diff --git a/.ansible-lint b/.ansible-lint index 44d3018c6..6b1b24f1f 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -3,10 +3,8 @@ # this issue describes similar behavior but suggested fix doesn't work # https://github.com/ansible/ansible-lint/issues/371 # exclude_paths: -# - roles/master_role_example/ exclude_paths: - '.github/' - - 'roles/master_role_example/' - 'changelogs/' - 'tests/templated_role_example' parseable: true diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore index b13484a1d..e69de29bb 100644 --- a/.ansible-lint-ignore +++ b/.ansible-lint-ignore @@ -1,2 +0,0 @@ -plugins/lookup/controller_object_diff.py yaml[document-end] -plugins/modules/controller_export_diff.py yaml[document-end] diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 475ec1a00..770547da4 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -29,7 +29,7 @@ If you feel like getting your hands dirty, feel free to make the change yourself 1. Fork the repo on Github, and then clone it locally. 2. Create a branch named appropriately for the change you are going to make. 3. Make your code change. -4. If you are creating a new role, please add a test for it in our [testing playbook.](https://github.com/redhat-cop/aap_configuration/blob/devel/tests/configure_controller.yml) by adding a new role entry and adding the appropriate yaml file with test data in the controller_configs directory. +4. If you are creating a new role, please add a test for it in our [testing playbook.](https://github.com/redhat-cop/aap_configuration/blob/devel/tests/configure_controller.yml) by adding a new role entry and adding the appropriate yaml file with test data in the aap_configs directory. 5. Add a changelog fragment in `changelogs/fragments` as per 6. Push your code change up to your forked repo. 7. Open a Pull Request to merge your changes to this repo. The comment box will be filled in automatically via a template. diff --git a/.github/files/ansible.cfg b/.github/files/ansible.cfg index 34cfbf901..258181399 100644 --- a/.github/files/ansible.cfg +++ b/.github/files/ansible.cfg @@ -1,4 +1,4 @@ [defaults] -collections_paths=/home/runner/collections +collections_path=/home/runner/collections roles_path=roles/ lookup_plugins=plugins/lookup/ diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 7597b9ff4..f5d6be5af 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -86,8 +86,8 @@ jobs: run: ansible-galaxy collection install -r .github/collections/requirements.yml - name: "Perform playbook tests" - run: ansible-playbook tests/configure_controller.yml -e controller_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} + run: ansible-playbook tests/configure_controller.yml -e aap_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} - name: "Perform export model playbook tests" - run: ansible-playbook tests/configure_controller_export_model.yml -e controller_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} + run: ansible-playbook tests/configure_controller_export_model.yml -e aap_hostname=localhost:8043 -v -e awx_version=${{ inputs.awx_version }} ... diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index d2bd83dc8..70dd2a6e7 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -23,8 +23,8 @@ jobs: uses: "redhat-cop/ansible_collections_tooling/.github/workflows/pre_commit_and_sanity.yml@main" with: collection_namespace: infra - collection_name: controller_configuration - collection_version: 2.10.0 + collection_name: aap_configuration + collection_version: 3.0.0-devel collection_repo: https://github.com/redhat-cop/aap_configuration/ - collection_dependencies: awx.awx + collection_dependencies: awx.awx ansible.eda ansible.hub ... diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 8e7ee5403..da3c4bec8 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,5 +1,5 @@ ============================================ -infra.controller_configuration Release Notes +infra.aap_configuration Release Notes ============================================ .. contents:: Topics @@ -284,7 +284,7 @@ Minor Changes Bugfixes -------- -- Enable the ability to define simple_workflow_nodes on workflow_job_templates without the need to set the `state` on a workflow_job_template (https://github.com/redhat-cop/aap_configuration/issues/297). +- Enable the ability to define simple_workflow_nodes on workflow_job_templates without the need to set the `state` on a workflow_job_template (https://github.com/redhat-cop/controller_configuration/issues/297). v2.2.4 ====== diff --git a/README.md b/README.md index 4310c1c32..77b6801ad 100644 --- a/README.md +++ b/README.md @@ -91,18 +91,18 @@ Otherwise it will look for the modules only in your base installation. If there hosts: localhost connection: local vars: - controller_validate_certs: true + aap_validate_certs: true collections: - awx.awx ``` -Define following vars here, or in `controller_configs/controller_auth.yml` -`controller_hostname: ansible-controller-web-svc-test-project.example.com` +Define following vars here, or in `aap_configs/controller_auth.yml` +`aap_hostname: ansible-controller-web-svc-test-project.example.com` You can also specify authentication by a combination of either: -- `controller_hostname`, `controller_username`, `controller_password` -- `controller_hostname`, `controller_oauthtoken` +- `aap_hostname`, `aap_username`, `aap_password` +- `aap_hostname`, `controller_oauthtoken` The OAuth2 token is the preferred method. You can obtain the token through the preferred `controller_token` module, or through the AWX CLI [login](https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html) @@ -133,9 +133,9 @@ Controller token module would be invoked with this code: description: 'Creating token to test controller jobs' scope: "write" state: present - controller_host: "{{ controller_hostname }}" - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" + controller_host: "{{ aap_hostname }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" ``` diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index f76b20c86..81c176f7a 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -402,7 +402,7 @@ releases: changes: bugfixes: - Enable the ability to define simple_workflow_nodes on workflow_job_templates - without the need to set the `state` on a workflow_job_template (https://github.com/redhat-cop/aap_configuration/issues/297). + without the need to set the `state` on a workflow_job_template (https://github.com/redhat-cop/controller_configuration/issues/297). minor_changes: - Add max_forks, max_concurrent_jobs as options to instance_groups role - Add no_log everywhere controller_api_plugin is used to avoid to expose sensitive diff --git a/changelogs/config.yaml b/changelogs/config.yaml index 01acf451b..598218668 100644 --- a/changelogs/config.yaml +++ b/changelogs/config.yaml @@ -28,7 +28,7 @@ sections: - Bugfixes - - known_issues - Known Issues -title: infra.controller_configuration +title: infra.aap_configuration trivial_section_name: trivial use_fqcn: true ... diff --git a/changelogs/fragments/Rewrite.yml b/changelogs/fragments/Rewrite.yml new file mode 100644 index 000000000..bcdf653a9 --- /dev/null +++ b/changelogs/fragments/Rewrite.yml @@ -0,0 +1,9 @@ +--- +breaking_changes: + - Major overhaul to all code completed, variables have changed, role names have changed, please see the tranition guide for more details. +major_changes: + - Roles from infra.ah_configuration and infra.eda_configuration have migrated into this collection + - Rename of collection to infra.aap_configuration + - Introduction of roles for gateway +bugfixes: + - Controller credentials role now includes request timeout option. diff --git a/changelogs/fragments/filetree_node_schedule_survey.yml b/changelogs/fragments/filetree_node_schedule_survey.yml deleted file mode 100644 index 5b35a2883..000000000 --- a/changelogs/fragments/filetree_node_schedule_survey.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -minor_changes: - - filetree_create able export WF nodes and schedules without encrypted value in survey diff --git a/docs/CONVERSION_GUIDE.md b/docs/CONVERSION_GUIDE.md index 166f12eb4..ed22feab8 100644 --- a/docs/CONVERSION_GUIDE.md +++ b/docs/CONVERSION_GUIDE.md @@ -15,10 +15,10 @@ Otherwise it will look for the modules only in your base installation. If there hosts: localhost connection: local vars: - controller_validate_certs: false + aap_validate_certs: false collections: - awx.awx - - infra.controller_configuration + - infra.aap_configuration ``` ## Variable name changes @@ -60,12 +60,12 @@ The Following Variables need to be changed: |Tower Variable Name|Controller Variable Name| |:---:|:---:| -|`tower_username`|`controller_username`| -|`tower_password`|`controller_password`| +|`tower_username`|`aap_username`| +|`tower_password`|`aap_password`| |`tower_oauthtoken`|`controller_oauthtoken`| -|`tower_hostname`|`controller_hostname`| +|`tower_hostname`|`aap_hostname`| |`tower_config_file`|`controller_config_file`| -|`tower_validate_certs`|`controller_validate_certs`| +|`tower_validate_certs`|`aap_validate_certs`| ### Specific Changes in Roles diff --git a/galaxy.yml b/galaxy.yml index 608a360a3..a63f5ce41 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -18,6 +18,7 @@ build_ignore: - release.yml - .github - '*.tar.gz' + - tests/* license: - GPL-3.0-or-later tags: diff --git a/playbooks/configure_controller.yml b/playbooks/configure_aap.yml similarity index 63% rename from playbooks/configure_controller.yml rename to playbooks/configure_aap.yml index 5bd75034a..0c4b671e3 100644 --- a/playbooks/configure_controller.yml +++ b/playbooks/configure_aap.yml @@ -5,7 +5,7 @@ tasks: - name: Include vars from configs directory ansible.builtin.include_vars: - dir: "{{ controller_configs_dir | default((lookup('env', 'CONTROLLER_CONFIGS_DIR') == '') | ternary('./configs', lookup('env', 'CONTROLLER_CONFIGS_DIR'))) }}" + dir: "{{ aap_configs_dir | default((lookup('env', 'AAP_CONFIGS_DIR') == '') | ternary('./configs', lookup('env', 'AAP_CONFIGS_DIR'))) }}" ignore_files: [controller_config.yml.template] extensions: ["yml"] tags: @@ -13,5 +13,5 @@ - name: Call dispatch role ansible.builtin.include_role: - name: infra.controller_configuration.dispatch + name: infra.aap_configuration.dispatch ... diff --git a/playbooks/flatten_filetree_create_output.yaml b/playbooks/flatten_filetree_create_output.yaml deleted file mode 100644 index 474e0f81b..000000000 --- a/playbooks/flatten_filetree_create_output.yaml +++ /dev/null @@ -1,94 +0,0 @@ ---- -- name: "Flatten the filetree_create output into unique files per each object type" - hosts: localhost - connection: local - gather_facts: false - vars: - filetree_controller_settings: &filetree_create_output_dir "{{ filetree_create_output_dir }}" - filetree_controller_organizations: *filetree_create_output_dir - filetree_controller_labels: *filetree_create_output_dir - filetree_controller_user_accounts: *filetree_create_output_dir - filetree_controller_teams: *filetree_create_output_dir - filetree_controller_credential_types: *filetree_create_output_dir - filetree_controller_credentials: *filetree_create_output_dir - filetree_controller_credential_input_sources: *filetree_create_output_dir - filetree_controller_notifications: *filetree_create_output_dir - filetree_controller_projects: *filetree_create_output_dir - filetree_controller_execution_environments: *filetree_create_output_dir - filetree_controller_applications: *filetree_create_output_dir - filetree_controller_inventories: *filetree_create_output_dir - filetree_controller_inventory_sources: *filetree_create_output_dir - filetree_controller_instance_groups: *filetree_create_output_dir - filetree_controller_hosts: *filetree_create_output_dir - filetree_controller_groups: *filetree_create_output_dir - filetree_controller_templates: *filetree_create_output_dir - filetree_controller_workflow_job_templates: *filetree_create_output_dir - filetree_controller_schedules: *filetree_create_output_dir - filetree_controller_roles: *filetree_create_output_dir - roles: - - infra.controller_configuration.filetree_read - post_tasks: - - name: "Create the output flatten dir" - ansible.builtin.file: - path: "{{ filetree_create_output_dir }}_flatten" - state: directory - mode: "0755" - - - name: "Write all the objects to the corresponding file" - ansible.builtin.copy: - dest: "{{ filetree_create_output_dir }}_flatten/{{ object_type.name }}.yaml" - mode: "0644" - content: | - --- - {{ object_type.value | to_nice_yaml(indent=2) }} - ... - loop_control: - loop_var: object_type - loop: - - name: controller_settings - value: "{{ controller_settings }}" - - name: controller_organizations - value: "{{ controller_organizations }}" - - name: controller_labels - value: "{{ controller_labels }}" - - name: controller_user_accounts - value: "{{ controller_user_accounts }}" - - name: controller_teams - value: "{{ controller_teams }}" - - name: controller_credential_types - value: "{{ controller_credential_types }}" - - name: controller_credentials - value: "{{ controller_credentials }}" - - name: controller_credential_input_sources - value: "{{ controller_credential_input_sources }}" - - name: controller_notifications - value: "{{ controller_notifications }}" - - name: controller_projects - value: "{{ controller_projects }}" - - name: controller_execution_environments - value: "{{ controller_execution_environments }}" - - name: controller_applications - value: "{{ controller_applications }}" - - name: controller_inventories - value: "{{ controller_inventories }}" - - name: controller_inventory_sources - value: "{{ controller_inventory_sources }}" - - name: controller_instance_groups - value: "{{ controller_instance_groups }}" - - name: controller_hosts - value: "{{ controller_hosts }}" - - name: controller_groups - value: "{{ controller_groups }}" - - name: controller_templates - value: "{{ controller_templates }}" - - name: controller_workflow_job_templates - value: "{{ controller_workflow_job_templates | default([]) }}" - - name: controller_schedules - value: "{{ controller_schedules }}" - - name: controller_roles - value: "{{ controller_roles }}" -... -# Sample usage: -# -# ansible-playbook infra.controller_configuration.flatten_filetree_create_output.yaml -e '{filetree_create_output_dir: /tmp/filetree_output}' -# diff --git a/playbooks/get_stats.yml b/playbooks/get_stats.yml index f3d14e7ff..287925aec 100644 --- a/playbooks/get_stats.yml +++ b/playbooks/get_stats.yml @@ -7,19 +7,19 @@ gather_facts: true vars: # Using the Tower env names for backwards compatibility - controller_hostname: "{{ lookup('ansible.builtin.env', 'TOWER_HOST') }}" - controller_username: "{{ lookup('ansible.builtin.env', 'TOWER_USERNAME') }}" - controller_password: "{{ lookup('ansible.builtin.env', 'TOWER_PASSWORD') }}" - controller_validate_certs: "{{ lookup('ansible.builtin.env', 'TOWER_VERIFY_SSL') | default(false) }}" + aap_hostname: "{{ lookup('ansible.builtin.env', 'TOWER_HOST') }}" + aap_username: "{{ lookup('ansible.builtin.env', 'TOWER_USERNAME') }}" + aap_password: "{{ lookup('ansible.builtin.env', 'TOWER_PASSWORD') }}" + aap_validate_certs: "{{ lookup('ansible.builtin.env', 'TOWER_VERIFY_SSL') | default(false) }}" tasks: - name: Get number of JT ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/metrics/?format=json" + url: "https://{{ aap_hostname }}/api/v2/metrics/?format=json" method: GET force_basic_auth: true - user: "{{ controller_username }}" - password: "{{ controller_password }}" + user: "{{ aap_username }}" + password: "{{ aap_password }}" return_content: true headers: Content-Type: application/json @@ -39,11 +39,11 @@ - name: Get users info ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/users/?format=json" + url: "https://{{ aap_hostname }}/api/v2/users/?format=json" method: GET force_basic_auth: true - user: "{{ controller_username }}" - password: "{{ controller_password }}" + user: "{{ aap_username }}" + password: "{{ aap_password }}" return_content: true headers: Content-Type: application/json @@ -82,11 +82,11 @@ - name: Get subscription info ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/settings/all/?format=json" + url: "https://{{ aap_hostname }}/api/v2/settings/all/?format=json" method: GET force_basic_auth: true - user: "{{ controller_username }}" - password: "{{ controller_password }}" + user: "{{ aap_username }}" + password: "{{ aap_password }}" return_content: true headers: Content-Type: application/json diff --git a/roles/hub_ansible_config/README.md b/roles/ansible_config/README.md similarity index 78% rename from roles/hub_ansible_config/README.md rename to roles/ansible_config/README.md index 80f770d91..52d757986 100644 --- a/roles/hub_ansible_config/README.md +++ b/roles/ansible_config/README.md @@ -17,9 +17,9 @@ Currently: |`ansible_config_mode`|'0644'|no|str|The permissions the resulting ansible config file or directory should have.| |`ansible_config_owner`|""|no|str|The owner the resulting ansible config file or directory should have.| |`ansible_config_group`|""|no|str|The group the resulting ansible config file or directory should have.| -|`ah_configuration_working_dir`|"/var/tmp"|no|path|Location to render the ansible config file to.| +|`aap_configuration_working_dir`|"/var/tmp"|no|path|Location to render the ansible config file to.| |`automation_hub_list`|`[]`|no|list|A list of Automation hubs and galaxies to put in the ansible config, see below for details.| -|`ansible_config_list`|`[{"header":"galaxy","keypairs":[{"key":"ignore_certs","value":"{{ not (ah_validate_certs \| bool) }}"}]}]`|no|list|A set of ansible config settings, a default is set, but can be overridden, see below for details.| +|`ansible_config_list`|`[{"header":"galaxy","keypairs":[{"key":"ignore_certs","value":"{{ not (aap_validate_certs \| bool) }}"}]}]`|no|list|A set of ansible config settings, a default is set, but can be overridden, see below for details.| |`ah_token`|""|no|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| |`ah_path_prefix`|`galaxy`|no|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| @@ -28,12 +28,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the ansible config task does not by default include sensitive information, we highly recommend the use of ansible vault for passwords and tokens. -ah_configuration_ansible_config_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +aap_configuration_ansible_config_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_ansible_config_secure_logging`|`False`|no|Whether or not to include the sensitive ansible config role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_ansible_config_secure_logging`|`False`|no|Whether or not to include the sensitive ansible config role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structures @@ -70,7 +70,7 @@ ansible_config_list: - header: galaxy keypairs: - key: ignore_certs - value: "{{ not (ah_validate_certs | bool) }}" + value: "{{ not (aap_validate_certs | bool) }}" - key: server_list value: "{{ automation_hub_list | map(attribute='name') | join(',') }}" @@ -92,7 +92,7 @@ automation_hub_list: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ansible_config/defaults/main.yml b/roles/ansible_config/defaults/main.yml similarity index 76% rename from roles/hub_ansible_config/defaults/main.yml rename to roles/ansible_config/defaults/main.yml index de89f5f0c..246701f4b 100644 --- a/roles/hub_ansible_config/defaults/main.yml +++ b/roles/ansible_config/defaults/main.yml @@ -2,15 +2,15 @@ # These are the default variables common to most ah_configuration and _utilities roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the ansible config role # ansible_config_owner: # optional # ansible_config_group: # optional ansible_config_mode: 0644 -ah_configuration_working_dir: "/var/tmp" +aap_configuration_working_dir: "/var/tmp" validate_certs: false ah_path_prefix: galaxy # a list of dictionaries describing the Automation Hub namespace @@ -27,9 +27,9 @@ ansible_config_list: - header: galaxy keypairs: - key: ignore_certs - value: "{{ not (ah_validate_certs | default(true) | bool) }}" + value: "{{ not (aap_validate_certs | default(true) | bool) }}" # - key: server_list # value: "{{ automation_hub_list | map(attribute="name") | join(",") }}" -ah_configuration_ansible_config_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" +aap_configuration_ansible_config_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ... diff --git a/roles/hub_ansible_config/meta/argument_specs.yml b/roles/ansible_config/meta/argument_specs.yml similarity index 91% rename from roles/hub_ansible_config/meta/argument_specs.yml rename to roles/ansible_config/meta/argument_specs.yml index dd8998472..61a05debf 100644 --- a/roles/hub_ansible_config/meta/argument_specs.yml +++ b/roles/ansible_config/meta/argument_specs.yml @@ -25,7 +25,7 @@ argument_specs: required: false type: str description: The group owner of the created ansible.cfg file - ah_configuration_working_dir: + aap_configuration_working_dir: default: /var/tmp required: false type: str @@ -59,7 +59,7 @@ argument_specs: - header: galaxy keypairs: - key: ignore_certs - value: "{{ not (ah_validate_certs | default(true) | bool) }}" + value: "{{ not (aap_validate_certs | default(true) | bool) }}" required: false type: list description: A set of ansible config settings, a default is set, but can be overridden. @@ -86,12 +86,12 @@ argument_specs: description: Value for entry for the corresponding key. # No_log variables - ah_configuration_ansible_config_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + aap_configuration_ansible_config_secure_logging: + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool diff --git a/roles/hub_ansible_config/meta/main.yml b/roles/ansible_config/meta/main.yml similarity index 95% rename from roles/hub_ansible_config/meta/main.yml rename to roles/ansible_config/meta/main.yml index 06f4bda5b..768a65e75 100644 --- a/roles/hub_ansible_config/meta/main.yml +++ b/roles/ansible_config/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "namespace" + role_name: "ansible_config" author: "Sean Sullivan" description: "An Ansible Role to create namespace in Automation Hub." company: "Red Hat" @@ -33,8 +33,8 @@ galaxy_info: - "automationhub" - "galaxy" - "configuration" - - "namespace" - - "namespaces" + - "ansible" + - "config" dependencies: [] # List your role dependencies here, one per line. Be sure to remove the '[]' above, diff --git a/roles/hub_ansible_config/tasks/main.yml b/roles/ansible_config/tasks/main.yml similarity index 68% rename from roles/hub_ansible_config/tasks/main.yml rename to roles/ansible_config/tasks/main.yml index 710c0a446..4e74c7303 100644 --- a/roles/hub_ansible_config/tasks/main.yml +++ b/roles/ansible_config/tasks/main.yml @@ -3,9 +3,9 @@ - name: Template config template ansible.builtin.template: src: ansible.cfg.j2 - dest: "{{ ah_configuration_working_dir }}/ansible.cfg" + dest: "{{ aap_configuration_working_dir }}/ansible.cfg" owner: "{{ ansible_config_owner | default(omit) }}" group: "{{ ansible_config_group | default(omit) }}" mode: "{{ ansible_config_mode }}" - no_log: "{{ ah_configuration_ansible_config_secure_logging }}" + no_log: "{{ aap_configuration_ansible_config_secure_logging }}" ... diff --git a/roles/hub_ansible_config/templates/ansible.cfg.j2 b/roles/ansible_config/templates/ansible.cfg.j2 similarity index 100% rename from roles/hub_ansible_config/templates/ansible.cfg.j2 rename to roles/ansible_config/templates/ansible.cfg.j2 diff --git a/roles/hub_ansible_config/tests/test.yml b/roles/ansible_config/tests/test.yml similarity index 78% rename from roles/hub_ansible_config/tests/test.yml rename to roles/ansible_config/tests/test.yml index 182db9446..7828cd4ea 100644 --- a/roles/hub_ansible_config/tests/test.yml +++ b/roles/ansible_config/tests/test.yml @@ -1,10 +1,10 @@ --- -- name: Add namespace to Automation Hub +- name: Create ansible config to Automation Platform hosts: localhost connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme @@ -16,5 +16,5 @@ tags: - always roles: - - ../../namespace + - ../../ansible_config ... diff --git a/roles/hub_ansible_config/tests/vars/config.yml b/roles/ansible_config/tests/vars/config.yml similarity index 100% rename from roles/hub_ansible_config/tests/vars/config.yml rename to roles/ansible_config/tests/vars/config.yml diff --git a/roles/controller_ad_hoc_command/README.md b/roles/controller_ad_hoc_command/README.md index bdd0bf125..8a4d198db 100644 --- a/roles/controller_ad_hoc_command/README.md +++ b/roles/controller_ad_hoc_command/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_ad_hoc_commands`|`see below`|yes|Data structure describing your ad hoc commands to run Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ad hoc commands task does not include sensitive information. -controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_ad_hoc_command_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_ad_hoc_command_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -83,18 +83,18 @@ controller_ad_hoc_commands: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.ad_hoc_command, when: controller_ad_hoc_commands is defined} + - {role: infra.aap_configuration.ad_hoc_command, when: controller_ad_hoc_commands is defined} ``` diff --git a/roles/controller_ad_hoc_command/defaults/main.yml b/roles/controller_ad_hoc_command/defaults/main.yml index 0eaba3172..85a28d0a0 100644 --- a/roles/controller_ad_hoc_command/defaults/main.yml +++ b/roles/controller_ad_hoc_command/defaults/main.yml @@ -1,4 +1,4 @@ --- # These are the default variables specific to the ad_hoc_command role -controller_configuration_ad_hoc_command_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_ad_hoc_command_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" ... diff --git a/roles/controller_ad_hoc_command/meta/argument_specs.yml b/roles/controller_ad_hoc_command/meta/argument_specs.yml index c2260a2d9..a5ad3daac 100644 --- a/roles/controller_ad_hoc_command/meta/argument_specs.yml +++ b/roles/controller_ad_hoc_command/meta/argument_specs.yml @@ -76,45 +76,45 @@ argument_specs: # No_log variables controller_configuration_ad_hoc_command_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_ad_hoc_command/tasks/main.yml b/roles/controller_ad_hoc_command/tasks/main.yml index e8901266b..826854f99 100644 --- a/roles/controller_ad_hoc_command/tasks/main.yml +++ b/roles/controller_ad_hoc_command/tasks/main.yml @@ -19,13 +19,12 @@ timeout: "{{ __ad_hoc_command_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_ad_hoc_commands }}" loop_control: loop_var: "__ad_hoc_command_item" diff --git a/roles/controller_ad_hoc_command/tests/test.yml b/roles/controller_ad_hoc_command/tests/test.yml index 9bcad1c09..be9ad4a01 100644 --- a/roles/controller_ad_hoc_command/tests/test.yml +++ b/roles/controller_ad_hoc_command/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_ad_hoc_command_cancel/README.md b/roles/controller_ad_hoc_command_cancel/README.md index 69c2766f6..7515b8eaf 100644 --- a/roles/controller_ad_hoc_command_cancel/README.md +++ b/roles/controller_ad_hoc_command_cancel/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_ad_hoc_commands_cancel`|`see below`|yes|Data structure describing your ad hoc jobs to cancel Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ad hoc commands cancel task does not include sensitive information. -controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_ad_hoc_command_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_ad_hoc_command_cancel_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command_cancel role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -75,18 +75,18 @@ controller_ad_hoc_commands_cancel: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.ad_hoc_command_cancel, when: controller_ad_hoc_commands is defined} + - {role: infra.aap_configuration.ad_hoc_command_cancel, when: controller_ad_hoc_commands is defined} ``` ## License diff --git a/roles/controller_ad_hoc_command_cancel/defaults/main.yml b/roles/controller_ad_hoc_command_cancel/defaults/main.yml index 41f05e285..f9187e3ac 100644 --- a/roles/controller_ad_hoc_command_cancel/defaults/main.yml +++ b/roles/controller_ad_hoc_command_cancel/defaults/main.yml @@ -1,4 +1,4 @@ --- # These are the default variables specific to the ad_hoc_command_cancel role -controller_configuration_ad_hoc_command_cancel_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_ad_hoc_command_cancel_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" ... diff --git a/roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml b/roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml index 55d0d6abc..4ef5498dc 100644 --- a/roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml +++ b/roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml @@ -30,45 +30,45 @@ argument_specs: # No_log variables controller_configuration_ad_hoc_command_cancel_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_ad_hoc_command_cancel/tasks/main.yml b/roles/controller_ad_hoc_command_cancel/tasks/main.yml index 18e4f0c1f..dd1b46261 100644 --- a/roles/controller_ad_hoc_command_cancel/tasks/main.yml +++ b/roles/controller_ad_hoc_command_cancel/tasks/main.yml @@ -8,13 +8,12 @@ timeout: "{{ __ad_hoc_command_cancel_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_ad_hoc_commands_cancel }}" loop_control: loop_var: "__ad_hoc_command_cancel_item" diff --git a/roles/controller_ad_hoc_command_cancel/tests/test.yml b/roles/controller_ad_hoc_command_cancel/tests/test.yml index 3802c9362..2d9a948fe 100644 --- a/roles/controller_ad_hoc_command_cancel/tests/test.yml +++ b/roles/controller_ad_hoc_command_cancel/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_applications/README.md b/roles/controller_applications/README.md index 7316ab725..0f7cb9823 100644 --- a/roles/controller_applications/README.md +++ b/roles/controller_applications/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_applications`|`see below`|yes|Data structure describing your applications, described below. Alias: applications || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add application task does not include sensitive information. -controller_configuration_applications_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_applications_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_applications_secure_logging`|`False`|no|Whether or not to include the sensitive Application role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_applications_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_applications_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_applications_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_applications_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_applications_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -126,18 +126,18 @@ controller_applications: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.applications, when: controller_applications is defined} + - {role: infra.aap_configuration.applications, when: controller_applications is defined} ``` ## License diff --git a/roles/controller_applications/defaults/main.yml b/roles/controller_applications/defaults/main.yml index 073efbeb7..87d3fe302 100644 --- a/roles/controller_applications/defaults/main.yml +++ b/roles/controller_applications/defaults/main.yml @@ -1,10 +1,10 @@ --- # a list of dictionaries describing the Controller applications controller_applications: [] -controller_configuration_applications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_applications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_applications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_applications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_applications_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_applications/meta/argument_specs.yml b/roles/controller_applications/meta/argument_specs.yml index 3da902379..1b53fabd8 100644 --- a/roles/controller_applications/meta/argument_specs.yml +++ b/roles/controller_applications/meta/argument_specs.yml @@ -47,22 +47,22 @@ argument_specs: # Async variables controller_configuration_applications_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_applications_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -70,45 +70,45 @@ argument_specs: # No_log variables controller_configuration_applications_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_applications/tasks/main.yml b/roles/controller_applications/tasks/main.yml index fef5950c7..31a6ed2bb 100644 --- a/roles/controller_applications/tasks/main.yml +++ b/roles/controller_applications/tasks/main.yml @@ -10,16 +10,15 @@ client_type: "{{ __application_item.client_type | default('public') }}" redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" skip_authorization: "{{ __application_item.skip_authorization | default((false if controller_configuration_applications_enforce_defaults else omit), true) }}" - state: "{{ __application_item.state | default(controller_state | default('present')) }}" + state: "{{ __application_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ applications if applications is defined else controller_applications }}" loop_control: loop_var: "__application_item" @@ -31,8 +30,8 @@ register: __applications_job_async changed_when: "(__applications_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__application_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__application_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -53,6 +52,6 @@ when: not ansible_check_mode and __applications_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_applications_secure_logging }}" vars: - __operation: "{{ operation_translate[__applications_job_async_results_item.__application_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__applications_job_async_results_item.__application_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_applications/tests/test.yml b/roles/controller_applications/tests/test.yml index eea09d7bd..e5506c212 100644 --- a/roles/controller_applications/tests/test.yml +++ b/roles/controller_applications/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_bulk_host_create/README.md b/roles/controller_bulk_host_create/README.md index 9bae686c1..d30a11ad2 100644 --- a/roles/controller_bulk_host_create/README.md +++ b/roles/controller_bulk_host_create/README.md @@ -16,10 +16,10 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_configuration_bulk_hosts_secure_logging`|`see below`|yes|Data structure describing your organization or organizations Described below.|| @@ -29,12 +29,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ******* task does not include sensitive information. -controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_*******_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_bulk_hosts_secure_logging`|`False`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -45,13 +45,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_bulk_hosts_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_bulk_hosts_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_bulk_hosts_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_bulk_hosts_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_bulk_hosts_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -121,12 +121,12 @@ controller_bulk_hosts: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] diff --git a/roles/controller_bulk_host_create/defaults/main.yml b/roles/controller_bulk_host_create/defaults/main.yml index 8bed33b42..a779f4f06 100644 --- a/roles/controller_bulk_host_create/defaults/main.yml +++ b/roles/controller_bulk_host_create/defaults/main.yml @@ -1,7 +1,7 @@ --- -controller_configuration_bulk_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_bulk_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_bulk_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_bulk_hosts_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_bulk_hosts_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_bulk_hosts_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_bulk_hosts_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null ... diff --git a/roles/controller_bulk_host_create/meta/argument_specs.yml b/roles/controller_bulk_host_create/meta/argument_specs.yml index a609ad810..8b3a4433e 100644 --- a/roles/controller_bulk_host_create/meta/argument_specs.yml +++ b/roles/controller_bulk_host_create/meta/argument_specs.yml @@ -9,40 +9,40 @@ argument_specs: elements: dict # Async variables - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables controller_configuration_bulk_hosts_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_hostname: + aap_hostname: default: None required: false description: URL to the Ansible Controller Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false description: Whether or not to validate the Ansible Controller Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. diff --git a/roles/controller_bulk_host_create/tasks/main.yml b/roles/controller_bulk_host_create/tasks/main.yml index ec4707a50..3a8e2f98d 100644 --- a/roles/controller_bulk_host_create/tasks/main.yml +++ b/roles/controller_bulk_host_create/tasks/main.yml @@ -6,13 +6,12 @@ inventory: "{{ __controller_bulk_hosts_item.inventory }}" # Role Standard options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_bulk_hosts }}" loop_control: loop_var: __controller_bulk_hosts_item @@ -23,7 +22,7 @@ register: __controller_bulk_hosts_job_async changed_when: "(__controller_bulk_hosts_job_async.changed if ansible_check_mode else false)" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -43,5 +42,5 @@ when: not ansible_check_mode and __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_bulk_job_launch/README.md b/roles/controller_bulk_job_launch/README.md index f11ed0ff6..433847845 100644 --- a/roles/controller_bulk_job_launch/README.md +++ b/roles/controller_bulk_job_launch/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_bulk_launch_jobs`|`see below`|yes|Data structure describing your organization or organizations Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ******* task does not include sensitive information. -controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_*******_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_bulk_job_launch_secure_logging`|`False`|no|Whether or not to include the sensitive bulk_job_launch role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -46,10 +46,10 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_bulk_job_launch_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_bulk_job_launch_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_bulk_job_launch_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_bulk_job_launch_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_bulk_job_launch_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| @@ -119,12 +119,12 @@ This also speeds up the overall role. - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] diff --git a/roles/controller_bulk_job_launch/defaults/main.yml b/roles/controller_bulk_job_launch/defaults/main.yml index 618e9b564..33c720b0c 100644 --- a/roles/controller_bulk_job_launch/defaults/main.yml +++ b/roles/controller_bulk_job_launch/defaults/main.yml @@ -1,6 +1,6 @@ --- -controller_configuration_bulk_job_launch_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_bulk_job_launch_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_bulk_job_launch_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_bulk_job_launch_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_bulk_job_launch_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_bulk_job_launch_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_bulk_job_launch_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" ... diff --git a/roles/controller_bulk_job_launch/meta/argument_specs.yml b/roles/controller_bulk_job_launch/meta/argument_specs.yml index f85ee8b3e..8be955410 100644 --- a/roles/controller_bulk_job_launch/meta/argument_specs.yml +++ b/roles/controller_bulk_job_launch/meta/argument_specs.yml @@ -10,45 +10,45 @@ argument_specs: # No_log variables controller_configuration_bulk_job_launch_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_bulk_job_launch/tasks/main.yml b/roles/controller_bulk_job_launch/tasks/main.yml index 7207e909c..16dc176da 100644 --- a/roles/controller_bulk_job_launch/tasks/main.yml +++ b/roles/controller_bulk_job_launch/tasks/main.yml @@ -16,13 +16,12 @@ interval: "{{ __bulk_job_launch_item.interval | default(omit) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_bulk_launch_jobs }}" loop_control: loop_var: "__bulk_job_launch_item" diff --git a/roles/controller_credential_input_sources/README.md b/roles/controller_credential_input_sources/README.md index 96ad61940..0c2c922d1 100644 --- a/roles/controller_credential_input_sources/README.md +++ b/roles/controller_credential_input_sources/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credential_input_sources`|`see below`|yes|Data structure describing your credential input sources Described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add credential input source task does not include sensitive information. -controller_configuration_credential_input_sources_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_credential_input_sources_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credential_input_sources_secure_logging`|`False`|no|Whether or not to include the sensitive credential_input_source role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_credential_input_sources_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_credential_input_sources_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_credential_input_sources_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_credential_input_sources_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_credential_input_sources_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -152,18 +152,18 @@ controller_credential_input_sources: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.credential_input_sources, when: controller_credential_input_sources is defined} + - {role: infra.aap_configuration.credential_input_sources, when: controller_credential_input_sources is defined} ``` ## License diff --git a/roles/controller_credential_input_sources/defaults/main.yml b/roles/controller_credential_input_sources/defaults/main.yml index a05fa2057..cd9f32113 100644 --- a/roles/controller_credential_input_sources/defaults/main.yml +++ b/roles/controller_credential_input_sources/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dicts describing Controller credential input sources controller_credential_input_sources: [] -controller_configuration_credential_input_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_credential_input_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_credential_input_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credential_input_sources_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_credential_input_sources_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_credential_input_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_input_sources_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_input_sources/meta/argument_specs.yml b/roles/controller_credential_input_sources/meta/argument_specs.yml index c03c9c848..31c36a633 100644 --- a/roles/controller_credential_input_sources/meta/argument_specs.yml +++ b/roles/controller_credential_input_sources/meta/argument_specs.yml @@ -36,22 +36,22 @@ argument_specs: # Async variables controller_configuration_credential_input_sources_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_credential_input_sources_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -59,45 +59,45 @@ argument_specs: # No_log variables controller_configuration_credential_input_sources_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_credential_input_sources/tasks/main.yml b/roles/controller_credential_input_sources/tasks/main.yml index 857dbeb08..713a3cb28 100644 --- a/roles/controller_credential_input_sources/tasks/main.yml +++ b/roles/controller_credential_input_sources/tasks/main.yml @@ -6,16 +6,15 @@ source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" description: "{{ __cred_input_src_item.description | default(('' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" metadata: "{{ __cred_input_src_item.metadata | default(({} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" - state: "{{ __cred_input_src_item.state | default(controller_state | default('present')) }}" + state: "{{ __cred_input_src_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_credential_input_sources }}" loop_control: loop_var: "__cred_input_src_item" @@ -27,8 +26,8 @@ register: __credential_input_sources_job_async changed_when: "(__credential_input_sources_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__cred_input_src_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__cred_input_src_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -49,6 +48,6 @@ when: not ansible_check_mode and __credential_input_sources_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" vars: - __operation: "{{ operation_translate[__credential_input_sources_job_async_results_item.__cred_input_src_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__credential_input_sources_job_async_results_item.__cred_input_src_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_credential_input_sources/tests/test.yml b/roles/controller_credential_input_sources/tests/test.yml index 38b597cf0..112551e4a 100644 --- a/roles/controller_credential_input_sources/tests/test.yml +++ b/roles/controller_credential_input_sources/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_credential_types/README.md b/roles/controller_credential_types/README.md index 932c589da..9170d35b0 100644 --- a/roles/controller_credential_types/README.md +++ b/roles/controller_credential_types/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credential_types`|`see below`|yes|Data structure describing your credential types Described below. Alias: credential_types || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add credential type task does not include sensitive information. -controller_configuration_credential_types_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_credential_types_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credential_types_secure_logging`|`False`|no|Whether or not to include the sensitive Credential Type role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_credential_types_async_retries`|`controller_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_credential_types_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_credential_types_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_credential_types_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_credential_types_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -227,18 +227,18 @@ controller_credential_types: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.credential_types, when: controller_credential_types is defined} + - {role: infra.aap_configuration.credential_types, when: controller_credential_types is defined} ``` ## License diff --git a/roles/controller_credential_types/defaults/main.yml b/roles/controller_credential_types/defaults/main.yml index baab1021a..517333725 100644 --- a/roles/controller_credential_types/defaults/main.yml +++ b/roles/controller_credential_types/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict to define Controller credential types controller_credential_types: [] -controller_configuration_credential_types_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_credential_types_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_credential_types_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credential_types_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_credential_types_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_credential_types_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_types_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_types/meta/argument_specs.yml b/roles/controller_credential_types/meta/argument_specs.yml index 94580d0a7..3d0b9bacc 100644 --- a/roles/controller_credential_types/meta/argument_specs.yml +++ b/roles/controller_credential_types/meta/argument_specs.yml @@ -44,22 +44,22 @@ argument_specs: # Async variables controller_configuration_credential_types_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_credential_types_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -67,45 +67,45 @@ argument_specs: # No_log variables controller_configuration_credential_types_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_credential_types/tasks/main.yml b/roles/controller_credential_types/tasks/main.yml index 941635de1..53879cf29 100644 --- a/roles/controller_credential_types/tasks/main.yml +++ b/roles/controller_credential_types/tasks/main.yml @@ -7,16 +7,15 @@ injectors: "{{ __controller_credential_type_item.injectors | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" inputs: "{{ __controller_credential_type_item.inputs | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" - state: "{{ __controller_credential_type_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_credential_type_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ credential_types if credential_types is defined else controller_credential_types }}" loop_control: loop_var: __controller_credential_type_item @@ -28,8 +27,8 @@ register: __credentialtypes_job_async changed_when: "(__credentialtypes_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_credential_type_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_credential_type_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -50,6 +49,6 @@ when: not ansible_check_mode and __credentialtypes_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_credential_types_secure_logging }}" vars: - __operation: "{{ operation_translate[__credentialtypes_job_async_result_item.__controller_credential_type_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__credentialtypes_job_async_result_item.__controller_credential_type_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_credential_types/tests/test.yml b/roles/controller_credential_types/tests/test.yml index 76e89cb06..9c150c553 100644 --- a/roles/controller_credential_types/tests/test.yml +++ b/roles/controller_credential_types/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_credentials/README.md b/roles/controller_credentials/README.md index 22c136f74..48c118576 100644 --- a/roles/controller_credentials/README.md +++ b/roles/controller_credentials/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_credentials`|`see below`|yes|Data structure describing your credentials Described below. Alias: credentials || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add credentials task does not include sensitive information. -controller_configuration_credentials_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_credentials_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credentials_secure_logging`|`False`|no|Whether or not to include the sensitive Credential role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_credentials_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_credentials_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_credentials_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_credentials_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_credentials_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -153,18 +153,18 @@ controller_credentials: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.credentials, when: controller_credentials is defined} + - {role: infra.aap_configuration.credentials, when: controller_credentials is defined} ``` ## License diff --git a/roles/controller_credentials/defaults/main.yml b/roles/controller_credentials/defaults/main.yml index 34ba6a682..a3f8c5c60 100644 --- a/roles/controller_credentials/defaults/main.yml +++ b/roles/controller_credentials/defaults/main.yml @@ -1,10 +1,10 @@ --- # a list of dicts describing Controller credentials controller_credentials: [] -controller_configuration_credentials_secure_logging: "{{ controller_configuration_secure_logging | default(true) }}" -controller_configuration_credentials_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_credentials_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_credentials_secure_logging: "{{ aap_configuration_secure_logging | default(true) }}" +controller_configuration_credentials_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_credentials_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credentials_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credentials/meta/argument_specs.yml b/roles/controller_credentials/meta/argument_specs.yml index f8b5f8a1e..49d9a304e 100644 --- a/roles/controller_credentials/meta/argument_specs.yml +++ b/roles/controller_credentials/meta/argument_specs.yml @@ -57,22 +57,22 @@ argument_specs: # Async variables controller_configuration_credentials_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_credentials_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -80,45 +80,45 @@ argument_specs: # No_log variables controller_configuration_credentials_secure_logging: - default: "{{ controller_configuration_secure_logging | default(true) }}" + default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_credentials/tasks/main.yml b/roles/controller_credentials/tasks/main.yml index fd9ac9f40..01ea25d29 100644 --- a/roles/controller_credentials/tasks/main.yml +++ b/roles/controller_credentials/tasks/main.yml @@ -11,15 +11,15 @@ user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(omit, true)) }}" team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(omit, true)) }}" update_secrets: "{{ __controller_credentials_item.update_secrets | default(true if controller_configuration_credentials_enforce_defaults else omit) }}" - state: "{{ __controller_credentials_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_credentials_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ credentials if credentials is defined else controller_credentials }}" loop_control: loop_var: __controller_credentials_item @@ -31,8 +31,8 @@ register: __credentials_job_async changed_when: "(__credentials_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_credentials_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -53,6 +53,6 @@ when: not ansible_check_mode and __credentials_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_credentials_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_credentials_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_credentials_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_credentials/tests/test.yml b/roles/controller_credentials/tests/test.yml index 42409f5a2..ece2853fb 100644 --- a/roles/controller_credentials/tests/test.yml +++ b/roles/controller_credentials/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_execution_environments/README.md b/roles/controller_execution_environments/README.md index dacdb3f87..a58de0cec 100644 --- a/roles/controller_execution_environments/README.md +++ b/roles/controller_execution_environments/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_execution_environments`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: execution_environments || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add execution_environments task does not include sensitive information. -controller_configuration_execution_environments_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_execution_environments_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_execution_environments_secure_logging`|`False`|no|Whether or not to include the sensitive execution_environments role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_execution_environments_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_execution_environments_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_execution_environments_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_execution_environments_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_execution_environments_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -127,7 +127,7 @@ controller_execution_environments: tasks: - name: Add Execution Environments include_role: - name: infra.controller_configuration.execution_environments + name: infra.aap_configuration.execution_environments ``` ## License diff --git a/roles/controller_execution_environments/defaults/main.yml b/roles/controller_execution_environments/defaults/main.yml index a299af938..c2c26f303 100644 --- a/roles/controller_execution_environments/defaults/main.yml +++ b/roles/controller_execution_environments/defaults/main.yml @@ -1,9 +1,9 @@ --- # These are the default variables specific to the execution_environments role -controller_configuration_execution_environments_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_execution_environments_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_execution_environments_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_execution_environments_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_execution_environments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_execution_environments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_execution_environments_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_execution_environments/meta/argument_specs.yml b/roles/controller_execution_environments/meta/argument_specs.yml index 10aa99f4f..41c6e9a78 100644 --- a/roles/controller_execution_environments/meta/argument_specs.yml +++ b/roles/controller_execution_environments/meta/argument_specs.yml @@ -45,22 +45,22 @@ argument_specs: # Async variables controller_configuration_execution_environments_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_execution_environments_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -68,45 +68,45 @@ argument_specs: # No_log variables controller_configuration_execution_environments_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_execution_environments/tasks/main.yml b/roles/controller_execution_environments/tasks/main.yml index 85f931344..240576187 100644 --- a/roles/controller_execution_environments/tasks/main.yml +++ b/roles/controller_execution_environments/tasks/main.yml @@ -9,16 +9,15 @@ organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" credential: "{{ __execution_environments_item.credential | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" pull: "{{ __execution_environments_item.pull | default(('missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" - state: "{{ __execution_environments_item.state | default(controller_state | default('present')) }}" + state: "{{ __execution_environments_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ execution_environments if execution_environments is defined else controller_execution_environments }}" loop_control: loop_var: "__execution_environments_item" @@ -31,8 +30,8 @@ register: __execution_environments_job_async changed_when: "(__execution_environments_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__execution_environments_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__execution_environments_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -53,6 +52,6 @@ when: not ansible_check_mode and __execution_environments_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_execution_environments_secure_logging }}" vars: - __operation: "{{ operation_translate[__execution_environments_job_async_results_item.