update roles loops

redhat-cop · Oct 20, 2024 · 82cd1bf · 82cd1bf
1 parent 369529c
commit 82cd1bf
Show file tree

Hide file tree

Showing 96 changed files with 449 additions and 238 deletions.
diff --git a/changelogs/fragments/Rewrite.yml b/changelogs/fragments/Rewrite.yml
@@ -7,3 +7,4 @@ major_changes:
   - Introduction of roles for gateway
 bugfixes:
   - Controller credentials role now includes request timeout option.
+  - meta_dependency_check set to default to false. This is due to feature not working on controller, or in offline environments without a hub. Set controller_dependency_check to 'true' to re-enable feature.
diff --git a/roles/dispatch/README.md b/roles/dispatch/README.md
@@ -19,8 +19,8 @@ gateway_dispatch_roles:
   - {role: teams, var: platform_teams, tags: teams}
   - {role: service_clusters, var: gateway_service_clusters, tags: service_clusters}
   - {role: service_keys, var: service_keys_list, tags: service_keys}
-  - {role: service_nodes, var: service_nodes_list, tags: service_nodes}
-  - {role: services, var: services_list, tags: services}
+  - {role: service_nodes, var: gateway_service_nodes, tags: service_nodes}
+  - {role: services, var: gateway_services, tags: services}
   - {role: routes, var: gateway_routes, tags: routes}
   - {role: role_user_assignments, var: role_user_assignments_list, tags: role_user_assignments}
 ```

diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml
@@ -19,7 +19,7 @@ gateway_configuration_dispatcher_roles:
     var: aap_organizations
     tags: organizations
   - role: gateway_service_clusters
-    var: service_clusters_list
+    var: gateway_service_nodes
     tags: service_clusters
   - role: gateway_service_keys
     var: service_keys_list

diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml
@@ -27,10 +27,10 @@ argument_specs:
             var: service_keys_list
             tags: service_keys
           - role: gateway_service_nodes
-            var: service_nodes_list
+            var: gateway_service_nodes
             tags: service_nodes
           - role: gateway_services
-            var: services_list
+            var: gateway_services
             tags: services
           - role: gateway_role_user_assignments
             var: role_user_assignments_list

diff --git a/roles/gateway_routes/README.md b/roles/gateway_routes/README.md
@@ -46,7 +46,7 @@ This also speeds up the overall role.
 |`gateway_routes_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.|
 |`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.|
 |`gateway_routes_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.|
-|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|                                                                                  |  |
+|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|
 
 ## Data Structure
 
@@ -86,7 +86,7 @@ Options for the `routes_list` variable:
 
 ```json
 {
-  "services_list": [
+  "gateway_services": [
     {
       "name": "Controller Config Route",
       "state": "exists"
@@ -128,14 +128,6 @@ routes_list:
 - name: 4
 ```
 
-## Run Playbook
-
-File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README.
-
-```shell
-ansible-playbook manage_data.yml -e @data/gateway_routes.yml
-```
-
 ## License
 
 [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing)
diff --git a/roles/gateway_service_clusters/README.md b/roles/gateway_service_clusters/README.md
@@ -50,7 +50,7 @@ This also speeds up the overall role.
 
 ### Service Cluster Arguments
 
-Options for the `service_clusters_list` variable:
+Options for the `gateway_service_nodes` variable:
 
 | Variable Name  | Default Value |      Required      | Type | Description                                                                             |
 |:---------------|:-------------:|:------------------:|:----:|:----------------------------------------------------------------------------------------|
@@ -109,14 +109,6 @@ gateway_service_clusters:
   new_name: "Ansible Galaxy"
   ```
 
-## Run Playbook
-
-File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README.
-
-```shell
-ansible-playbook manage_data.yml -e @data/gateway_service_clusters.yml
-```
-
 ## License
 
 [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing)
diff --git a/roles/gateway_service_keys/README.md b/roles/gateway_service_keys/README.md
@@ -6,23 +6,51 @@ An Ansible Role to configure Service Keys on Ansible Automation gateway.
 
