|:---:|:---:|:---:|:---:|
|`controller_configuration_ad_hoc_command_cancel_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command_cancel role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.|
|`platform_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|

## Data Structure

Expand Down Expand Up @@ -75,12 +75,12 @@ controller_ad_hoc_commands_cancel:
- name: Playbook to configure ansible controller post installation
hosts: localhost
connection: local
# Define following vars here, or in platform_configs/controller_auth.yml
# Define following vars here, or in controller_configs/controller_auth.yml
# controller_hostname: ansible-controller-web-svc-test-project.example.com
# platform_username: admin
# controller_username: admin
# controller_password: changeme
pre_tasks:
- name: Include vars from platform_configs directory
- name: Include vars from controller_configs directory
ansible.builtin.include_vars:
dir: ./yaml
ignore_files: [controller_config.yml.template]
Expand Down
2 changes: 1 addition & 1 deletion roles/controller_ad_hoc_command_cancel/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
---
# These are the default variables specific to the ad_hoc_command_cancel role
controller_configuration_ad_hoc_command_cancel_secure_logging: "{{ platform_configuration_secure_logging | default('false') }}"
controller_configuration_ad_hoc_command_cancel_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}"
...
26 changes: 13 additions & 13 deletions roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,45 +30,45 @@ argument_specs:

# No_log variables
controller_configuration_ad_hoc_command_cancel_secure_logging:
default: "{{ platform_configuration_secure_logging | default(false) }}"
default: "{{ controller_configuration_secure_logging | default(false) }}"
required: false
type: bool
description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.
platform_configuration_secure_logging:
controller_configuration_secure_logging:
default: false
required: false
type: bool
description: This variable enables secure logging across all roles as a default.

# Generic across all roles
platform_state:
controller_state:
default: present
required: false
description: The state all objects will take unless overridden by object default
type: str
platform_hostname:
controller_hostname:
default: None
required: false
description: URL to the Ansible Automation Platform Server.
description: URL to the Ansible Controller Server.
type: str
platform_validate_certs:
controller_validate_certs:
default: true
required: false
description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate.
description: Whether or not to validate the Ansible Controller Server's SSL certificate.
type: str
platform_username:
controller_username:
default: None
required: false
description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.
description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.
type: str
platform_password:
controller_password:
default: None
required: false
description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.
description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
type: str
platform_token:
controller_oauthtoken:
default: None
required: false
description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
type: str
...
Loading

0 comments on commit 4a380f3

Please sign in to comment.