__execution_environments_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__execution_environments_job_async_results_item.__execution_environments_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_execution_environments/tests/test.yml b/roles/controller_execution_environments/tests/test.yml index cedbc88d5..9aa57234c 100644 --- a/roles/controller_execution_environments/tests/test.yml +++ b/roles/controller_execution_environments/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_host_groups/README.md b/roles/controller_host_groups/README.md index dd7cd2eb7..4012fde78 100644 --- a/roles/controller_host_groups/README.md +++ b/roles/controller_host_groups/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_groups`|`see below`|yes|Data structure describing your group or groups Described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add groups task does not include sensitive information. -controller_configuration_groups_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_groups_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_groups_secure_logging`|`False`|no|Whether or not to include the sensitive Group role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_groups_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_groups_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_groups_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_groups_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_group_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables @@ -155,18 +155,18 @@ controller_groups: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.groups, when: controller_groups is defined} + - {role: infra.aap_configuration.groups, when: controller_groups is defined} ``` ## License diff --git a/roles/controller_host_groups/defaults/main.yml b/roles/controller_host_groups/defaults/main.yml index edf5a8618..82b560f25 100644 --- a/roles/controller_host_groups/defaults/main.yml +++ b/roles/controller_host_groups/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dicts to describe Controller inventory groups controller_groups: [] -controller_configuration_group_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_group_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_group_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_group_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_group_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_group_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_host_groups/meta/argument_specs.yml b/roles/controller_host_groups/meta/argument_specs.yml index 8ff25e66f..d4747ce3b 100644 --- a/roles/controller_host_groups/meta/argument_specs.yml +++ b/roles/controller_host_groups/meta/argument_specs.yml @@ -56,22 +56,22 @@ argument_specs: # Async variables controller_configuration_groups_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_groups_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -79,45 +79,45 @@ argument_specs: # No_log variables controller_configuration_groups_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_host_groups/tasks/main.yml b/roles/controller_host_groups/tasks/main.yml index 6cf0a3efa..d67e5f9fa 100644 --- a/roles/controller_host_groups/tasks/main.yml +++ b/roles/controller_host_groups/tasks/main.yml @@ -12,16 +12,15 @@ children: "{{ __controller_groups_item.children | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" preserve_existing_hosts: "{{ __controller_groups_item.preserve_existing_hosts | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" preserve_existing_children: "{{ __controller_groups_item.preserve_existing_children | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" - state: "{{ __controller_groups_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_groups_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_groups }}" loop_control: loop_var: __controller_groups_item @@ -33,8 +32,8 @@ register: __group_job_async changed_when: "(__group_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_groups_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_groups_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -55,6 +54,6 @@ when: not ansible_check_mode and __group_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_group_secure_logging }}" vars: - __operation: "{{ operation_translate[__group_job_async_results_item.__controller_groups_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__group_job_async_results_item.__controller_groups_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_host_groups/tests/test.yml b/roles/controller_host_groups/tests/test.yml index d13500f63..2d7c6a500 100644 --- a/roles/controller_host_groups/tests/test.yml +++ b/roles/controller_host_groups/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_hosts/README.md b/roles/controller_hosts/README.md index cc7792eb7..3cacffdf6 100644 --- a/roles/controller_hosts/README.md +++ b/roles/controller_hosts/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_hosts`|`see below`|yes|Data structure describing your host entries described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add host task does not include sensitive information. -`controller_configuration_host_secure_logging` defaults to the value of `controller_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +`controller_configuration_host_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_host_secure_logging`|`False`|no|Whether or not to include the sensitive host role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_host_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_host_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_host_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_host_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_hosts_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables @@ -143,18 +143,18 @@ controller_hosts: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.hosts, when: controller_hosts is defined} + - {role: infra.aap_configuration.hosts, when: controller_hosts is defined} ``` ## License diff --git a/roles/controller_hosts/defaults/main.yml b/roles/controller_hosts/defaults/main.yml index 5318abd32..c72be7812 100644 --- a/roles/controller_hosts/defaults/main.yml +++ b/roles/controller_hosts/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dicts to describe Controller inventory hosts controller_hosts: [] -controller_configuration_hosts_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_hosts_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_hosts_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_hosts_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_hosts_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_hosts_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_hosts_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_hosts/meta/argument_specs.yml b/roles/controller_hosts/meta/argument_specs.yml index 0cfa2ef60..74d5f6bc2 100644 --- a/roles/controller_hosts/meta/argument_specs.yml +++ b/roles/controller_hosts/meta/argument_specs.yml @@ -41,22 +41,22 @@ argument_specs: # Async variables controller_configuration_hosts_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_hosts_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -64,45 +64,45 @@ argument_specs: # No_log variables controller_configuration_hosts_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_hosts/tasks/main.yml b/roles/controller_hosts/tasks/main.yml index bb2a7e3bb..8818638bf 100644 --- a/roles/controller_hosts/tasks/main.yml +++ b/roles/controller_hosts/tasks/main.yml @@ -6,17 +6,16 @@ description: "{{ __controller_host_item.description | default(('' if controller_configuration_host_enforce_defaults else omit), true) }}" inventory: "{{ __controller_host_item.inventory | mandatory }}" enabled: "{{ __controller_host_item.enabled | default((false if controller_configuration_host_enforce_defaults else omit), true) }}" - state: "{{ __controller_host_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_host_item.state | default(platform_state | default('present')) }}" variables: "{{ __controller_host_item.variables | default(({} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" # Role Standard Options - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_hosts }}" loop_control: loop_var: __controller_host_item @@ -28,8 +27,8 @@ register: __host_job_async changed_when: "(__host_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_host_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_host_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -50,6 +49,6 @@ when: not ansible_check_mode and __host_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_hosts_secure_logging }}" vars: - __operation: "{{ operation_translate[__host_job_async_results_item.__controller_host_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__host_job_async_results_item.__controller_host_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_hosts/tests/test.yml b/roles/controller_hosts/tests/test.yml index e99a56994..fe194efec 100644 --- a/roles/controller_hosts/tests/test.yml +++ b/roles/controller_hosts/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_instance_groups/README.md b/roles/controller_instance_groups/README.md index 54373a3fa..e807e135c 100644 --- a/roles/controller_instance_groups/README.md +++ b/roles/controller_instance_groups/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_instance_groups`|`see below`|yes|Data structure describing your instance groups Described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add instance groups task does not include sensitive information. -controller_configuration_instance_groups_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_instance_groups_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_instance_groups_secure_logging`|`False`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_instance_groups_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_instance_groups_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_instance_groups_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_instance_groups_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_instance_groups_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -108,18 +108,18 @@ controller_instance_groups: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.instance_groups, when: controller_instance_groups is defined} + - {role: infra.aap_configuration.instance_groups, when: controller_instance_groups is defined} ``` ## License diff --git a/roles/controller_instance_groups/defaults/main.yml b/roles/controller_instance_groups/defaults/main.yml index 9f0e0af55..acb7faf78 100644 --- a/roles/controller_instance_groups/defaults/main.yml +++ b/roles/controller_instance_groups/defaults/main.yml @@ -1,9 +1,9 @@ --- controller_instance_groups: [] -controller_configuration_instance_groups_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_instance_groups_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_instance_groups_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_instance_groups_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_instance_groups_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_instance_groups_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instance_groups_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instance_groups/meta/argument_specs.yml b/roles/controller_instance_groups/meta/argument_specs.yml index 17ddba3e8..3697b3e74 100644 --- a/roles/controller_instance_groups/meta/argument_specs.yml +++ b/roles/controller_instance_groups/meta/argument_specs.yml @@ -65,22 +65,22 @@ argument_specs: # Async variables controller_configuration_instance_groups_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_instance_groups_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -88,45 +88,45 @@ argument_specs: # No_log variables controller_configuration_instance_groups_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_instance_groups/tasks/main.yml b/roles/controller_instance_groups/tasks/main.yml index 3093d7d88..eb22d86e0 100644 --- a/roles/controller_instance_groups/tasks/main.yml +++ b/roles/controller_instance_groups/tasks/main.yml @@ -12,16 +12,15 @@ max_forks: "{{ __controller_instance_group_item.max_forks | default(0, true) if __controller_instance_group_item.max_forks is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" instances: "{{ __controller_instance_group_item.instances | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - state: "{{ __controller_instance_group_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_instance_group_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_instance_groups }}" loop_control: loop_var: __controller_instance_group_item @@ -34,8 +33,8 @@ register: __instance_groups_job_async changed_when: "(__instance_groups_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_instance_group_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_instance_group_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -56,6 +55,6 @@ when: not ansible_check_mode and __instance_groups_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instance_groups_secure_logging }}" vars: - __operation: "{{ operation_translate[__instance_groups_job_async_results_item.__controller_instance_group_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__instance_groups_job_async_results_item.__controller_instance_group_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_instance_groups/tests/test.yml b/roles/controller_instance_groups/tests/test.yml index 640b8f963..740f8d3b2 100644 --- a/roles/controller_instance_groups/tests/test.yml +++ b/roles/controller_instance_groups/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_instances/README.md b/roles/controller_instances/README.md index f988cca7f..6765d09c3 100644 --- a/roles/controller_instances/README.md +++ b/roles/controller_instances/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_instances`|`see below`|yes|Data structure describing your instances Described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add instances task does not include sensitive information. -controller_configuration_instances_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_instances_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_instances_secure_logging`|`False`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_instances_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_instances_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_instances_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_instances_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_instances_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -107,18 +107,18 @@ controller_instances: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.instances, when: controller_instances is defined} + - {role: infra.aap_configuration.instances, when: controller_instances is defined} ``` ## License diff --git a/roles/controller_instances/defaults/main.yml b/roles/controller_instances/defaults/main.yml index b1b5e9b7e..5dc35bfc7 100644 --- a/roles/controller_instances/defaults/main.yml +++ b/roles/controller_instances/defaults/main.yml @@ -1,9 +1,9 @@ --- controller_instances: [] -controller_configuration_instances_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_instances_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_instances_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_instances_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_instances_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_instances_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instances_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instances/meta/argument_specs.yml b/roles/controller_instances/meta/argument_specs.yml index 13c47503f..6d5c9071c 100644 --- a/roles/controller_instances/meta/argument_specs.yml +++ b/roles/controller_instances/meta/argument_specs.yml @@ -41,22 +41,22 @@ argument_specs: # Async variables controller_configuration_instances_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_instances_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -64,45 +64,45 @@ argument_specs: # No_log variables controller_configuration_instances_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_instances/tasks/main.yml b/roles/controller_instances/tasks/main.yml index 0f424ea45..ff10d90fe 100644 --- a/roles/controller_instances/tasks/main.yml +++ b/roles/controller_instances/tasks/main.yml @@ -13,13 +13,12 @@ peers_from_control_nodes: "{{ __controller_instance_item.peers_from_control_nodes | default((false if controller_configuration_instances_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_instances }}" loop_control: loop_var: __controller_instance_item @@ -32,7 +31,7 @@ register: __instance_job_async changed_when: "(__instance_job_async.changed if ansible_check_mode else false)" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -52,5 +51,5 @@ when: not ansible_check_mode and __instance_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instances_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_instances/tests/test.yml b/roles/controller_instances/tests/test.yml index 6c37843aa..d006284f1 100644 --- a/roles/controller_instances/tests/test.yml +++ b/roles/controller_instances/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_inventories/README.md b/roles/controller_inventories/README.md index ce83cf62f..cc51da525 100644 --- a/roles/controller_inventories/README.md +++ b/roles/controller_inventories/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventories`|`see below`|yes|Data structure describing your inventories described below. Alias: inventory || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add inventories task does not include sensitive information. -controller_configuration_inventories_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_inventories_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_inventories_secure_logging`|`False`|no|Whether or not to include the sensitive Inventory role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_inventories_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_inventories_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_inventories_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_inventories_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_inventories_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables @@ -158,18 +158,18 @@ controller_inventories: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.inventories, when: controller_inventories is defined} + - {role: infra.aap_configuration.inventories, when: controller_inventories is defined} ``` ## License diff --git a/roles/controller_inventories/defaults/main.yml b/roles/controller_inventories/defaults/main.yml index 5e7f0a83d..6d6310432 100644 --- a/roles/controller_inventories/defaults/main.yml +++ b/roles/controller_inventories/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dicts to describe Controller inventories controller_inventories: [] -controller_configuration_inventories_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_inventories_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_inventories_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_inventories_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_inventories_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_inventories_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventories_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventories/meta/argument_specs.yml b/roles/controller_inventories/meta/argument_specs.yml index 35c58df6b..c4b38b621 100644 --- a/roles/controller_inventories/meta/argument_specs.yml +++ b/roles/controller_inventories/meta/argument_specs.yml @@ -59,22 +59,22 @@ argument_specs: # Async variables controller_configuration_inventories_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_inventories_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -82,45 +82,45 @@ argument_specs: # No_log variables controller_configuration_inventories_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_inventories/tasks/main.yml b/roles/controller_inventories/tasks/main.yml index 913a2a9d3..bb0b168e4 100644 --- a/roles/controller_inventories/tasks/main.yml +++ b/roles/controller_inventories/tasks/main.yml @@ -12,16 +12,15 @@ kind: "{{ __controller_inventory_item.kind | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" host_filter: "{{ __controller_inventory_item.host_filter | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default((false if controller_configuration_inventories_enforce_defaults else omit), true) }}" - state: "{{ __controller_inventory_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_inventory_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory if inventory is defined else controller_inventories }}" loop_control: loop_var: __controller_inventory_item @@ -33,8 +32,8 @@ register: __inventories_job_async changed_when: "(__inventories_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_inventory_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_inventory_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -55,6 +54,6 @@ when: not ansible_check_mode and __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: - __operation: "{{ operation_translate[__inventories_job_async_result_item.__controller_inventory_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__inventories_job_async_result_item.__controller_inventory_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_inventories/tests/test.yml b/roles/controller_inventories/tests/test.yml index c78f4c92c..7c13a5d8f 100644 --- a/roles/controller_inventories/tests/test.yml +++ b/roles/controller_inventories/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_inventory_source_update/README.md b/roles/controller_inventory_source_update/README.md index aafb5df37..9ab666d53 100644 --- a/roles/controller_inventory_source_update/README.md +++ b/roles/controller_inventory_source_update/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventory_sources`|`see below`|yes|Data structure describing controller inventory sources to update Described below. Alias: inventory_sources || ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the inventory source update task does not include sensitive information. -controller_configuration_inventory_source_update_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_inventory_source_update_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_inventory_source_update_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -46,13 +46,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_inventory_source_update_async_retries`|`controller_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_inventory_source_update_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_inventory_source_update_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_inventory_source_update_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_inventory_source_update_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -97,18 +97,18 @@ controller_inventory_sources: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.inventory_source_update, when: controller_inventory_sources is defined} + - {role: infra.aap_configuration.inventory_source_update, when: controller_inventory_sources is defined} ``` diff --git a/roles/controller_inventory_source_update/defaults/main.yml b/roles/controller_inventory_source_update/defaults/main.yml index b04590415..acceaaa3f 100644 --- a/roles/controller_inventory_source_update/defaults/main.yml +++ b/roles/controller_inventory_source_update/defaults/main.yml @@ -1,7 +1,7 @@ --- -controller_configuration_inventory_source_update_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_inventory_source_update_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_inventory_source_update_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_inventory_source_update_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_inventory_source_update_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_inventory_source_update_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventory_source_update_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null ... diff --git a/roles/controller_inventory_source_update/meta/argument_specs.yml b/roles/controller_inventory_source_update/meta/argument_specs.yml index 0c81ed4d7..8b0850cc0 100644 --- a/roles/controller_inventory_source_update/meta/argument_specs.yml +++ b/roles/controller_inventory_source_update/meta/argument_specs.yml @@ -25,7 +25,7 @@ argument_specs: # type: bool # description: Wait for the job to complete. # interval: - # default: "{{ controller_configuration_inventory_source_update_async_delay | default(controller_configuration_async_retries | default(30)) }}" + # default: "{{ controller_configuration_inventory_source_update_async_delay | default(aap_configuration_async_retries | default(30)) }}" # required: false # type: int # description: The interval to request an update from controller. @@ -135,22 +135,22 @@ argument_specs: # Async variables controller_configuration_inventory_source_updates_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_inventory_source_updates_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -158,45 +158,45 @@ argument_specs: # No_log variables controller_configuration_inventory_source_updates_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_inventory_source_update/tasks/main.yml b/roles/controller_inventory_source_update/tasks/main.yml index 8a8f84120..2b9fe39cf 100644 --- a/roles/controller_inventory_source_update/tasks/main.yml +++ b/roles/controller_inventory_source_update/tasks/main.yml @@ -10,13 +10,12 @@ timeout: "{{ __inventory_source_update_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: loop_var: "__inventory_source_update_item" @@ -31,7 +30,7 @@ register: __inventory_source_update_async changed_when: not __inventory_source_update_async.changed vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -51,5 +50,5 @@ when: not ansible_check_mode and __inventory_source_update_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_inventory_source_update/tests/test.yml b/roles/controller_inventory_source_update/tests/test.yml index e8ad47f16..4cbcf7db8 100644 --- a/roles/controller_inventory_source_update/tests/test.yml +++ b/roles/controller_inventory_source_update/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_inventory_sources/README.md b/roles/controller_inventory_sources/README.md index 9ef1f049b..beb23d524 100644 --- a/roles/controller_inventory_sources/README.md +++ b/roles/controller_inventory_sources/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_inventory_sources`|`see below`|yes|Data structure describing your inventory sources Described below. Alias: inventory_sources || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add inventory_source task does not include sensitive information. -controller_configuration_inventory_sources_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_inventory_sources_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_inventory_sources_secure_logging`|`False`|no|Whether or not to include the sensitive Inventory Sources role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_inventory_sources_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_inventory_sources_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_inventory_sources_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_inventory_sources_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_inventory_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Formating Variables @@ -171,18 +171,18 @@ controller_inventory_sources: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.inventory_sources, when: controller_inventory_sources is defined} + - {role: infra.aap_configuration.inventory_sources, when: controller_inventory_sources is defined} ``` ## License diff --git a/roles/controller_inventory_sources/defaults/main.yml b/roles/controller_inventory_sources/defaults/main.yml index 8cd3c8864..025ced7a7 100644 --- a/roles/controller_inventory_sources/defaults/main.yml +++ b/roles/controller_inventory_sources/defaults/main.yml @@ -1,9 +1,9 @@ --- controller_inventory_sources: [] -controller_configuration_inventory_sources_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_inventory_sources_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_inventory_sources_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_inventory_sources_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_inventory_sources_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_inventory_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventory_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventory_sources/meta/argument_specs.yml b/roles/controller_inventory_sources/meta/argument_specs.yml index 022819924..cdfa29fdb 100644 --- a/roles/controller_inventory_sources/meta/argument_specs.yml +++ b/roles/controller_inventory_sources/meta/argument_specs.yml @@ -135,22 +135,22 @@ argument_specs: # Async variables controller_configuration_inventory_sources_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_inventory_sources_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -158,45 +158,45 @@ argument_specs: # No_log variables controller_configuration_inventory_sources_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_inventory_sources/tasks/main.yml b/roles/controller_inventory_sources/tasks/main.yml index b75869b28..08544b13f 100644 --- a/roles/controller_inventory_sources/tasks/main.yml +++ b/roles/controller_inventory_sources/tasks/main.yml @@ -24,19 +24,18 @@ update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(0, true) if __controller_source_item.update_cache_timeout is defined or controller_configuration_inventory_sources_enforce_defaults else omit }}" source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" scm_branch: "{{ __controller_source_item.scm_branch | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - state: "{{ __controller_source_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_source_item.state | default(platform_state | default('present')) }}" notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" # Role Standard Options - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: loop_var: __controller_source_item @@ -49,8 +48,8 @@ changed_when: "(__inventory_source_job_async.changed if ansible_check_mode else false)" when: (__controller_source_item.source | default(('scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) != "constructed" vars: - __operation: "{{ operation_translate[__controller_source_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_source_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -71,6 +70,6 @@ when: not ansible_check_mode and __inventory_source_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" vars: - __operation: "{{ operation_translate[__inventory_source_job_async_results_item.__controller_source_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__inventory_source_job_async_results_item.__controller_source_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_inventory_sources/tests/test.yml b/roles/controller_inventory_sources/tests/test.yml index b71721ddb..d76ba35c5 100644 --- a/roles/controller_inventory_sources/tests/test.yml +++ b/roles/controller_inventory_sources/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_job_launch/README.md b/roles/controller_job_launch/README.md index 0d6b2199c..23d41de0d 100644 --- a/roles/controller_job_launch/README.md +++ b/roles/controller_job_launch/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_launch_jobs`|`see below`|yes|Data structure describing the jobs to launch Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the job launch task does not include sensitive information. -controller_configuration_job_launch_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_job_launch_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_job_launch_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -86,18 +86,18 @@ controller_launch_jobs: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.job_launch, when: controller_launch_jobs is defined} + - {role: infra.aap_configuration.job_launch, when: controller_launch_jobs is defined} ``` ## License diff --git a/roles/controller_job_launch/defaults/main.yml b/roles/controller_job_launch/defaults/main.yml index 822c2d9f8..481ad1a1d 100644 --- a/roles/controller_job_launch/defaults/main.yml +++ b/roles/controller_job_launch/defaults/main.yml @@ -1,3 +1,3 @@ --- -controller_configuration_job_launch_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_job_launch_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" ... diff --git a/roles/controller_job_launch/meta/argument_specs.yml b/roles/controller_job_launch/meta/argument_specs.yml index 182c528a5..bd9018cc2 100644 --- a/roles/controller_job_launch/meta/argument_specs.yml +++ b/roles/controller_job_launch/meta/argument_specs.yml @@ -103,45 +103,45 @@ argument_specs: # No_log variables controller_configuration_groups_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_job_launch/tasks/main.yml b/roles/controller_job_launch/tasks/main.yml index d8e48afdf..87768c885 100644 --- a/roles/controller_job_launch/tasks/main.yml +++ b/roles/controller_job_launch/tasks/main.yml @@ -26,13 +26,12 @@ timeout: "{{ __job_launch_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_launch_jobs }}" loop_control: loop_var: "__job_launch_item" diff --git a/roles/controller_job_launch/tests/test.yml b/roles/controller_job_launch/tests/test.yml index 69cf2cee4..7d1f699e3 100644 --- a/roles/controller_job_launch/tests/test.yml +++ b/roles/controller_job_launch/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_job_templates/README.md b/roles/controller_job_templates/README.md index 17db7ee50..de379daac 100644 --- a/roles/controller_job_templates/README.md +++ b/roles/controller_job_templates/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_templates`|`see below`|yes|Data structure describing your job template or job templates Described below. Alias: job_templates || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add job_template task does not include sensitive information. -controller_configuration_job_templates_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_job_templates_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_job_templates_secure_logging`|`False`|no|Whether or not to include the sensitive Job Template role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_job_templates_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_job_templates_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_job_templates_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_job_templates_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_job_templates_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -126,7 +126,7 @@ This also speeds up the overall role. |`webhook_service`|""|no|str|Service that webhook requests will be accepted from (github, gitlab)| |`webhook_credential`|""|no|str|Personal Access Token for posting back the status to the service API| |`scm_branch`|""|no|str|Branch to use in job run. Project default used if blank. Only allowed if project allow_override field is set to true.| -|`labels`|""|no|list|The labels applied to this job template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/labels) role first, an error will occur if the label supplied to this role does not exist.| +|`labels`|""|no|list|The labels applied to this job template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/controller_labels) role first, an error will occur if the label supplied to this role does not exist.| |`custom_virtualenv`|""|no|str|Local absolute file path containing a custom Python virtualenv to use.| |`notification_templates_started`|""|no|list|The notifications on started to use for this organization in a list.| |`notification_templates_success`|""|no|list|The notifications on success to use for this organization in a list.| @@ -284,18 +284,18 @@ controller_templates: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.job_templates, when: controller_templates is defined} + - {role: infra.aap_configuration.job_templates, when: controller_templates is defined} ``` ## License diff --git a/roles/controller_job_templates/defaults/main.yml b/roles/controller_job_templates/defaults/main.yml index ce071feba..55f85887e 100644 --- a/roles/controller_job_templates/defaults/main.yml +++ b/roles/controller_job_templates/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict describing Controller job templates: controller_templates: [] -controller_configuration_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_job_templates_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_job_templates_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_job_templates_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_job_templates_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_job_templates_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_job_templates_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_job_templates/meta/argument_specs.yml b/roles/controller_job_templates/meta/argument_specs.yml index 69744c6f6..a19fca63a 100644 --- a/roles/controller_job_templates/meta/argument_specs.yml +++ b/roles/controller_job_templates/meta/argument_specs.yml @@ -250,22 +250,22 @@ argument_specs: # Async variables controller_configuration_job_templates_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_job_templates_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -273,45 +273,45 @@ argument_specs: # No_log variables controller_configuration_job_templates_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_job_templates/tasks/main.yml b/roles/controller_job_templates/tasks/main.yml index 7dc8ed990..f7a1e649b 100644 --- a/roles/controller_job_templates/tasks/main.yml +++ b/roles/controller_job_templates/tasks/main.yml @@ -52,19 +52,18 @@ webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" scm_branch: "{{ __controller_template_item.scm_branch | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - state: "{{ __controller_template_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_template_item.state | default(platform_state | default('present')) }}" notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ job_templates if job_templates is defined else controller_templates }}" loop_control: loop_var: __controller_template_item @@ -76,8 +75,8 @@ register: __job_templates_job_async changed_when: "(__job_templates_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_template_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_template_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -93,8 +92,8 @@ when: not ansible_check_mode and __job_templates_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_job_templates_secure_logging }}" vars: - __operation: "{{ operation_translate[__job_templates_job_asycn_result_item.__controller_template_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__job_templates_job_asycn_result_item.__controller_template_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: Set Job Templates error artifact when: __templates_error_list is defined diff --git a/roles/controller_job_templates/tests/test.yml b/roles/controller_job_templates/tests/test.yml index ff7a743bb..3f76fbdf6 100644 --- a/roles/controller_job_templates/tests/test.yml +++ b/roles/controller_job_templates/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_jobs_cancel/README.md b/roles/controller_jobs_cancel/README.md index 94de87751..62440eb0e 100644 --- a/roles/controller_jobs_cancel/README.md +++ b/roles/controller_jobs_cancel/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_cancel_jobs`|`see below`|yes|Data structure describing jobs to cancel Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the task to cancel jobs does not include sensitive information. -controller_configuration_jobs_cancel_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_jobs_cancel_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_jobs_cancel_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -66,18 +66,18 @@ controller_cancel_jobs: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.jobs_cancel, when: controller_cancel_jobs is defined} + - {role: infra.aap_configuration.jobs_cancel, when: controller_cancel_jobs is defined} ``` ## License diff --git a/roles/controller_jobs_cancel/defaults/main.yml b/roles/controller_jobs_cancel/defaults/main.yml index 0b11f28fc..9ce15bf3a 100644 --- a/roles/controller_jobs_cancel/defaults/main.yml +++ b/roles/controller_jobs_cancel/defaults/main.yml @@ -1,3 +1,3 @@ --- -controller_configuration_jobs_cancel_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_jobs_cancel_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" ... diff --git a/roles/controller_jobs_cancel/meta/argument_specs.yml b/roles/controller_jobs_cancel/meta/argument_specs.yml index 6fa4c903b..8b7754a45 100644 --- a/roles/controller_jobs_cancel/meta/argument_specs.yml +++ b/roles/controller_jobs_cancel/meta/argument_specs.yml @@ -20,45 +20,45 @@ argument_specs: # No_log variables controller_configuration_ad_hoc_command_cancel_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_jobs_cancel/tasks/main.yml b/roles/controller_jobs_cancel/tasks/main.yml index e41abb5a7..9445fd22d 100644 --- a/roles/controller_jobs_cancel/tasks/main.yml +++ b/roles/controller_jobs_cancel/tasks/main.yml @@ -6,13 +6,12 @@ fail_if_not_running: "{{ __controller_jobs_cancel_item.fail_if_not_running | default(omit) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_cancel_jobs }}" loop_control: loop_var: "__controller_jobs_cancel_item" diff --git a/roles/controller_jobs_cancel/tests/test.yml b/roles/controller_jobs_cancel/tests/test.yml index 1cbbbdea3..5a4cdc862 100644 --- a/roles/controller_jobs_cancel/tests/test.yml +++ b/roles/controller_jobs_cancel/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_labels/README.md b/roles/controller_labels/README.md index 5301bfd35..af8dfb698 100644 --- a/roles/controller_labels/README.md +++ b/roles/controller_labels/README.md @@ -14,13 +14,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_labels`|`see below`|yes|Data structure describing your label or labels Described below.|| ### Secure Logging Variables @@ -28,12 +28,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add labels task does not include sensitive information. -controller_configuration_labels_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_labels_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_labels_secure_logging`|`False`|no|Whether or not to include the sensitive Label role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -44,13 +44,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_labels_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_labels_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_labels_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_labels_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_labels_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -104,18 +104,18 @@ controller_labels: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.labels, when: controller_labels is defined} + - {role: infra.aap_configuration.labels, when: controller_labels is defined} ``` ## License diff --git a/roles/controller_labels/defaults/main.yml b/roles/controller_labels/defaults/main.yml index b1be8a4c7..8898c2fcc 100644 --- a/roles/controller_labels/defaults/main.yml +++ b/roles/controller_labels/defaults/main.yml @@ -1,8 +1,8 @@ --- controller_labels: [] -controller_configuration_labels_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_labels_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_labels_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_labels_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_labels_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_labels_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_labels_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null ... diff --git a/roles/controller_labels/meta/argument_specs.yml b/roles/controller_labels/meta/argument_specs.yml index a057cf09c..a2e2353ce 100644 --- a/roles/controller_labels/meta/argument_specs.yml +++ b/roles/controller_labels/meta/argument_specs.yml @@ -28,22 +28,22 @@ argument_specs: # Async variables controller_configuration_labels_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_labels_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -51,45 +51,45 @@ argument_specs: # No_log variables controller_configuration_labels_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_labels/tasks/main.yml b/roles/controller_labels/tasks/main.yml index a77a97ab8..515f06e6c 100644 --- a/roles/controller_labels/tasks/main.yml +++ b/roles/controller_labels/tasks/main.yml @@ -4,16 +4,15 @@ name: "{{ __controller_label_item.name | mandatory }}" new_name: "{{ __controller_label_item.new_name | default(omit, true) }}" organization: "{{ __controller_label_item.organization | mandatory }}" - state: "{{ __controller_label_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_label_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_labels }}" loop_control: loop_var: __controller_label_item @@ -25,8 +24,8 @@ register: __controller_label_job_async changed_when: "(__controller_label_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_label_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_label_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -47,6 +46,6 @@ when: not ansible_check_mode and __controller_label_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_labels_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_label_job_async_results_item.__controller_label_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_label_job_async_results_item.__controller_label_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_labels/tests/test.yml b/roles/controller_labels/tests/test.yml index 776d50623..e5e506ed8 100644 --- a/roles/controller_labels/tests/test.yml +++ b/roles/controller_labels/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_license/README.md b/roles/controller_license/README.md index ea1b56bea..31854dd55 100644 --- a/roles/controller_license/README.md +++ b/roles/controller_license/README.md @@ -18,13 +18,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_license`|`see below`|yes|Data structure describing your license for controller, described below.|| |`redhat_subscription_username`|""|no|Red Hat or Red Hat Satellite username to get available subscriptions. Used only for Subscription lookup implementation.|| |`redhat_subscription_password`|""|no|Red Hat or Red Hat Satellite password to get available subscriptions. Used only for Subscription lookup implementation.|| @@ -34,12 +34,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add license task does not include sensitive information. -controller_configuration_license_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_license_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_license_secure_logging`|`False`|no|Whether or not to include the sensitive license role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -107,18 +107,18 @@ controller_license: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.license, when: controller_license is defined} + - {role: infra.aap_configuration.license, when: controller_license is defined} ``` ### Standard Subscription lookup Role Usage @@ -129,10 +129,10 @@ controller_license: hosts: localhost connection: local vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme redhat_subscription_username: changeme redhat_subscription_password: changeme controller_license: @@ -140,7 +140,7 @@ controller_license: product_name: "Red Hat Ansible Automation Platform" support_level: "Self-Support" roles: - - {role: infra.controller_configuration.license} + - {role: infra.aap_configuration.license} ``` ## License diff --git a/roles/controller_license/defaults/main.yml b/roles/controller_license/defaults/main.yml index fbb93ef3b..37f2a324d 100644 --- a/roles/controller_license/defaults/main.yml +++ b/roles/controller_license/defaults/main.yml @@ -1,5 +1,5 @@ --- -controller_configuration_license_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_license_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" _redhat_cop_license_filters: product_name: Red Hat Ansible Automation Platform support_level: Self-Support diff --git a/roles/controller_license/meta/argument_specs.yml b/roles/controller_license/meta/argument_specs.yml index 3040dd82f..c0b9ae8e5 100644 --- a/roles/controller_license/meta/argument_specs.yml +++ b/roles/controller_license/meta/argument_specs.yml @@ -65,45 +65,45 @@ argument_specs: # No_log variables controller_configuration_labels_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_license/tasks/manifest.yml b/roles/controller_license/tasks/manifest.yml index 0f80a40d5..18e0dce37 100644 --- a/roles/controller_license/tasks/manifest.yml +++ b/roles/controller_license/tasks/manifest.yml @@ -46,13 +46,12 @@ state: "{{ controller_license.state | default(omit) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + aap_username: "{{ aap_username | default(omit, true) }}" + aap_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" no_log: "{{ controller_configuration_license_secure_logging }}" when: controller_license is defined ... diff --git a/roles/controller_license/tasks/subscription.yml b/roles/controller_license/tasks/subscription.yml index e1d8ab1ac..ba9559b62 100644 --- a/roles/controller_license/tasks/subscription.yml +++ b/roles/controller_license/tasks/subscription.yml @@ -7,13 +7,12 @@ password: "{{ redhat_subscription_password }}" filters: "{{ controller_license.filters | default(_redhat_cop_license_filters) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + aap_username: "{{ aap_username | default(omit, true) }}" + aap_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" register: subscription when: - "'use_lookup' in controller_license" @@ -26,13 +25,12 @@ state: "{{ controller_license.state | default(omit) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + aap_username: "{{ aap_username | default(omit, true) }}" + aap_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" no_log: "{{ controller_configuration_license_secure_logging }}" when: controller_license is defined ... diff --git a/roles/controller_license/tests/test.yml b/roles/controller_license/tests/test.yml index 5d94b1388..746262890 100644 --- a/roles/controller_license/tests/test.yml +++ b/roles/controller_license/tests/test.yml @@ -4,10 +4,10 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme redhat_subscription_username: changeme redhat_subscription_password: changeme @@ -15,7 +15,7 @@ - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./config extensions: ["yml"] diff --git a/roles/controller_notification_templates/README.md b/roles/controller_notification_templates/README.md index a6b79deb0..b23ee845c 100644 --- a/roles/controller_notification_templates/README.md +++ b/roles/controller_notification_templates/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_notifications`|`see below`|yes|Data structure describing your notification entries described below. Alias: notification_templates || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add notification task does not include sensitive information. -`controller_configuration_notification_secure_logging` defaults to the value of `controller_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +`controller_configuration_notification_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_notification_secure_logging`|`False`|no|Whether or not to include the sensitive notification role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_notification_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_notification_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_notification_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_notification_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_notifications_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -180,18 +180,18 @@ controller_notifications: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.notification_templates, when: controller_notifications is defined} + - {role: infra.aap_configuration.notification_templates, when: controller_notifications is defined} ``` ## License diff --git a/roles/controller_notification_templates/defaults/main.yml b/roles/controller_notification_templates/defaults/main.yml index 85add535b..eb5e15995 100644 --- a/roles/controller_notification_templates/defaults/main.yml +++ b/roles/controller_notification_templates/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict to describe Controller notification templates controller_notifications: [] -controller_configuration_notifications_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_notifications_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_notifications_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_notifications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_notifications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_notifications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_notifications_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_notification_templates/meta/argument_specs.yml b/roles/controller_notification_templates/meta/argument_specs.yml index 4a2408034..4d3020d86 100644 --- a/roles/controller_notification_templates/meta/argument_specs.yml +++ b/roles/controller_notification_templates/meta/argument_specs.yml @@ -49,67 +49,67 @@ argument_specs: # Async variables controller_configuration_notification_templates_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_notification_templates_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables controller_configuration_notification_templates_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_notification_templates/tasks/main.yml b/roles/controller_notification_templates/tasks/main.yml index bccad9920..6e403d89b 100644 --- a/roles/controller_notification_templates/tasks/main.yml +++ b/roles/controller_notification_templates/tasks/main.yml @@ -9,16 +9,15 @@ notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory }}" notification_configuration: "{{ __controller_notification_item.notification_configuration | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) }}" messages: "{{ __controller_notification_item.messages | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - state: "{{ __controller_notification_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_notification_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ notification_templates if notification_templates is defined else controller_notifications }}" loop_control: loop_var: __controller_notification_item @@ -30,8 +29,8 @@ register: __controller_notification_job_async changed_when: "(__controller_notification_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_notification_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_notification_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -52,6 +51,6 @@ when: not ansible_check_mode and __controller_notification_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_notifications_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_notification_job_async_results_item.