 ## Variables
 
-Detailed description of variables are provided in the [top-level README](../../README.md)
-
-Variables specific for this role are following:
-
-| Variable Name                                         |                    Default Value                    | Required | Description                                                                                                                                                        |                                                      |
-|:------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:|
-| `service_keys_list` (Alias: `service_keys`)        |           [below](#service-key-arguments)           |   yes    | Data structure describing your service_key entries described below.                                                                                                |                |
-| `service_keys_secure_logging`   |  `aap_configuration_secure_logging` OR `false`  |    no    | Whether or not to include the sensitive service_key role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. |      |
-| `service_keys_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` |    no    | Whether or not to enforce default option values on only the service key role.                                                                                      |      README.md#enforcing-defaults)      |
-| `service_keys_async_retries`    |    `aap_configuration_async_retries` OR `30`    |    no    | This variable sets the number of retries to attempt for the role.                                                                                                  |  |
-| `service_keys_async_delay`      |     `aap_configuration_async_delay` OR `1`      |    no    | This sets the delay between retries for the role.                                                                                                                  |  |
+|Variable Name|Default Value|Required|Description|Example|
+|:---|:---:|:---:|:---|:---|
+|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
+|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1|
+|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.||
+|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.||
+|`aap_password`|""|no|Platform Admin User's password on the Server.  This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.||
+|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
+|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
+|`gateway_gateway_service_keys`|`see below`|yes|Data structure describing your gateway_gateway_service_keys Described below.||
+
+### Secure Logging Variables
+
+The following Variables compliment each other.
+If Both variables are not set, secure logging defaults to false.
+The role defaults to False as normally the add ee_registry task does not include sensitive information.
+gateway_gateway_service_keys_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it.
+
+|Variable Name|Default Value|Required|Description|
+|:---:|:---:|:---:|:---:|
+|`gateway_gateway_service_keys_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log.  Set this value to `True` if you will be providing your sensitive values from elsewhere.|
+|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
+
+### Asynchronous Retry Variables
+
+The following Variables set asynchronous retries for the role.
+If neither of the retries or delay or retries are set, they will default to their respective defaults.
+This allows for all items to be created, then checked that the task finishes successfully.
+This also speeds up the overall role.
+
+|Variable Name|Default Value|Required|Description|
+|:---:|:---:|:---:|:---:|
+|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.|
+|`gateway_gateway_service_keys_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.|
+|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.|
+|`gateway_gateway_service_keys_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.|
+|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.|
+|`gateway_gateway_service_keys_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.|
+|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|
 
 ## Data Structure
 
 ### Service Key Arguments
 
-Options for the `service_keys_list` variable:
+Options for the `gateway_service_keys` variable:
 
 | Variable Name            |   Default Value    | Required | Type | Description                                                                      |
 |:-------------------------|:------------------:|:--------:|:----:|:---------------------------------------------------------------------------------|
@@ -49,7 +77,7 @@ Options for the `service_keys_list` variable:
 
 ```json
 {
-  "service_keys_list": [
+  "gateway_service_keys": [
     {
       "name": "Key 1",
       "state": "exists"
@@ -73,7 +101,7 @@ File name: `data/gateway_service_keys.yml`
 