__controller_notification_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_notification_job_async_results_item.__controller_notification_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_notification_templates/tests/test.yml b/roles/controller_notification_templates/tests/test.yml index 2e1df99b9..d91fe908d 100644 --- a/roles/controller_notification_templates/tests/test.yml +++ b/roles/controller_notification_templates/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_organizations/README.md b/roles/controller_organizations/README.md index 1b2ea7090..b75213872 100644 --- a/roles/controller_organizations/README.md +++ b/roles/controller_organizations/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`true`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_organizations`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: organizations || |`assign_galaxy_credentials_to_org`|`true`|no|Boolean to indicate whether credentials should be assigned or not. It should be noted that credentials must exist before adding it. The dispatch role will set this to `false`, before re-running the role with it set to `true`. || |`assign_default_ee_to_org`|`true`|no|Boolean to indicate whether default execution environment should be assigned or not. It should be noted that execution environment must exist before adding it. The dispatch role will set this to `false`, before re-running the role with it set to `true`. || @@ -50,12 +50,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add organization task does not include sensitive information. -controller_configuration_organizations_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_organizations_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_organizations_secure_logging`|`False`|no|Whether or not to include the sensitive Organization role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -66,13 +66,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_organizations_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_organizations_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_organizations_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_organizations_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_organizations_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Organization Data Structure @@ -173,18 +173,18 @@ controller_organizations: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.organizations, when: controller_organizations is defined} + - {role: infra.aap_configuration.organizations, when: controller_organizations is defined} ``` ## License diff --git a/roles/controller_organizations/defaults/main.yml b/roles/controller_organizations/defaults/main.yml index 5538411e8..0050033af 100644 --- a/roles/controller_organizations/defaults/main.yml +++ b/roles/controller_organizations/defaults/main.yml @@ -1,10 +1,10 @@ --- controller_organizations: [] -controller_configuration_organizations_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_organizations_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_organizations_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_organizations_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_organizations_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true diff --git a/roles/controller_organizations/meta/argument_specs.yml b/roles/controller_organizations/meta/argument_specs.yml index a68168caa..65ae07b20 100644 --- a/roles/controller_organizations/meta/argument_specs.yml +++ b/roles/controller_organizations/meta/argument_specs.yml @@ -82,22 +82,22 @@ argument_specs: # Async variables controller_configuration_organizations_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_organizations_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -105,45 +105,45 @@ argument_specs: # No_log variables controller_configuration_organizations_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_organizations/tasks/main.yml b/roles/controller_organizations/tasks/main.yml index 650af22cb..4736032ed 100644 --- a/roles/controller_organizations/tasks/main.yml +++ b/roles/controller_organizations/tasks/main.yml @@ -13,16 +13,15 @@ notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" - state: "{{ __controller_organizations_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_organizations_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ organizations if organizations is defined else controller_organizations }}" loop_control: loop_var: __controller_organizations_item @@ -34,8 +33,8 @@ register: __organizations_job_async changed_when: "(__organizations_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_organizations_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_organizations_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -56,6 +55,6 @@ when: not ansible_check_mode and __organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_organizations_secure_logging }}" vars: - __operation: "{{ operation_translate[__organizations_job_async_results_item.__controller_organizations_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__organizations_job_async_results_item.__controller_organizations_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_organizations/tests/test.yml b/roles/controller_organizations/tests/test.yml index 9bdc016f9..84a25b395 100644 --- a/roles/controller_organizations/tests/test.yml +++ b/roles/controller_organizations/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_project_update/README.md b/roles/controller_project_update/README.md index 73d60c83d..998d34df7 100644 --- a/roles/controller_project_update/README.md +++ b/roles/controller_project_update/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_projects`|`see below`|yes|Data structure describing the project to update Described below. Alias: projects || ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the project update task does not include sensitive information. -controller_configuration_project_update_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_project_update_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_project_update_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -46,13 +46,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|60|no|This variable sets the number of retries to attempt for the role globally.| +|`aap_configuration_async_retries`|60|no|This variable sets the number of retries to attempt for the role globally.| |`controller_configuration_project_update_async_retries`|60|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|10|no|This sets the delay between retries for the role globally.| +|`aap_configuration_async_delay`|10|no|This sets the delay between retries for the role globally.| |`controller_configuration_project_update_async_delay`|10|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_project_update_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -106,18 +106,18 @@ controller_projects: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.project_update, when: controller_projects is defined} + - {role: infra.aap_configuration.project_update, when: controller_projects is defined} ``` diff --git a/roles/controller_project_update/defaults/main.yml b/roles/controller_project_update/defaults/main.yml index f6142a67b..3e1db4dd9 100644 --- a/roles/controller_project_update/defaults/main.yml +++ b/roles/controller_project_update/defaults/main.yml @@ -1,7 +1,7 @@ --- -controller_configuration_project_update_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_project_update_async_retries: "{{ controller_configuration_async_retries | default(60) }}" -controller_configuration_project_update_async_delay: "{{ controller_configuration_async_delay | default(10) }}" +controller_configuration_project_update_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_project_update_async_retries: "{{ aap_configuration_async_retries | default(60) }}" +controller_configuration_project_update_async_delay: "{{ aap_configuration_async_delay | default(10) }}" controller_configuration_project_update_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null ... diff --git a/roles/controller_project_update/meta/argument_specs.yml b/roles/controller_project_update/meta/argument_specs.yml index 1c3ffa3c4..f28395eb3 100644 --- a/roles/controller_project_update/meta/argument_specs.yml +++ b/roles/controller_project_update/meta/argument_specs.yml @@ -124,67 +124,67 @@ argument_specs: # Async variables controller_configuration_project_update_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_project_update_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables controller_configuration_groups_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_project_update/tasks/main.yml b/roles/controller_project_update/tasks/main.yml index 69bdfcf5e..7a97a0f3f 100644 --- a/roles/controller_project_update/tasks/main.yml +++ b/roles/controller_project_update/tasks/main.yml @@ -9,13 +9,12 @@ timeout: "{{ __project_update_update_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ projects if projects is defined else controller_projects }}" loop_control: loop_var: "__project_update_update_item" @@ -31,7 +30,7 @@ register: __project_update_job_async changed_when: "(__project_update_job_async.changed if ansible_check_mode else false)" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -51,5 +50,5 @@ when: not ansible_check_mode and __project_update_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_project_update_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_project_update/tests/test.yml b/roles/controller_project_update/tests/test.yml index 8c771034b..f314622c9 100644 --- a/roles/controller_project_update/tests/test.yml +++ b/roles/controller_project_update/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_projects/README.md b/roles/controller_projects/README.md index 8a166e551..2237533b7 100644 --- a/roles/controller_projects/README.md +++ b/roles/controller_projects/README.md @@ -17,10 +17,10 @@ Currently: |Variable Name|Default Value|Required|Type|Description|Example| |:---|:---:|:---:|:---|:---|:---| |`controller_state`|"present"|no|str|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|str|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|str|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|str|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|str|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_hostname`|""|yes|str|URL to the Ansible Controller Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|str|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_username`|""|no|str|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|str|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|str|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_request_timeout`|`10`|no|int|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_projects`|`see below`|yes|str|Data structure describing your project or projects Described below. Alias: projects || @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add projects task does not include sensitive information. -controller_configuration_projects_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_projects_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---| |`controller_configuration_projects_secure_logging`|`False`|no|str|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|str|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|str|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---| -|`controller_configuration_async_retries`|30|no|str|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_projects_async_retries`|`{{ controller_configuration_async_retries }}`|no|str|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|str|This sets the delay between retries for the role globally.| -|`controller_configuration_projects_async_delay`|`controller_configuration_async_delay`|no|str|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|str|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_projects_async_retries`|`{{ aap_configuration_async_retries }}`|no|str|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|str|This sets the delay between retries for the role globally.| +|`controller_configuration_projects_async_delay`|`aap_configuration_async_delay`|no|str|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|int|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_projects_loop_delay`|`controller_configuration_loop_delay`|no|int|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|bool|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|bool|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -157,18 +157,18 @@ controller_projects: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.projects, when: controller_projects is defined} + - {role: infra.aap_configuration.projects, when: controller_projects is defined} ``` ## License diff --git a/roles/controller_projects/defaults/main.yml b/roles/controller_projects/defaults/main.yml index 233e9d2b1..cd393d365 100644 --- a/roles/controller_projects/defaults/main.yml +++ b/roles/controller_projects/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict describing Controller projects controller_projects: [] -controller_configuration_projects_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_projects_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_projects_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_projects_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_projects_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_projects_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_projects_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_projects/meta/argument_specs.yml b/roles/controller_projects/meta/argument_specs.yml index 8951ac329..642a918b6 100644 --- a/roles/controller_projects/meta/argument_specs.yml +++ b/roles/controller_projects/meta/argument_specs.yml @@ -132,22 +132,22 @@ argument_specs: # Async variables controller_configuration_projects_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_projects_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -155,45 +155,45 @@ argument_specs: # No_log variables controller_configuration_projects_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_projects/tasks/main.yml b/roles/controller_projects/tasks/main.yml index 66de7c405..3a7dd9a2e 100644 --- a/roles/controller_projects/tasks/main.yml +++ b/roles/controller_projects/tasks/main.yml @@ -22,7 +22,7 @@ timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(0, true) if __controller_project_item.timeout is defined or __controller_project_item.job_timeout is defined or controller_configuration_projects_enforce_defaults else omit) }}" custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(('' if controller_configuration_projects_enforce_defaults else omit))) }}" - state: "{{ __controller_project_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_project_item.state | default(platform_state | default('present')) }}" wait: "{{ __controller_project_item.wait | default((true if controller_configuration_projects_enforce_defaults else omit)) }}" update_project: "{{ __controller_project_item.update_project | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" @@ -31,13 +31,12 @@ notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ projects if projects is defined else controller_projects }}" loop_control: loop_var: __controller_project_item @@ -49,8 +48,8 @@ register: __projects_job_async changed_when: "(__projects_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_project_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_project_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -71,6 +70,6 @@ when: not ansible_check_mode and __projects_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_projects_secure_logging }}" vars: - __operation: "{{ operation_translate[__projects_job_async_results_item.__controller_project_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__projects_job_async_results_item.__controller_project_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_projects/tests/test.yml b/roles/controller_projects/tests/test.yml index 8c877ea54..fffe87045 100644 --- a/roles/controller_projects/tests/test.yml +++ b/roles/controller_projects/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_roles/README.md b/roles/controller_roles/README.md index 204d1cfc3..fcd16ee37 100644 --- a/roles/controller_roles/README.md +++ b/roles/controller_roles/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_roles`|`see below`|yes|Data structure describing your RBAC entries described below.|| ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add rbac task does not include sensitive information. -`controller_configuration_role_secure_logging` defaults to the value of `controller_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +`controller_configuration_role_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_role_secure_logging`|`False`|no|Whether or not to include the sensitive rbac role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_role_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_role_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_role_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_role_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_role_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -174,18 +174,18 @@ controller_roles: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.roles, when: controller_roles is defined} + - {role: infra.aap_configuration.roles, when: controller_roles is defined} ``` ## License diff --git a/roles/controller_roles/defaults/main.yml b/roles/controller_roles/defaults/main.yml index ccd2a6879..332b983aa 100644 --- a/roles/controller_roles/defaults/main.yml +++ b/roles/controller_roles/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict describing a Controller access control rule controller_roles: [] -controller_configuration_role_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_role_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_role_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_role_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_role_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_role_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_roles/meta/argument_specs.yml b/roles/controller_roles/meta/argument_specs.yml index 5471b7491..4d9a30fce 100644 --- a/roles/controller_roles/meta/argument_specs.yml +++ b/roles/controller_roles/meta/argument_specs.yml @@ -95,22 +95,22 @@ argument_specs: # Async variables controller_configuration_role_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_role_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -118,45 +118,45 @@ argument_specs: # No_log variables controller_configuration_role_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_roles/tasks/main.yml b/roles/controller_roles/tasks/main.yml index d47d738b0..5bf818248 100644 --- a/roles/controller_roles/tasks/main.yml +++ b/roles/controller_roles/tasks/main.yml @@ -22,16 +22,15 @@ project: "{{ __controller_role_item.0.project | default(__controller_role_item.project) | default(omit, true) }}" projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(controller_state | default('present')) }}" + state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ (controller_roles | subelements(['roles'], skip_missing=true)) + controller_roles | selectattr('roles', 'undefined') }}" loop_control: loop_var: __controller_role_item @@ -43,8 +42,8 @@ register: __controller_role_job_async changed_when: "(__controller_role_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_role_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_role_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -65,6 +64,6 @@ when: not ansible_check_mode and __controller_role_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_role_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_role_job_async_results_item.__controller_role_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_role_job_async_results_item.__controller_role_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_roles/tests/test.yml b/roles/controller_roles/tests/test.yml index b36acf8a1..f5b7d727c 100644 --- a/roles/controller_roles/tests/test.yml +++ b/roles/controller_roles/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_schedules/README.md b/roles/controller_schedules/README.md index 7e17af87e..b16af72d6 100644 --- a/roles/controller_schedules/README.md +++ b/roles/controller_schedules/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_schedules`|`see below`|yes|Data structure describing your schedule or schedules Described below. Alias: schedules || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add schedules task does not include sensitive information. -controller_configuration_schedules_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_schedules_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_schedules_secure_logging`|`False`|no|Whether or not to include the sensitive Schedules role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_schedules_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_schedules_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_schedules_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_schedules_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_schedules_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -149,18 +149,18 @@ controller_schedules: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.schedules, when: controller_schedules is defined} + - {role: infra.aap_configuration.schedules, when: controller_schedules is defined} ``` ## License diff --git a/roles/controller_schedules/defaults/main.yml b/roles/controller_schedules/defaults/main.yml index b95ffc31d..8f352ab8f 100644 --- a/roles/controller_schedules/defaults/main.yml +++ b/roles/controller_schedules/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dict describing Controller schedules: controller_schedules: [] -controller_configuration_schedules_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_schedules_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_schedules_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_schedules_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_schedules_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_schedules_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_schedules_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_schedules/meta/argument_specs.yml b/roles/controller_schedules/meta/argument_specs.yml index 4b7979cf4..05f5e3528 100644 --- a/roles/controller_schedules/meta/argument_specs.yml +++ b/roles/controller_schedules/meta/argument_specs.yml @@ -117,22 +117,22 @@ argument_specs: # Async variables controller_configuration_schedules_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_schedules_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -140,45 +140,45 @@ argument_specs: # No_log variables controller_configuration_schedules_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_schedules/tasks/main.yml b/roles/controller_schedules/tasks/main.yml index f471277d6..5442eb24d 100644 --- a/roles/controller_schedules/tasks/main.yml +++ b/roles/controller_schedules/tasks/main.yml @@ -24,16 +24,15 @@ organization: "{{ __controller_schedule_item.organization | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" enabled: "{{ __controller_schedule_item.enabled | default((true if controller_configuration_schedules_enforce_defaults else omit)) }}" - state: "{{ __controller_schedule_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_schedule_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ schedules if schedules is defined else controller_schedules }}" loop_control: loop_var: "__controller_schedule_item" @@ -45,8 +44,8 @@ register: __controller_schedule_job_async changed_when: "(__controller_schedule_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_schedule_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_schedule_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -67,6 +66,6 @@ when: not ansible_check_mode and __controller_schedule_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_schedules_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_schedule_job_async_results_item.__controller_schedule_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_schedule_job_async_results_item.__controller_schedule_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_schedules/tests/test.yml b/roles/controller_schedules/tests/test.yml index f62efd482..b82fdb948 100644 --- a/roles/controller_schedules/tests/test.yml +++ b/roles/controller_schedules/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_settings/README.md b/roles/controller_settings/README.md index cf38dde26..2bbc7b276 100644 --- a/roles/controller_settings/README.md +++ b/roles/controller_settings/README.md @@ -14,13 +14,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_settings`|`see below`|yes|Data structure describing your settings described below.|| ### Secure Logging Variables @@ -28,12 +28,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add settings task does not include sensitive information. -controller_configuration_settings_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_settings_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_settings_secure_logging`|`False`|no|Whether or not to include the sensitive Settings role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -44,13 +44,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_settings_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_settings_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_settings_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_settings_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_settings_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -131,18 +131,18 @@ controller_settings: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.settings, when: controller_settings is defined} + - {role: infra.aap_configuration.settings, when: controller_settings is defined} ``` ## License diff --git a/roles/controller_settings/defaults/main.yml b/roles/controller_settings/defaults/main.yml index a2a5aa90c..f3db6d792 100644 --- a/roles/controller_settings/defaults/main.yml +++ b/roles/controller_settings/defaults/main.yml @@ -1,9 +1,9 @@ --- # list of dicts (or a single dict) describing the Controller settings controller_settings: [] -controller_configuration_settings_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_settings_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_settings_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_settings_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_settings_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_settings_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_settings_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null ... diff --git a/roles/controller_settings/meta/argument_specs.yml b/roles/controller_settings/meta/argument_specs.yml index 968024db1..a82407028 100644 --- a/roles/controller_settings/meta/argument_specs.yml +++ b/roles/controller_settings/meta/argument_specs.yml @@ -23,22 +23,22 @@ argument_specs: # Async variables controller_configuration_settings_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_settings_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -46,45 +46,45 @@ argument_specs: # No_log variables controller_configuration_settings_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_settings/tasks/main.yml b/roles/controller_settings/tasks/main.yml index 5b4a46b4c..e6ddeb57a 100644 --- a/roles/controller_settings/tasks/main.yml +++ b/roles/controller_settings/tasks/main.yml @@ -7,13 +7,12 @@ value: "{{ __controller_setting_item.value | default(omit) }}" # Role Standard Options - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" # controller_settings must be either a dictionary/mapping or a list of dictionaries loop: "{{ controller_settings is mapping | ternary([controller_settings], controller_settings) }}" loop_control: @@ -26,7 +25,7 @@ register: __controller_setting_job_async changed_when: "(__controller_setting_job_async.changed if ansible_check_mode else false)" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -46,5 +45,5 @@ when: not ansible_check_mode and __controller_setting_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_settings_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_settings/tests/test.yml b/roles/controller_settings/tests/test.yml index 4b44866ed..7d1d0330a 100644 --- a/roles/controller_settings/tests/test.yml +++ b/roles/controller_settings/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_teams/README.md b/roles/controller_teams/README.md index 182383edb..994491674 100644 --- a/roles/controller_teams/README.md +++ b/roles/controller_teams/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_teams`|`see below`|yes|Data structure describing your Teams described below. Alias: teams || ### Enforcing defaults @@ -34,11 +34,11 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_teams_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_platform_teams_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_teams_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`controller_configuration_platform_teams_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| |`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add teams task does not include sensitive information. -`controller_configuration_teams_secure_logging` defaults to the value of `controller_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +`controller_configuration_platform_teams_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_teams_secure_logging`|`False`|no|Whether or not to include the sensitive teams role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_platform_teams_secure_logging`|`False`|no|Whether or not to include the sensitive teams role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_teams_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_teams_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_platform_teams_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_platform_teams_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_teams_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ### Data structure `controller_teams:` should include following vars @@ -89,18 +89,18 @@ This also speeds up the overall role. - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.teams, when: controller_teams is defined} + - {role: infra.aap_configuration.teams, when: controller_teams is defined} ``` ## License diff --git a/roles/controller_teams/defaults/main.yml b/roles/controller_teams/defaults/main.yml index f3bea7bf0..0c61086a6 100644 --- a/roles/controller_teams/defaults/main.yml +++ b/roles/controller_teams/defaults/main.yml @@ -1,10 +1,10 @@ --- # These are the default variables specific to the teams role controller_teams: [] -controller_configuration_teams_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_teams_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_teams_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_platform_teams_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_platform_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_platform_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_teams_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null -controller_configuration_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +aap_configuration_async_dir: null +controller_configuration_platform_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_teams/meta/argument_specs.yml b/roles/controller_teams/meta/argument_specs.yml index 7bcf6818e..172a537dc 100644 --- a/roles/controller_teams/meta/argument_specs.yml +++ b/roles/controller_teams/meta/argument_specs.yml @@ -31,69 +31,69 @@ argument_specs: # description: Desired state of the resource. # Async variables - controller_configuration_teams_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + controller_configuration_platform_teams_async_retries: + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. - controller_configuration_teams_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + controller_configuration_platform_teams_async_delay: + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables - controller_configuration_teams_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + controller_configuration_platform_teams_secure_logging: + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_teams/tasks/main.yml b/roles/controller_teams/tasks/main.yml index 9c6546925..c9ce4239b 100644 --- a/roles/controller_teams/tasks/main.yml +++ b/roles/controller_teams/tasks/main.yml @@ -3,31 +3,30 @@ team: name: "{{ __controller_team_item.name | mandatory }}" new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" - description: "{{ __controller_team_item.description | default(('' if controller_configuration_teams_enforce_defaults else omit), true) }}" + description: "{{ __controller_team_item.description | default(('' if controller_configuration_platform_teams_enforce_defaults else omit), true) }}" organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" - state: "{{ __controller_team_item.state | default(controller_state | default('present')) }}" + state: "{{ __controller_team_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ teams if teams is defined else controller_teams }}" loop_control: loop_var: __controller_team_item label: "{{ __operation.verb }} Ansible Controller Team {{ __controller_team_item.name }}" pause: "{{ controller_configuration_teams_loop_delay }}" - no_log: "{{ controller_configuration_teams_secure_logging }}" + no_log: "{{ controller_configuration_platform_teams_secure_logging }}" async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_team_job_async changed_when: "(__controller_team_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_team_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_team_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -39,15 +38,15 @@ jid: "{{ __controller_team_job_async_results_item.ansible_job_id }}" register: __controller_team_job_async_result until: __controller_team_job_async_result.finished - retries: "{{ controller_configuration_teams_async_retries }}" - delay: "{{ controller_configuration_teams_async_delay }}" + retries: "{{ controller_configuration_platform_teams_async_retries }}" + delay: "{{ controller_configuration_platform_teams_async_delay }}" loop: "{{ __controller_team_job_async.results }}" loop_control: loop_var: __controller_team_job_async_results_item label: "{{ __operation.verb }} Teams | Wait for finish the Teams {{ __operation.action }}" when: not ansible_check_mode and __controller_team_job_async_results_item.ansible_job_id is defined - no_log: "{{ controller_configuration_teams_secure_logging }}" + no_log: "{{ controller_configuration_platform_teams_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_team_job_asycn_results_item.__controller_team_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_team_job_asycn_results_item.__controller_team_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_teams/tests/test.yml b/roles/controller_teams/tests/test.yml index c06f49f27..6747ba4c7 100644 --- a/roles/controller_teams/tests/test.yml +++ b/roles/controller_teams/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_users/README.md b/roles/controller_users/README.md index f94492d11..100758eec 100644 --- a/roles/controller_users/README.md +++ b/roles/controller_users/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_user_accounts`|`see below`|yes|Data structure describing your user entries described below. Alias: users || |`controller_user_default_password`|""|no|Global variable to set the password for all users.|| @@ -47,12 +47,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add user task does not include sensitive information. -`controller_configuration_user_secure_logging` defaults to the value of `controller_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. +`controller_configuration_user_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_user_secure_logging`|`False`|no|Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -63,13 +63,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_users_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_users_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_users_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_users_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_users_loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -113,7 +113,7 @@ This also speeds up the overall role. controller_user_accounts: - user: controller_user is_superuser: false - password: controller_password + password: aap_password ``` ## Playbook Examples @@ -125,18 +125,18 @@ controller_user_accounts: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.users, when: controller_user_accounts is defined} + - {role: infra.aap_configuration.users, when: controller_user_accounts is defined} ``` ## License diff --git a/roles/controller_users/defaults/main.yml b/roles/controller_users/defaults/main.yml index d06c411e7..a16ff7565 100644 --- a/roles/controller_users/defaults/main.yml +++ b/roles/controller_users/defaults/main.yml @@ -5,10 +5,10 @@ controller_user_accounts: [] # set this variable to something false and there won't be a default password controller_user_default_password: "change_me" -controller_configuration_users_secure_logging: "{{ controller_configuration_secure_logging | default('true') }}" -controller_configuration_users_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_users_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +controller_configuration_users_secure_logging: "{{ aap_configuration_secure_logging | default('true') }}" +controller_configuration_users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_users_loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_users/meta/argument_specs.yml b/roles/controller_users/meta/argument_specs.yml index c539646d8..14520def7 100644 --- a/roles/controller_users/meta/argument_specs.yml +++ b/roles/controller_users/meta/argument_specs.yml @@ -61,22 +61,22 @@ argument_specs: # Async variables controller_configuration_users_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_users_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -84,45 +84,45 @@ argument_specs: # No_log variables controller_configuration_users_secure_logging: - default: "{{ controller_configuration_secure_logging | default(true) }}" + default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_users/tasks/main.yml b/roles/controller_users/tasks/main.yml index f214c453a..e0d2b8954 100644 --- a/roles/controller_users/tasks/main.yml +++ b/roles/controller_users/tasks/main.yml @@ -14,16 +14,15 @@ is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default((false if controller_configuration_users_enforce_defaults else omit))) }}" update_secrets: "{{ __controller_user_accounts_item.update_secrets | default((false if controller_configuration_users_enforce_defaults else omit)) }}" organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" - state: "{{ __controller_user_accounts_item.state | default(controller_state | default(omit, true)) }}" + state: "{{ __controller_user_accounts_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ users if users is defined else controller_user_accounts }}" loop_control: loop_var: __controller_user_accounts_item @@ -35,8 +34,8 @@ register: __controller_user_accounts_job_async changed_when: "(__controller_user_accounts_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -57,6 +56,6 @@ when: not ansible_check_mode and __controller_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_users_secure_logging }}" vars: - __operation: "{{ operation_translate[__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_users/tests/test.yml b/roles/controller_users/tests/test.yml index cc3110b28..15b18e08f 100644 --- a/roles/controller_users/tests/test.yml +++ b/roles/controller_users/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_workflow_job_templates/README.md b/roles/controller_workflow_job_templates/README.md index 5e375b807..5e4e148d3 100644 --- a/roles/controller_workflow_job_templates/README.md +++ b/roles/controller_workflow_job_templates/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_workflows`|`see below`|yes|Data structure describing your workflow job templates described below. Alias: workflow_job_templates || ### Enforcing defaults @@ -46,12 +46,12 @@ Enabling this will enforce configurtion without specifying every option in the c The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add Workflow Job Templates task does not include sensitive information. -workflow_job_templates_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of genie roles with a single variable, or for the user to selectively use it. +workflow_job_templates_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of genie roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`workflow_job_templates_secure_logging`|`False`|no|Whether or not to include the sensitive Workflow Job Templates role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -62,13 +62,13 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| -|`controller_configuration_workflow_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| -|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`controller_configuration_workflow_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| +|`controller_configuration_workflow_async_retries`|`{{ aap_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`controller_configuration_workflow_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| |`controller_configuration_loop_delay`|0|no|This sets the pause between each item in the loop for the roles globally. To help when API is getting overloaded.| |`controller_configuration_workflow__loop_delay`|`controller_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| -|`controller_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -89,7 +89,7 @@ This also speeds up the overall role. |`allow_simultaneous`|""|no|bool|Allow simultaneous runs of the workflow job template.| |`inventory`|""|no|str|Inventory applied as a prompt, assuming job template prompts for inventory| |`limit`|""|no|str|Limit applied as a prompt, assuming job template prompts for limit| -|`labels`|""|no|str|The labels applied to this job template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/labels) role first, an error will occur if the label supplied to this role does not exist.| +|`labels`|""|no|str|The labels applied to this job template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/controller_labels) role first, an error will occur if the label supplied to this role does not exist.| |`ask_labels_on_launch`|""|no|bool|Prompt user for labels on launch.| |`job_tags`|""|no|str|Comma separated list of the tags to use for the workflow job template.| |`skip_tags`|""|no|str|Comma separated list of the tags to skip for the workflow job template.| @@ -121,7 +121,7 @@ This also speeds up the overall role. |`forks`|Job Template default|no|str|Forks applied as a prompt. Job Template default used if not set. Only allowed if `ask_forks_on_launch` set to true on Job Template| |`instance_groups`|Job Template default|no|str| List of Instance Groups applied as a prompt. Job Template default used if not set. Only allowed if `ask_instance_groups_on_launch` set to true on Job Template| |`job_slice_count`|Job Template default|no|str|Job Slice Count to use in the job run. Job Template default used if not set. Only allowed if `ask_job_slice_count_on_launch` set to true on Job Template| -|`labels`|Job Template default|no|list|List of labels to use in the job run. Job Template default used if not set. Only allowed if `ask_labels_on_launch` set to true on Job Template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/labels) role first, an error will occur if the label supplied to this role does not exist.| +|`labels`|Job Template default|no|list|List of labels to use in the job run. Job Template default used if not set. Only allowed if `ask_labels_on_launch` set to true on Job Template. NOTE: Labels must be created with the [labels](https://github.com/redhat-cop/aap_configuration/tree/devel/roles/controller_labels) role first, an error will occur if the label supplied to this role does not exist.| |`timeout`|Job Template default|no|str|Timeout to use in the job run. Job Template default used if not set. Only allowed if `ask_timeout_on_launch` set to true on Job Template| |`approval_node`|""|no|str|A dictionary of Name, description, and timeout values for the approval node. This parameter is mutually exclusive with unified_job_template.| |`organization`|""|no|str|The organization of the workflow job template the node exists in. Used for looking up the workflow, not a direct model field.| @@ -409,18 +409,18 @@ controller_workflows: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.workflow_job_templates, when: controller_workflows is defined} + - {role: infra.aap_configuration.workflow_job_templates, when: controller_workflows is defined} ``` diff --git a/roles/controller_workflow_job_templates/defaults/main.yml b/roles/controller_workflow_job_templates/defaults/main.yml index df6c1ed34..bbc1dc280 100644 --- a/roles/controller_workflow_job_templates/defaults/main.yml +++ b/roles/controller_workflow_job_templates/defaults/main.yml @@ -1,10 +1,10 @@ --- # list of dicts describing Controller workflow templates controller_workflows: [] -workflow_job_templates_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" -controller_configuration_workflow_async_retries: "{{ controller_configuration_async_retries | default(30) }}" -controller_configuration_workflow_async_delay: "{{ controller_configuration_async_delay | default(1) }}" +workflow_job_templates_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +controller_configuration_workflow_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +controller_configuration_workflow_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_workflow__loop_delay: "{{ controller_configuration_loop_delay | default(0) }}" -controller_configuration_async_dir: null +aap_configuration_async_dir: null controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_workflow_job_templates/meta/argument_specs.yml b/roles/controller_workflow_job_templates/meta/argument_specs.yml index b8cb25949..aaa527527 100644 --- a/roles/controller_workflow_job_templates/meta/argument_specs.yml +++ b/roles/controller_workflow_job_templates/meta/argument_specs.yml @@ -278,22 +278,22 @@ argument_specs: # Async variables controller_configuration_workflow_job_templates_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_workflow_job_templates_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - controller_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -301,45 +301,45 @@ argument_specs: # No_log variables controller_configuration_workflow_job_templates_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml b/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml index 0a22c16a8..b26c76904 100644 --- a/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml @@ -24,18 +24,17 @@ timeout: "{{ __workflow_loop_node_item.timeout | default(omit, true) }}" approval_node: "{{ __workflow_loop_node_item.approval_node | default(omit, true) }}" workflow: "{{ __workflow_loop_item.name | mandatory }}" # Workflow job template name to associate with - state: "{{ __workflow_loop_node_item.state | default(controller_state | default('present')) }}" + state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" all_parents_must_converge: "{{ __workflow_loop_node_item.all_parents_must_converge | default('false') }}" organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item @@ -47,7 +46,7 @@ register: __workflows_node_async changed_when: not __workflows_node_async.changed vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -66,7 +65,7 @@ when: not ansible_check_mode and __workflows_node_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' # Create links between workflow node - name: Create links between Workflow Nodes @@ -76,15 +75,14 @@ always_nodes: "{{ __workflow_loop_node_item.always_nodes | default(__workflow_loop_node_item.related.always_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on always (blue links) success_nodes: "{{ __workflow_loop_node_item.success_nodes | default(__workflow_loop_node_item.related.success_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on success (green links) failure_nodes: "{{ __workflow_loop_node_item.failure_nodes | default(__workflow_loop_node_item.related.failure_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on failure (red links) - state: "{{ __workflow_loop_node_item.state | default(controller_state | default('present')) }}" + state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item @@ -98,7 +96,7 @@ poll: 0 register: __workflows_link_async vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -118,5 +116,5 @@ when: not ansible_check_mode and __workflows_link_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '{{ controller_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/controller_workflow_job_templates/tasks/main.yml b/roles/controller_workflow_job_templates/tasks/main.yml index ddee92aa6..01a93cadc 100644 --- a/roles/controller_workflow_job_templates/tasks/main.yml +++ b/roles/controller_workflow_job_templates/tasks/main.yml @@ -27,20 +27,19 @@ ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(([] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" - state: "{{ __workflow_loop_item.state | default(controller_state | default('present')) }}" + state: "{{ __workflow_loop_item.state | default(platform_state | default('present')) }}" notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ workflow_job_templates if workflow_job_templates is defined else controller_workflows }}" loop_control: loop_var: __workflow_loop_item @@ -51,8 +50,8 @@ register: __workflows_job_async changed_when: "(__workflows_job_async.changed if ansible_check_mode else false)" vars: - __operation: "{{ operation_translate[__workflow_loop_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__workflow_loop_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Flag for errors (check mode only)" ansible.builtin.set_fact: @@ -73,8 +72,8 @@ when: not ansible_check_mode and __workflows_job_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - __operation: "{{ operation_translate[__workflows_job_async_results_item.__workflow_loop_item.state | default(controller_state) | default('present')] }}" - ansible_async_dir: '{{ controller_configuration_async_dir }}' + __operation: "{{ operation_translate[__workflows_job_async_results_item.__workflow_loop_item.state | default(platform_state) | default('present')] }}" + ansible_async_dir: '{{ aap_configuration_async_dir }}' # Create links between workflow node - name: Loop over nodes in schema to add to workflow templates diff --git a/roles/controller_workflow_job_templates/tests/test.yaml b/roles/controller_workflow_job_templates/tests/test.yaml index bb0048b70..f812173ed 100644 --- a/roles/controller_workflow_job_templates/tests/test.yaml +++ b/roles/controller_workflow_job_templates/tests/test.yaml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/controller_workflow_launch/README.md b/roles/controller_workflow_launch/README.md index 0b88f16d4..602509ef6 100644 --- a/roles/controller_workflow_launch/README.md +++ b/roles/controller_workflow_launch/README.md @@ -16,13 +16,13 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| -|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| |`controller_workflow_launch_jobs`|`see below`|yes|Data structure describing workflow or workflows to launch Described below.|| ### Secure Logging Variables @@ -30,12 +30,12 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the workflow launch task does not include sensitive information. -controller_configuration_workflow_launch_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +controller_configuration_workflow_launch_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_workflow_launch_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -73,18 +73,18 @@ controller_workflow_launch_jobs: - name: Playbook to configure ansible controller post installation hosts: localhost connection: local - # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # Define following vars here, or in platform_configs/controller_auth.yml + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./yaml ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.controller_configuration.workflow_launch, when: controller_workflow_launch_jobs is defined} + - {role: infra.aap_configuration.workflow_launch, when: controller_workflow_launch_jobs is defined} ``` diff --git a/roles/controller_workflow_launch/defaults/main.yml b/roles/controller_workflow_launch/defaults/main.yml index 0a7ce9e57..b8539b724 100644 --- a/roles/controller_workflow_launch/defaults/main.yml +++ b/roles/controller_workflow_launch/defaults/main.yml @@ -1,3 +1,3 @@ --- -controller_configuration_workflow_launch_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}" +controller_configuration_workflow_launch_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" ... diff --git a/roles/controller_workflow_launch/meta/argument_specs.yml b/roles/controller_workflow_launch/meta/argument_specs.yml index 7c0444990..529a17490 100644 --- a/roles/controller_workflow_launch/meta/argument_specs.yml +++ b/roles/controller_workflow_launch/meta/argument_specs.yml @@ -48,63 +48,63 @@ argument_specs: # Async variables controller_configuration_workflow_launch_async_retries: - default: "{{ controller_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - controller_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. controller_configuration_workflow_launch_async_delay: - default: "{{ controller_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - controller_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. # No_log variables controller_configuration_groups_secure_logging: - default: "{{ controller_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - controller_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - controller_hostname: + aap_hostname: default: None required: false - description: URL to the Ansible Controller Server. + description: URL to the Ansible Automation Platform Server. type: str - controller_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the Ansible Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - controller_username: + aap_username: default: None required: false - description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - controller_password: + aap_password: default: None required: false - description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_oauthtoken: + aap_token: default: None required: false - description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/controller_workflow_launch/tasks/main.yml b/roles/controller_workflow_launch/tasks/main.yml index d48e74e7c..becdf8142 100644 --- a/roles/controller_workflow_launch/tasks/main.yml +++ b/roles/controller_workflow_launch/tasks/main.yml @@ -13,13 +13,12 @@ timeout: "{{ __workflow_launch_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" - controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - request_timeout: "{{ controller_request_timeout | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" - controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_workflow_launch_jobs }}" loop_control: loop_var: "__workflow_launch_item" diff --git a/roles/controller_workflow_launch/tests/test.yml b/roles/controller_workflow_launch/tests/test.yml index adb835e04..9b15f3f1f 100644 --- a/roles/controller_workflow_launch/tests/test.yml +++ b/roles/controller_workflow_launch/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/dispatch/README.md b/roles/dispatch/README.md index b02607150..ceb259642 100644 --- a/roles/dispatch/README.md +++ b/roles/dispatch/README.md @@ -16,7 +16,7 @@ gateway_dispatch_roles: - {role: authenticator_maps, var: authenticator_maps_list, tags: authenticator_maps} - {role: http_ports, var: http_ports_list, tags: http_ports} - {role: organizations, var: organizations_list, tags: organizations} - - {role: teams, var: teams_list, tags: teams} + - {role: teams, var: platform_teams, tags: teams} - {role: service_clusters, var: service_clusters_list, tags: service_clusters} - {role: service_keys, var: service_keys_list, tags: service_keys} - {role: service_nodes, var: service_nodes_list, tags: service_nodes} @@ -38,4 +38,4 @@ For more information about roles, see each roles' README (also linked in the top ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index 9f4b324ac..a6c5310b0 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -7,7 +7,7 @@ gateway_configuration_dispatcher_roles: var: authenticator_maps_list tags: authenticator_maps - role: gateway_settings - var: settings_list + var: gateway_settings tags: settings - role: gateway_http_ports var: http_ports_list @@ -34,7 +34,7 @@ gateway_configuration_dispatcher_roles: var: routes_list tags: routes - role: gateway_teams - var: teams_list + var: platform_teams tags: teams ah_configuration_dispatcher_roles: - role: hub_namespace @@ -163,7 +163,7 @@ eda_configuration_dispatcher_roles: var: eda_rulebook_activations tags: rulebook_activation -platform_configuration_dispatcher_roles: > +aap_configuration_dispatcher_roles: > {{ gateway_configuration_dispatcher_roles + ah_configuration_dispatcher_roles + controller_configuration_dispatcher_roles diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index 4f908e779..0ff91687e 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -39,7 +39,7 @@ argument_specs: var: routes_list tags: routes - role: gateway_teams - var: teams_list + var: platform_teams tags: teams controller_configuration_dispatcher_roles: default: @@ -181,58 +181,52 @@ argument_specs: tags: rulebook_activation # Async variables - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. # No_log variables - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index 9088f7e04..e058bc09b 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -1,12 +1,12 @@ --- -- name: "Run the following infra.platform_configuration roles: {{ platform_configuration_dispatcher_roles | map(attribute='role') | join(', ') }}" +- name: "Run the following infra.platform_configuration roles: {{ aap_configuration_dispatcher_roles | map(attribute='role') | join(', ') }}" ansible.builtin.include_role: name: "{{ __role.role }}" apply: tags: "{{ __role.tags }}" when: vars[__role.var] is defined tags: always - loop: "{{ platform_configuration_dispatcher_roles }}" + loop: "{{ aap_configuration_dispatcher_roles }}" loop_control: loop_var: __role vars: diff --git a/roles/dispatch/tests/test.yml b/roles/dispatch/tests/test.yml index a67723b48..2c013c99c 100644 --- a/roles/dispatch/tests/test.yml +++ b/roles/dispatch/tests/test.yml @@ -4,16 +4,16 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx pre_tasks: - - name: Include vars from controller_configs directory + - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs extensions: ["yml"] diff --git a/roles/eda_controller_tokens/README.md b/roles/eda_controller_tokens/README.md index fb73a20ec..c4422be80 100644 --- a/roles/eda_controller_tokens/README.md +++ b/roles/eda_controller_tokens/README.md @@ -2,7 +2,7 @@ ## Description -An Ansible Role to create User Tokens in EDA Controller. Note that tokens may only be applied to the user account accessing the API (ie. eda_username) +An Ansible Role to create User Tokens in EDA Controller. Note that tokens may only be applied to the user account accessing the API (ie. aap_username) Note that tokens cannot be updated, only created. ## Variables @@ -10,11 +10,12 @@ Note that tokens cannot be updated, only created. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_controller_tokens`|`see below`|yes|Data structure describing your user tokens, described below.|| ### Secure Logging Variables @@ -22,12 +23,12 @@ Note that tokens cannot be updated, only created. The following Variables complement each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add project task does not include sensitive information. -eda_configuration_user_token_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_user_token_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_user_token_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,8 +39,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_user_token_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_user_token_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_user_token_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_controller_tokens/defaults/main.yml b/roles/eda_controller_tokens/defaults/main.yml index bddbfe72d..a04669255 100644 --- a/roles/eda_controller_tokens/defaults/main.yml +++ b/roles/eda_controller_tokens/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_controller_tokens: [] -eda_configuration_user_token_secure_logging: "{{ eda_configuration_secure_logging | default(false) }}" -eda_configuration_user_token_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_user_token_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_user_token_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +eda_configuration_user_token_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_user_token_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_controller_tokens/meta/argument_specs.yml b/roles/eda_controller_tokens/meta/argument_specs.yml index 1bef96685..b96298349 100644 --- a/roles/eda_controller_tokens/meta/argument_specs.yml +++ b/roles/eda_controller_tokens/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_user_token_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_user_token_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_user_token_secure_logging: - default: "{{ eda_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_controller_tokens/tasks/main.yml b/roles/eda_controller_tokens/tasks/main.yml index e45866fff..1cf93b51b 100644 --- a/roles/eda_controller_tokens/tasks/main.yml +++ b/roles/eda_controller_tokens/tasks/main.yml @@ -6,11 +6,11 @@ name: "{{ __token_item.name }}" description: "{{ __token_item.description | default(omit) }}" token: "{{ __token_item.token | default(omit) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ aap_username| default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_controller_tokens }}" loop_control: loop_var: "__token_item" @@ -20,7 +20,7 @@ register: __controller_tokens_job_async changed_when: not __controller_tokens_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create controller_token | Wait for finish the controller_token creation" ansible.builtin.async_status: @@ -35,5 +35,5 @@ when: __controller_tokens_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_user_token_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/eda_credentials/README.md b/roles/eda_credentials/README.md index 3e466276d..051187d3a 100644 --- a/roles/eda_credentials/README.md +++ b/roles/eda_credentials/README.md @@ -9,11 +9,12 @@ An Ansible Role to create Credentials in EDA Controller. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_credentials`|`see below`|yes|Data structure describing your credentials, described below.|| ### Secure Logging Variables @@ -21,12 +22,12 @@ An Ansible Role to create Credentials in EDA Controller. The following Variables complement each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add credential task does not include sensitive information. -eda_configuration_credential_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_credential_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_credential_secure_logging`|`True`|no|Whether or not to include the sensitive credential role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -37,8 +38,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_credential_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_credential_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_credential_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_credentials/defaults/main.yml b/roles/eda_credentials/defaults/main.yml index 1b37c9165..c5675ad2f 100644 --- a/roles/eda_credentials/defaults/main.yml +++ b/roles/eda_credentials/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_credentials: [] -eda_configuration_credential_secure_logging: "{{ eda_configuration_secure_logging | default(true) }}" -eda_configuration_credential_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_credential_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_credential_secure_logging: "{{ aap_configuration_secure_logging | default(true) }}" +eda_configuration_credential_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_credential_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_credentials/meta/argument_specs.yml b/roles/eda_credentials/meta/argument_specs.yml index 521a8b01c..3ad74ebe9 100644 --- a/roles/eda_credentials/meta/argument_specs.yml +++ b/roles/eda_credentials/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_credential_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_credential_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_credential_secure_logging: - default: "{{ eda_configuration_secure_logging | default(true) }}" + default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_credentials/tasks/main.yml b/roles/eda_credentials/tasks/main.yml index f88552664..915f0567a 100644 --- a/roles/eda_credentials/tasks/main.yml +++ b/roles/eda_credentials/tasks/main.yml @@ -10,11 +10,11 @@ credential_type_name: "{{ __credential_item.credential_type | default('GitHub Personal Access Token') }}" inputs: "{{ __credential_item.inputs | default(omit) }}" state: "{{ __credential_item.state | default(eda_state | default('present')) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ eda_username | default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_credentials }}" loop_control: loop_var: "__credential_item" @@ -24,7 +24,7 @@ register: __credentials_job_async changed_when: not __credentials_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create credential | Wait for finish the credential creation" ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __credentials_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_credential_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/eda_decision_environments/README.md b/roles/eda_decision_environments/README.md index ef665b149..77495e568 100644 --- a/roles/eda_decision_environments/README.md +++ b/roles/eda_decision_environments/README.md @@ -9,11 +9,12 @@ An Ansible Role to create Decision Environments in EDA Controller. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_decision_environments`|`see below`|yes|Data structure describing your decision environments, described below.|| ### Secure Logging Variables @@ -21,12 +22,12 @@ An Ansible Role to create Decision Environments in EDA Controller. The following Variables complement each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add project task does not include sensitive information. -eda_configuration_project_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_project_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_project_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -37,8 +38,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_project_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_project_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_project_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_decision_environments/defaults/main.yml b/roles/eda_decision_environments/defaults/main.yml index 2b8369f46..cf08270ff 100644 --- a/roles/eda_decision_environments/defaults/main.yml +++ b/roles/eda_decision_environments/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_decision_environments: [] -eda_configuration_decision_environment_secure_logging: "{{ eda_configuration_secure_logging | default(false) }}" -eda_configuration_decision_environment_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_decision_environment_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_decision_environment_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +eda_configuration_decision_environment_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_decision_environment_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_decision_environments/meta/argument_specs.yml b/roles/eda_decision_environments/meta/argument_specs.yml index bd3c91097..3bf144377 100644 --- a/roles/eda_decision_environments/meta/argument_specs.yml +++ b/roles/eda_decision_environments/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_decision_environment_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_decision_environment_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_decision_environment_secure_logging: - default: "{{ eda_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_decision_environments/tasks/main.yml b/roles/eda_decision_environments/tasks/main.yml index 7483933eb..b5b2a8697 100644 --- a/roles/eda_decision_environments/tasks/main.yml +++ b/roles/eda_decision_environments/tasks/main.yml @@ -10,11 +10,11 @@ credential: "{{ __de_item.credential | default(omit) }}" organization_name: "{{ __de_item.organization | default(omit) }}" state: "{{ __de_item.state | default(eda_state | default('present')) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ aap_username| default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_decision_environments }}" loop_control: loop_var: "__de_item" @@ -24,7 +24,7 @@ register: __decision_environments_job_async changed_when: not __decision_environments_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create decision_environment | Wait for finish the decision_environment creation" ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __decision_environments_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_decision_environment_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/eda_projects/README.md b/roles/eda_projects/README.md index 57edec823..18fe9def2 100644 --- a/roles/eda_projects/README.md +++ b/roles/eda_projects/README.md @@ -9,11 +9,12 @@ An Ansible Role to create Projects in EDA Controller. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_projects`|`see below`|yes|Data structure describing your projects, described below.|| ### Secure Logging Variables @@ -21,12 +22,12 @@ An Ansible Role to create Projects in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add project task does not include sensitive information. -eda_configuration_project_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_project_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_project_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -37,8 +38,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_project_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_project_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_project_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_projects/defaults/main.yml b/roles/eda_projects/defaults/main.yml index db0d3dc15..bb4b98fa4 100644 --- a/roles/eda_projects/defaults/main.yml +++ b/roles/eda_projects/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_projects: [] -eda_configuration_project_secure_logging: "{{ eda_configuration_secure_logging | default(false) }}" -eda_configuration_project_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_project_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_project_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +eda_configuration_project_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_project_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_projects/meta/argument_specs.yml b/roles/eda_projects/meta/argument_specs.yml index c4872814d..03a161d6f 100644 --- a/roles/eda_projects/meta/argument_specs.yml +++ b/roles/eda_projects/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_project_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_project_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_project_secure_logging: - default: "{{ eda_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_projects/tasks/main.yml b/roles/eda_projects/tasks/main.yml index ca03b0c98..c95692234 100644 --- a/roles/eda_projects/tasks/main.yml +++ b/roles/eda_projects/tasks/main.yml @@ -11,11 +11,11 @@ credential: "{{ __project_item.credential | default(omit) }}" organization_name: "{{ __project_item.organization | default(omit) }}" state: "{{ __project_item.state | default(eda_state | default('present')) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ aap_username| default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_projects }}" loop_control: loop_var: "__project_item" @@ -25,7 +25,7 @@ register: __projects_job_async changed_when: not __projects_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create project | Wait for finish the project creation" ansible.builtin.async_status: @@ -40,5 +40,5 @@ when: __projects_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_project_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/eda_rulebook_activations/README.md b/roles/eda_rulebook_activations/README.md index aa8792a87..f717c5478 100644 --- a/roles/eda_rulebook_activations/README.md +++ b/roles/eda_rulebook_activations/README.md @@ -9,11 +9,12 @@ An Ansible Role to create rulebook activations in EDA Controller. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_rulebook_activations`|`see below`|yes|Data structure describing your rulebook activations, described below.|| ### Secure Logging Variables @@ -21,12 +22,12 @@ An Ansible Role to create rulebook activations in EDA Controller. The following Variables complement each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add project task does not include sensitive information. -eda_configuration_project_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_project_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_project_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -37,8 +38,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_project_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_project_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_project_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_rulebook_activations/defaults/main.yml b/roles/eda_rulebook_activations/defaults/main.yml index 107413d6d..834fdef54 100644 --- a/roles/eda_rulebook_activations/defaults/main.yml +++ b/roles/eda_rulebook_activations/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_rulebook_activations: [] -eda_configuration_rulebook_activation_secure_logging: "{{ eda_configuration_secure_logging | default(false) }}" -eda_configuration_rulebook_activation_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_rulebook_activation_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_rulebook_activation_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +eda_configuration_rulebook_activation_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_rulebook_activation_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_rulebook_activations/meta/argument_specs.yml b/roles/eda_rulebook_activations/meta/argument_specs.yml index 19ed5d389..42ea3fc87 100644 --- a/roles/eda_rulebook_activations/meta/argument_specs.yml +++ b/roles/eda_rulebook_activations/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_rulebook_activation_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_rulebook_activation_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_rulebook_activation_secure_logging: - default: "{{ eda_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_rulebook_activations/tasks/main.yml b/roles/eda_rulebook_activations/tasks/main.yml index f92ea53c3..f92971fff 100644 --- a/roles/eda_rulebook_activations/tasks/main.yml +++ b/roles/eda_rulebook_activations/tasks/main.yml @@ -19,11 +19,11 @@ event_streams: "{{ __ra_item.event_streams | default(omit) }}" log_level: "{{ __ra_item.log_level | default(omit) }}" state: "{{ __ra_item.state | default(eda_state | default('present')) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ eda_username | default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_rulebook_activations }}" loop_control: loop_var: "__ra_item" @@ -33,7 +33,7 @@ register: __rulebook_activations_job_async changed_when: not __rulebook_activations_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create rulebook_activation | Wait for finish the rulebook_activation creation" ansible.builtin.async_status: @@ -48,5 +48,5 @@ when: __rulebook_activations_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_rulebook_activation_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/eda_users/README.md b/roles/eda_users/README.md index a0c07f2ea..8e570f8fd 100644 --- a/roles/eda_users/README.md +++ b/roles/eda_users/README.md @@ -9,11 +9,12 @@ An Ansible Role to create users in EDA Controller. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`eda_host`|""|yes|URL to the EDA Controller (alias: `eda_hostname`)|127.0.0.1| -|`eda_username`|""|yes|Admin User on the EDA Controller || -|`eda_password`|""|yes|EDA Controller Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`eda_validate_certs`|`False`|no|Whether or not to validate the Ansible EDA Controller Server's SSL certificate.|| -|`eda_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the EDA Controller host.|| -|`eda_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_username`|""|yes|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|yes|Platform Admin User's password on the EDA Controller Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| + +|`aap_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Automation Platform host.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`eda_users`|`see below`|yes|Data structure describing your users, described below.|| ### Secure Logging Variables @@ -21,12 +22,12 @@ An Ansible Role to create users in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add user task does not include sensitive information. -eda_configuration_user_secure_logging defaults to the value of eda_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. +eda_configuration_user_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of EDA Controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`eda_configuration_user_secure_logging`|`False`|no|Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`eda_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -37,8 +38,8 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`eda_configuration_user_async_retries`|`eda_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`eda_configuration_user_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| |`eda_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`eda_configuration_user_async_delay`|`eda_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/eda_users/defaults/main.yml b/roles/eda_users/defaults/main.yml index 3526c87c4..6fc6ffcac 100644 --- a/roles/eda_users/defaults/main.yml +++ b/roles/eda_users/defaults/main.yml @@ -1,8 +1,8 @@ --- eda_users: [] -eda_configuration_user_secure_logging: "{{ eda_configuration_secure_logging | default(false) }}" -eda_configuration_user_async_retries: "{{ eda_configuration_async_retries | default(50) }}" -eda_configuration_user_async_delay: "{{ eda_configuration_async_delay | default(1) }}" -eda_configuration_async_dir: null +eda_configuration_user_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +eda_configuration_user_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +eda_configuration_user_async_delay: "{{ aap_configuration_async_delay| default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/eda_users/meta/argument_specs.yml b/roles/eda_users/meta/argument_specs.yml index 761e50fa3..3d9b87ada 100644 --- a/roles/eda_users/meta/argument_specs.yml +++ b/roles/eda_users/meta/argument_specs.yml @@ -12,59 +12,67 @@ argument_specs: # Async variables eda_configuration_user_async_retries: - default: "{{ eda_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - eda_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. eda_configuration_user_async_delay: - default: "{{ eda_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay| default(1) }}" required: false description: This variable sets delay between retries for the role. eda_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - eda_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables eda_configuration_user_secure_logging: - default: "{{ eda_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - eda_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - controller_host: + platform_state: + default: present required: false - description: URL to the EDA Controller Server. + description: The state all objects will take unless overridden by object default type: str - eda_validate_certs: + aap_hostname: + default: None + required: false + description: URL to the Ansible Automation Platform Server. + type: str + aap_validate_certs: default: true required: false - description: Whether or not to validate the EDA Controller Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - eda_request_timeout: - default: 10 + aap_username: + default: None required: false - description: Specify the timeout Ansible should use in requests to the EDA Controller host. - type: float - controller_username: + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. + type: str + aap_password: + default: None required: false - description: User for authentication on EDA Controller + description: Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook. type: str - controller_password: + aap_token: + default: None required: false - description: User's password For EDA Controller + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/eda_users/tasks/main.yml b/roles/eda_users/tasks/main.yml index 23e540b76..e5820e0c4 100644 --- a/roles/eda_users/tasks/main.yml +++ b/roles/eda_users/tasks/main.yml @@ -13,11 +13,11 @@ is_superuser: "{{ __user_item.is_superuser | default(omit) }}" roles: "{{ __user_item.roles | default(omit) }}" state: "{{ __user_item.state | default(eda_state | default('present')) }}" - controller_host: "{{ eda_host | default(eda_hostname) }}" - controller_username: "{{ eda_username | default(omit) }}" - controller_password: "{{ eda_password | default(omit) }}" - validate_certs: "{{ eda_validate_certs | default(omit) }}" - request_timeout: "{{ eda_request_timeout | default(omit) }}" + controller_host: "{{ aap_hostname}}" + eda_username: "{{ aap_username| default(omit) }}" + aap_password: "{{ aap_password | default(omit) }}" + validate_certs: "{{ aap_validate_certs| default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ eda_users }}" loop_control: loop_var: "__user_item" @@ -27,7 +27,7 @@ register: __users_job_async changed_when: not __users_job_async.changed vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create user | Wait for finish the user creation" ansible.builtin.async_status: @@ -42,5 +42,5 @@ when: __users_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_user_secure_logging }}" vars: - ansible_async_dir: '{{ eda_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/gateway_applications/README.md b/roles/gateway_applications/README.md index b9d7152ff..5b795375e 100644 --- a/roles/gateway_applications/README.md +++ b/roles/gateway_applications/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------:| | `applications_list` (Alias: `applications`) | [below](#application-arguments) | yes | Data structure describing your applications entries described below. Alias: applications | [more](../../README.md#data-variables) | -| `applications_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive Application role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | -| `applications_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the applications role | -| `applications_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | -| `applications_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | +| `applications_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive Application role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | +| `applications_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the applications role | +| `applications_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | +| `applications_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | ## Data Structure @@ -84,4 +84,4 @@ ansible-playbook manage_data.yml -e @data/gateway_applications.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_applications/defaults/main.yml b/roles/gateway_applications/defaults/main.yml index 815ae0321..f65b9f0bb 100644 --- a/roles/gateway_applications/defaults/main.yml +++ b/roles/gateway_applications/defaults/main.yml @@ -1,8 +1,8 @@ --- # a list of dictionaries describing the gateway applications applications_list: [] -applications_secure_logging: "{{ gateway_configuration_secure_logging | default('false') }}" -applications_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -applications_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -applications_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +applications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_applications/meta/argument_specs.yml b/roles/gateway_applications/meta/argument_specs.yml index b3a4351b7..76de5f842 100644 --- a/roles/gateway_applications/meta/argument_specs.yml +++ b/roles/gateway_applications/meta/argument_specs.yml @@ -63,22 +63,22 @@ argument_specs: # Async variables applications_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. applications_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -87,13 +87,13 @@ argument_specs: # No_log variables applications_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool diff --git a/roles/gateway_applications/tasks/main.yml b/roles/gateway_applications/tasks/main.yml index cb10a181b..b6325af2f 100644 --- a/roles/gateway_applications/tasks/main.yml +++ b/roles/gateway_applications/tasks/main.yml @@ -17,12 +17,12 @@ state: "{{ __application_item.state | default(gateway_state | default(omit, true)) }}" # Role specific options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, true) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ applications if applications is defined else applications_list }}" loop_control: loop_var: __application_item @@ -32,7 +32,7 @@ register: __gateway_applications_job_async changed_when: not __gateway_applications_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Applications | Wait for finish the configuration ansible.builtin.async_status: @@ -47,5 +47,5 @@ when: __gateway_applications_job_async_results_item.ansible_job_id is defined no_log: "{{ applications_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_authenticator_maps/README.md b/roles/gateway_authenticator_maps/README.md index 235de7245..c2a73fafe 100644 --- a/roles/gateway_authenticator_maps/README.md +++ b/roles/gateway_authenticator_maps/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:------------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `authenticator_maps_list` (Alias: `authenticator_maps`) | [below](#organization-arguments) | yes | Data structure describing your authenticator_map entries described below. | [more](../../README.md#data-variables) | -| `authenticator_maps_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive authenticator_map role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `authenticator_maps_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the authenticator_map role. | [more](../../README.md#enforcing-defaults) | -| `authenticator_maps_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `authenticator_maps_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `authenticator_maps_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive authenticator_map role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `authenticator_maps_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the authenticator_map role. | [more](../../README.md#enforcing-defaults) | +| `authenticator_maps_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `authenticator_maps_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -133,4 +133,4 @@ ansible-playbook manage_data.yml -e @data/gateway_authenticator_maps.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_authenticator_maps/defaults/main.yml b/roles/gateway_authenticator_maps/defaults/main.yml index 35ffd997b..1069efa5d 100644 --- a/roles/gateway_authenticator_maps/defaults/main.yml +++ b/roles/gateway_authenticator_maps/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the authenticator maps authenticator_maps_list: [] -authenticator_maps_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -authenticator_maps_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -authenticator_maps_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -authenticator_maps_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +authenticator_maps_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +authenticator_maps_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +authenticator_maps_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +authenticator_maps_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_authenticator_maps/meta/argument_specs.yml b/roles/gateway_authenticator_maps/meta/argument_specs.yml index a839146b8..190c7e304 100644 --- a/roles/gateway_authenticator_maps/meta/argument_specs.yml +++ b/roles/gateway_authenticator_maps/meta/argument_specs.yml @@ -64,22 +64,22 @@ argument_specs: # Async variables authenticator_maps_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. authenticator_maps_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -89,53 +89,47 @@ argument_specs: # No_log variables authenticator_maps_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_authenticator_maps/tasks/main.yml b/roles/gateway_authenticator_maps/tasks/main.yml index cf118a609..d7c100d9c 100644 --- a/roles/gateway_authenticator_maps/tasks/main.yml +++ b/roles/gateway_authenticator_maps/tasks/main.yml @@ -15,12 +15,12 @@ state: "{{ __gateway_authenticator_maps_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ authenticator_maps if authenticator_maps is defined else authenticator_maps_list }}" loop_control: loop_var: __gateway_authenticator_maps_item @@ -30,7 +30,7 @@ register: __gateway_authenticator_maps_job_async changed_when: not __gateway_authenticator_maps_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Authenticator Map | Wait for finish the configuration ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __gateway_authenticator_maps_job_async_results_item.ansible_job_id is defined no_log: "{{ authenticator_maps_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_authenticators/README.md b/roles/gateway_authenticators/README.md index dc8e96876..8b1da2e2e 100644 --- a/roles/gateway_authenticators/README.md +++ b/roles/gateway_authenticators/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:--------------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `authenticators_list` (Alias: `authenticators`) | [below](#authenticator-arguments) | yes | Data structure describing your organization entries described below. | [more](../../README.md#data-variables) | -| `authenticators_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `authenticators_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | [more](../../README.md#enforcing-defaults) | -| `authenticators_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `authenticators_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `authenticators_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `authenticators_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | [more](../../README.md#enforcing-defaults) | +| `authenticators_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `authenticators_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -100,4 +100,4 @@ ansible-playbook manage_data.yml -e @data/gateway_authenticators.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_authenticators/defaults/main.yml b/roles/gateway_authenticators/defaults/main.yml index 233cecdea..5eb3081bb 100644 --- a/roles/gateway_authenticators/defaults/main.yml +++ b/roles/gateway_authenticators/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the authenticators authenticators_list: [] -authenticators_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -authenticators_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -authenticators_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -authenticators_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +authenticators_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +authenticators_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +authenticators_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +authenticators_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_authenticators/meta/argument_specs.yml b/roles/gateway_authenticators/meta/argument_specs.yml index d38dd6eb3..f58cc912e 100644 --- a/roles/gateway_authenticators/meta/argument_specs.yml +++ b/roles/gateway_authenticators/meta/argument_specs.yml @@ -51,22 +51,22 @@ argument_specs: # Async variables authenticators_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. authenticators_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -76,53 +76,47 @@ argument_specs: # No_log variables authenticators_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_authenticators/tasks/main.yml b/roles/gateway_authenticators/tasks/main.yml index 27eb9b1b6..32fa17b56 100644 --- a/roles/gateway_authenticators/tasks/main.yml +++ b/roles/gateway_authenticators/tasks/main.yml @@ -13,12 +13,12 @@ state: "{{ __gateway_authenticators_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ authenticators if authenticators is defined else authenticators_list }}" loop_control: loop_var: __gateway_authenticators_item @@ -28,7 +28,7 @@ register: __gateway_authenticators_job_async changed_when: not __gateway_authenticators_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Authenticators | Wait for finish the configuration ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __gateway_authenticators_job_async_results_item.ansible_job_id is defined no_log: "{{ authenticators_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_http_ports/README.md b/roles/gateway_http_ports/README.md index 25d64c0f8..9a697580b 100644 --- a/roles/gateway_http_ports/README.md +++ b/roles/gateway_http_ports/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:----------------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `http_ports_list` (Alias: `http_ports`) | [below](#http-port-arguments) | yes | Data structure describing your http port entries described below. | [more](../../README.md#data-variables) | -| `http_ports_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive http_ports role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `http_ports_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the http port role. | [more](../../README.md#enforcing-defaults) | -| `http_ports_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `http_ports_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `http_ports_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive http_ports role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `http_ports_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the http port role. | [more](../../README.md#enforcing-defaults) | +| `http_ports_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `http_ports_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -89,4 +89,4 @@ ansible-playbook manage_data.yml -e @data/gateway_http_ports.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_http_ports/defaults/main.yml b/roles/gateway_http_ports/defaults/main.yml index a7578cd69..cdff321a7 100644 --- a/roles/gateway_http_ports/defaults/main.yml +++ b/roles/gateway_http_ports/defaults/main.yml @@ -15,8 +15,8 @@ http_ports_list: [] # - use_https # - is_api_port # - state -http_ports_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -http_ports_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -http_ports_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -http_ports_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +http_ports_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +http_ports_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +http_ports_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +http_ports_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_http_ports/meta/argument_specs.yml b/roles/gateway_http_ports/meta/argument_specs.yml index 34638fc41..0e6351a6c 100644 --- a/roles/gateway_http_ports/meta/argument_specs.yml +++ b/roles/gateway_http_ports/meta/argument_specs.yml @@ -37,22 +37,22 @@ argument_specs: # Async variables http_ports_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. http_ports_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -62,53 +62,47 @@ argument_specs: # No_log variables http_ports_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_http_ports/tasks/main.yml b/roles/gateway_http_ports/tasks/main.yml index 0c878df56..4f50b2ff3 100644 --- a/roles/gateway_http_ports/tasks/main.yml +++ b/roles/gateway_http_ports/tasks/main.yml @@ -9,12 +9,12 @@ state: "{{ __gateway_http_ports_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, true) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ http_ports if http_ports is defined else http_ports_list }}" loop_control: loop_var: __gateway_http_ports_item @@ -24,7 +24,7 @@ register: __gateway_http_ports_job_async changed_when: not __gateway_http_ports_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Http Ports | Wait for finish the configuration ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __gateway_http_ports_job_async_results_item.ansible_job_id is defined no_log: "{{ http_ports_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_organizations/README.md b/roles/gateway_organizations/README.md index 5649ff0b5..3d8ccb423 100644 --- a/roles/gateway_organizations/README.md +++ b/roles/gateway_organizations/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:-------------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `organizations_list` (Alias: `organizations`) | [below](#organization-arguments) | yes | Data structure describing your organization entries described below. | [more](../../README.md#data-variables) | -| `organizations_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `organizations_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | [more](../../README.md#enforcing-defaults) | -| `organizations_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `organizations_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `organizations_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `organizations_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | [more](../../README.md#enforcing-defaults) | +| `organizations_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `organizations_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -86,4 +86,4 @@ ansible-playbook manage_data.yml -e @data/gateway_organizations.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_organizations/defaults/main.yml b/roles/gateway_organizations/defaults/main.yml index 9a1b8a090..3fd16b720 100644 --- a/roles/gateway_organizations/defaults/main.yml +++ b/roles/gateway_organizations/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the organizations organizations_list: [] -organizations_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -organizations_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -organizations_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -organizations_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +organizations_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +organizations_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_organizations/meta/argument_specs.yml b/roles/gateway_organizations/meta/argument_specs.yml index 99479f38d..860d13da4 100644 --- a/roles/gateway_organizations/meta/argument_specs.yml +++ b/roles/gateway_organizations/meta/argument_specs.yml @@ -27,22 +27,22 @@ argument_specs: # Async variables organizations_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. organizations_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -52,53 +52,47 @@ argument_specs: # No_log variables organizations_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_organizations/tasks/main.yml b/roles/gateway_organizations/tasks/main.yml index aeb66f96e..a8e7caa7a 100644 --- a/roles/gateway_organizations/tasks/main.yml +++ b/roles/gateway_organizations/tasks/main.yml @@ -7,12 +7,12 @@ state: "{{ __gateway_organizations_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ organizations if organizations is defined else controller_organizations }}" loop_control: loop_var: __gateway_organizations_item @@ -22,7 +22,7 @@ register: __gateway_organizations_job_async changed_when: not __gateway_organizations_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Organizations | Wait for finish the configuration ansible.builtin.async_status: @@ -37,5 +37,5 @@ when: __gateway_organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ organizations_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_role_user_assignments/README.md b/roles/gateway_role_user_assignments/README.md index 72991ee8e..99232f5e7 100644 --- a/roles/gateway_role_user_assignments/README.md +++ b/roles/gateway_role_user_assignments/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:-----------------------------------------------------------------|:---------------------------------------------------:|:--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `role_user_assignments_list` (Alias: `role_user_assignments`) | [below](#role-user-assignments-arguments) | yes | Data structure describing your organization entries described below. | [more](../../README.md#data-variables) | -| `role_user_assignments_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive role_user_assignments role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `role_user_assignments_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the role_user_assignments role. | [more](../../README.md#enforcing-defaults) | -| `role_user_assignments_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `role_user_assignments_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `role_user_assignments_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive role_user_assignments role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `role_user_assignments_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the role_user_assignments role. | [more](../../README.md#enforcing-defaults) | +| `role_user_assignments_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `role_user_assignments_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -79,4 +79,4 @@ ansible-playbook manage_data.yml -e @data/gateway_role_user_assignments.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_role_user_assignments/defaults/main.yml b/roles/gateway_role_user_assignments/defaults/main.yml index 53d8176ee..d596198ae 100644 --- a/roles/gateway_role_user_assignments/defaults/main.yml +++ b/roles/gateway_role_user_assignments/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the role_user_assignments role_user_assignments_list: [] -role_user_assignments_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -role_user_assignments_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -role_user_assignments_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -role_user_assignments_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +role_user_assignments_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +role_user_assignments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +role_user_assignments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +role_user_assignments_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_role_user_assignments/meta/argument_specs.yml b/roles/gateway_role_user_assignments/meta/argument_specs.yml index 540dccc03..49b6a5356 100644 --- a/roles/gateway_role_user_assignments/meta/argument_specs.yml +++ b/roles/gateway_role_user_assignments/meta/argument_specs.yml @@ -42,22 +42,22 @@ argument_specs: # Async variables role_user_assignments_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. role_user_assignments_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -67,53 +67,47 @@ argument_specs: # No_log variables role_user_assignments_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_role_user_assignments/tasks/main.yml b/roles/gateway_role_user_assignments/tasks/main.yml index 6dcfb697e..ad71e3595 100644 --- a/roles/gateway_role_user_assignments/tasks/main.yml +++ b/roles/gateway_role_user_assignments/tasks/main.yml @@ -9,12 +9,12 @@ state: "{{ __gateway_role_user_assignments_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ role_user_assignments if role_user_assignments is defined else role_user_assignments_list }}" loop_control: loop_var: __gateway_role_user_assignments_item @@ -24,7 +24,7 @@ register: __gateway_role_user_assignments_job_async changed_when: not __gateway_role_user_assignments_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Role User Assignments | Wait for finish the configuration ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __gateway_role_user_assignments_job_async_results_item.ansible_job_id is defined no_log: "{{ role_user_assignments_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_routes/README.md b/roles/gateway_routes/README.md index 8005df413..702863289 100644 --- a/roles/gateway_routes/README.md +++ b/roles/gateway_routes/README.md @@ -15,10 +15,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `routes_list` (Alias: routes) | [below](#service-arguments) | yes | Data structure describing your route entries described below. | [more](../../README.md#data-variables) | -| `routes_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive route role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `routes_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the route role. | [more](../../README.md#enforcing-defaults) | -| `routes_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `routes_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `routes_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive route role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `routes_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the route role. | [more](../../README.md#enforcing-defaults) | +| `routes_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `routes_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -110,4 +110,4 @@ ansible-playbook manage_data.yml -e @data/gateway_routes.