 ```yaml
 ---
-service_keys_list:
+gateway_service_keys:
 - name: "Controller Key 1"
   is_active: false
   service_cluster: controller
@@ -82,14 +110,6 @@ service_keys_list:
   state: absent
 ```
 
-### Run Playbook
-
-File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README.
-
-```shell
-ansible-playbook manage_data.yml -e @data/gateway_service_keys.yml
-```
-
 ## License
 
 [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing)
diff --git a/roles/gateway_service_keys/defaults/main.yml b/roles/gateway_service_keys/defaults/main.yml
@@ -9,9 +9,8 @@
 # These are the default variables specific to the service_key role
 
 # a list of dictionaries describing the service keys
-service_keys_list: []
-service_keys_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}"
-service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}"
-service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}"
-service_keys_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}"
+gateway_gateway_service_keys: []
+gateway_service_keys_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}"
+gateway_service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}"
+gateway_service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}"
 ...
diff --git a/roles/gateway_service_keys/meta/argument_specs.yml b/roles/gateway_service_keys/meta/argument_specs.yml
@@ -3,7 +3,7 @@ argument_specs:
   main:
     short_description: An Ansible Role to create service keys on automation platform gateway.
     options:
-      service_keys_list:
+      gateway_gateway_service_keys:
         description: Data structure describing your service keys
         type: list
         required: true
@@ -46,15 +46,15 @@ argument_specs:
             description: Desired state of the resource.
 
       # Async variables
-      service_keys_async_retries:
+      gateway_service_keys_async_retries:
         default: "{{ aap_configuration_async_retries | default(30) }}"
         required: false
         description: This variable sets the number of retries to attempt for the role.
       aap_configuration_async_retries:
         default: 30
         required: false
         description: This variable sets number of retries across all roles as a default.
-      service_keys_async_delay:
+      gateway_service_keys_async_delay:
         default: "{{ aap_configuration_async_delay | default(1) }}"
         required: false
         description: This variable sets delay between retries for the role.
@@ -71,7 +71,7 @@ argument_specs:
 
 
       # No_log variables
-      service_keys_secure_logging:
+      gateway_service_keys_secure_logging:
         default: "{{ aap_configuration_secure_logging | default(false) }}"
         required: false
         type: bool

diff --git a/roles/gateway_service_keys/meta/main.yml b/roles/gateway_service_keys/meta/main.yml
@@ -1,6 +1,6 @@
 ---
 galaxy_info:
-  role_name: service_keys
+  role_name: gateway_gateway_service_keys
   author: Martin Slemr
   description: An Ansible Role to create service keys in automation platform gateway.
   company: Red Hat

diff --git a/roles/gateway_service_keys/tasks/main.yml b/roles/gateway_service_keys/tasks/main.yml
@@ -18,10 +18,12 @@
     gateway_token: "{{ aap_token | default(omit, true) }}"
     gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}"
     gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}"
-  loop: "{{ service_keys if service_keys is defined else service_keys_list }}"
+  loop: "{{ gateway_gateway_service_keys }}"
   loop_control:
     loop_var: __gateway_service_keys_item
-  no_log: "{{ service_keys_secure_logging }}"
+    label: "{{ __operation.verb }} the label {{ __gateway_service_keys_item.name }} to Controller"
+    pause: "{{ gateway_gateway_service_keys_loop_delay }}"
+  no_log: "{{ gateway_service_keys_secure_logging }}"
   async: 1000
   poll: 0
   register: __gateway_service_keys_job_async
@@ -34,13 +36,14 @@
     jid: "{{ __gateway_service_keys_job_async_results_item.ansible_job_id }}"
   register: __gateway_service_keys_job_async_result
   until: __gateway_service_keys_job_async_result.finished
-  retries: "{{ service_keys_async_retries }}"
-  delay: "{{ service_keys_async_delay }}"
+  retries: "{{ gateway_service_keys_async_retries }}"
+  delay: "{{ gateway_service_keys_async_delay }}"
   loop: "{{ __gateway_service_keys_job_async.results }}"
   loop_control:
     loop_var: __gateway_service_keys_job_async_results_item
+    label: "{{ __operation.verb }} Label {{ __gateway_service_keys_job_async_results_item.__gateway_service_keys_item.name }} | Wait for finish the Label {{ __operation.action }}"
   when: __gateway_service_keys_job_async_results_item.ansible_job_id is defined
-  no_log: "{{ service_keys_secure_logging }}"
+  no_log: "{{ gateway_gateway_service_keys_secure_logging }}"
   vars:
     ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}"
 ...