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_routes/defaults/main.yml b/roles/gateway_routes/defaults/main.yml index 2d1e98df8..9fcccd950 100644 --- a/roles/gateway_routes/defaults/main.yml +++ b/roles/gateway_routes/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the service nodes routes_list: [] -routes_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -routes_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -routes_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -routes_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +routes_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +routes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +routes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +routes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_routes/meta/argument_specs.yml b/roles/gateway_routes/meta/argument_specs.yml index 755871feb..a152bf262 100644 --- a/roles/gateway_routes/meta/argument_specs.yml +++ b/roles/gateway_routes/meta/argument_specs.yml @@ -64,22 +64,22 @@ argument_specs: # Async variables routes_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. routes_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -89,53 +89,47 @@ argument_specs: # No_log variables routes_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_routes/tasks/main.yml b/roles/gateway_routes/tasks/main.yml index 054ba42c0..ffba561c0 100644 --- a/roles/gateway_routes/tasks/main.yml +++ b/roles/gateway_routes/tasks/main.yml @@ -15,12 +15,12 @@ state: "{{ __gateway_routes_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ routes if routes is defined else routes_list }}" loop_control: loop_var: __gateway_routes_item @@ -30,7 +30,7 @@ register: __gateway_routes_job_async changed_when: not __gateway_routes_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Routes | Wait for finish the configuration ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __gateway_routes_job_async_results_item.ansible_job_id is defined no_log: "{{ routes_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_clusters/README.md b/roles/gateway_service_clusters/README.md index 2eb9201c3..b1ae96511 100644 --- a/roles/gateway_service_clusters/README.md +++ b/roles/gateway_service_clusters/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:----------------------------------------------------------|:---------------------------------------------------:|:--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `service_clusters_list` (Alias: service_clusters) | [below](#service-cluster-arguments) | yes | Data structure describing your service_cluster entries described below. | [more](../../README.md#data-variables) | -| `service_clusters_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_cluster role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `service_clusters_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service cluster role. | [more](../../README.md#enforcing-defaults) | -| `service_clusters_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `service_clusters_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_clusters_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_cluster role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `service_clusters_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service cluster role. | [more](../../README.md#enforcing-defaults) | +| `service_clusters_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_clusters_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -91,4 +91,4 @@ ansible-playbook manage_data.yml -e @data/gateway_service_clusters.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_clusters/defaults/main.yml b/roles/gateway_service_clusters/defaults/main.yml index 614530bc9..ed54fd928 100644 --- a/roles/gateway_service_clusters/defaults/main.yml +++ b/roles/gateway_service_clusters/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the service clusters service_clusters_list: [] -service_clusters_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -service_clusters_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -service_clusters_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -service_clusters_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +service_clusters_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +service_clusters_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +service_clusters_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +service_clusters_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_service_clusters/meta/argument_specs.yml b/roles/gateway_service_clusters/meta/argument_specs.yml index 1220f2c45..59e44ac62 100644 --- a/roles/gateway_service_clusters/meta/argument_specs.yml +++ b/roles/gateway_service_clusters/meta/argument_specs.yml @@ -59,22 +59,22 @@ argument_specs: # Async variables service_clusters_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. service_clusters_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -84,53 +84,47 @@ argument_specs: # No_log variables service_clusters_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_service_clusters/tasks/main.yml b/roles/gateway_service_clusters/tasks/main.yml index a83f9970d..4cfe94c61 100644 --- a/roles/gateway_service_clusters/tasks/main.yml +++ b/roles/gateway_service_clusters/tasks/main.yml @@ -17,12 +17,12 @@ health_check_healthy_threshold: "{{ __gateway_service_clusters_item.health_check_healthy_threshold | default(omit) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ service_clusters if service_clusters is defined else service_clusters_list }}" loop_control: loop_var: __gateway_service_clusters_item @@ -32,7 +32,7 @@ register: __gateway_service_clusters_job_async changed_when: not __gateway_service_clusters_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Service Clusters | Wait for finish the configuration ansible.builtin.async_status: @@ -47,5 +47,5 @@ when: __gateway_service_clusters_job_async_results_item.ansible_job_id is defined no_log: "{{ service_clusters_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_keys/README.md b/roles/gateway_service_keys/README.md index 38600ae88..9a5d15661 100644 --- a/roles/gateway_service_keys/README.md +++ b/roles/gateway_service_keys/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `service_keys_list` (Alias: `service_keys`) | [below](#service-key-arguments) | yes | Data structure describing your service_key entries described below. | [more](../../README.md#data-variables) | -| `service_keys_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_key role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `service_keys_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service key role. | [more](../../README.md#enforcing-defaults) | -| `service_keys_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `service_keys_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_keys_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_key role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `service_keys_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service key role. | [more](../../README.md#enforcing-defaults) | +| `service_keys_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_keys_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -92,4 +92,4 @@ ansible-playbook manage_data.yml -e @data/gateway_service_keys.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_keys/defaults/main.yml b/roles/gateway_service_keys/defaults/main.yml index c81343ca2..871695730 100644 --- a/roles/gateway_service_keys/defaults/main.yml +++ b/roles/gateway_service_keys/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the service keys service_keys_list: [] -service_keys_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -service_keys_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -service_keys_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -service_keys_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +service_keys_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +service_keys_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_service_keys/meta/argument_specs.yml b/roles/gateway_service_keys/meta/argument_specs.yml index 057b27a71..fa0143ad8 100644 --- a/roles/gateway_service_keys/meta/argument_specs.yml +++ b/roles/gateway_service_keys/meta/argument_specs.yml @@ -47,22 +47,22 @@ argument_specs: # Async variables service_keys_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. service_keys_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -72,53 +72,47 @@ argument_specs: # No_log variables service_keys_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_service_keys/tasks/main.yml b/roles/gateway_service_keys/tasks/main.yml index 4c2abbaca..29aedf940 100644 --- a/roles/gateway_service_keys/tasks/main.yml +++ b/roles/gateway_service_keys/tasks/main.yml @@ -12,12 +12,12 @@ state: "{{ __gateway_service_keys_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ service_keys if service_keys is defined else service_keys_list }}" loop_control: loop_var: __gateway_service_keys_item @@ -27,7 +27,7 @@ register: __gateway_service_keys_job_async changed_when: not __gateway_service_keys_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Service Keys | Wait for finish the configuration ansible.builtin.async_status: @@ -42,5 +42,5 @@ when: __gateway_service_keys_job_async_results_item.ansible_job_id is defined no_log: "{{ service_keys_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_nodes/README.md b/roles/gateway_service_nodes/README.md index 0e0c20f84..e5c0de86d 100644 --- a/roles/gateway_service_nodes/README.md +++ b/roles/gateway_service_nodes/README.md @@ -13,10 +13,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:-------------------------------------------------------|:---------------------------------------------------:|:--------:|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `service_nodes_list` (Alias: `service_nodes`) | [below](#service-node-arguments) | yes | Data structure describing your service_node entries described below. | [more](../../README.md#data-variables) | -| `service_nodes_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_node role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `service_nodes_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service node role. | [more](../../README.md#enforcing-defaults) | -| `service_nodes_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `service_nodes_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_nodes_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_node role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `service_nodes_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service node role. | [more](../../README.md#enforcing-defaults) | +| `service_nodes_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `service_nodes_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -87,4 +87,4 @@ ansible-playbook manage_data.yml -e @data/gateway_service_nodes.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_nodes/defaults/main.yml b/roles/gateway_service_nodes/defaults/main.yml index 3f3671dff..46bfa76c4 100644 --- a/roles/gateway_service_nodes/defaults/main.yml +++ b/roles/gateway_service_nodes/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the service nodes service_nodes_list: [] -service_nodes_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -service_nodes_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -service_nodes_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -service_nodes_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +service_nodes_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +service_nodes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +service_nodes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +service_nodes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_service_nodes/meta/argument_specs.yml b/roles/gateway_service_nodes/meta/argument_specs.yml index 9455153b7..7afdf1f76 100644 --- a/roles/gateway_service_nodes/meta/argument_specs.yml +++ b/roles/gateway_service_nodes/meta/argument_specs.yml @@ -35,22 +35,22 @@ argument_specs: # Async variables service_nodes_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. service_nodes_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -60,53 +60,47 @@ argument_specs: # No_log variables service_nodes_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_service_nodes/tasks/main.yml b/roles/gateway_service_nodes/tasks/main.yml index 319d2c523..fb7e46636 100644 --- a/roles/gateway_service_nodes/tasks/main.yml +++ b/roles/gateway_service_nodes/tasks/main.yml @@ -9,12 +9,12 @@ state: "{{ __gateway_service_nodes_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ service_nodes if service_nodes is defined else service_nodes_list }}" loop_control: loop_var: __gateway_service_nodes_item @@ -24,7 +24,7 @@ register: __gateway_service_nodes_job_async changed_when: not __gateway_service_nodes_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Service Nodes | Wait for finish the configuration ansible.builtin.async_status: @@ -39,5 +39,5 @@ when: __gateway_service_nodes_job_async_results_item.ansible_job_id is defined no_log: "{{ service_nodes_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_services/README.md b/roles/gateway_services/README.md index 5cb81bff4..8ddf503c6 100644 --- a/roles/gateway_services/README.md +++ b/roles/gateway_services/README.md @@ -15,10 +15,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:--------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `services_list` (Alias: services) | [below](#service-arguments) | yes | Data structure describing your service entries described below. | [more](../../README.md#data-variables) | -| `services_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `services_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service role. | [more](../../README.md#enforcing-defaults) | -| `services_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `services_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `services_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `services_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service role. | [more](../../README.md#enforcing-defaults) | +| `services_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `services_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -32,8 +32,8 @@ Options for the `services_list` variable: | `new_name` | N/A | no | str | Setting this option will change the existing name (looked up via the name field) | | `description` | "" | no | str | Description of the service | | `api_slug` | "" | no | str | URL slug for the gateway API path for the Controller, Hub and EDA services (gateway API route requires value "gateway", but the slug is not used) | -| `http_port` | N/A | no | str | ID or name referencing the [Http Port](../http_ports/README.md) | -| `service_cluster` | N/A | no | str | ID or name referencing the [Service Cluster](../service_clusters/README.md) | +| `http_port` | N/A | no | str | ID or name referencing the [Http Port](../gateway_http_ports/README.md) | +| `service_cluster` | N/A | no | str | ID or name referencing the [Service Cluster](../gateway_service_clusters/README.md) | | `is_service_https` | `false` | no | bool | Flag whether or not the service cluster uses https | | `enable_gateway_auth` | N/A (`true` by API) | no | bool | If false, the AAP gateway will not insert a gateway token into the proxied request | | `service_path` | "" | no | str | URL path on the AAP Service cluster to route traffic to | @@ -112,4 +112,4 @@ ansible-playbook manage_data.yml -e @data/gateway_services.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_services/defaults/main.yml b/roles/gateway_services/defaults/main.yml index 0ca764656..70890e3b3 100644 --- a/roles/gateway_services/defaults/main.yml +++ b/roles/gateway_services/defaults/main.yml @@ -10,8 +10,8 @@ # a list of dictionaries describing the services services_list: [] -services_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -services_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -services_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -services_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +services_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +services_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +services_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +services_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_services/meta/argument_specs.yml b/roles/gateway_services/meta/argument_specs.yml index ced7b49e6..22c045df2 100644 --- a/roles/gateway_services/meta/argument_specs.yml +++ b/roles/gateway_services/meta/argument_specs.yml @@ -67,22 +67,22 @@ argument_specs: # Async variables services_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. services_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -92,53 +92,47 @@ argument_specs: # No_log variables services_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_services/tasks/main.yml b/roles/gateway_services/tasks/main.yml index 2966e7b0c..76c865477 100644 --- a/roles/gateway_services/tasks/main.yml +++ b/roles/gateway_services/tasks/main.yml @@ -16,12 +16,12 @@ state: "{{ __gateway_services_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ services if services is defined else services_list }}" loop_control: loop_var: __gateway_services_item @@ -31,7 +31,7 @@ register: __gateway_services_job_async changed_when: not __gateway_services_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Services | Wait for finish the configuration ansible.builtin.async_status: @@ -46,5 +46,5 @@ when: __gateway_services_job_async_results_item.ansible_job_id is defined no_log: "{{ services_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_settings/README.md b/roles/gateway_settings/README.md index e60a5540d..5d04449ac 100644 --- a/roles/gateway_settings/README.md +++ b/roles/gateway_settings/README.md @@ -1,6 +1,6 @@ # Ansible Role infra.platform_configuration.settings -An Ansible role to alter Settings on Ansible Automation gateway settings. +An Ansible role to alter Settings on Ansible Automation Gateway. ## Variables @@ -11,10 +11,10 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:------------------------------------------------|:--------------------------------------------------:|:--------:|:----------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `settings_list` (Alias: `settings`) | [below](#settings-arguments) | yes | Data structure describing your setting entries described below. | [more](../../README.md#data-variables) | -| `settings_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive settings role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `settings_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `settings_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `gateway_settings` | [below](#settings-arguments) | yes | Data structure describing your setting entries described below. | [more](../../README.md#data-variables) | +| `gateway_settings_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive settings role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `gateway_settings_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `gateway_settings_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | **Note**: Secure Logging defaults to `True` if both variables are not set @@ -30,7 +30,7 @@ Provide settings as a single dict under `settings_list`. ```json { - "settings_list": { + "gateway_settings": { "gateway_token_name": "X-DAB-JW-TOKEN", "gateway_access_token_expiration": 600, "gateway_basic_auth_enabled": true, @@ -52,7 +52,7 @@ File name: `data/gateway_settings.yml` ```yaml --- -settings_list: +gateway_settings: gateway_token_name: X-DAB-JW-TOKEN gateway_access_token_expiration: 600 gateway_basic_auth_enabled: true @@ -77,4 +77,4 @@ ansible-playbook manage_data.yml -e @data/gateway_settings.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_settings/defaults/main.yml b/roles/gateway_settings/defaults/main.yml index bd962657b..244327525 100644 --- a/roles/gateway_settings/defaults/main.yml +++ b/roles/gateway_settings/defaults/main.yml @@ -1,7 +1,7 @@ --- # list of dicts (or a single dict) describing the gateway settings -settings_list: [] -settings_secure_logging: "{{ gateway_configuration_secure_logging | default('false') }}" -settings_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -settings_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" +gateway_settings: {} +gateway_settings_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_settings_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_settings_async_delay: "{{ aap_configuration_async_delay | default(1) }}" ... diff --git a/roles/gateway_settings/meta/argument_specs.yml b/roles/gateway_settings/meta/argument_specs.yml index 0bd10a9f4..aea362d07 100644 --- a/roles/gateway_settings/meta/argument_specs.yml +++ b/roles/gateway_settings/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create settings on automation platform gateway. options: - settings_list: + gateway_settings: description: >- Data structure describing your settings. Type is list if providing name/value and type dict if providing settings. @@ -11,22 +11,22 @@ argument_specs: type: raw # Async variables settings_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. settings_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -36,53 +36,47 @@ argument_specs: # No_log variables settings_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(true) }}" + default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_settings/tasks/main.yml b/roles/gateway_settings/tasks/main.yml index 653e47793..48c84ffe0 100644 --- a/roles/gateway_settings/tasks/main.yml +++ b/roles/gateway_settings/tasks/main.yml @@ -2,15 +2,15 @@ # tasks file for gateway_settings - name: Update automation platform gateway Settings ansible.platform.settings: - settings: "{{ settings_list | default(omit, true) }}" + settings: "{{ gateway_settings | default(omit, true) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, true) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" - no_log: "{{ settings_secure_logging }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" + no_log: "{{ gateway_settings_secure_logging }}" register: __gateway_setting_job ... diff --git a/roles/gateway_teams/README.md b/roles/gateway_teams/README.md index 68a1dc04f..3f16729e0 100644 --- a/roles/gateway_teams/README.md +++ b/roles/gateway_teams/README.md @@ -12,11 +12,11 @@ Variables specific for this role are following: | Variable Name | Default Value | Required | Description | | |:-----------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `teams_list` (Alias: `teams`) | [below](#organization-arguments) | yes | Data structure describing your team entries described below. | [more](../../README.md#data-variables) | -| `teams_secure_logging` | `gateway_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive team role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `teams_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the team role. | [more](../../README.md#enforcing-defaults) | -| `teams_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `teams_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `platform_teams` (Alias: `teams`) | [below](#organization-arguments) | yes | Data structure describing your team entries described below. | [more](../../README.md#data-variables) | +| `platform_teams_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive team role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `platform_teams_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the team role. | [more](../../README.md#enforcing-defaults) | +| `platform_teams_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `platform_teams_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | ## Data Structure @@ -92,4 +92,4 @@ ansible-playbook manage_data.yml -e @data/gateway_teams.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_teams/defaults/main.yml b/roles/gateway_teams/defaults/main.yml index 169f763a0..f6a155aa9 100644 --- a/roles/gateway_teams/defaults/main.yml +++ b/roles/gateway_teams/defaults/main.yml @@ -9,9 +9,9 @@ # These are the default variables specific to the license role # a list of dictionaries describing the teams -teams_list: [] -teams_secure_logging: "{{ gateway_configuration_secure_logging | default(false) }}" -teams_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -teams_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -teams_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +platform_teams: [] +platform_teams_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +platform_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +platform_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +platform_teams_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_teams/meta/argument_specs.yml b/roles/gateway_teams/meta/argument_specs.yml index 5b3207683..78b5b60b9 100644 --- a/roles/gateway_teams/meta/argument_specs.yml +++ b/roles/gateway_teams/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create teams on automation platform gateway. options: - teams_list: + platform_teams: description: Data structure describing your teams type: list required: true @@ -33,23 +33,23 @@ argument_specs: description: Desired state of the resource. # Async variables - teams_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + platform_teams_async_retries: + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. - teams_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + platform_teams_async_delay: + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -58,54 +58,48 @@ argument_specs: # No_log variables - teams_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(false) }}" + platform_teams_secure_logging: + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: user on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_teams/tasks/main.yml b/roles/gateway_teams/tasks/main.yml index ad6553bec..4b41556c6 100644 --- a/roles/gateway_teams/tasks/main.yml +++ b/roles/gateway_teams/tasks/main.yml @@ -9,35 +9,35 @@ state: "{{ __gateway_teams_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, 10) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" - loop: "{{ teams if teams is defined else teams_list }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" + loop: "{{ platform_teams }}" loop_control: loop_var: __gateway_teams_item - no_log: "{{ teams_secure_logging }}" + no_log: "{{ platform_teams_secure_logging }}" async: 1000 poll: 0 register: __gateway_teams_job_async changed_when: not __gateway_teams_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Teams | Wait for finish the configuration ansible.builtin.async_status: jid: "{{ __gateway_teams_job_async_results_item.ansible_job_id }}" register: __gateway_teams_job_async_result until: __gateway_teams_job_async_result.finished - retries: "{{ teams_async_retries }}" - delay: "{{ teams_async_delay }}" + retries: "{{ platform_teams_async_retries }}" + delay: "{{ platform_teams_async_delay }}" loop: "{{ __gateway_teams_job_async.results }}" loop_control: loop_var: __gateway_teams_job_async_results_item when: __gateway_teams_job_async_results_item.ansible_job_id is defined - no_log: "{{ teams_secure_logging }}" + no_log: "{{ platform_teams_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_users/README.md b/roles/gateway_users/README.md index 175311a6f..ee5d9eb93 100644 --- a/roles/gateway_users/README.md +++ b/roles/gateway_users/README.md @@ -9,10 +9,10 @@ An Ansible Role to configure users on Ansible Automation gateway. | Variable Name | Default Value | Required | Description | | |:--------------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| | `users_list` (Alias: `users`) | [below](#user-arguments) | yes | Data structure describing your user entries described below. | [more](../../README.md#data-variables) | -| `users_secure_logging` | `gateway_configuration_secure_logging` OR `true` | no | Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | -| `users_enforce_defaults` | `gateway_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the user role. | [more](../../README.md#enforcing-defaults) | -| `users_async_retries` | `gateway_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | -| `users_async_delay` | `gateway_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `users_secure_logging` | `aap_configuration_secure_logging` OR `true` | no | Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | [more](../../README.md#secure-logging-variables) | +| `users_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the user role. | [more](../../README.md#enforcing-defaults) | +| `users_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | [more](../../README.md#asynchronous-retry-variables) | +| `users_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | [more](../../README.md#asynchronous-retry-variables) | | `users_default_password` | "" | no | Global variable to set the password for all users. | | **Note**: Secure Logging defaults to True if both variables are not set @@ -89,4 +89,4 @@ ansible-playbook manage_data.yml -e @data/gateway_users.yml ## License -[GPLv3](https://github.com/ansible/aap-gateway/gateway_configuration_collection/COPYING) +[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_users/defaults/main.yml b/roles/gateway_users/defaults/main.yml index a522c6935..875f038dd 100644 --- a/roles/gateway_users/defaults/main.yml +++ b/roles/gateway_users/defaults/main.yml @@ -25,8 +25,8 @@ users_list: [] users_default_password: change_me -users_secure_logging: "{{ gateway_configuration_secure_logging | default('true') }}" -users_async_retries: "{{ gateway_configuration_async_retries | default(30) }}" -users_async_delay: "{{ gateway_configuration_async_delay | default(1) }}" -users_enforce_defaults: "{{ gateway_configuration_enforce_defaults | default(false) }}" +users_secure_logging: "{{ aap_configuration_secure_logging | default('true') }}" +users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +users_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_users/meta/argument_specs.yml b/roles/gateway_users/meta/argument_specs.yml index eb42cddfd..4341b130c 100644 --- a/roles/gateway_users/meta/argument_specs.yml +++ b/roles/gateway_users/meta/argument_specs.yml @@ -67,22 +67,22 @@ argument_specs: # Async variables users_async_retries: - default: "{{ gateway_configuration_async_retries | default(30) }}" + default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. - gateway_configuration_async_retries: + aap_configuration_async_retries: default: 30 required: false description: This variable sets number of retries across all roles as a default. users_async_delay: - default: "{{ gateway_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - gateway_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - gateway_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: > @@ -92,53 +92,47 @@ argument_specs: # No_log variables users_secure_logging: - default: "{{ gateway_configuration_secure_logging | default(true) }}" + default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool description: > Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - gateway_configuration_secure_logging: + aap_configuration_secure_logging: default: true required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false - description: URL to the automation platform gateway. + description: URL to the Ansible Automation Platform Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false - description: Whether or not to validate the automation platform gateway's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false - description: User on the automation platform gateway. Either username / password or oauthtoken need to be specified. + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false - description: > - Gateway user's password on the automation platform gateway. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false - description: > - Gateway user's token on the automation platform gateway. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_users/tasks/main.yml b/roles/gateway_users/tasks/main.yml index 649650ca5..2f15fee2b 100644 --- a/roles/gateway_users/tasks/main.yml +++ b/roles/gateway_users/tasks/main.yml @@ -15,12 +15,12 @@ state: "{{ __gateway_user_accounts_item.state | default(gateway_state | default(omit, true)) }}" # Role Standard Options - gateway_hostname: "{{ gateway_hostname | default(omit, true) }}" - gateway_username: "{{ gateway_username | default(omit, true) }}" - gateway_password: "{{ gateway_password | default(omit, true) }}" - gateway_token: "{{ gateway_oauthtoken | default(omit, true) }}" - gateway_request_timeout: "{{ gateway_request_timeout | default(omit, true) }}" - gateway_validate_certs: "{{ gateway_validate_certs | default(omit) }}" + gateway_hostname: "{{ aap_hostname | default(omit, true) }}" + gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" + gateway_token: "{{ aap_token | default(omit, true) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ users if users is defined else users_list }}" loop_control: loop_var: __gateway_user_accounts_item @@ -30,7 +30,7 @@ register: __gateway_user_accounts_job_async changed_when: not __gateway_user_accounts_job_async.changed vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" - name: Users | Wait for finish the configuration ansible.builtin.async_status: @@ -45,5 +45,5 @@ when: __gateway_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ users_secure_logging }}" vars: - ansible_async_dir: "{{ gateway_configuration_async_dir | default(omit) }}" + ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/hub_collection/README.md b/roles/hub_collection/README.md index 4a57fce34..6246ba78b 100644 --- a/roles/hub_collection/README.md +++ b/roles/hub_collection/README.md @@ -8,13 +8,13 @@ An Ansible Role to update, or destroy Automation Hub Collections. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_collections`|`see below`|yes|Data structure describing your collections, described below.|| These are the sub options for the vars `ah_collections` which are dictionaries with the options you want. See examples for details. @@ -31,7 +31,7 @@ These are the sub options for the vars `ah_collections` which are dictionaries w |`overwrite_existing`|"false"|no|Overwrites an existing collection and requires version to be set.|| |`state`|"present"|no|Desired state of the resource|| -The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. +The `aap_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. ### Asynchronous Retry Variables @@ -43,24 +43,24 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_collection_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_collection_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_collection_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_collection_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_collection_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_collection_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add repository task does not include sensitive information. -ah_configuration_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_collection_secure_logging`|`False`|no|Whether or not to include the sensitive collection role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -93,7 +93,7 @@ ah_collections: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_collection/defaults/main.yml b/roles/hub_collection/defaults/main.yml index 66541d296..805e2bf18 100644 --- a/roles/hub_collection/defaults/main.yml +++ b/roles/hub_collection/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the collection role ah_collections: [] @@ -18,9 +18,9 @@ ah_collections: [] # - overwrite_existing # - state -ah_configuration_collection_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_collection_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_collection_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_collection_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_collection_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_collection_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_collection_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_collection/meta/argument_specs.yml b/roles/hub_collection/meta/argument_specs.yml index f9895cc5a..732b6e573 100644 --- a/roles/hub_collection/meta/argument_specs.yml +++ b/roles/hub_collection/meta/argument_specs.yml @@ -12,65 +12,70 @@ argument_specs: # Async variables ah_configuration_collection_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_collection_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_collection_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - ah_token: + aap_token: + default: None required: false - description: Automation Hub token for authentication. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_collection/tasks/main.yml b/roles/hub_collection/tasks/main.yml index 838547d20..b3c1a80fa 100644 --- a/roles/hub_collection/tasks/main.yml +++ b/roles/hub_collection/tasks/main.yml @@ -1,17 +1,18 @@ # Update or destroy Automation Hub Collection --- -- name: Get token - ansible.hub.ah_token: - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" - when: - - ah_token is not defined - - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" - - ah_collections | length > 1 +# Test if this is still needed +# - name: Get token +# ansible.hub.ah_token: +# ah_host: "{{ aap_hostname | default(omit) }}" +# ah_username: "{{ aap_username | default(omit) }}" +# ah_password: "{{ aap_password | default(omit) }}" +# ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" +# validate_certs: "{{ aap_validate_certs | default(omit) }}" +# request_timeout: "{{ aap_request_timeout | default(omit) }}" +# when: +# - ah_token is not defined +# - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" +# - ah_collections | length > 1 - name: Update or destroy Automation Hub Collection ansible.hub.ah_collection: @@ -26,13 +27,13 @@ interval: "{{ __collection.interval | default(omit) }}" overwrite_existing: "{{ __collection.overwrite_existing | default(omit) }}" state: "{{ __collection.state | default('present') }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collections }}" loop_control: loop_var: "__collection" @@ -42,7 +43,7 @@ register: __collections_job_async changed_when: not __collections_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: Sleep for 10 seconds and continue with play ansible.builtin.wait_for: @@ -61,5 +62,5 @@ when: __collections_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_collection/tests/test.yml b/roles/hub_collection/tests/test.yml index dbd972fc3..30d98fb96 100644 --- a/roles/hub_collection/tests/test.yml +++ b/roles/hub_collection/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_collection_remote/README.md b/roles/hub_collection_remote/README.md index 6adf27dc1..108a2b131 100644 --- a/roles/hub_collection_remote/README.md +++ b/roles/hub_collection_remote/README.md @@ -8,16 +8,16 @@ An Ansible Role to create a Collection Remote Repository. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_collection_remotes`|`see below`|yes|Data structure describing your collection remote repository, described below.|| -The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. +The `aap_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. ### Secure Logging Variables @@ -25,12 +25,12 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add repository task does not include sensitive information. -ah_configuration_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_collection_remote_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -41,12 +41,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_collection_remote_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_collection_remote_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_collection_remote_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_collection_remote_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_collection_remote_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_collection_remote_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -92,7 +92,7 @@ ah_collection_remotes: url: https://beta-galaxy.ansible.com/ requirements: - name: infra.ee_utilities - - name: infra.controller_configuration + - name: infra.aap_configuration ``` ## Playbook Examples @@ -106,7 +106,7 @@ ah_collection_remotes: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_collection_remote/defaults/main.yml b/roles/hub_collection_remote/defaults/main.yml index c1f02ff10..526e20bb8 100644 --- a/roles/hub_collection_remote/defaults/main.yml +++ b/roles/hub_collection_remote/defaults/main.yml @@ -2,14 +2,14 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role -ah_configuration_collection_remote_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_collection_remote_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_collection_remote_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_collection_remote_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_collection_remote_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_collection_remote_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_collection_remote_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_remote_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_remote/meta/argument_specs.yml b/roles/hub_collection_remote/meta/argument_specs.yml index 59559d752..dc0f40edd 100644 --- a/roles/hub_collection_remote/meta/argument_specs.yml +++ b/roles/hub_collection_remote/meta/argument_specs.yml @@ -23,50 +23,55 @@ argument_specs: description: Information regarding the proxy that AH will use to communicate to the Red Hat repositories. Can be left empty if no proxy used. # Async variables - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_collection_remote_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - ah_token: + aap_token: + default: None required: false - description: Automation Hub token for authentication. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_collection_remote/tasks/main.yml b/roles/hub_collection_remote/tasks/main.yml index bac66d1e5..5535bbc8a 100644 --- a/roles/hub_collection_remote/tasks/main.yml +++ b/roles/hub_collection_remote/tasks/main.yml @@ -27,12 +27,12 @@ proxy_username: "{{ __collection_remote_item.proxy_username | default(proxy_username | default(omit)) }}" proxy_password: "{{ __collection_remote_item.proxy_password | default(proxy_password | default(omit)) }}" state: "{{ __collection_remote_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_remotes }}" loop_control: loop_var: "__collection_remote_item" @@ -42,7 +42,7 @@ register: __collection_remote_job_async changed_when: not __collection_remote_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Repository | Wait for finish the repository creation" ansible.builtin.async_status: @@ -57,6 +57,6 @@ when: __collection_remote_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_remote_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_collection_remote/tests/test.yml b/roles/hub_collection_remote/tests/test.yml index 57f6dab55..86d18742d 100644 --- a/roles/hub_collection_remote/tests/test.yml +++ b/roles/hub_collection_remote/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_collection_remote/tests/vars/repositories.yml b/roles/hub_collection_remote/tests/vars/repositories.yml index 577fdbc88..5a0110833 100644 --- a/roles/hub_collection_remote/tests/vars/repositories.yml +++ b/roles/hub_collection_remote/tests/vars/repositories.yml @@ -4,5 +4,5 @@ ah_collection_remotes: url: https://beta-galaxy.ansible.com/ requirements: - name: infra.ee_utilities - - name: infra.controller_configuration + - name: infra.aap_configuration ... diff --git a/roles/hub_collection_repository/README.md b/roles/hub_collection_repository/README.md index 656f22510..849c592c4 100644 --- a/roles/hub_collection_repository/README.md +++ b/roles/hub_collection_repository/README.md @@ -8,16 +8,16 @@ An Ansible Role to create a Collection Repository. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_collection_repositories`|`see below`|yes|Data structure describing your collection remote repository, described below.|| -The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. +The `aap_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. ### Secure Logging Variables @@ -25,12 +25,12 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add repository task does not include sensitive information. -ah_configuration_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_collection_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -41,12 +41,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_collection_repository_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_collection_repository_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_collection_repository_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_collection_repository_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_collection_repository_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_collection_repository_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -114,7 +114,7 @@ ah_collection_repositories: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_collection_repository/defaults/main.yml b/roles/hub_collection_repository/defaults/main.yml index 8b7153cc7..2213e12af 100644 --- a/roles/hub_collection_repository/defaults/main.yml +++ b/roles/hub_collection_repository/defaults/main.yml @@ -2,14 +2,14 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role -ah_configuration_collection_repository_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_collection_repository_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_collection_repository_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_collection_repository_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_collection_repository_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_collection_repository_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_collection_repository_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_repository_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_repository/meta/argument_specs.yml b/roles/hub_collection_repository/meta/argument_specs.yml index 95dbdbaa1..e30c33441 100644 --- a/roles/hub_collection_repository/meta/argument_specs.yml +++ b/roles/hub_collection_repository/meta/argument_specs.yml @@ -11,50 +11,55 @@ argument_specs: elements: dict # Async variables - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_collection_repository_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - ah_token: + aap_token: + default: None required: false - description: Automation Hub token for authentication. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_collection_repository/tasks/main.yml b/roles/hub_collection_repository/tasks/main.yml index 0a7164151..721e6594a 100644 --- a/roles/hub_collection_repository/tasks/main.yml +++ b/roles/hub_collection_repository/tasks/main.yml @@ -14,12 +14,12 @@ interval: "{{ __collection_repository_item.interval | default(1) }}" timeout: "{{ __collection_repository_item.timeout | default(omit) }}" state: "{{ __collection_repository_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_repositories }}" loop_control: loop_var: "__collection_repository_item" @@ -29,7 +29,7 @@ register: __collection_repository_job_async changed_when: not __collection_repository_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Repository | Wait for finish the repository creation" ansible.builtin.async_status: @@ -44,6 +44,6 @@ when: __collection_repository_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_repository_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_collection_repository/tests/test.yml b/roles/hub_collection_repository/tests/test.yml index 99d0ada63..ccd57c501 100644 --- a/roles/hub_collection_repository/tests/test.yml +++ b/roles/hub_collection_repository/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_collection_repository_sync/README.md b/roles/hub_collection_repository_sync/README.md index fc077db57..e059b1f6b 100644 --- a/roles/hub_collection_repository_sync/README.md +++ b/roles/hub_collection_repository_sync/README.md @@ -8,16 +8,16 @@ An Ansible Role to sync a Collection Repository. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_collection_repositories`|`see below`|yes|Data structure describing your collection remote repository, described below.|| -The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. +The `aap_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. ### Secure Logging Variables @@ -25,12 +25,12 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add repository task does not include sensitive information. -ah_configuration_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_collection_repository_sync_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -41,12 +41,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_collection_repository_sync_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_collection_repository_sync_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_collection_repository_sync_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_collection_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_collection_repository_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_collection_repository_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -85,7 +85,7 @@ ah_collection_repositories: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_collection_repository_sync/defaults/main.yml b/roles/hub_collection_repository_sync/defaults/main.yml index 8ca8ff22f..507433d5f 100644 --- a/roles/hub_collection_repository_sync/defaults/main.yml +++ b/roles/hub_collection_repository_sync/defaults/main.yml @@ -2,14 +2,14 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role -ah_configuration_collection_repository_sync_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_collection_repository_sync_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_collection_repository_sync_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_collection_repository_sync_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_collection_repository_sync_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_collection_repository_sync_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_collection_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_repository_sync/meta/argument_specs.yml b/roles/hub_collection_repository_sync/meta/argument_specs.yml index 95dbdbaa1..e30c33441 100644 --- a/roles/hub_collection_repository_sync/meta/argument_specs.yml +++ b/roles/hub_collection_repository_sync/meta/argument_specs.yml @@ -11,50 +11,55 @@ argument_specs: elements: dict # Async variables - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_collection_repository_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - ah_token: + aap_token: + default: None required: false - description: Automation Hub token for authentication. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_collection_repository_sync/tasks/main.yml b/roles/hub_collection_repository_sync/tasks/main.yml index d1c3efa62..72d9532c5 100644 --- a/roles/hub_collection_repository_sync/tasks/main.yml +++ b/roles/hub_collection_repository_sync/tasks/main.yml @@ -6,12 +6,12 @@ wait: "{{ __collection_repository_sync_item.wait | default(omit) }}" interval: "{{ __collection_repository_sync_item.interval | default(1) }}" timeout: "{{ __collection_repository_sync_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_repositories }}" loop_control: loop_var: "__collection_repository_sync_item" @@ -21,7 +21,7 @@ register: __collection_repository_sync_job_async changed_when: not __collection_repository_sync_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Sync Repository | Wait for finish the repository sync" ansible.builtin.async_status: @@ -36,6 +36,6 @@ when: __collection_repository_sync_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_repository_sync_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_collection_repository_sync/tests/test.yml b/roles/hub_collection_repository_sync/tests/test.yml index 99d0ada63..ccd57c501 100644 --- a/roles/hub_collection_repository_sync/tests/test.yml +++ b/roles/hub_collection_repository_sync/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_image/README.md b/roles/hub_ee_image/README.md index ac6ee411e..f79f73cff 100644 --- a/roles/hub_ee_image/README.md +++ b/roles/hub_ee_image/README.md @@ -8,13 +8,13 @@ An Ansible Role to create execution environment images in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_images`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to create execution environment images in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_image task does not include sensitive information. -ah_configuration_ee_image_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_image_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_image_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_image_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_image_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_image_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_image_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_image_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_image_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -83,7 +83,7 @@ ah_ee_images: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_image/defaults/main.yml b/roles/hub_ee_image/defaults/main.yml index 27eafcbd6..32eef1070 100644 --- a/roles/hub_ee_image/defaults/main.yml +++ b/roles/hub_ee_image/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -19,9 +19,9 @@ ah_ee_images: [] # - "2.0" # - prod1 -ah_configuration_ee_image_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_image_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_image_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_image_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_image_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_image_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_image_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_image_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_image/meta/argument_specs.yml b/roles/hub_ee_image/meta/argument_specs.yml index 7c9480b7a..96edb0b64 100644 --- a/roles/hub_ee_image/meta/argument_specs.yml +++ b/roles/hub_ee_image/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_image_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_image_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_image_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_image/tasks/main.yml b/roles/hub_ee_image/tasks/main.yml index c07ade827..938f594cc 100644 --- a/roles/hub_ee_image/tasks/main.yml +++ b/roles/hub_ee_image/tasks/main.yml @@ -8,12 +8,12 @@ append: "{{ __ee_image_item.append | default(omit) }}" tags: "{{ __ee_image_item.tags | default(omit) }}" state: "{{ __ee_image_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_images }}" loop_control: loop_var: "__ee_image_item" @@ -23,7 +23,7 @@ register: __ee_images_job_async changed_when: not __ee_images_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create EE Image | Wait for finish the ee_image creation" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __ee_images_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_image_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_image/tests/test.yml b/roles/hub_ee_image/tests/test.yml index 13909ba2a..0c5c07155 100644 --- a/roles/hub_ee_image/tests/test.yml +++ b/roles/hub_ee_image/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_namespace/README.md b/roles/hub_ee_namespace/README.md index 7d8fe15d2..ac9c48d2a 100644 --- a/roles/hub_ee_namespace/README.md +++ b/roles/hub_ee_namespace/README.md @@ -9,13 +9,13 @@ This was depreciated with AAP 2.4 and Galaxy NG 4.6.3+, and removed from the API |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_namespaces`|`see below`|yes|Data structure describing your ee_namespaces, described below.|| ### Secure Logging Variables @@ -23,12 +23,12 @@ This was depreciated with AAP 2.4 and Galaxy NG 4.6.3+, and removed from the API The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_namespace task does not include sensitive information. -ah_configuration_ee_namespace_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_namespace_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_namespace_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -39,12 +39,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_namespace_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_namespace_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_namespace_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_namespace_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_namespace_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_namespace_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -82,7 +82,7 @@ ah_ee_namespaces: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_namespace/defaults/main.yml b/roles/hub_ee_namespace/defaults/main.yml index f0bd3edb4..ef671391a 100644 --- a/roles/hub_ee_namespace/defaults/main.yml +++ b/roles/hub_ee_namespace/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -17,9 +17,9 @@ ah_ee_namespaces: [] # - "group1" # - "group2" -ah_configuration_ee_namespace_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_namespace_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_namespace_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_namespace_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_namespace_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_namespace_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_namespace_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_namespace_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_namespace/meta/argument_specs.yml b/roles/hub_ee_namespace/meta/argument_specs.yml index 6c842a7c4..8f047ba80 100644 --- a/roles/hub_ee_namespace/meta/argument_specs.yml +++ b/roles/hub_ee_namespace/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_namespace_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_namespace_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_namespace_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_namespace/tasks/main.yml b/roles/hub_ee_namespace/tasks/main.yml index bd9fb6f2e..de17e34fd 100644 --- a/roles/hub_ee_namespace/tasks/main.yml +++ b/roles/hub_ee_namespace/tasks/main.yml @@ -8,12 +8,12 @@ append: "{{ __ee_namespace_item.append | default(omit) }}" groups: "{{ __ee_namespace_item.groups | default([]) }}" state: "{{ __ee_namespace_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_namespaces }}" loop_control: loop_var: "__ee_namespace_item" @@ -23,7 +23,7 @@ register: __ee_namespaces_job_async changed_when: not __ee_namespaces_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create EE Namespace | Wait for finish the ee_namespace creation" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __ee_namespaces_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_namespace_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_namespace/tests/test.yml b/roles/hub_ee_namespace/tests/test.yml index 5f512fee8..d854f2028 100644 --- a/roles/hub_ee_namespace/tests/test.yml +++ b/roles/hub_ee_namespace/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_registry/README.md b/roles/hub_ee_registry/README.md index 01bea0d1e..7d213170b 100644 --- a/roles/hub_ee_registry/README.md +++ b/roles/hub_ee_registry/README.md @@ -8,13 +8,13 @@ An Ansible Role to create EE Registries in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`proxy_url`|""|no|str|The URL for the proxy. Defaults to global `proxy_url` variable.| |`proxy_username`|""|no|str|The username for the proxy authentication. Defaults to global `proxy_username` variable.| |`proxy_password`|""|no|str|The password for the proxy authentication. Defaults to global `proxy_password` variable.| @@ -25,12 +25,12 @@ An Ansible Role to create EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_registry task does not include sensitive information. -ah_configuration_ee_registry_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -41,12 +41,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_registry_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_registry_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_registry_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_registry_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_registry_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_registry_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -86,7 +86,7 @@ ah_ee_registries: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_registry/defaults/main.yml b/roles/hub_ee_registry/defaults/main.yml index 82e97ded0..0102a1287 100644 --- a/roles/hub_ee_registry/defaults/main.yml +++ b/roles/hub_ee_registry/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -23,9 +23,9 @@ ah_ee_registries: [] # rate_limit: 5 # state: present -ah_configuration_ee_registry_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_registry_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_registry_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_registry_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_registry_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_registry_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry/meta/argument_specs.yml b/roles/hub_ee_registry/meta/argument_specs.yml index d964d58dd..b7c5cba6a 100644 --- a/roles/hub_ee_registry/meta/argument_specs.yml +++ b/roles/hub_ee_registry/meta/argument_specs.yml @@ -24,61 +24,65 @@ argument_specs: # Async variables ah_configuration_ee_registry_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_registry_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_registry_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_registry/tasks/main.yml b/roles/hub_ee_registry/tasks/main.yml index fad19d411..15ebca09a 100644 --- a/roles/hub_ee_registry/tasks/main.yml +++ b/roles/hub_ee_registry/tasks/main.yml @@ -11,12 +11,12 @@ download_concurrency: "{{ __ee_registry_item.download_concurrency | default(omit) }}" rate_limit: "{{ __ee_registry_item.rate_limit | default(omit) }}" state: "{{ __ee_registry_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" proxy_url: "{{ __ee_registry_item.proxy_url | default(proxy_url | default(omit)) }}" proxy_username: "{{ __ee_registry_item.proxy_username | default(proxy_username | default(omit)) }}" proxy_password: "{{ __ee_registry_item.proxy_password | default(proxy_password | default(omit)) }}" @@ -29,7 +29,7 @@ register: __ee_registries_job_async changed_when: not __ee_registries_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create EE Registry | Wait for finish the ee_registry creation" ansible.builtin.async_status: @@ -44,5 +44,5 @@ when: __ee_registries_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_registry/tests/test.yml b/roles/hub_ee_registry/tests/test.yml index 9bb24ee57..fab2bfb27 100644 --- a/roles/hub_ee_registry/tests/test.yml +++ b/roles/hub_ee_registry/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_registry_index/README.md b/roles/hub_ee_registry_index/README.md index 34f267f21..64caf6eec 100644 --- a/roles/hub_ee_registry_index/README.md +++ b/roles/hub_ee_registry_index/README.md @@ -8,13 +8,13 @@ An Ansible Role to index EE Registries in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined). Note that this role will only do anything if the `index` suboption of this variable is set to true.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to index EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_registry task does not include sensitive information. -ah_configuration_ee_registry_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_registry_index_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_registry_index_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_registry_index_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_registry_index_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_registry_index_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_registry_index_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -82,7 +82,7 @@ ah_ee_registries: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_registry_index/defaults/main.yml b/roles/hub_ee_registry_index/defaults/main.yml index 4c68a045c..ded65991d 100644 --- a/roles/hub_ee_registry_index/defaults/main.yml +++ b/roles/hub_ee_registry_index/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -16,9 +16,9 @@ ah_ee_registries: [] # wait: true # timeout: -ah_configuration_ee_registry_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_registry_index_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_registry_index_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_registry_index_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_registry_index_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_registry_index_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_index_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry_index/meta/argument_specs.yml b/roles/hub_ee_registry_index/meta/argument_specs.yml index 07e71dba8..3913368b3 100644 --- a/roles/hub_ee_registry_index/meta/argument_specs.yml +++ b/roles/hub_ee_registry_index/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_registry_index_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_registry_index_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_registry_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_registry_index/tasks/main.yml b/roles/hub_ee_registry_index/tasks/main.yml index c67a33ab7..20cf849ef 100644 --- a/roles/hub_ee_registry_index/tasks/main.yml +++ b/roles/hub_ee_registry_index/tasks/main.yml @@ -7,12 +7,12 @@ wait: "{{ __ee_registry_item.wait | default(omit) }}" interval: "{{ __ee_registry_item.interval | default(ah_configuration_ee_registry_index_async_delay) }}" timeout: "{{ __ee_registry_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" @@ -23,7 +23,7 @@ register: __ee_registry_indexes_job_async changed_when: not __ee_registry_indexes_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Index EE Registry | Wait for finish the ee_registry_index creation" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __ee_registry_indexes_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_registry_index/tests/test.yml b/roles/hub_ee_registry_index/tests/test.yml index e6135eb3b..c19d627e0 100644 --- a/roles/hub_ee_registry_index/tests/test.yml +++ b/roles/hub_ee_registry_index/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_registry_sync/README.md b/roles/hub_ee_registry_sync/README.md index 28048498f..d5b16b2c1 100644 --- a/roles/hub_ee_registry_sync/README.md +++ b/roles/hub_ee_registry_sync/README.md @@ -8,13 +8,13 @@ An Ansible Role to sync EE Registries in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to sync EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_registry task does not include sensitive information. -ah_configuration_ee_registry_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_repository_sync_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_registry_sync_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_registry_sync_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_registry_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_registry_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -82,7 +82,7 @@ ah_ee_registries: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_registry_sync/defaults/main.yml b/roles/hub_ee_registry_sync/defaults/main.yml index 1f6601903..013e7ce80 100644 --- a/roles/hub_ee_registry_sync/defaults/main.yml +++ b/roles/hub_ee_registry_sync/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -16,9 +16,9 @@ ah_ee_registries: [] # wait: true # timeout: -ah_configuration_ee_registry_sync_async_timeout: "{{ ah_configuration_async_timeout }}" -ah_configuration_ee_registry_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_registry_sync_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_registry_sync_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_registry_sync_async_timeout: "{{ aap_configuration_async_timeout }}" +ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_registry_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry_sync/meta/argument_specs.yml b/roles/hub_ee_registry_sync/meta/argument_specs.yml index 0aefcdc53..b0e12bf0b 100644 --- a/roles/hub_ee_registry_sync/meta/argument_specs.yml +++ b/roles/hub_ee_registry_sync/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_registry_sync_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_registry_sync_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_registry_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_registry_sync/tasks/main.yml b/roles/hub_ee_registry_sync/tasks/main.yml index 01179325a..54b1841ca 100644 --- a/roles/hub_ee_registry_sync/tasks/main.yml +++ b/roles/hub_ee_registry_sync/tasks/main.yml @@ -7,12 +7,12 @@ wait: "{{ __ee_registry_item.wait | default(omit) }}" interval: "{{ __ee_registry_item.interval | default(ah_configuration_ee_registry_sync_async_delay) }}" timeout: "{{ __ee_registry_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" @@ -23,7 +23,7 @@ register: __ee_registry_syncs_job_async changed_when: not __ee_registry_syncs_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "EE Registry Sync | Wait for finish the ee_registry_sync to complete" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __ee_registry_syncs_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_registry_sync/tests/test.yml b/roles/hub_ee_registry_sync/tests/test.yml index 5fb6a129b..5e71e58bb 100644 --- a/roles/hub_ee_registry_sync/tests/test.yml +++ b/roles/hub_ee_registry_sync/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_repository/README.md b/roles/hub_ee_repository/README.md index 788add483..bbc20071e 100644 --- a/roles/hub_ee_repository/README.md +++ b/roles/hub_ee_repository/README.md @@ -8,13 +8,13 @@ An Ansible Role to create Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to create Repositories in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_repository task does not include sensitive information. -ah_configuration_ee_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_repository_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_repository_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_repository_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_repository_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_repository_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_repository_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -84,7 +84,7 @@ ah_ee_repositories: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_repository/defaults/main.yml b/roles/hub_ee_repository/defaults/main.yml index 777760ed1..7cc298203 100644 --- a/roles/hub_ee_repository/defaults/main.yml +++ b/roles/hub_ee_repository/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -16,9 +16,9 @@ ah_ee_repositories: [] # readme: "The contents of a readme will go here" # readme_file: "readme.md" -ah_configuration_ee_repository_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_repository_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_repository_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_repository_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_repository_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_repository_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_repository_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_repository_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_repository/meta/argument_specs.yml b/roles/hub_ee_repository/meta/argument_specs.yml index 422ca3953..3113e1df4 100644 --- a/roles/hub_ee_repository/meta/argument_specs.yml +++ b/roles/hub_ee_repository/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_repository_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_repository_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_repository_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_repository/tasks/main.yml b/roles/hub_ee_repository/tasks/main.yml index 733577a4f..73d4ecfd8 100644 --- a/roles/hub_ee_repository/tasks/main.yml +++ b/roles/hub_ee_repository/tasks/main.yml @@ -12,12 +12,12 @@ include_tags: "{{ __ee_repository_item.include_tags | default(omit) }}" exclude_tags: "{{ __ee_repository_item.exclude_tags | default(omit) }}" state: "{{ __ee_repository_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" @@ -27,7 +27,7 @@ register: __ee_repositories_job_async changed_when: not __ee_repositories_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create EE Repository | Wait for finish the ee_repository creation" ansible.builtin.async_status: @@ -42,5 +42,5 @@ when: __ee_repositories_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_repository_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_repository/tests/test.yml b/roles/hub_ee_repository/tests/test.yml index 206aedae8..97026c178 100644 --- a/roles/hub_ee_repository/tests/test.yml +++ b/roles/hub_ee_repository/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_ee_repository_sync/README.md b/roles/hub_ee_repository_sync/README.md index 4a551dd7a..b574caad4 100644 --- a/roles/hub_ee_repository_sync/README.md +++ b/roles/hub_ee_repository_sync/README.md @@ -8,13 +8,13 @@ An Ansible Role to sync EE Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below. (Note this is the same as for the `ee_repository` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to sync EE Repositories in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add ee_repository task does not include sensitive information. -ah_configuration_ee_repository_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_ee_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_ee_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Repository role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_ee_repository_sync_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_ee_repository_sync_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_ee_repository_sync_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_ee_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_ee_repository_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_ee_repository_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -82,7 +82,7 @@ ah_ee_repositories: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_ee_repository_sync/defaults/main.yml b/roles/hub_ee_repository_sync/defaults/main.yml index 0ba48b74c..5a6897736 100644 --- a/roles/hub_ee_repository_sync/defaults/main.yml +++ b/roles/hub_ee_repository_sync/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -16,9 +16,9 @@ ah_ee_repositories: [] # wait: true # timeout: -ah_configuration_ee_repository_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_ee_repository_sync_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_ee_repository_sync_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_ee_repository_sync_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_ee_repository_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_ee_repository_sync_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_ee_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_repository_sync/meta/argument_specs.yml b/roles/hub_ee_repository_sync/meta/argument_specs.yml index d3eaead9f..366d65499 100644 --- a/roles/hub_ee_repository_sync/meta/argument_specs.yml +++ b/roles/hub_ee_repository_sync/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_ee_repository_sync_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_ee_repository_sync_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_ee_repository_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_ee_repository_sync/tasks/main.yml b/roles/hub_ee_repository_sync/tasks/main.yml index c4e1363ba..bbb5799ee 100644 --- a/roles/hub_ee_repository_sync/tasks/main.yml +++ b/roles/hub_ee_repository_sync/tasks/main.yml @@ -7,12 +7,12 @@ wait: "{{ __ee_repository_item.wait | default(omit) }}" interval: "{{ __ee_repository_item.interval | default(ah_configuration_ee_repository_sync_async_delay) }}" timeout: "{{ __ee_repository_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" @@ -23,7 +23,7 @@ register: __ee_repository_syncs_job_async changed_when: not __ee_repository_syncs_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "EE Repository Sync | Wait for finish the ee_repository_sync to finish" ansible.builtin.async_status: @@ -38,5 +38,5 @@ when: __ee_repository_syncs_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_repository_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_ee_repository_sync/tests/test.yml b/roles/hub_ee_repository_sync/tests/test.yml index 1ae33b886..808822991 100644 --- a/roles/hub_ee_repository_sync/tests/test.yml +++ b/roles/hub_ee_repository_sync/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_group/README.md b/roles/hub_group/README.md index 9c5aff789..7f880dfe9 100644 --- a/roles/hub_group/README.md +++ b/roles/hub_group/README.md @@ -8,13 +8,13 @@ An Ansible Role to create groups in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_groups`|`see below`|yes|Data structure describing your groups, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to create groups in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add group task does not include sensitive information. -ah_configuration_group_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_group_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,10 +38,10 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_group_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_group_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_group_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_group_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -90,7 +90,7 @@ ah_groups: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_group/defaults/main.yml b/roles/hub_group/defaults/main.yml index b67bac599..c1a4c789b 100644 --- a/roles/hub_group/defaults/main.yml +++ b/roles/hub_group/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -14,9 +14,9 @@ ah_groups: [] # - name # - perms # - state -ah_configuration_group_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_group_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_group_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_group_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_group_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_group_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_group_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_group/meta/argument_specs.yml b/roles/hub_group/meta/argument_specs.yml index 674e39ed6..87f22e952 100644 --- a/roles/hub_group/meta/argument_specs.yml +++ b/roles/hub_group/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_group_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_group_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_group_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_group/tasks/main.yml b/roles/hub_group/tasks/main.yml index 00b64fa3e..70bf2e90f 100644 --- a/roles/hub_group/tasks/main.yml +++ b/roles/hub_group/tasks/main.yml @@ -6,12 +6,12 @@ name: "{{ __group.name | default(omit) }}" # new_name: "{{ __group.new_name | default(omit) }}" <-- Needs adding once new_name option added to module state: "{{ __group.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_groups }}" loop_control: loop_var: "__group" @@ -21,7 +21,7 @@ register: __groups_job_async changed_when: not __groups_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Group | Wait for finish the group creation" ansible.builtin.async_status: @@ -36,18 +36,18 @@ when: __groups_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_group_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: Add Automation Hub group permissions ah_group_perm: name: "{{ __group.new_name | default(__group.name | default(omit)) }}" perms: "{{ __group.perms }}" state: "{{ __group.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ ah_groups }}" loop_control: loop_var: "__group" @@ -58,7 +58,7 @@ register: __group_perms_job_async changed_when: not __group_perms_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Group | Wait for finish the group creation" ansible.builtin.async_status: @@ -73,5 +73,5 @@ when: __group_perms_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_group_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_group/tests/test.yml b/roles/hub_group/tests/test.yml index 1ad1dc582..ec6daa54d 100644 --- a/roles/hub_group/tests/test.yml +++ b/roles/hub_group/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_group_roles/README.md b/roles/hub_group_roles/README.md index cd6e09111..3e9fbc097 100644 --- a/roles/hub_group_roles/README.md +++ b/roles/hub_group_roles/README.md @@ -8,13 +8,13 @@ An Ansible Role to add roles to groups in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_group_roles`|`see below`|yes|Data structure describing the roles which are applied to groups, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to add roles to groups in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add group task does not include sensitive information. -ah_configuration_group_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_group_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_group_roles_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_group_roles_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_group_roles_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_group_roles_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_group_roles_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_group_roles_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -132,7 +132,7 @@ ah_group_roles: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_group_roles/defaults/main.yml b/roles/hub_group_roles/defaults/main.yml index 5f871cf9e..2a61ab0cc 100644 --- a/roles/hub_group_roles/defaults/main.yml +++ b/roles/hub_group_roles/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -13,9 +13,9 @@ ah_group_roles: [] # - groups # - role_list -ah_configuration_group_roles_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_group_roles_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_group_roles_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_group_roles_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_group_roles_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_group_roles_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_group_roles_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_group_roles_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_group_roles/meta/argument_specs.yml b/roles/hub_group_roles/meta/argument_specs.yml index 9540af453..a14770d23 100644 --- a/roles/hub_group_roles/meta/argument_specs.yml +++ b/roles/hub_group_roles/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_group_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_group_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_group_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_group_roles/tasks/main.yml b/roles/hub_group_roles/tasks/main.yml index e97dde3c7..6eaaccb1a 100644 --- a/roles/hub_group_roles/tasks/main.yml +++ b/roles/hub_group_roles/tasks/main.yml @@ -5,12 +5,12 @@ groups: "{{ __group_role.groups | default(omit) }}" role_list: "{{ __group_role.role_list | default(omit) }}" state: "{{ __group_role.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_group_roles }}" loop_control: loop_var: "__group_role" @@ -20,7 +20,7 @@ register: __group_roles_job_async changed_when: not __group_roles_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Add Roles to Groups | Wait for finish the group creation" ansible.builtin.async_status: @@ -35,5 +35,5 @@ when: __group_roles_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_group_roles_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_group_roles/tests/test.yml b/roles/hub_group_roles/tests/test.yml index c47bcf19e..2a1426e34 100644 --- a/roles/hub_group_roles/tests/test.yml +++ b/roles/hub_group_roles/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_namespace/README.md b/roles/hub_namespace/README.md index aaf617037..c29869449 100644 --- a/roles/hub_namespace/README.md +++ b/roles/hub_namespace/README.md @@ -8,14 +8,14 @@ An Ansible Role to create Namespaces in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_namespaces`|`see below`|yes|Data structure describing your namespaces, described below.|| ### Secure Logging Variables @@ -23,12 +23,12 @@ An Ansible Role to create Namespaces in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add namespace task does not include sensitive information. -ah_configuration_namespace_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_namespace_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_namespace_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -39,12 +39,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_namespace_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_namespace_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_namespace_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_namespace_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_namespace_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_namespace_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -104,7 +104,7 @@ ah_namespaces: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_namespace/defaults/main.yml b/roles/hub_namespace/defaults/main.yml index 489921dda..7d13e846e 100644 --- a/roles/hub_namespace/defaults/main.yml +++ b/roles/hub_namespace/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -25,9 +25,9 @@ ah_namespaces: [] # object_roles: #Possible options below # - # mandatory, choices: change_namespace, upload_to_namespace -ah_configuration_namespace_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_namespace_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_namespace_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_namespace_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_namespace_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_namespace_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_namespace_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_namespace_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_namespace/meta/argument_specs.yml b/roles/hub_namespace/meta/argument_specs.yml index 9fecf1ce9..f396a26a6 100644 --- a/roles/hub_namespace/meta/argument_specs.yml +++ b/roles/hub_namespace/meta/argument_specs.yml @@ -12,65 +12,70 @@ argument_specs: # Async variables ah_configuration_namespace_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_namespace_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_namespace_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - ah_token: + aap_token: + default: None required: false - description: Automation Hub token for authentication. + description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_namespace/tasks/main.yml b/roles/hub_namespace/tasks/main.yml index 5300dd488..e8bb815c2 100644 --- a/roles/hub_namespace/tasks/main.yml +++ b/roles/hub_namespace/tasks/main.yml @@ -2,12 +2,12 @@ # Create AH Namespace - name: Get token ansible.hub.ah_token: - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" when: - ah_token is not defined - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" @@ -25,13 +25,13 @@ links: "{{ __namespace_item.links | default([]) }}" groups: "{{ __namespace_item.groups | default([]) }}" state: "{{ __namespace_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_namespaces }}" loop_control: loop_var: "__namespace_item" @@ -41,7 +41,7 @@ register: __namespaces_job_async changed_when: not __namespaces_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Namespace | Wait for finish the namespace creation" ansible.builtin.async_status: @@ -56,5 +56,5 @@ when: __namespaces_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_namespace_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_namespace/tests/test.yml b/roles/hub_namespace/tests/test.yml index 182db9446..8b95dccdd 100644 --- a/roles/hub_namespace/tests/test.yml +++ b/roles/hub_namespace/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_publish/README.md b/roles/hub_publish/README.md index 0bac087fd..e15077f3f 100644 --- a/roles/hub_publish/README.md +++ b/roles/hub_publish/README.md @@ -8,15 +8,15 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|no|Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| -|`ah_configuration_working_dir`|`/var/tmp`|no|The working directory where the built artifacts live, or where the artifacts will be built.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_working_dir`|`/var/tmp`|no|The working directory where the built artifacts live, or where the artifacts will be built.|| |`ah_auto_approve`|`False`|no|Whether the collection will be automatically approved in Automation Hub. This will only work if the account being used has correct privileges.|| |`ah_overwrite_existing`|`False`|no|Whether the collection will be automatically overwrite an existing collection in Automation Hub. This will only work if the account being used has correct privileges.|| |`ah_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| @@ -27,12 +27,12 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add publish collections task does not include sensitive information. -ah_configuration_publish_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_publish_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_publish_secure_logging`|`False`|no|Whether or not to include the sensitive publish collections role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -43,12 +43,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_publish_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_publish_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_publish_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_publish_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_publish_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_publish_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -87,7 +87,7 @@ ah_auto_approve: true connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_publish/defaults/main.yml b/roles/hub_publish/defaults/main.yml index 921191e6f..f631cc8ee 100644 --- a/roles/hub_publish/defaults/main.yml +++ b/roles/hub_publish/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration and _utilities roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -17,14 +17,14 @@ # - collection_name: "name of collection, normally the last part before the / in a git url" # mandatory # git_url: "url to git repo." # mandatory when type=git -ah_configuration_working_dir: "/var/tmp" +aap_configuration_working_dir: "/var/tmp" ah_auto_approve: false ah_overwrite_existing: false -ah_configuration_publish_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_publish_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_publish_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_publish_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_publish_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_publish_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_publish_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_publish_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_publish/meta/argument_specs.yml b/roles/hub_publish/meta/argument_specs.yml index 57eb3f8e9..d2cb890ec 100644 --- a/roles/hub_publish/meta/argument_specs.yml +++ b/roles/hub_publish/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to publish collections in Automation Hub. options: - ah_configuration_working_dir: + aap_configuration_working_dir: default: /var/tmp type: str required: false @@ -33,61 +33,65 @@ argument_specs: # Async variables ah_configuration_publish_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_publish_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_publish_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_publish/tasks/main.yml b/roles/hub_publish/tasks/main.yml index d8315ce31..e7d712448 100644 --- a/roles/hub_publish/tasks/main.yml +++ b/roles/hub_publish/tasks/main.yml @@ -2,7 +2,7 @@ - name: Git checkout ansible.builtin.git: repo: "{{ __ah_collection_item.git_url }}" - dest: "{{ ah_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}/" + dest: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}/" version: "{{ __ah_collection_item.version | default(omit) }}" key_file: "{{ __ah_collection_item.key_path | default(omit) }}" ssh_opts: "{{ __ah_collection_item.ssh_opts | default(omit) }}" @@ -17,7 +17,7 @@ - name: Copy local collection to working dir ansible.builtin.copy: src: "{{ __ah_collection_item.collection_local_path }}/" - dest: "{{ ah_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" + dest: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" remote_src: true mode: 0755 loop: "{{ ah_collections }}" @@ -30,8 +30,8 @@ - name: Build Collections ansible.hub.ah_build: - path: "{{ ah_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" - output_path: "{{ ah_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" + path: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" + output_path: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" force: true register: ah_build_results loop: "{{ ah_collections }}" @@ -70,12 +70,12 @@ - name: Get token ansible.hub.ah_token: - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" when: - ah_token is not defined - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" @@ -89,13 +89,13 @@ path: "{{ __ah_collection_file }}" auto_approve: "{{ ah_auto_approve }}" overwrite_existing: "{{ ah_overwrite_existing }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" @@ -105,7 +105,7 @@ register: __publish_job_async changed_when: not __publish_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Publish Collection | Wait for finish the publish creation" ansible.builtin.async_status: @@ -120,20 +120,20 @@ when: __publish_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_publish_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: Approve Collections ansible.hub.ah_approval: namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" name: "{{ (__ah_collection_file | basename).split('-')[1] }}" version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" diff --git a/roles/hub_publish/tests/test.yml b/roles/hub_publish/tests/test.yml index e5ed7fcf7..a3b40596d 100644 --- a/roles/hub_publish/tests/test.yml +++ b/roles/hub_publish/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_role/README.md b/roles/hub_role/README.md index 73f805af7..4ab6bfb6c 100644 --- a/roles/hub_role/README.md +++ b/roles/hub_role/README.md @@ -8,13 +8,13 @@ An Ansible Role to create role permissions in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_roles`|`see below`|yes|Data structure describing your role permissions, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to create role permissions in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add group task does not include sensitive information. -ah_configuration_group_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_role_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_role_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_role_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_role_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_role_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_role_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_role_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -104,7 +104,7 @@ ah_roles: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_role/defaults/main.yml b/roles/hub_role/defaults/main.yml index 1f9e1f9c6..c64021868 100644 --- a/roles/hub_role/defaults/main.yml +++ b/roles/hub_role/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -15,9 +15,9 @@ ah_roles: [] # - perms # - state -ah_configuration_role_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_role_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_role_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_role_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_role_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_role_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_role_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_role/meta/argument_specs.yml b/roles/hub_role/meta/argument_specs.yml index 701a411b9..c45914e3a 100644 --- a/roles/hub_role/meta/argument_specs.yml +++ b/roles/hub_role/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_role_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_role_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_role_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_role/tasks/main.yml b/roles/hub_role/tasks/main.yml index 24403269f..f2c0ed5a6 100644 --- a/roles/hub_role/tasks/main.yml +++ b/roles/hub_role/tasks/main.yml @@ -7,12 +7,12 @@ description: "{{ __role.description | default(omit) }}" perms: "{{ __role.perms | default(omit) }}" state: "{{ __role.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_roles }}" loop_control: loop_var: "__role" @@ -22,7 +22,7 @@ register: __roles_job_async changed_when: not __roles_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create Role | Wait for finish the role creation" ansible.builtin.async_status: @@ -37,5 +37,5 @@ when: __roles_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_role_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_role/tests/test.yml b/roles/hub_role/tests/test.yml index ed8f67326..9471a88d3 100644 --- a/roles/hub_role/tests/test.yml +++ b/roles/hub_role/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/hub_user/README.md b/roles/hub_user/README.md index 192ba636c..6bd04b0d5 100644 --- a/roles/hub_user/README.md +++ b/roles/hub_user/README.md @@ -8,13 +8,13 @@ An Ansible Role to create users in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| -|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| -|`ah_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| -|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables @@ -22,12 +22,12 @@ An Ansible Role to create users in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. The role defaults to False as normally the add user task does not include sensitive information. -ah_configuration_user_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. +ah_configuration_user_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`ah_configuration_user_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -38,12 +38,12 @@ This also speeds up the overall role. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`ah_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| -|`ah_configuration_user_async_timeout`|`ah_configuration_async_timeout`|no|This variable sets the async timeout for the role.| -|`ah_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| -|`ah_configuration_user_async_retries`|`ah_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| -|`ah_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| -|`ah_configuration_user_async_delay`|`ah_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_async_timeout`|1000|no|This variable sets the async timeout for the role globally.| +|`ah_configuration_user_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`ah_configuration_user_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`ah_configuration_user_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| ## Data Structure @@ -92,7 +92,7 @@ ah_users: connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com pre_tasks: diff --git a/roles/hub_user/defaults/main.yml b/roles/hub_user/defaults/main.yml index 1349c3efd..b5ce41754 100644 --- a/roles/hub_user/defaults/main.yml +++ b/roles/hub_user/defaults/main.yml @@ -2,9 +2,9 @@ # These are the default variables common to most ah_configuration roles # You shouldn't need to define them again and again but they should be defined -# ah_hostname: "{{ inventory_hostname }}" +# ah_username: "{{ inventory_hostname }}" # ah_oauthtoken: "" -# ah_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role @@ -21,9 +21,9 @@ ah_users: [] # - password # - state -ah_configuration_user_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}" -ah_configuration_user_async_timeout: "{{ ah_configuration_async_timeout | default(1000) }}" -ah_configuration_user_async_retries: "{{ ah_configuration_async_retries | default(50) }}" -ah_configuration_user_async_delay: "{{ ah_configuration_async_delay | default(1) }}" -ah_configuration_async_dir: null +ah_configuration_user_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +ah_configuration_user_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" +ah_configuration_user_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_user_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +aap_configuration_async_dir: null ... diff --git a/roles/hub_user/meta/argument_specs.yml b/roles/hub_user/meta/argument_specs.yml index 4c542ed9c..cf469596e 100644 --- a/roles/hub_user/meta/argument_specs.yml +++ b/roles/hub_user/meta/argument_specs.yml @@ -12,61 +12,65 @@ argument_specs: # Async variables ah_configuration_user_async_retries: - default: "{{ ah_configuration_async_retries | default(50) }}" + default: "{{ aap_configuration_async_retries | default(50) }}" required: false description: This variable sets the number of retries to attempt for the role. - ah_configuration_async_retries: + aap_configuration_async_retries: default: 50 required: false description: This variable sets number of retries across all roles as a default. ah_configuration_user_async_delay: - default: "{{ ah_configuration_async_delay | default(1) }}" + default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. - ah_configuration_async_delay: + aap_configuration_async_delay: default: 1 required: false description: This variable sets delay between retries across all roles as a default. - ah_configuration_async_dir: + aap_configuration_async_dir: default: null required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables ah_configuration_user_secure_logging: - default: "{{ ah_configuration_secure_logging | default(false) }}" + default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. - ah_configuration_secure_logging: + aap_configuration_secure_logging: default: false required: false type: bool description: This variable enables secure logging across all roles as a default. # Generic across all roles - ah_host: + aap_hostname: + default: None required: false - description: URL to the Automation Hub Server. + description: URL to the Ansible Automation Platform Server. type: str ah_path_prefix: required: false description: The path for the Automation Hub API. Usually galaxy or automation-hub unless custom set in AH settings. - ah_validate_certs: + aap_validate_certs: + default: true required: false - description: Whether or not to validate the Automation Hub Server's SSL certificate. + description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate. type: str - ah_request_timeout: + aap_request_timeout: default: 10 required: false - description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + description: Specify the timeout Ansible should use in requests to the Ansible Automation Platform Server. type: float - ah_username: + aap_username: + default: None required: false - description: User for authentication on Automation Hub + description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified. type: str - ah_password: + aap_password: + default: None required: false - description: User's password For Automation Hub + description: Controller Admin User's password on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/hub_user/tasks/main.yml b/roles/hub_user/tasks/main.yml index 677883238..c3666bfc8 100644 --- a/roles/hub_user/tasks/main.yml +++ b/roles/hub_user/tasks/main.yml @@ -13,12 +13,12 @@ is_superuser: "{{ __user.is_superuser | default(omit) }}" password: "{{ __user.password | default(omit) }}" state: "{{ __user.state | default(ah_state | default('present')) }}" - ah_host: "{{ ah_host | default(ah_hostname) | default(omit) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" - request_timeout: "{{ ah_request_timeout | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_users }}" loop_control: loop_var: "__user" @@ -28,7 +28,7 @@ register: __users_job_async changed_when: not __users_job_async.changed vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' - name: "Create User | Wait for finish the user creation" ansible.builtin.async_status: @@ -43,5 +43,5 @@ when: __users_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_user_secure_logging }}" vars: - ansible_async_dir: '{{ ah_configuration_async_dir }}' + ansible_async_dir: '{{ aap_configuration_async_dir }}' ... diff --git a/roles/hub_user/tests/test.yml b/roles/hub_user/tests/test.yml index fee0955c7..b875a73cc 100644 --- a/roles/hub_user/tests/test.yml +++ b/roles/hub_user/tests/test.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false vars: - ah_validate_certs: false + aap_validate_certs: false # Define following vars here, or in ah_configs/ah_auth.yml # ah_host: ansible-ah-web-svc-test-project.example.com # ah_token: changeme diff --git a/roles/meta_dependency_check/README.md b/roles/meta_dependency_check/README.md index 01d0b5ade..d04be95c5 100644 --- a/roles/meta_dependency_check/README.md +++ b/roles/meta_dependency_check/README.md @@ -1,4 +1,4 @@ -# infra.controller_configuration.meta_dependency_check +# infra.aap_configuration.meta_dependency_check This role is designed to be run before any roles in this collection to check that the underlying awx.awx or ansible.controller collection is installed. This is a dependency of together roles and does not need to be explicitly called. diff --git a/tests/automatetheautomation/config-controller-filetree.yml b/tests/automatetheautomation/config-controller-filetree.yml deleted file mode 120000 index a945067bb..000000000 --- a/tests/automatetheautomation/config-controller-filetree.yml +++ /dev/null @@ -1 +0,0 @@ -../../roles/filetree_read/tests/config-controller-filetree.yml \ No newline at end of file diff --git a/tests/automatetheautomation/drop_diff.yml b/tests/automatetheautomation/drop_diff.yml deleted file mode 120000 index ec2eedefb..000000000 --- a/tests/automatetheautomation/drop_diff.yml +++ /dev/null @@ -1 +0,0 @@ -../../roles/object_diff/tests/drop_diff.yml \ No newline at end of file diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_aap_monitor.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_aap_monitor.yml deleted file mode 100644 index 33ed2079c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_aap_monitor.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -controller_credential_types: - - name: "AAP_Monitor" - description: "Monitor Ansible Automation Platform credential" - kind: "cloud" - inputs: - fields: - - id: controller_url - label: Controller - type: string - - id: oauthtoken - label: Token - secret: true - type: string - required: - - controller_url - - oauthtoken - injectors: - extra_vars: - local_users_controller_api_token: !unsafe '{{ oauthtoken }}' - local_users_controller_api_url: !unsafe '{{ controller_url }}' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_acme_key.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_acme_key.yml deleted file mode 100644 index ae04404d2..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_acme_key.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_credential_types: - - name: "ACME Account Key" - description: "Account Key for Sectigo CA ACME API" - kind: "cloud" - inputs: - fields: - - id: key - label: ACME Account Key - type: string - required: - - key - injectors: - extra_vars: - acme_account_key: !unsafe '{{ key }}' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_cloudforms.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_cloudforms.yml deleted file mode 100644 index eeda7623b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_cloudforms.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -controller_credential_types: - - name: "Credential Type for CloudForms" - description: "Credential Type for CloudForms" - kind: "cloud" - inputs: - fields: - - id: host - type: string - label: CloudForms URL - help_text: >- - Enter the URL for the virtual machine that corresponds to your CloudForms - instance. For example, https://cloudforms.example.org - - id: username - type: string - label: Username - - id: password - type: string - label: Password - secret: true - - id: ssl_verify - type: string - label: SSL Verify - default: 'True' - required: - - username - - password - - host - injectors: - env: - CLOUDFORMS_URL: !unsafe '{{ host }}' - CLOUDFORMS_USERNAME: !unsafe '{{ username }}' - CLOUDFORMS_PASSWORD: !unsafe '{{ password }}' - CLOUDFORMS_SSL_VERIFY: !unsafe '{{ ssl_verify }}' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_multiple.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_multiple.yml deleted file mode 100644 index f6968618b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_multiple.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -controller_credential_types: - - name: "Machine Credential Dual" - description: "Multiple Machine Credentials" - kind: "cloud" - inputs: - fields: - - type: string - id: my_user - label: Username - - secret: true - type: string - id: my_pass - label: Password - required: - - my_user - - my_pass - injectors: - extra_vars: - my_pass: !unsafe '{{my_pass}}' - my_user: !unsafe '{{my_user}}' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_servicenow.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_servicenow.yml deleted file mode 100644 index 86fcd6536..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/app-example/controller_credential_types_servicenow.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -controller_credential_types: - - name: "ServiceNow" - description: "Credential Type for ServiceNow" - kind: "cloud" - inputs: - fields: - - id: SN_USERNAME - type: string - label: Username - - id: SN_PASSWORD - type: string - label: Password - secret: true - - id: SN_INSTANCE - type: string - label: Snow Instance - required: - - SN_USERNAME - - SN_PASSWORD - - SN_INSTANCE - injectors: - env: - SN_INSTANCE: !unsafe '{{ SN_INSTANCE }}' - SN_PASSWORD: !unsafe '{{ SN_PASSWORD }}' - SN_USERNAME: !unsafe '{{ SN_USERNAME }}' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/controller_credential_types.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/controller_credential_types.yml deleted file mode 100644 index e8d39b81b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_credential_types.d/controller_credential_types.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_credential_types: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_groups.d/controller_groups.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_groups.d/controller_groups.yml deleted file mode 100644 index 65297e073..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_groups.d/controller_groups.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_groups: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/app-example/controller_instance_groups_otlc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/app-example/controller_instance_groups_otlc.yml deleted file mode 100644 index 4becb5882..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/app-example/controller_instance_groups_otlc.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -configure_controller_instance_groups: - - name: Container_Groups_Instance - is_container_group: true - credential: "{{ orgs }} {{ env }} OCP_OPENTLC" - pod_spec_override: | - apiVersion: v1 - kind: Pod - metadata: - namespace: controller-container-group - spec: - containers: - - image: >- - registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8:latest - name: worker - args: - - ansible-runner - - worker - - '--private-data-dir=/runner' -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/controller_instance_groups.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/controller_instance_groups.yml deleted file mode 100644 index 9392c9c6f..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_instance_groups.d/controller_instance_groups.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -configure_controller_instance_groups: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-casc/controller_inventories_localhost.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-casc/controller_inventories_localhost.yml deleted file mode 100644 index 4eb612ef4..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-casc/controller_inventories_localhost.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -controller_inventories: - - name: "{{ orgs }} Localhost" - description: "Inventory for the Localhost" - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_excel.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_excel.yml deleted file mode 100644 index fd1955803..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_excel.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -controller_inventories: - - name: "InventaryExcel" - description: "Inventory Taken from excel file" - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org1.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org1.yml deleted file mode 100644 index d37eba26c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org1.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -controller_inventories: - - name: "SmartInventory URGENT CHANGES CPD BCN Org1" - description: "SmartInventory CPD BCN Org1" - host_filter: "groups__name=Patching_cpd_bcn and groups__name=Patching_os_entorno_{{ env }} and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org01 and groups__name=Patching_parcheo_ch_planif_ch00001" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD BCN Org1 dev" - description: "SmartInventory CPD BCN Org1" - host_filter: "groups__name=Patching_cpd_bcn and groups__name=Patching_os_entorno_dev and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org01" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD MAD Org1 dev" - description: "SmartInventory CPD MAD Org1" - host_filter: "groups__name=Patching_cpd_mad and groups__name=Patching_os_entorno_dev and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org01" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD BCN Org1 prod" - description: "SmartInventory CPD BCN Org1" - host_filter: "groups__name=Patching_cpd_bcn and groups__name=Patching_os_entorno_prod and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org01" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD MAD Org1 prod" - description: "SmartInventory CPD MAD Org1" - host_filter: "groups__name=Patching_cpd_mad and groups__name=Patching_os_entorno_prod and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org01" - kind: smart - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org2.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org2.yml deleted file mode 100644 index 1dc3b34ae..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/app-example/controller_inventories_smart_org2.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -controller_inventories: - - name: "SmartInventory CPD BCN Org2 dev" - description: "SmartInventory CPD BCN Org2" - host_filter: "groups__name=Patching_cpd_bcn and groups__name=Patching_os_entorno_dev and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org02" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD MAD Org2 dev" - description: "SmartInventory CPD MAD Org2" - host_filter: "groups__name=Patching_cpd_mad and groups__name=Patching_os_entorno_dev and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org02" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD BCN Org2 prod" - description: "SmartInventory CPD BCN Org2" - host_filter: "groups__name=Patching_cpd_bcn and groups__name=Patching_os_entorno_prod and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org02" - kind: smart - organization: "{{ orgs }}" - - - name: "SmartInventory CPD MAD Org2 prod" - description: "SmartInventory CPD MAD Org2" - host_filter: "groups__name=Patching_cpd_mad and groups__name=Patching_os_entorno_prod and groups__name=Patching_os_vendor_redhat and groups__name=Patching_area_org02" - kind: smart - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/controller_inventories.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/controller_inventories.yml deleted file mode 100644 index 059d77c02..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_inventories.d/controller_inventories.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_inventories: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-casc/controller_job_templates_casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-casc/controller_job_templates_casc.yml deleted file mode 100644 index 137c2ba5b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-casc/controller_job_templates_casc.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -controller_templates: - - name: "{{ orgs }} CasC_JobTemplates_AAP_CI_Webhook" - description: "Template to attend AAP CasC webhook" - organization: "{{ orgs }}" - project: "{{ orgs }} CasC_Data" - inventory: "{{ orgs }} Localhost" - playbook: "config-controller.yml" - job_tags: ci_webhook_trigger - job_type: run - fact_caching_enabled: false - credentials: - - "{{ orgs }} {{ env }} aap_credentials" - concurrent_jobs_enabled: true - ask_scm_branch_on_launch: true - extra_vars: - ansible_python_interpreter: /usr/bin/python3 - ansible_async_dir: /home/runner/.ansible_async/ - execution_environment: "ee-casc" - - - name: "{{ orgs }} CasC_JobTemplates_AAP_CI_Config_Controller" - description: "Template to deploy AAP Orgs" - organization: "{{ orgs }}" - project: "{{ orgs }} CasC_Data" - inventory: "{{ orgs }} Localhost" - playbook: "config-controller.yml" - job_type: run - fact_caching_enabled: false - credentials: - - "{{ orgs }} {{ env }} aap_credentials" - - "{{ orgs }} {{ env }} aap_vault_credentials" - concurrent_jobs_enabled: true - ask_scm_branch_on_launch: true - ask_tags_on_launch: true - ask_verbosity_on_launch: true - ask_variables_on_launch: true - extra_vars: - ansible_python_interpreter: /usr/bin/python3 - ansible_async_dir: /home/runner/.ansible_async/ - execution_environment: "ee-casc" - - - name: "{{ orgs }} CasC_JobTemplates_AAP_Desired_State" - description: "Template to assure Desired State" - organization: "{{ orgs }}" - project: "{{ orgs }} CasC_Data" - inventory: "{{ orgs }} Localhost" - playbook: "desired-state.yml" - job_type: run - fact_caching_enabled: false - credentials: - - "{{ orgs }} {{ env }} aap_credentials" - - "{{ orgs }} {{ env }} aap_vault_credentials" - concurrent_jobs_enabled: true - ask_scm_branch_on_launch: true - ask_tags_on_launch: true - ask_verbosity_on_launch: true - ask_variables_on_launch: true - extra_vars: - ansible_python_interpreter: /usr/bin/python3 - ansible_async_dir: /home/runner/.ansible_async/ - execution_environment: "ee-casc" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_container_groups.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_container_groups.yml deleted file mode 100644 index 734b6d59f..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_container_groups.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_templates: - - name: "{{ orgs }} JT_Container_Group" - description: "Template to test Container Groups" - organization: "{{ orgs }}" - project: "{{ orgs }} Container_Group" - inventory: "{{ orgs }} Localhost" - playbook: "helloworld.yml" - job_type: run - concurrent_jobs_enabled: true - credentials: - - "{{ orgs }} {{ env }} aap_vault_credentials" - execution_environment: "Default execution environment" - instance_groups: - - Container_Groups_Instance -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_demo_push.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_demo_push.yml deleted file mode 100644 index 42675006c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/app-example/controller_job_templates_demo_push.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -controller_templates: - - name: "{{ orgs }} JT_Container_Group TEST DEMO First Push" - description: "Template to test Container Groups" - organization: "{{ orgs }}" - project: "{{ orgs }} Container_Group" - inventory: "{{ orgs }} Localhost" - playbook: "helloworld.yml" - job_type: run - concurrent_jobs_enabled: true - credentials: - - "{{ orgs }} {{ env }} aap_vault_credentials" - execution_environment: "Default execution environment" - instance_groups: - - Container_Groups_Instance - - - name: "{{ orgs }} JT_Container_Group TEST DEMO - Second Push" - description: "Template to test Container Groups" - organization: "{{ orgs }}" - project: "{{ orgs }} Container_Group" - inventory: "{{ orgs }} Localhost" - playbook: "helloworld.yml" - job_type: run - concurrent_jobs_enabled: true - credentials: - - "{{ orgs }} {{ env }} aap_vault_credentials" - execution_environment: "Default execution environment" - instance_groups: - - Container_Groups_Instance - survey_enabled: true - survey_spec: - name: 'TEST' - description: 'Test' - spec: - - question_name: Target Host - question_description: target host is required for playbook to work, this host - needs to exist in the inventory - required: true - type: text - variable: target_hosts - min: 0 - max: 1024 - default: Localhost - choices: '' - new_question: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/controller_job_templates.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/controller_job_templates.yml deleted file mode 100644 index b04efcaad..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_job_templates.d/controller_job_templates.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_templates: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-casc/controller_organizations_Global.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-casc/controller_organizations_Global.yml deleted file mode 100644 index 9c52cfb56..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-casc/controller_organizations_Global.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_organizations: - - name: "{{ orgs }}" - description: "Organization for globally available objects" - galaxy_credentials: - - "Ansible Galaxy" - - "{{ orgs }} {{ env }} Automation Hub Community Repository" - - "{{ orgs }} {{ env }} Automation Hub Published Repository" - - "{{ orgs }} {{ env }} Automation Hub RH Certified Repository" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_ExampleOrg.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_ExampleOrg.yml deleted file mode 100644 index 04212af8f..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_ExampleOrg.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_organizations: - - name: "ExampleOrg" - description: "Organization Example" - galaxy_credentials: - - "Ansible Galaxy" - - "{{ orgs }} {{ env }} Automation Hub Community Repository" - - "{{ orgs }} {{ env }} Automation Hub Published Repository" - - "{{ orgs }} {{ env }} Automation Hub RH Certified Repository" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_OrgCrossTeams.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_OrgCrossTeams.yml deleted file mode 100644 index d69036184..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_OrgCrossTeams.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -controller_organizations: - - name: "OrgCrossTeams" - description: "Organization to run playbooks Cross Teams" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_Organizations1-2.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_Organizations1-2.yml deleted file mode 100644 index 1fe8e3cf9..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/app-example/controller_organizations_Organizations1-2.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -controller_organizations: - - name: "Organization1" - description: "Organization 1 to tests" - galaxy_credentials: "{{ common_galaxy_credentials }}" - - name: "Organization2" - description: "Organization 2 to tests" - galaxy_credentials: "{{ common_galaxy_credentials }}" -common_galaxy_credentials: - - "Ansible Galaxy" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/controller_organizations.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/controller_organizations.yml deleted file mode 100644 index 65f88a496..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_organizations.d/controller_organizations.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_organizations: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-casc/controller_projects_casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-casc/controller_projects_casc.yml deleted file mode 100644 index 539fb858c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-casc/controller_projects_casc.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} CasC_Data" - description: "Project to include the vars values of the {{ orgs }} Org" - organization: "{{ orgs }}" - scm_type: git - scm_url: "git@gitlab.com:automationiberia.com/global.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_branch: "{{ env }}" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-ocp/controller_projects_container_groups.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-ocp/controller_projects_container_groups.yml deleted file mode 100644 index 3e29f19f9..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/app-ocp/controller_projects_container_groups.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} Container_Group" - description: "Project to run Container_Groups example" - organization: "{{ orgs }}" - scm_type: git - scm_url: "git@gitlab.automationiberia.com:aap-demo/readonly-playbooks.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/controller_projects.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/controller_projects.yml deleted file mode 100644 index ac64afac4..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/controller_projects.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_projects: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_dev.yml deleted file mode 100644 index 4cd6985d8..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_dev.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} InventorySource SourceA dev" - description: "InventorySource SourceA dev from XLSX" - organization: "{{ orgs }}" - scm_type: git - scm_branch: "sourcea-dev" - scm_url: "git@gitlab.automationiberia.com:aap-demo/inventario_ansible_xlsx.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true - -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_prod.yml deleted file mode 100644 index 448c76816..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourcea_prod.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} InventorySource SourceA prod" - description: "InventorySource SourceA prod from XLSX" - organization: "{{ orgs }}" - scm_type: git - scm_branch: "sourcea-prod" - scm_url: "git@gitlab.automationiberia.com:aap-demo/inventario_ansible_xlsx.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true - -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_dev.yml deleted file mode 100644 index 2591007bf..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_dev.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} InventorySource SourceB dev" - description: "InventorySource SourceB dev from XLSX" - organization: "{{ orgs }}" - scm_type: git - scm_branch: "sourceb-dev" - scm_url: "git@gitlab.automationiberia.com:aap-demo/inventario_ansible_xlsx.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true - -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_prod.yml deleted file mode 100644 index be8bd29f5..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_projects.d/inventories/controller_projects_inventory_sourceb_prod.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -controller_projects: - - name: "{{ orgs }} InventorySource SourceB prod" - description: "InventorySource SourceB prod from XLSX" - organization: "{{ orgs }}" - scm_type: git - scm_branch: "sourceb-prod" - scm_url: "git@gitlab.automationiberia.com:aap-demo/inventario_ansible_xlsx.git" - scm_credential: "{{ orgs }} {{ env }} Gitlab Credential" - scm_clean: false - scm_delete_on_update: false - scm_update_on_launch: false - scm_update_cache_timeout: 86400 - allow_override: true - -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_cmdb_approvals.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_cmdb_approvals.yml deleted file mode 100644 index 5295dee6e..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_cmdb_approvals.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -controller_roles: - - workflows: - - "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - team: "ldap-users-cmdb" - role: approval -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventories.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventories.yml deleted file mode 100644 index a4ef3c082..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventories.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -controller_roles: - - inventory: InventaryExcel - user: userorg1 - role: read - - - team: "ldap-org01-users" - inventories: - - "SmartInventory CPD BCN Org1 dev" - - "SmartInventory CPD MAD Org1 dev" - role: use - - - team: "ldap-org01-devs" - inventories: - - "SmartInventory CPD BCN Org1 dev" - - "SmartInventory CPD MAD Org1 dev" - role: use - - - team: "ldap-org01-admins" - inventories: - - "{{ orgs }} Localhost" - - "SmartInventory CPD BCN Org1 prod" - - "SmartInventory CPD MAD Org1 prod" - - "SmartInventory CPD BCN Org1 dev" - - "SmartInventory CPD MAD Org1 dev" - role: use - - - team: "ldap-org02-users" - inventories: - - "SmartInventory CPD BCN Org2 dev" - - "SmartInventory CPD MAD Org2 dev" - role: use - - - team: "ldap-org02-devs" - inventories: - - "SmartInventory CPD BCN Org2 dev" - - "SmartInventory CPD MAD Org2 dev" - role: use - - - team: "ldap-org02-admins" - inventories: - - "{{ orgs }} Localhost" - - "SmartInventory CPD BCN Org2 prod" - - "SmartInventory CPD MAD Org2 prod" - - "SmartInventory CPD BCN Org2 dev" - - "SmartInventory CPD MAD Org2 dev" - role: use -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventory_wf_update.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventory_wf_update.yml deleted file mode 100644 index eeeb04cd0..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_inventory_wf_update.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -controller_roles: - - workflows: - - "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - team: "ldap-org01-users" - role: execute -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_teams.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_teams.yml deleted file mode 100644 index 086b7d48a..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_teams.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -controller_roles: - - team: "Organization1 admins-team" - role: admin - - - team: "Organization2 admins-team" - role: admin -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_users.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_users.yml deleted file mode 100644 index abce8c6ee..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/app-example/controller_roles_users.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -controller_roles: - - user: "adminorg1" - organizations: - - "Organization1" - role: member - - - user: "adminorg1" - organizations: - - "Organization1" - role: member - target_teams: - - "Organization1 admins-team" - - - user: "adminorg2" - organizations: - - "Organization2" - role: member - - - user: "adminorg2" - organizations: - - "Organization2" - role: admin - target_teams: - - "Organization2 admins-team" - - - user: "userorg1" - organizations: - - "Organization1" - role: member - - - user: "userorg1" - organizations: - - "Organization1" - role: member - target_teams: - - "Organization1 users-team" - - - user: "userorg2" - organizations: - - "Organization2" - role: member - - - user: "userorg2" - organizations: - - "Organization2" - role: member - target_teams: - - "Organization2 users-team" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/controller_roles.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/controller_roles.yml deleted file mode 100644 index c27de4fb5..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_roles.d/controller_roles.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -## available roles: admin_role, execute_role, project_admin_role, inventory_admin_role, credential_admin_role, workflow_admin_role, notification_admin_role, job_template_admin_role, execution_environment_admin_role, auditor_role, member_role, read_role, approval_role -controller_roles: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-casc/controller_schedules_casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-casc/controller_schedules_casc.yml deleted file mode 100644 index 64499c99e..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-casc/controller_schedules_casc.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -controller_schedules: - - name: "{{ orgs }} CasC_Objects_Cleanup" - description: CasC_Ojbects_Cleanup - unified_job_template: "{{ orgs }} CasC_JobTemplates_AAP_Desired_State" - rrule: DTSTART;TZID=Europe/Madrid:20220127T163000 RRULE:INTERVAL=1;FREQ=DAILY - job_tags: desired_state - enabled: false - extra_data: - ansible_python_interpreter: /usr/bin/python3 - ansible_async_dir: /home/runner/.ansible_async/ - env: "{{ env }}" - dir_orgs_vars: orgs_vars - orgs: "{{ orgs }}" - organization: "{{ orgs }}" - - - name: "{{ orgs }} CasC_Objects_Creation" - description: CasC_Ojbects_Cleanup - unified_job_template: "{{ orgs }} CasC_JobTemplates_AAP_CI_Config_Controller" - rrule: DTSTART;TZID=Europe/Madrid:20220127T000000 RRULE:INTERVAL=1;FREQ=DAILY - enabled: false - extra_data: - ansible_python_interpreter: /usr/bin/python3 - ansible_async_dir: /home/runner/.ansible_async/ - env: "{{ env }}" - dir_orgs_vars: orgs_vars - orgs: "{{ orgs }}" - organization: "{{ orgs }}" - -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-example/controller_schedules_example.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-example/controller_schedules_example.yml deleted file mode 100644 index 4845926bc..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/app-example/controller_schedules_example.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_schedules: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/controller_schedules.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/controller_schedules.yml deleted file mode 100644 index 4845926bc..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_schedules.d/controller_schedules.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_schedules: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org1.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org1.yml deleted file mode 100644 index 0e5548b1e..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org1.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_teams: - - name: "Organization1 admins-team" - description: "Team for Admin Organization1 Org" - organization: "Organization1" - - - name: "Organization1 users-team" - description: "Team for Normal Organization1 Org" - organization: "Organization1" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org2.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org2.yml deleted file mode 100644 index 5f2686421..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/app-demo/controller_teams_org2.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_teams: - - name: "Organization2 admins-team" - description: "Team for Admin Organization2 Org" - organization: "Organization2" - - - name: "Organization2 users-team" - description: "Team for Normal Organization2 Org" - organization: "Organization2" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/controller_teams.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/controller_teams.yml deleted file mode 100644 index 8710e6f70..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_teams.d/controller_teams.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_teams: - - name: "{{ orgs }} {{ orgs }}-team" - description: "Team for {{ orgs }} Org" - organization: "{{ orgs }}" - - - name: "{{ orgs }} test-group" - description: "test-group" - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-casc/controller_workflow_job_templates_casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-casc/controller_workflow_job_templates_casc.yml deleted file mode 100644 index 461f60d9f..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-casc/controller_workflow_job_templates_casc.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -controller_workflows: - - name: "{{ orgs }} CasC_AAP_Workflow" - state: present - description: "workflow for CasC on AAP" - survey_enabled: false - ask_variables_on_launch: true - allow_simultaneous: true - scm_branch: "{{ env }}" - webhook_service: "gitlab" - organization: "{{ orgs }}" - simplified_workflow_nodes: - - identifier: "LAUNCH_CI_{{ orgs }}" - workflow_job_template: "{{ orgs }} CasC_AAP_Workflow" - unified_job_template: "{{ orgs }} CasC_JobTemplates_AAP_CI_Webhook" - job_type: run - organization: "{{ orgs }}" - workflow: "{{ orgs }} CasC_AAP_Workflow" - - - identifier: "PROJECT_SYNC_{{ orgs }}" - workflow_job_template: "{{ orgs }} CasC_AAP_Workflow" - unified_job_template: "{{ orgs }} CasC_Data" - organization: "{{ orgs }}" - workflow: "{{ orgs }} CasC_AAP_Workflow" - success_nodes: - - "LAUNCH_CI_{{ orgs }}" - notification_templates_started: [] - notification_templates_success: [] - notification_templates_error: [] - notification_templates_approvals: [] - survey_spec: {} -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-examples/controller_workflow_job_templates_InventoryUpdate.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-examples/controller_workflow_job_templates_InventoryUpdate.yml deleted file mode 100644 index d996c1883..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/app-examples/controller_workflow_job_templates_InventoryUpdate.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -controller_workflows: - - name: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - state: present - description: "workflow for update the sources of the inventory" - survey_enabled: false - ask_variables_on_launch: true - allow_simultaneous: true - scm_branch: "{{ env }}" - organization: "{{ orgs }}" - simplified_workflow_nodes: - - identifier: APPROVAL_WF_INV - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - organization: "{{ orgs }}" - success_nodes: - - SYNC_SRC_A_DEV - - SYNC_SRC_B_DEV - - SYNC_SRC_A_PROD - - SYNC_SRC_B_PROD - approval_node: - description: "First step to update the Inventory Sources, Approval from CMDB Admins" - name: APPROVAL_WF_INVENTORY_UPDATE - timeout: 3600 - - - identifier: SYNC_SRC_A_DEV - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "{{ orgs }} InventorySource SourceA dev" - organization: "{{ orgs }}" - success_nodes: - - INVENTORY_SOURCE_A_DEV - - - identifier: SYNC_SRC_B_DEV - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "{{ orgs }} InventorySource SourceB dev" - organization: "{{ orgs }}" - success_nodes: - - INVENTORY_SOURCE_B_DEV - - - identifier: SYNC_SRC_A_PROD - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "{{ orgs }} InventorySource SourceA prod" - organization: "{{ orgs }}" - success_nodes: - - INVENTORY_SOURCE_A_PROD - - - identifier: SYNC_SRC_B_PROD - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "{{ orgs }} InventorySource SourceB prod" - organization: "{{ orgs }}" - success_nodes: - - INVENTORY_SOURCE_B_PROD - - - identifier: INVENTORY_SOURCE_A_DEV - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "Inventory Source A Dev" - organization: "{{ orgs }}" - - - identifier: INVENTORY_SOURCE_B_DEV - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "Inventory Source B Dev" - organization: "{{ orgs }}" - - - identifier: INVENTORY_SOURCE_A_PROD - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "Inventory Source A Prod" - organization: "{{ orgs }}" - - - identifier: INVENTORY_SOURCE_B_PROD - workflow_job_template: "{{ orgs }} WF_INVENTORY_SOURCE_UPDATE" - unified_job_template: "Inventory Source B Prod" - organization: "{{ orgs }}" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/controller_workflow_job_templates.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/controller_workflow_job_templates.yml deleted file mode 100644 index e85617417..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/common/controller_workflow_job_templates.d/controller_workflow_job_templates.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_workflows: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_aap.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_aap.yml deleted file mode 100644 index f0a92b143..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_aap.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_credentials: - - name: "AAP Credentials Example" - description: "Ansible Automation Platform Credentials Example" - credential_type: "Red Hat Ansible Automation Platform" - organization: "ExampleOrg" - inputs: - host: "controller.lab.example.com" - username: "controller-user" - password: "controller-password" - verify_ssl: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_galaxy.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_galaxy.yml deleted file mode 100644 index 6774f8068..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_galaxy.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -controller_credentials: - - name: "Automation Hub Community Repository Example" - description: "Automation Hub Community Repository Example" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/community/" - token: "AddToken" - - - name: "Automation Hub Published Repository Example" - description: "Automation Hub Published Repository Example" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/published/" - token: "AddToken" - - - name: "Automation Hub RH Certified Repository Example" - description: "" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/rh-certified/" - token: "AddToken" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_machine.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_machine.yml deleted file mode 100644 index 971594944..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_machine.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_credentials: - - name: "Machine Credentials Example" - description: "Machine Credentials Example" - credential_type: "Machine" - organization: "ExampleOrg" - inputs: - username: "user-ansible" - password: "password" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_ocp.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_ocp.yml deleted file mode 100644 index 05bc7ed7d..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_ocp.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -controller_credentials: - - name: "Credentials OCP Example" - description: "OCP SA to run Container Groups Example" - credential_type: "OpenShift or Kubernetes API Bearer Token" - organization: "ExampleOrg" - inputs: - host: "https://api.cluster.lab.example.com:6443" - verify_ssl: false - bearer_token: "Addbearer_token" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_registry.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_registry.yml deleted file mode 100644 index 2af2e6a65..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_registry.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_credentials: - - name: "Automation Private Hub Container Registry Example" - description: "Credential to connect to Container Registry at AtomationHub Private Example" - credential_type: "Container Registry" - organization: "ExampleOrg" - inputs: - username: "registry-user" - password: "password" - host: automationhub.lab.example.com - verify_ssl: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_scm.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_scm.yml deleted file mode 100644 index 0cdfe7200..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_scm.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -controller_credentials: - - name: "Gitlab Credential Example" - description: "Gitlab Credential Example" - credential_type: "Source Control" - organization: "ExampleOrg" - inputs: - username: 'scm-user' - ssh_key_data: | - -----BEGIN RSA PRIVATE KEY----- - MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu - KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm - o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k - TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7 - 9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy - v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs - /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 - -----END RSA PRIVATE KEY----- -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_vault.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_vault.yml deleted file mode 100644 index e74f3e1f8..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_credentials.d/app-examples/controller_credentials_vault.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -controller_credentials: - - name: "Vault Credentials Example" - description: "Vault Credentials Example" - credential_type: "Vault" - organization: "ExampleOrg" - inputs: - vault_password: "password" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml deleted file mode 100644 index b98fae314..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -controller_execution_environments: - - name: "ee-casc" - image: automationhub.automationiberia.com/ee-casc:latest - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml deleted file mode 100644 index de9e3526b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_execution_environments: - - name: "ee-xlsx" - image: automationhub.automationiberia.com/ee-xlsx:latest - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" - - - name: "test-ee-xlsx" - image: automationhub.automationiberia.com/test-ee-xlsx:0.2 - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/controller_execution_environments.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/controller_execution_environments.yml deleted file mode 100644 index 28041d44c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_execution_environments.d/controller_execution_environments.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_execution_environments: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/app-casc/controller_hosts_localhost.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/app-casc/controller_hosts_localhost.yml deleted file mode 100644 index 4b9e5a998..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/app-casc/controller_hosts_localhost.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -controller_hosts: - - name: localhost - description: localhost - inventory: "{{ orgs }} Localhost" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/controller_hosts.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/controller_hosts.yml deleted file mode 100644 index 5fd4d8140..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_hosts.d/controller_hosts.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_hosts: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml deleted file mode 100644 index 3ac123303..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source A Dev" - description: "Source Inventory from Excel file SourceA dev" - source: scm - source_project: "{{ orgs }} InventorySource SourceA dev" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml deleted file mode 100644 index dd3242be2..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source A Prod" - description: "Source Inventory from Excel file SourceA prod" - source: scm - source_project: "{{ orgs }} InventorySource SourceA prod" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml deleted file mode 100644 index 2024f92fb..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source B Dev" - description: "Source Inventory from Excel file SourceB dev" - source: scm - source_project: "{{ orgs }} InventorySource SourceB dev" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml deleted file mode 100644 index 67ad9c1d1..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source B Prod" - description: "Source Inventory from Excel file SourceB prod" - source: scm - source_project: "{{ orgs }} InventorySource SourceB prod" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/controller_inventory_sources.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/controller_inventory_sources.yml deleted file mode 100644 index cd9fc77bf..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_inventory_sources.d/controller_inventory_sources.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_inventory_sources: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_jobs.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_jobs.yml deleted file mode 100644 index 43cf1a8a5..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_jobs.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -controller_settings: - # - name: AWX_ISOLATION_SHOW_PATHS - # value: "['/tmp', '/mnt/backup']" - - name: DEFAULT_PROJECT_UPDATE_TIMEOUT - value: 0 - - name: DEFAULT_INVENTORY_UPDATE_TIMEOUT - value: 0 - - name: DEFAULT_JOB_TIMEOUT - value: 0 - - name: MAX_FORKS - value: 200 -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_ldap.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_ldap.yml deleted file mode 100644 index 9d9f4c760..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_ldap.yml +++ /dev/null @@ -1,113 +0,0 @@ ---- -controller_settings: - - name: AUTH_LDAP_SERVER_URI - value: "ldap://idm.automationiberia.com" - - name: AUTH_LDAP_BIND_DN - value: "{{ vault_ldap_bind_dn | default('uid=controller-binddn,cn=sysaccounts,cn=etc,dc=automationiberia,dc=com') }}" - - name: AUTH_LDAP_BIND_PASSWORD - value: "{{ vault_ldap_bind_password | default('password') }}" - - name: AUTH_LDAP_START_TLS - value: false - - name: AUTH_LDAP_USER_DN_TEMPLATE - value: "" - - name: AUTH_LDAP_CONNECTION_OPTIONS - value: - OPT_REFERRALS: 0 - OPT_NETWORK_TIMEOUT: 30 - - name: AUTH_LDAP_USER_SEARCH - value: ["cn=users,cn=accounts,dc=bcnconsulting,dc=com", "SCOPE_SUBTREE", "(uid=%(user)s)"] - - name: AUTH_LDAP_USER_DN_TEMPLATE - value: "" - - name: AUTH_LDAP_USER_ATTR_MAP - value: {"first_name": "givenName", "last_name": "sn", "email": "mail"} - - name: AUTH_LDAP_GROUP_SEARCH - value: ["cn=groups,cn=accounts,dc=bcnconsulting,dc=com", "SCOPE_SUBTREE", "(objectClass=posixgroup)"] - - name: AUTH_LDAP_GROUP_TYPE - value: "MemberDNGroupType" - - name: AUTH_LDAP_GROUP_TYPE_PARAMS - value: {"name_attr": "cn", "member_attr": "member"} - - name: AUTH_LDAP_REQUIRE_GROUP - value: "" - - name: AUTH_LDAP_DENY_GROUP - value: "" - - name: AUTH_LDAP_USER_FLAGS_BY_GROUP - value: {"is_superuser": ["cn=controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com"], "is_system_auditor": ["cn=team-ldap-auditor,cn=groups,cn=accounts,dc=bcnconsulting,dc=com"]} - - name: AUTH_LDAP_ORGANIZATION_MAP - value: { - "{{ orgs }}": { - "admins": "cn=controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove_users": true, - "remove_admins": true - }, - "Organization1": { - "admins": [ - "cn=team-ldap-org01-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "users": [ - "cn=team-ldap-org01-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "cn=team-ldap-org01-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "remove_users": true, - "remove_admins": true - }, - "Organization2": { - "admins": [ - "cn=team-ldap-org02-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "users": [ - "cn=team-ldap-org02-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "cn=team-ldap-org02-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "remove_users": true, - "remove_admins": true - } - } - - name: AUTH_LDAP_TEAM_MAP - value: { - "ldap-controller-admins": { - "organization": "{{ orgs }}", - "users": "cn=team-ldap-controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-users-cmdb": { - "organization": "{{ orgs }}", - "users": "cn=team-ldap-cmdb-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-users-crossteam": { - "organization": "CrossTeamOrg", - "users": "cn=team-ldap-users-crossteam,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-admins": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-users": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-devs": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-admins": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-users": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-devs": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - } - } -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_system.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_system.yml deleted file mode 100644 index 5f9ae2381..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_system.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -controller_settings: - # - name: ACTIVITY_STREAM_ENABLED - # value: true - # - name: ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC - # value: false - # - name: SESSION_COOKIE_AGE - # value: 1800 - # - name: SESSIONS_PER_USER - # value: 10 - # - name: MANAGE_ORGANIZATION_AUTH - # value: true - # https://access.redhat.com/solutions/6613291 - External users are not able to create token on Ansible Tower. - - name: ALLOW_OAUTH2_FOR_EXTERNAL_USERS - value: true - - name: ORG_ADMINS_CAN_SEE_ALL_USERS - value: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_user_interface.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_user_interface.yml deleted file mode 100644 index f465d180d..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/app-examples/controller_settings_user_interface.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -controller_settings: - - name: CUSTOM_LOGIN_INFO - value: "This is a custom message provided by Customer - Consulting Barcelona" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/controller_settings.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/controller_settings.yml deleted file mode 100644 index 7e6d3c65d..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_settings.d/controller_settings.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# tower-manage print_settings -controller_settings: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org1.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org1.yml deleted file mode 100644 index fb71e0616..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org1.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -controller_user_accounts: - - username: "adminorg1" - password: "password" - email: "adminorg1@example.com" - firstname: "adminorg1" - lastname: "adminorg1" - is_auditor: false - is_superuser: false - - - username: "userorg1" - password: "password" - email: "userorg1@example.com" - is_superuser: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org2.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org2.yml deleted file mode 100644 index 688dfca19..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/app-demo/controller_user_accounts_org2.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -controller_user_accounts: - - username: "adminorg2" - password: "password" - email: "adminorg2@example.com" - firstname: "adminorg2" - lastname: "adminorg2" - is_auditor: false - is_superuser: false - - - username: "userorg2" - password: "password" - email: "userorg2@example.com" - is_superuser: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/controller_user_accounts.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/controller_user_accounts.yml deleted file mode 100644 index 06dd02b0b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/dev/controller_users.d/controller_user_accounts.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -controller_user_accounts: - - username: "admin" - password: "password" - email: "admin@example.com" - firstname: "admin" - lastname: "admin" - is_auditor: false - is_superuser: true - update_secrets: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_aap.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_aap.yml deleted file mode 100644 index f0a92b143..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_aap.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_credentials: - - name: "AAP Credentials Example" - description: "Ansible Automation Platform Credentials Example" - credential_type: "Red Hat Ansible Automation Platform" - organization: "ExampleOrg" - inputs: - host: "controller.lab.example.com" - username: "controller-user" - password: "controller-password" - verify_ssl: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_galaxy.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_galaxy.yml deleted file mode 100644 index 6774f8068..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_galaxy.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -controller_credentials: - - name: "Automation Hub Community Repository Example" - description: "Automation Hub Community Repository Example" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/community/" - token: "AddToken" - - - name: "Automation Hub Published Repository Example" - description: "Automation Hub Published Repository Example" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/published/" - token: "AddToken" - - - name: "Automation Hub RH Certified Repository Example" - description: "" - credential_type: "Ansible Galaxy/Automation Hub API Token" - organization: "ExampleOrg" - inputs: - url: "https://automationhub.lab.example.com/api/galaxy/content/rh-certified/" - token: "AddToken" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_machine.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_machine.yml deleted file mode 100644 index 971594944..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_machine.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -controller_credentials: - - name: "Machine Credentials Example" - description: "Machine Credentials Example" - credential_type: "Machine" - organization: "ExampleOrg" - inputs: - username: "user-ansible" - password: "password" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_ocp.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_ocp.yml deleted file mode 100644 index 05bc7ed7d..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_ocp.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -controller_credentials: - - name: "Credentials OCP Example" - description: "OCP SA to run Container Groups Example" - credential_type: "OpenShift or Kubernetes API Bearer Token" - organization: "ExampleOrg" - inputs: - host: "https://api.cluster.lab.example.com:6443" - verify_ssl: false - bearer_token: "Addbearer_token" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_registry.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_registry.yml deleted file mode 100644 index 2af2e6a65..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_registry.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_credentials: - - name: "Automation Private Hub Container Registry Example" - description: "Credential to connect to Container Registry at AtomationHub Private Example" - credential_type: "Container Registry" - organization: "ExampleOrg" - inputs: - username: "registry-user" - password: "password" - host: automationhub.lab.example.com - verify_ssl: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_scm.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_scm.yml deleted file mode 100644 index 0cdfe7200..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_scm.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -controller_credentials: - - name: "Gitlab Credential Example" - description: "Gitlab Credential Example" - credential_type: "Source Control" - organization: "ExampleOrg" - inputs: - username: 'scm-user' - ssh_key_data: | - -----BEGIN RSA PRIVATE KEY----- - MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu - KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm - o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k - TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7 - 9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy - v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs - /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00 - -----END RSA PRIVATE KEY----- -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_vault.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_vault.yml deleted file mode 100644 index e74f3e1f8..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_credentials.d/app-examples/controller_credentials_vault.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -controller_credentials: - - name: "Vault Credentials Example" - description: "Vault Credentials Example" - credential_type: "Vault" - organization: "ExampleOrg" - inputs: - vault_password: "password" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml deleted file mode 100644 index b98fae314..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-casc/controller_execution_environments_ee-casc.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -controller_execution_environments: - - name: "ee-casc" - image: automationhub.automationiberia.com/ee-casc:latest - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml deleted file mode 100644 index de9e3526b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/app-examples/controller_execution_environments_ee-xlsx.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_execution_environments: - - name: "ee-xlsx" - image: automationhub.automationiberia.com/ee-xlsx:latest - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" - - - name: "test-ee-xlsx" - image: automationhub.automationiberia.com/test-ee-xlsx:0.2 - pull: always - credential: "{{ orgs }} {{ env }} Automation Private Hub Container Registry" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/controller_execution_environments.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/controller_execution_environments.yml deleted file mode 100644 index 28041d44c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_execution_environments.d/controller_execution_environments.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_execution_environments: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_hosts.d/controller_hosts.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_hosts.d/controller_hosts.yml deleted file mode 100644 index 4b9e5a998..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_hosts.d/controller_hosts.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -controller_hosts: - - name: localhost - description: localhost - inventory: "{{ orgs }} Localhost" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml deleted file mode 100644 index 3ac123303..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_dev.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source A Dev" - description: "Source Inventory from Excel file SourceA dev" - source: scm - source_project: "{{ orgs }} InventorySource SourceA dev" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml deleted file mode 100644 index dd3242be2..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourcea_prod.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source A Prod" - description: "Source Inventory from Excel file SourceA prod" - source: scm - source_project: "{{ orgs }} InventorySource SourceA prod" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml deleted file mode 100644 index 2024f92fb..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_dev.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source B Dev" - description: "Source Inventory from Excel file SourceB dev" - source: scm - source_project: "{{ orgs }} InventorySource SourceB dev" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml deleted file mode 100644 index 67ad9c1d1..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/app-examples/controller_inventory_sources_sourceb_prod.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -controller_inventory_sources: - - name: "Inventory Source B Prod" - description: "Source Inventory from Excel file SourceB prod" - source: scm - source_project: "{{ orgs }} InventorySource SourceB prod" - execution_environment: ee-xlsx - source_path: "xlsx_inventory.py" - inventory: "InventaryExcel" - update_on_launch: false - overwrite: true -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/controller_inventory_sources.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/controller_inventory_sources.yml deleted file mode 100644 index cd9fc77bf..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_inventory_sources.d/controller_inventory_sources.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_inventory_sources: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_jobs.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_jobs.yml deleted file mode 100644 index 43cf1a8a5..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_jobs.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -controller_settings: - # - name: AWX_ISOLATION_SHOW_PATHS - # value: "['/tmp', '/mnt/backup']" - - name: DEFAULT_PROJECT_UPDATE_TIMEOUT - value: 0 - - name: DEFAULT_INVENTORY_UPDATE_TIMEOUT - value: 0 - - name: DEFAULT_JOB_TIMEOUT - value: 0 - - name: MAX_FORKS - value: 200 -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_ldap.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_ldap.yml deleted file mode 100644 index b6d14c45c..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_ldap.yml +++ /dev/null @@ -1,113 +0,0 @@ ---- -controller_settings: - - name: AUTH_LDAP_SERVER_URI - value: "ldap://idm.automationiberia.com" - - name: AUTH_LDAP_BIND_DN - value: "{{ vault_ldap_bind_dn | default('uid=controller-binddn,cn=sysaccounts,cn=etc,dc=automationiberia,dc=com') }}" - - name: AUTH_LDAP_BIND_PASSWORD - value: "{{ vault_ldap_bind_password | default('password') }}" - - name: AUTH_LDAP_START_TLS - value: false - - name: AUTH_LDAP_USER_DN_TEMPLATE - value: "" - - name: AUTH_LDAP_CONNECTION_OPTIONS - value: - OPT_REFERRALS: 0 - OPT_NETWORK_TIMEOUT: 30 - - name: AUTH_LDAP_USER_SEARCH - value: ["cn=users,cn=accounts,dc=bcnconsulting,dc=com", "SCOPE_SUBTREE", "(uid=%(user)s)"] - - name: AUTH_LDAP_USER_DN_TEMPLATE - value: "" - - name: AUTH_LDAP_USER_ATTR_MAP - value: {"first_name": "givenName", "last_name": "sn", "email": "mail"} - - name: AUTH_LDAP_GROUP_SEARCH - value: ["cn=groups, cn=accounts, dc=bcnconsulting,dc=com", "SCOPE_SUBTREE", "(objectClass=posixgroup)"] - - name: AUTH_LDAP_GROUP_TYPE - value: "MemberDNGroupType" - - name: AUTH_LDAP_GROUP_TYPE_PARAMS - value: {"name_attr": "cn", "member_attr": "member"} - - name: AUTH_LDAP_REQUIRE_GROUP - value: "" - - name: AUTH_LDAP_DENY_GROUP - value: "" - - name: AUTH_LDAP_USER_FLAGS_BY_GROUP - value: {"is_superuser": ["cn=controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com"], "is_system_auditor": ["cn=team-ldap-auditor,cn=groups,cn=accounts,dc=bcnconsulting,dc=com"]} - - name: AUTH_LDAP_ORGANIZATION_MAP - value: { - "{{ orgs }}": { - "admins": "cn=controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove_users": true, - "remove_admins": true - }, - "Organization1": { - "admins": [ - "cn=team-ldap-org01-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "users": [ - "cn=team-ldap-org01-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "cn=team-ldap-org01-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "remove_users": true, - "remove_admins": true - }, - "Organization2": { - "admins": [ - "cn=team-ldap-org02-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "users": [ - "cn=team-ldap-org02-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "cn=team-ldap-org02-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com" - ], - "remove_users": true, - "remove_admins": true - } - } - - name: AUTH_LDAP_TEAM_MAP - value: { - "ldap-controller-admins": { - "organization": "{{ orgs }}", - "users": "cn=team-ldap-controller-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-users-cmdb": { - "organization": "{{ orgs }}", - "users": "cn=team-ldap-cmdb-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-users-crossteam": { - "organization": "CrossTeamOrg", - "users": "cn=team-ldap-users-crossteam,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-admins": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-users": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org01-devs": { - "organization": "Organization1", - "users": "cn=team-ldap-org01-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-admins": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-admins,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-users": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-users,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - }, - "ldap-org02-devs": { - "organization": "Organization2", - "users": "cn=team-ldap-org02-devs,cn=groups,cn=accounts,dc=bcnconsulting,dc=com", - "remove": true - } - } -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_system.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_system.yml deleted file mode 100644 index 5f9ae2381..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_system.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -controller_settings: - # - name: ACTIVITY_STREAM_ENABLED - # value: true - # - name: ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC - # value: false - # - name: SESSION_COOKIE_AGE - # value: 1800 - # - name: SESSIONS_PER_USER - # value: 10 - # - name: MANAGE_ORGANIZATION_AUTH - # value: true - # https://access.redhat.com/solutions/6613291 - External users are not able to create token on Ansible Tower. - - name: ALLOW_OAUTH2_FOR_EXTERNAL_USERS - value: true - - name: ORG_ADMINS_CAN_SEE_ALL_USERS - value: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_user_interface.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_user_interface.yml deleted file mode 100644 index f465d180d..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/app-examples/controller_settings_user_interface.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -controller_settings: - - name: CUSTOM_LOGIN_INFO - value: "This is a custom message provided by Customer - Consulting Barcelona" -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/controller_settings.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/controller_settings.yml deleted file mode 100644 index 40aea26d2..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_settings.d/controller_settings.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -controller_settings: [] -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org1.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org1.yml deleted file mode 100644 index fb71e0616..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org1.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -controller_user_accounts: - - username: "adminorg1" - password: "password" - email: "adminorg1@example.com" - firstname: "adminorg1" - lastname: "adminorg1" - is_auditor: false - is_superuser: false - - - username: "userorg1" - password: "password" - email: "userorg1@example.com" - is_superuser: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org2.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org2.yml deleted file mode 100644 index 688dfca19..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/app-demo/controller_user_accounts_org2.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -controller_user_accounts: - - username: "adminorg2" - password: "password" - email: "adminorg2@example.com" - firstname: "adminorg2" - lastname: "adminorg2" - is_auditor: false - is_superuser: false - - - username: "userorg2" - password: "password" - email: "userorg2@example.com" - is_superuser: false -... diff --git a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/controller_user_accounts.yml b/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/controller_user_accounts.yml deleted file mode 100644 index 06dd02b0b..000000000 --- a/tests/automatetheautomation/orgs_vars/ExampleOrg/env/prod/controller_users.d/controller_user_accounts.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -controller_user_accounts: - - username: "admin" - password: "password" - email: "admin@example.com" - firstname: "admin" - lastname: "admin" - is_auditor: false - is_superuser: true - update_secrets: false -... diff --git a/tests/automatetheautomation/orgs_vars/env/dev/configure_connection_controller_credentials.yml b/tests/automatetheautomation/orgs_vars/env/dev/configure_connection_controller_credentials.yml deleted file mode 100644 index efe524d21..000000000 --- a/tests/automatetheautomation/orgs_vars/env/dev/configure_connection_controller_credentials.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -vault_controller_username: 'admin' -vault_controller_password: 'password' -vault_controller_hostname: controller-dev.lab.example.com -vault_controller_validate_certs: false -... diff --git a/tests/automatetheautomation/orgs_vars/env/prod/configure_connection_controller_credentials.yml b/tests/automatetheautomation/orgs_vars/env/prod/configure_connection_controller_credentials.yml deleted file mode 100644 index aee1768c9..000000000 --- a/tests/automatetheautomation/orgs_vars/env/prod/configure_connection_controller_credentials.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -vault_controller_username: 'admin' -vault_controller_password: 'password' -vault_controller_hostname: controller-prod.lab.example.com -vault_controller_validate_certs: false -... diff --git a/tests/automatetheautomation/pictures/AAP_CasC_Worflow.png b/tests/automatetheautomation/pictures/AAP_CasC_Worflow.png deleted file mode 100644 index 3f9aeb908..000000000 Binary files a/tests/automatetheautomation/pictures/AAP_CasC_Worflow.png and /dev/null differ diff --git a/tests/configs/controller_auth.yml b/tests/configs/controller_auth.yml index 3df52670f..da17ac54b 100644 --- a/tests/configs/controller_auth.yml +++ b/tests/configs/controller_auth.yml @@ -1,8 +1,9 @@ -# User may add controller auth creds to this file and encrypt it using `ansible-vault` +# User may add platform auth creds to this file and encrypt it using `ansible-vault` --- -# controller_hostname: ansible-controller-web-svc-test-project.example.com -controller_username: admin -controller_password: password -controller_validate_certs: false -controller_configuration_enforce_defaults: true +# aap_hostname: ansible-controller-web-svc-test-project.example.com +aap_username: admin +aap_password: +# aap_token: insertokenhere +aap_validate_certs: false +aap_configuration_enforce_defaults: true ... diff --git a/tests/configs/credentials.yml b/tests/configs/credentials.yml index 8a8b90860..ef335b993 100644 --- a/tests/configs/credentials.yml +++ b/tests/configs/credentials.yml @@ -41,16 +41,17 @@ controller_credentials: organization: Default inputs: username: username - - credential_type: Source Control - name: gitlab-user - team: satellite-qe - inputs: - username: username - - credential_type: Source Control - name: gitlab-team - user: controller_user - inputs: - username: username + # Disabled test until fix can be found. + # - credential_type: Source Control + # name: gitlab-user + # team: satellite-qe + # inputs: + # username: username + # - credential_type: Source Control + # name: gitlab-team + # user: controller_user + # inputs: + # username: username - credential_type: Ansible Galaxy/Automation Hub API Token name: galaxy-server organization: Default diff --git a/tests/configs/hub/ah_ansible_config.yml b/tests/configs/hub/ah_ansible_config.yml new file mode 100644 index 000000000..d62af892a --- /dev/null +++ b/tests/configs/hub/ah_ansible_config.yml @@ -0,0 +1,16 @@ +--- +automation_hub_list: + - name: automation_hub + url: "{{ aap_hostname }}" + auth_url: "{{ aap_hostname }}api/galaxy/" # {{aap_hostname}}api/galaxy/ for AH {{aap_hostname}}api/automation-hub/ for Galaxy + +ansible_config_list: + - header: galaxy + keypairs: + - key: ignore_certs + value: "{% if validate_certs %}false{% else %}true{% endif %}" + - key: server_list + value: "automation_hub" + +aap_configuration_working_dir: "test" +... diff --git a/tests/configs/hub/ah_auth.yml b/tests/configs/hub/ah_auth.yml new file mode 100644 index 000000000..f74f6c170 --- /dev/null +++ b/tests/configs/hub/ah_auth.yml @@ -0,0 +1,13 @@ +# User may add tower auth creds to this file and encrypt it using `ansible-vault` +--- +# aap_hostname: "{{ lookup('ansible.builtin.env', 'AH_HOST') }}" +# aap_username: "{{ lookup('ansible.builtin.env', 'AH_USERNAME') }}" +# aap_password: "{{ lookup('ansible.builtin.env', 'AH_PASSWORD') }}" +# aap_hostname: http://localhost:55001/ # http://192.168.122.47:55001/ http://localhost:55001/ https://192.168.122.200/ +# aap_username: "{% if galaxy_ng_version == 'stable-4.4' or galaxy_ng_version == 'stable-4.5' or galaxy_ng_version == 'stable-4.6' %}admin{% else %}iqe_admin{% endif %}" +# ah_password: "{% if galaxy_ng_version == 'stable-4.4' or galaxy_ng_version == 'stable-4.5' or galaxy_ng_version == 'stable-4.6' %}admin{% else %}redhat{% endif %}" +# aap_password: admin +aap_validate_certs: false +ah_path_prefix: 'galaxy' # AH: galaxy Galaxy: automation-hub +ah_configuration_namespace_secure_logging: false +... diff --git a/tests/configs/hub/ah_collections.yml b/tests/configs/hub/ah_collections.yml new file mode 100644 index 000000000..d92bd2832 --- /dev/null +++ b/tests/configs/hub/ah_collections.yml @@ -0,0 +1,40 @@ +--- +ah_collections: + - namespace: infra + name: galaxy + path: "/home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/galaxy-galaxy-1.0.0.tar.gz" + wait: true + interaval: 5 + auto_approve: true + timeout: 180 + - namespace: infra + name: aap_utilities + path: /var/tmp/aap_utilities/infra-aap_utilities-2.3.0-devel.tar.gz + wait: true + interaval: 5 + auto_approve: true + timeout: 180 + +ah_collections_overwrite: + - namespace: infra + name: galaxy + path: "/home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/galaxy-galaxy-1.0.0.tar.gz" + wait: true + interaval: 5 + auto_approve: true + timeout: 180 + overwrite_existing: true + +ah_collections_delete: + - namespace: galaxy + name: galaxy + state: absent + +ah_git_collections: + - collection_name: collection_test + git_url: https://github.com/sean-m-sullivan/collection_test + +ansible_config_path: "{{ ah_configuration_working_dir }}/ansible.cfg" +ah_configuration_collection_async_retries: 100 +ah_configuration_collection_async_delay: 10 +... diff --git a/tests/configs/hub/ah_ee_repositories.yml b/tests/configs/hub/ah_ee_repositories.yml new file mode 100644 index 000000000..90de4a1a1 --- /dev/null +++ b/tests/configs/hub/ah_ee_repositories.yml @@ -0,0 +1,49 @@ +--- +ah_configuration_ee_registry_sync_async_delay: 20 +ah_ee_registries: + - name: quay + url: https://quay.io/ + rate_limit: 100 + download_concurrency: 25 + tls_validation: false + - name: redhat + url: https://registry.redhat.io/ + username: "{{ redhat_catalog_username }}" + password: "{{ redhat_catalog_password }}" + rate_limit: 100000 + download_concurrency: 25 + index: true + sync: true + tls_validation: false + interval: 20 + timeout: 1100 +ah_ee_repositories: + # Adding a Remote repository + - name: config_as_code_ee + description: The infra config as code official EE + registry: quay + upstream_name: redhat_cop/config_as_code_ee + include_tags: + - latest + - test_include + exclude_tags: + - test_exclude + sync: true + wait: true + interval: 5 + timeout: 600 + # Adding a description and a README file to the repository + - name: local/http-test-container + # Testing with UTF-8 characters + registry: quay + upstream_name: "{{ fake_image }}" + included_tags: + - main + - 2.0.0 + description: To jest jakiś opis + readme: | + # Min avrättningsmiljö + + * bullet 1 + * bullet 2 +... diff --git a/tests/configs/hub/ah_group_roles.yml b/tests/configs/hub/ah_group_roles.yml new file mode 100644 index 000000000..f120c4375 --- /dev/null +++ b/tests/configs/hub/ah_group_roles.yml @@ -0,0 +1,36 @@ +--- +ah_group_roles: + - state: present + groups: + - santa + - group1 + role_list: + - roles: + - container.containerdistribution_owner + targets: + execution_environments: + - redhat_cop/config_as_code_ee + - roles: + - galaxy.container_remote + targets: + container_registery_remotes: + - quay + - roles: + - galaxy.user_admin + - galaxy.group_admin + - roles: + - galaxy.ansible_repository_owner + targets: + collection_repositories: + - validated + - roles: + - galaxy.collection_remote_owner + targets: + collection_remotes: + - community + - roles: + - galaxy.collection_namespace_owner + targets: + collection_namespaces: + - autohubtest2 +... diff --git a/tests/configs/hub/ah_namespaces.yml b/tests/configs/hub/ah_namespaces.yml new file mode 100644 index 000000000..6be87d582 --- /dev/null +++ b/tests/configs/hub/ah_namespaces.yml @@ -0,0 +1,15 @@ +--- +ah_namespaces: + - name: community_test + company: Community Test + email: user@example.com + avatar_url: https://github.com/ansible/awx-logos/blob/master/awx/ui/client/assets/logo-header.svg + description: string + resources: "# Community\nA Namespace test with changes" + links: + - name: "Nothing" + url: "https://github.com/ansible/awx" + - name: infra + - name: test_namespace + - name: galaxy +... diff --git a/tests/configs/hub/ah_repository.yml b/tests/configs/hub/ah_repository.yml new file mode 100644 index 000000000..54c585645 --- /dev/null +++ b/tests/configs/hub/ah_repository.yml @@ -0,0 +1,47 @@ +--- +ah_configuration_repository_sync_async_delay: 5 +ah_configuration_repository_sync_async_retries: 150 +ah_repositories: + - name: community + url: https://beta-galaxy.ansible.com/ + requirements: + - name: infra.ee_utilities + - name: infra.controller_configuration + wait: true + interval: 25 + timeout: 1000000 + +# newer version +ah_configuration_collection_repository_async_delay: 5 +ah_configuration_collection_repository_async_retries: 150 +ah_configuration_collection_repository_sync_async_delay: 5 +ah_configuration_collection_repository_sync_async_retries: 150 +ah_collection_remotes: + - name: community-infra + url: https://beta-galaxy.ansible.com/ + requirements: + - name: infra.ee_utilities + - name: infra.controller_configuration + +ah_collection_repositories: + - name: community-infra-repo + description: "description of community-infra repository" + pulp_labels: + pipeline: "approved" + distribution: + state: present + remote: community-infra + - name: community-infra-repo-nodistro + description: "description of community-infra repository" + pulp_labels: + pipeline: "approved" + remote: community-infra + - name: community-infra-repo-noremote + description: "description of community-infra repository" + pulp_labels: + pipeline: "approved" + distribution: + state: present + - name: community-infra-repo-nothing + description: "description of community-infra repository" +... diff --git a/tests/configs/hub/ah_roles.yml b/tests/configs/hub/ah_roles.yml new file mode 100644 index 000000000..c4055da81 --- /dev/null +++ b/tests/configs/hub/ah_roles.yml @@ -0,0 +1,14 @@ +--- +ah_roles: + - name: galaxy.stuff.mcstuffins + description: test + perms: + - add_user + - change_user + - delete_user + - view_user + - add_ansiblerepository + - add_collectionremote + - name: galaxy.stuff.mcstuffins + state: absent +... diff --git a/tests/configs/hub/ah_user.yml b/tests/configs/hub/ah_user.yml new file mode 100644 index 000000000..79b272fba --- /dev/null +++ b/tests/configs/hub/ah_user.yml @@ -0,0 +1,46 @@ +--- +ah_users: + # Ensure user operator1 exists (no group, no details) + - username: operator1 + # Ensure user admin1 exists (all details, two groups) + - username: admin1 + # Testing with UTF-8 characters + first_name: Czesława + last_name: Dąbrowski + email: cdabrowski@example.com + password: vs9mrD55NP + groups: + - operators + - administrators + # Testing group membership + - username: operator1 + groups: operators + state: present + +ah_users_update: + # Testing user update + - username: admin1 + first_name: Róża + is_superuser: true + # Ensure operator1 is member of group operators and managers + - username: operator1 + groups: + - managers + append: true + # Ensure operator1 is member of group administrators only + - username: operator1 + groups: + - administrators + append: false + # Ensure operator1 is member of no group + - username: operator1 + groups: [] + append: false + # Testing password change + - username: operator1 + password: test123456 + +ah_users_delete: + - username: operator1 + state: absent +... diff --git a/tests/configs/settings.yml b/tests/configs/settings.yml index e0c5eb4b4..c2d002575 100644 --- a/tests/configs/settings.yml +++ b/tests/configs/settings.yml @@ -1,42 +1,13 @@ --- controller_settings: settings: - AUTH_LDAP_BIND_PASSWORD: "password" AWX_TASK_ENV: {'GIT_SSL_NO_VERIFY': 'True'} - AUTH_LDAP_SERVER_URI: "ldap://ldap.example.com" - AUTH_LDAP_USER_DN_TEMPLATE: "uid=%(user)s,ou=Users,dc=example,dc=com" - AUTH_LDAP_GROUP_SEARCH: - - dc=example,dc=com - - SCOPE_SUBTREE - - "(objectClass=person)" - AUTH_LDAP_GROUP_TYPE: "GroupOfUniqueNamesType" - AUTH_LDAP_USER_SEARCH: - - OU=Users,DC=example,DC=com - - SCOPE_SUBTREE - - "(cn=%(user)s)" - AUTH_LDAP_START_TLS: true - AUTH_LDAP_GROUP_TYPE_PARAMS: {} - AUTH_LDAP_REQUIRE_GROUP: "cn=satellite-qe,ou=adhoc,ou=managedGroups,dc=example,dc=com" - # Next name helps fetch Email addr and name from LDAP and save it in tower user. - AUTH_LDAP_USER_ATTR_MAP: - first_name: displayName - last_name: sn - email: examplePrimaryMail - # Next name helps each sat-qe-infra group to become superuser in tower as soon as they login - AUTH_LDAP_USER_FLAGS_BY_GROUP: - is_superuser: - - cn=sat-qe-infra,ou=adhoc,ou=managedGroups,dc=example,dc=com - # This maps all users to satellite-qe org and makes sure they are not part of satlab-admin - AUTH_LDAP_ORGANIZATION_MAP: - Satellite: - users: true - # This maps all users to satellite-qe team and we need to add this team to all resources we create for them - # that way users can access the things that their team has permissions for - AUTH_LDAP_TEAM_MAP: - satellite-qe: - organization: Satellite - users: true - satlab-admin: - organization: Satellite - users: cn=sat-qe-infra,ou=adhoc,ou=managedGroups,dc=example,dc=com +gateway_settings: + gateway_token_name: X-DAB-JW-TOKEN + gateway_access_token_expiration: 600 + gateway_basic_auth_enabled: true + password_min_length: 0 + password_min_digits: 0 + password_min_upper: 0 + password_min_special: 0 ... diff --git a/tests/configs/teams.yml b/tests/configs/teams.yml index bffe7eb8b..2cf94741c 100644 --- a/tests/configs/teams.yml +++ b/tests/configs/teams.yml @@ -1,5 +1,5 @@ --- -controller_teams: +gateway_teams: - name: satellite-qe organization: Satellite - name: satlab-admin diff --git a/tests/configs/user_accounts.yml b/tests/configs/user_accounts.yml index f73dad909..cedaa79ad 100644 --- a/tests/configs/user_accounts.yml +++ b/tests/configs/user_accounts.yml @@ -1,6 +1,6 @@ --- -controller_user_accounts: +users_list: - user: controller_user is_superuser: false - password: controller_password + password: aap_password ... diff --git a/tests/configs_export_model/auth.yml b/tests/configs_export_model/auth.yml index 9aacf357e..8c02f5ea4 100644 --- a/tests/configs_export_model/auth.yml +++ b/tests/configs_export_model/auth.yml @@ -1,7 +1,7 @@ # User may add controller auth creds to this file and encrypt it using `ansible-vault` --- -# controller_hostname: ansible-tower-web-svc-test-project.example.com -controller_username: admin -controller_password: password -controller_validate_certs: false +# aap_hostname: ansible-tower-web-svc-test-project.example.com +aap_username: admin +aap_password: password +aap_validate_certs: false ... diff --git a/tests/configs_export_model/users_export.yml b/tests/configs_export_model/users_export.yml index 1bc2f8c7b..f43b47985 100644 --- a/tests/configs_export_model/users_export.yml +++ b/tests/configs_export_model/users_export.yml @@ -6,7 +6,7 @@ users: email: joe@example.org is_superuser: false is_system_auditor: false - password: controller_password + password: aap_password related: roles: - name: Execute @@ -26,7 +26,7 @@ users: email: joe@example.org is_superuser: false is_system_auditor: false - password: controller_password + password: aap_password related: roles: [] natural_key: diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 91eaf491e..a74838538 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -3,15 +3,15 @@ hosts: localhost connection: local vars: - controller_validate_certs: false + aap_validate_certs: false controller_configuration_secure_logging: false # Define following vars here, or in configs/controller_auth.yml - # controller_hostname: controller.example.com - # controller_username: admin - # controller_password: changeme + # aap_hostname: controller.example.com + # aap_username: admin + # aap_password: changeme collections: - awx.awx - - infra.controller_configuration + - infra.aap_configuration pre_tasks: @@ -48,9 +48,9 @@ - name: Wait for Controller to come up ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/ping/" + url: "https://{{ aap_hostname }}/api/v2/ping/" status_code: 200 - validate_certs: "{{ controller_validate_certs }}" + validate_certs: "{{ aap_validate_certs }}" register: result until: result.status == 200 retries: 10 @@ -59,9 +59,9 @@ - name: Wait for the controller node to be up ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/mesh_visualizer/" - user: "{{ controller_username }}" - password: "{{ controller_password }}" + url: "https://{{ aap_hostname }}/api/v2/mesh_visualizer/" + user: "{{ aap_username }}" + password: "{{ aap_password }}" method: GET validate_certs: false force_basic_auth: true @@ -182,9 +182,9 @@ job_id: "{{ launched_controller_workflows.results[0].id }}" job_type: workflow_jobs timeout: 180 - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" - controller_host: "{{ controller_hostname }}" - validate_certs: "{{ controller_validate_certs }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" + controller_host: "{{ aap_hostname }}" + validate_certs: "{{ aap_validate_certs }}" ignore_errors: true # noqa ignore-errors ... diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 00bd5293d..b0c49be0c 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -4,14 +4,14 @@ connection: local vars: workflow_job_templates_secure_logging: false - controller_validate_certs: false + aap_validate_certs: false collections: - awx.awx - - infra.controller_configuration + - infra.aap_configuration # Define following vars here, or in configs/controller_auth.yml - # controller_hostname: controller.example.com - # controller_username: admin - # controller_password: changeme + # aap_hostname: controller.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - name: "Determine collection (block)" @@ -45,9 +45,9 @@ - name: Wait for the controller to be up ansible.builtin.uri: - url: "https://{{ controller_hostname }}/api/v2/mesh_visualizer/" - user: "{{ controller_username }}" - password: "{{ controller_password }}" + url: "https://{{ aap_hostname }}/api/v2/mesh_visualizer/" + user: "{{ aap_username }}" + password: "{{ aap_password }}" method: GET validate_certs: false force_basic_auth: true @@ -81,7 +81,7 @@ version: 22.3.0 - name: Export workflow job template - infra.controller_configuration.controller_export_diff: + infra.aap_configuration.controller_export_diff: all: true compare_items: organizations: "{{ organizations }}" @@ -95,10 +95,10 @@ users: "{{ users }}" job_templates: "{{ job_templates }}" with_present: false - controller_host: "{{ controller_hostname }}" - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" - validate_certs: "{{ controller_validate_certs }}" + controller_host: "{{ aap_hostname }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" + validate_certs: "{{ aap_validate_certs }}" register: export_results - name: Determine if AWX>=25.0.0 diff --git a/tests/configure_platform.yml b/tests/configure_platform.yml new file mode 100644 index 000000000..9554339b0 --- /dev/null +++ b/tests/configure_platform.yml @@ -0,0 +1,187 @@ +--- +- name: Playbook to configure ansible Controller post installation + hosts: localhost + connection: local + vars: + aap_validate_certs: false + controller_configuration_secure_logging: false + # Define following vars here, or in configs/controller_auth.yml + # aap_hostname: controller.example.com + # aap_username: admin + # aap_password: changeme + + pre_tasks: + + # - name: "Determine collection (block)" + # block: + # - name: "Check if the collection ansible.controller is installed" + # ansible.builtin.set_fact: + # ansible_controller_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i ansible.controller || echo NOTINSTALLED') }}" + # failed_when: ansible_controller_collection_installed is match('NOTINSTALLED') + # rescue: + # - name: "Check if the collection awx.awx is installed" + # ansible.builtin.set_fact: + # awx_awx_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i awx.awx || echo NOTINSTALLED') }}" + # failed_when: awx_awx_collection_installed is match('NOTINSTALLED') + # always: + # - name: "Set the collection providing the controller_api lookup plugin" + # ansible.builtin.set_fact: + # controller_api_plugin: "{{ ('ansible.controller.controller_api' if ansible_controller_collection_installed is defined) | default('awx.awx.controller_api' if awx_awx_collection_installed is defined) | default('NONE') }}" + # - name: "Fail if no collection is detected" + # ansible.builtin.fail: + # msg: "One of the following collections is required to be installed: 'ansible.controller' or 'awx.awx'." + # when: controller_api_plugin is match('NONE') + # - name: "Show the plugin we are using" + # ansible.builtin.debug: + # msg: "Using the 'controller_api' plugin from: {{ controller_api_plugin }}" + + - name: Include vars from configs directory + ansible.builtin.include_vars: + dir: ./configs + ignore_files: [controller_config.yml.template] + extensions: ["yml"] + tags: + - always + + # - name: Wait for Controller to come up + # ansible.builtin.uri: + # url: "https://{{ aap_hostname }}/api/v2/ping/" + # status_code: 200 + # validate_certs: "{{ aap_validate_certs }}" + # register: result + # until: result.status == 200 + # retries: 10 + # delay: 30 + # ignore_errors: true + + # - name: Wait for the controller node to be up + # ansible.builtin.uri: + # url: "https://{{ aap_hostname }}/api/v2/mesh_visualizer/" + # user: "{{ aap_username }}" + # password: "{{ aap_password }}" + # method: GET + # validate_certs: false + # force_basic_auth: true + # status_code: 200 + # body_format: json + # register: mesh_data + # until: mesh_data.json is defined + # retries: 80 + # delay: 5 + + # - name: "Show result of mesh_visualizer" + # ansible.builtin.debug: + # var: mesh_data + + # - name: Sleep for 60 seconds and allow awx to come up. + # ansible.builtin.wait_for: + # timeout: 60 + # delegate_to: localhost + + roles: + #- controller_credentials # The dispatch role calls all of the other roles. + - dispatch # The dispatch role calls all of the other roles. + # tasks: + + # - name: Validate error handling + # block: + # - name: Add Invalid Job Templates to Controller + # ansible.builtin.include_role: + # name: job_templates + # vars: + # controller_templates: "{{ controller_templates_invalid }}" + + # - name: Ensure the job_templates_errors is defined and has items + # ansible.builtin.assert: + # that: + # - job_templates_errors is defined + # - job_templates_errors | length > 0 + # fail_msg: "No errors found, validate test example" + # success_msg: "Errors found, proceeding" + # vars: + # job_templates_errors: __job_templates_errors_set_stats.ansible_stats.data.job_templates_errors + + # - name: Add Controller Settings Individually + # ansible.builtin.include_role: + # name: settings + # vars: + # controller_settings: "{{ controller_settings_individuale }}" + + # - name: Run ad hoc commands + # ansible.builtin.include_role: + # name: ad_hoc_command + # when: controller_ad_hoc_commands is defined + + # - name: Cancel Ad hoc commands + # ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" + # when: controller_ad_hoc_commands is defined + + # - name: Launch Controller Bulk Hosts + # ansible.builtin.include_role: + # name: bulk_host_create + # vars: + # controller_bulk_hosts: "{{ temp_controller_bulk_hosts }}" + # when: + # - controller_bulk_launch_jobs is defined + + # - name: Launch Controller Jobs + # ansible.builtin.include_role: + # name: job_launch + # when: controller_launch_jobs is defined + + # - name: Show launched Controller jobs + # ansible.builtin.debug: + # var: launched_controller_jobs + + # - name: Combine id output with defaults temp + # ansible.builtin.set_fact: + # tmp_job: "{{ {'id': item.id} }}" + # with_items: "{{ launched_controller_jobs.results }}" + # register: tmp_jobs + + # - name: Cancel Controller Jobs + # ansible.builtin.include_role: + # name: jobs_cancel + # vars: + # controller_cancel_jobs: "{{ tmp_jobs.results | map(attribute='ansible_facts.tmp_job') | list }}" + # when: launched_controller_jobs is defined + + # - name: Find Job ID's + # ansible.builtin.debug: + # var: __job_templates_job_async_result + + # - name: Launch Controller Bulk Jobs + # ansible.builtin.include_role: + # name: bulk_job_launch + # vars: + # controller_bulk_hosts: "{{ temp_controller_bulk_hosts }}" + # controller_bulk_launch_jobs: + # - name: My Bulk Job Launch + # jobs: + # - unified_job_template: "{{ __job_templates_job_async_result.results[0].id }}" + # - unified_job_template: "{{ __job_templates_job_async_result.results[1].id }}" + # organization: Default + # wait: false + # when: + # - controller_bulk_launch_jobs is defined + + # - name: Launch Controller workflows + # ansible.builtin.include_role: + # name: workflow_launch + # when: controller_workflow_launch_jobs is defined + + # - name: Launched Workflows + # ansible.builtin.debug: + # var: launched_controller_workflows + + # - name: Wait for workflow to finish + # job_wait: + # job_id: "{{ launched_controller_workflows.results[0].id }}" + # job_type: workflow_jobs + # timeout: 180 + # aap_username: "{{ aap_username }}" + # aap_password: "{{ aap_password }}" + # controller_host: "{{ aap_hostname }}" + # validate_certs: "{{ aap_validate_certs }}" + # ignore_errors: true # noqa ignore-errors +... diff --git a/tests/playbooks/README.md b/tests/playbooks/README.md deleted file mode 100644 index 4e85123a1..000000000 --- a/tests/playbooks/README.md +++ /dev/null @@ -1,139 +0,0 @@ -# controller_configuration.configure_controller.yml playbook - -## Description - -An Ansible playbook to run any defined configurations on Ansible Controller. - -## Requirements - -ansible-galaxy collection install -r tests/collections/requirements.yml to be installed -Currently: - awx.awx - or - ansible.controller - -## Usage - -The following command will invoke the playbook with the ansible.controller collection - -```console -ansible-playbook infra.controller_configuration.configure_controller.yml -``` - -## Examples - -Examples of the playbooks in use can be found in the examples folder. - -## Variables - -### Standard Controller Variables - -|Variable Name|Default Value|Required|Description|Example| -|:---|:---:|:---:|:---|:---| -|`controller_state`|"present"|no|The state all objects will take unless overriden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|yes|Admin User on the Ansible Controller Server.|| -|`controller_password`|""|yes|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook.|| -|`controller_oauthtoken`|""|yes|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`controller_configs_dir`|`see role`|no|.|Directory with Controller configs. Falls back to env CONTROLLER_CONFIGS_DIR. Defaults to $PWD/configs| - -### Secure Logging Variables - -The following Variables compliment each other. -If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ad hoc commands task does not include sensitive information. -controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. - -|Variable Name|Default Value|Required|Description| -|:---:|:---:|:---:|:---:| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared accross multiple roles, see above.| - -## Data Structure - -### Config Top Level Vars - -|Variable Name|Default Value|Description| -|:---:|:---:|:---:| -|`controller_ad_hoc_commands`|`see role`|Data structure describing your ad hoc commands to run . Described in role.| -|`controller_ad_hoc_commands_cancel`|`see role`|Data structure describing your ad hoc jobs to cancel . Described in role.| -|`controller_applications`|`see role`|Data structure describing your applications. Described in role.| -|`controller_credential_input_sources`|`see role`|Data structure describing your credential input sources . Described in role.| -|`controller_credential_types`|`see role`|Data structure describing your credential types . Described in role.| -|`controller_credentials`|`see role`|Data structure describing your credentials . Described in role.| -|`controller_execution_environments`|`see role`|Data structure describing your organization or organizations . Described in role.| -|`controller_groups`|`see role`|Data structure describing your group or groups . Described in role.| -|`controller_hosts`|`see role`|Data structure describing your host entries . Described in role.| -|`controller_instance_groups`|`see role`|Data structure describing your instance groups . Described in role.| -|`controller_inventories`|`see role`|Data structure describing your inventories . Described in role.| -|`controller_inventory_sources`|`see role`|Data structure describing your inventory sources . Described in role.| -|`controller_launch_jobs`|`see role`|Data structure describing the jobs to launch . Described in role.| -|`controller_templates`|`see role`|Data structure describing your job template or job templates . Described in role.| -|`controller_cancel_jobs`|`see role`|Data structure describing jobs to cancel . Described in role.| -|`controller_labels`|`see role`|Data structure describing your label or labels . Described in role.| -|`controller_license`|`see role`|Data structure describing your license for controller, . Described in role.| -|`controller_notifications`|`see role`|Data structure describing your notification entries . Described in role.| -|`controller_organizations`|`see role`|Data structure describing your organization or organizations . Described in role.| -|`controller_projects`|`see role`|Data structure describing your project or projects . Described in role.| -|`controller_roles`|`see role`|Data structure describing your RBAC entries . Described in role.| -|`controller_schedules`|`see role`|Data structure describing your schedule or schedules . Described in role.| -|`controller_settings`|`see role`|Data structure describing your settings . Described in role.| -|`controller_teams`|`see role`|Data structure describing your Teams . Described in role.| -|`controller_user_accounts`|`see role`|Data structure describing your user entries . Described in role.| -|`workflow_job_templates`|`see role`|Data structure describing your workflow job templates . Described in role.| -|`controller_workflow_launch_jobs`|`see role`|Data structure describing workflow or workflows to launch . Described in role.| - -### Standard Configs Folder Data Structure - -```yaml ---- -└── configs - ├── ad_hoc_command_cancel_defaults.yml - ├── ad_hoc_commands.yml - ├── applications.yml - ├── controller_auth.yml - ├── credential_input_sources.yml - ├── credentials.yml - ├── credential_types.yml - ├── execution_environments.yml - ├── groups.yml - ├── hosts.yml - ├── instance_groups.yml - ├── inventories.yml - ├── inventory_sources.yml - ├── labels.yml - ├── launch_jobs.yml - ├── notifications.yml - ├── organizations.yml - ├── projects.yml - ├── roles.yml - ├── schedule.yml - ├── settings_individuale.yml - ├── settings.yml - ├── ssh_private_key.yml - ├── teams.yml - ├── templates.yml - ├── user_accounts.yml - ├── workflows.yml - └── workflows_launch.yml -``` - -## Configuring Continuous Deployment - -This section explains how to setup the Continuous Deployment (CD) of the defined configurations on Ansible controller when a event occurs(usually a merge event) in the git repository where the definitions are kept. - -This procedure has been tested with **gitlab** git server - -You have make the following configurations in order to configure CD integration: - -1. Configure a Project and a job template with [webhook](https://docs.ansible.com/automation-controller/latest/html/userguide/webhooks.html#id2) property enabled in the Controller pointing to the playbook in charge of CD, you can find an example [here](https://github.com/redhat-cop/aap_configuration/blob/devel/tests/playbooks/cd_gitlab_webhook_trigger.yml). - -2. Configure [project webhook](https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html) on the project where defined configurations are hosted. - -## License - -[GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) - -## Author - -[Sean Sullivan](https://github.com/sean-m-sullivan/) diff --git a/tests/playbooks/cd_gitlab_webhook_trigger.yml b/tests/playbooks/cd_gitlab_webhook_trigger.yml deleted file mode 100644 index 824cf231c..000000000 --- a/tests/playbooks/cd_gitlab_webhook_trigger.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -- name: Gitlab Webhook Trigger Playbook - hosts: all - connection: local - gather_facts: false - tasks: - - name: "Get the modified files over the dirs from all the received commits" - ansible.builtin.set_fact: - env: "{{ awx_webhook_payload.ref.split('/')[2] if awx_webhook_payload.ref.split('/')[1] == 'heads' else awx_webhook_payload.project.default_branch }}" - gitlab_scm_branch: "{{ awx_webhook_payload.ref.split('/')[2] }}" - orgs: "{{ awx_webhook_payload.project.name }}" - list_of_dirs: "{{ ((awx_webhook_payload.commits | map(attribute='added') | list) + - (awx_webhook_payload.commits | map(attribute='modified') | list) + - (awx_webhook_payload.commits | map(attribute='removed') | list)) - | flatten }}" - - name: "Set regular expression to filter files list from repository" - ansible.builtin.set_fact: - regexpression: "/([^/]*)/env/(common|{{ env }})/controller_(.*).d/" - - - name: "Get the Organization and the tags to run the CasC" - ansible.builtin.set_fact: - org_dirs_dict: "{{ (org_dirs_dict | default({})) | combine({input_var[0]: (((org_dirs_dict[input_var[0]] | default([])) + [input_var[1]] + (['projects', 'schedules'] if awx_webhook_payload.ref.split('/')[1] == 'tags' else [''])) | unique | reject('match', '^$'))}) }}" - vars: - input_var: "{{ item | regex_search(regexpression, '\\1', '\\3') }}" - loop: "{{ list_of_dirs }}" - when: input_var | type_debug is match('list') - - - name: Configure Controller Job Launch | Launch launch_jobs Drop Diff (Delete) - ansible.builtin.include_role: - name: infra.controller_configuration.job_launch - vars: - controller_launch_jobs: - - name: "{{ org_tags.key }} CasC_JobTemplates_AAP_Drop_Diff" - scm_branch: "{{ gitlab_scm_branch }}" - extra_vars: - orgs: "{{ org_tags.key }}" - dir_orgs_vars: 'orgs_vars' - ansible_python_interpreter: "/usr/bin/python3" - env: "{{ env }}" - gitlab_scm_branch: "{{ gitlab_scm_branch }}" - tags: "{{ org_tags.value }}" - wait: true - verbosity: 0 - with_dict: "{{ org_dirs_dict }}" - loop_control: - loop_var: org_tags - when: org_dirs_dict is defined - - - name: Configure Controller Job Launch | Launch launch_jobs creation - ansible.builtin.include_role: - name: infra.controller_configuration.job_launch - vars: - controller_launch_jobs: - - name: "{{ org_tags.key }} CasC_JobTemplates_AAP_CD_Config_Controller" - scm_branch: "{{ gitlab_scm_branch }}" - extra_vars: - orgs: "{{ org_tags.key }}" - dir_orgs_vars: 'orgs_vars' - ansible_python_interpreter: "/usr/bin/python3" - env: "{{ env }}" - gitlab_scm_branch: "{{ gitlab_scm_branch }}" - tags: "{{ org_tags.value }}" - wait: true - verbosity: 0 - with_dict: "{{ org_dirs_dict }}" - loop_control: - loop_var: org_tags - when: org_dirs_dict is defined -... diff --git a/tests/playbooks/configure_awx.yml b/tests/playbooks/configure_awx.yml deleted file mode 100644 index 31bbae543..000000000 --- a/tests/playbooks/configure_awx.yml +++ /dev/null @@ -1,106 +0,0 @@ ---- -### Variables -# -# Set the following variables on host_vars/localhost or group_vars/all -# -# - controller_validate_certs: -# description: | -# Wether to trust self-signed or invalid certificates -# Falls back to env CONTROLLER_VERIFY_SSL and then to awx-cli config. -# -# - controller_hostname: -# description: | -# Hostname of AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_HOST and then to awx-cli config. -# -# - controller_username: -# description: | -# Username for AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_USERNAME and then to awx-cli config. -# -# - controller_password: -# description: | -# Password for AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_PASSWORD and then to awx-cli config. -# -# - controller_configs_dir: -# description: | -# Directory with Controller configs. -# Falls back to env CONTROLLER_CONFIGS_DIR. -# Defaults to $PWD/configs -# - - -- name: Playbook to configure ansible Controller post installation - hosts: localhost - connection: local - collections: - - awx.awx - - infra.controller_configuration - pre_tasks: - - - name: Include vars from configs directory - ansible.builtin.include_vars: - dir: "{{ controller_configs_dir | default((lookup('env', 'CONTROLLER_CONFIGS_DIR') == '') | ternary('./configs', lookup('env', 'CONTROLLER_CONFIGS_DIR'))) }}" - ignore_files: [controller_config.yml.template] - extensions: ["yml"] - tags: - - always - - roles: - - {role: settings, when: controller_settings is defined, tags: settings} - - {role: organizations, when: controller_organizations is defined, tags: organizations} - - {role: labels, when: controller_labels is defined, tags: labels} - - {role: users, when: controller_user_accounts is defined, tags: users} - - {role: teams, when: controller_teams is defined, tags: teams} - - {role: credential_types, when: controller_credential_types is defined, tags: credential_types} - - {role: credentials, when: controller_credentials is defined, tags: credentials} - - {role: credential_input_sources, when: controller_credential_input_sources is defined, tags: credential_input_sources} - - {role: notification_templates, when: controller_notifications is defined, tags: notification_templates} - - {role: projects, when: controller_projects is defined, tags: projects} - - {role: execution_environments, when: controller_execution_environments is defined, tags: execution_environments} - - {role: applications, when: controller_applications is defined, tags: applications} - - {role: inventories, when: controller_inventories is defined, tags: inventories} - - {role: instance_groups, when: controller_instance_groups is defined, tags: instance_groups} - - {role: project_update, when: controller_projects is defined, tags: projects} - - {role: inventory_sources, when: controller_inventory_sources is defined, tags: inventory_sources} - - {role: inventory_source_update, when: controller_inventory_sources is defined, tags: inventory_sources} - - {role: hosts, when: controller_hosts is defined, tags: hosts} - - {role: groups, when: controller_groups is defined, tags: inventories} - - {role: job_templates, when: controller_templates is defined, tags: job_templates} - - {role: workflow_job_templates, when: controller_workflows is defined, tags: workflow_job_templates} - - {role: schedules, when: controller_schedules is defined, tags: schedules} - - {role: roles, when: controller_roles is defined, tags: roles} - - tasks: - - - name: Add Controller Settings Individually - ansible.builtin.include_role: - name: settings - vars: - controller_settings: "{{ controller_settings_individuale }}" - when: controller_settings_individuale is defined - - - name: Run ad hoc commands - ansible.builtin.include_role: - name: ad_hoc_command - when: controller_ad_hoc_commands is defined - - - name: Cancel Ad hoc commands - ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" - when: controller_ad_hoc_commands is defined - - - name: Launch Controller Jobs - ansible.builtin.include_role: - name: job_launch - when: controller_launch_jobs is defined - - - name: Show launched Controller jobs - ansible.builtin.debug: - var: launched_controller_jobs - - - name: Launch Controller workflows - ansible.builtin.include_role: - name: workflow_launch - when: controller_workflow_launch_jobs is defined -... diff --git a/tests/playbooks/configure_controller.yml b/tests/playbooks/configure_controller.yml deleted file mode 100644 index a41ed4e64..000000000 --- a/tests/playbooks/configure_controller.yml +++ /dev/null @@ -1,106 +0,0 @@ ---- -### Variables -# -# Set the following variables on host_vars/localhost or group_vars/all -# -# - controller_validate_certs: -# description: | -# Wether to trust self-signed or invalid certificates -# Falls back to env CONTROLLER_VERIFY_SSL and then to awx-cli config. -# -# - controller_hostname: -# description: | -# Hostname of AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_HOST and then to awx-cli config. -# -# - controller_username: -# description: | -# Username for AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_USERNAME and then to awx-cli config. -# -# - controller_password: -# description: | -# Password for AWX or Red Hat Ansible Automation Platform Controller. -# Falls back to env CONTROLLER_PASSWORD and then to awx-cli config. -# -# - controller_configs_dir: -# description: | -# Directory with Controller configs. -# Falls back to env CONTROLLER_CONFIGS_DIR. -# Defaults to $PWD/configs -# - - -- name: Playbook to configure ansible Controller post installation - hosts: localhost - connection: local - collections: - - ansible.controller - - infra.controller_configuration - pre_tasks: - - - name: Include vars from configs directory - ansible.builtin.include_vars: - dir: "{{ controller_configs_dir | default((lookup('env', 'CONTROLLER_CONFIGS_DIR') == '') | ternary('./configs', lookup('env', 'CONTROLLER_CONFIGS_DIR'))) }}" - ignore_files: [controller_config.yml.template] - extensions: ["yml"] - tags: - - always - - roles: - - {role: settings, when: controller_settings is defined, tags: settings} - - {role: organizations, when: controller_organizations is defined, tags: organizations} - - {role: labels, when: controller_labels is defined, tags: labels} - - {role: users, when: controller_user_accounts is defined, tags: users} - - {role: teams, when: controller_teams is defined, tags: teams} - - {role: credential_types, when: controller_credential_types is defined, tags: credential_types} - - {role: credentials, when: controller_credentials is defined, tags: credentials} - - {role: credential_input_sources, when: controller_credential_input_sources is defined, tags: credential_input_sources} - - {role: notification_templates, when: controller_notifications is defined, tags: notification_templates} - - {role: projects, when: controller_projects is defined, tags: projects} - - {role: execution_environments, when: controller_execution_environments is defined, tags: execution_environments} - - {role: applications, when: controller_applications is defined, tags: applications} - - {role: inventories, when: controller_inventories is defined, tags: inventories} - - {role: instance_groups, when: controller_instance_groups is defined, tags: instance_groups} - - {role: project_update, when: controller_projects is defined, tags: projects} - - {role: inventory_sources, when: controller_inventory_sources is defined, tags: inventory_sources} - - {role: inventory_source_update, when: controller_inventory_sources is defined, tags: inventory_sources} - - {role: hosts, when: controller_hosts is defined, tags: hosts} - - {role: groups, when: controller_groups is defined, tags: inventories} - - {role: job_templates, when: controller_templates is defined, tags: job_templates} - - {role: workflow_job_templates, when: controller_workflows is defined, tags: workflow_job_templates} - - {role: schedules, when: controller_schedules is defined, tags: schedules} - - {role: roles, when: controller_roles is defined, tags: roles} - - tasks: - - - name: Add Controller Settings Individually - ansible.builtin.include_role: - name: settings - vars: - controller_settings: "{{ controller_settings_individuale }}" - when: controller_settings_individuale is defined - - - name: Run ad hoc commands - ansible.builtin.include_role: - name: ad_hoc_command - when: controller_ad_hoc_commands is defined - - - name: Cancel Ad hoc commands - ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" - when: controller_ad_hoc_commands is defined - - - name: Launch Controller Jobs - ansible.builtin.include_role: - name: job_launch - when: controller_launch_jobs is defined - - - name: Show launched Controller jobs - ansible.builtin.debug: - var: launched_controller_jobs - - - name: Launch Controller workflows - ansible.builtin.include_role: - name: workflow_launch - when: controller_workflow_launch_jobs is defined -... diff --git a/tests/playbooks/tasks/ad_hoc_cancel.yml b/tests/playbooks/tasks/ad_hoc_cancel.yml deleted file mode 100644 index 47ec7916a..000000000 --- a/tests/playbooks/tasks/ad_hoc_cancel.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Combine id output with defaults temp - ansible.builtin.set_fact: - tmp_ad_hoc: "{{ item | combine(controller_ad_hoc_command_defaults) }}" - with_items: "{{ controller_ad_hoc_commands_output.results }}" - register: tmp_ad_hocs - -- name: Combine id output with defaults - ansible.builtin.set_fact: - controller_ad_hoc_commands_cancel: "{{ tmp_ad_hocs.results | map(attribute='ansible_facts.tmp_ad_hoc') | list }}" - -- name: Cancel ad hoc commands - ansible.builtin.include_role: - name: ad_hoc_command_cancel - when: controller_ad_hoc_commands is defined -... diff --git a/tests/tasks/differential.yml b/tests/tasks/differential.yml index bce45f819..18c63affb 100644 --- a/tests/tasks/differential.yml +++ b/tests/tasks/differential.yml @@ -1,7 +1,7 @@ --- - name: "Get the API list in the Default Organization of all {{ differential_item.name }}" ansible.builtin.set_fact: - controller_api_results: "{{ query(controller_api_plugin, differential_item.name, query_params=({'organization': controller_organization_id.id}) if differential_item.name is not match('hosts') else {}, host=controller_hostname, username=controller_username, password=controller_password, verify_ssl=false) }}" + controller_api_results: "{{ query(controller_api_plugin, differential_item.name, query_params=({'organization': controller_organization_id.id}) if differential_item.name is not match('hosts') else {}, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false) }}" - name: "Find the difference between what is on the Controller versus curated list of {{ differential_item.name }}" ansible.builtin.set_fact: diff --git a/tests/templated_role_example/README.md b/tests/templated_role_example/README.md index ff836d18a..6678cfd11 100644 --- a/tests/templated_role_example/README.md +++ b/tests/templated_role_example/README.md @@ -19,10 +19,10 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| -|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| -|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| -|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_************`|`see below`|yes|Data structure describing your organization or organizations Described below.|| @@ -94,9 +94,9 @@ This also speeds up the overall role. hosts: localhost connection: local # Define following vars here, or in controller_configs/controller_auth.yml - # controller_hostname: ansible-controller-web-svc-test-project.example.com - # controller_username: admin - # controller_password: changeme + # aap_hostname: ansible-controller-web-svc-test-project.example.com + # aap_username: admin + # aap_password: changeme pre_tasks: - name: Include vars from controller_configs directory include_vars: diff --git a/tests/templated_role_example/tasks/main.yml b/tests/templated_role_example/tasks/main.yml index dc9d97782..aebb725ad 100644 --- a/tests/templated_role_example/tasks/main.yml +++ b/tests/templated_role_example/tasks/main.yml @@ -8,12 +8,12 @@ # Role specific options state: "{{ ***********_item.state | default(controller_state | default('present')) }}" - controller_username: "{{ controller_username | default(omit, true) }}" - controller_password: "{{ controller_password | default(omit, true) }}" + aap_username: "{{ aap_username | default(omit, true) }}" + aap_password: "{{ aap_password | default(omit, true) }}" controller_oauthtoken: "{{ controller_oauthtoken | default(omit, true) }}" - controller_host: "{{ controller_hostname | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" controller_config_file: "{{ controller_config_file | default(omit, true) }}" - validate_certs: "{{ controller_validate_certs | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_************ }}" loop_control: loop_var: "__controller_***********_item" diff --git a/tests/templated_role_example/tests/test.yml b/tests/templated_role_example/tests/test.yml index 2040626c8..ab4696346 100644 --- a/tests/templated_role_example/tests/test.yml +++ b/tests/templated_role_example/tests/test.yml @@ -4,10 +4,10 @@ connection: local gather_facts: false vars: - controller_validate_certs: false - controller_hostname: controller.example.com - controller_username: admin - controller_password: changeme + aap_validate_certs: false + aap_hostname: controller.example.com + aap_username: admin + aap_password: changeme collections: - awx.awx diff --git a/tests/templates/collections/requirements.yml b/tests/templates/collections/requirements.yml index e5ca4903d..9265c0f6d 100644 --- a/tests/templates/collections/requirements.yml +++ b/tests/templates/collections/requirements.yml @@ -3,5 +3,5 @@ collections: - name: awx.awx - name: ansible.tower - name: ansible.controller - - name: infra.controller_configuration + - name: infra.aap_configuration ... diff --git a/tests/templates/controller_config.yml b/tests/templates/controller_config.yml index 07564d3ff..50db75274 100644 --- a/tests/templates/controller_config.yml +++ b/tests/templates/controller_config.yml @@ -29,7 +29,7 @@ gather_facts: false collections: - ansible.controller - - infra.controller_configuration + - infra.aap_configuration vars: absent_present: "present" diff --git a/tests/templates/tasks/manage_controller_settings.yml b/tests/templates/tasks/manage_controller_settings.yml index 0b541fa29..b8e5e087b 100644 --- a/tests/templates/tasks/manage_controller_settings.yml +++ b/tests/templates/tasks/manage_controller_settings.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.settings + name: infra.aap_configuration.settings tags: - settings - alltags @@ -18,7 +18,7 @@ - alltags - import_role: - name: infra.controller_configuration.settings + name: infra.aap_configuration.settings tags: - settings - alltags diff --git a/tests/templates/tasks/manage_credential_types.yml b/tests/templates/tasks/manage_credential_types.yml index a83c7e363..0494f28d9 100644 --- a/tests/templates/tasks/manage_credential_types.yml +++ b/tests/templates/tasks/manage_credential_types.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.credential_types + name: infra.aap_configuration.credential_types tags: - credtypes - alltags diff --git a/tests/templates/tasks/manage_credentials.yml b/tests/templates/tasks/manage_credentials.yml index 0dcc41282..b09ec8dcd 100644 --- a/tests/templates/tasks/manage_credentials.yml +++ b/tests/templates/tasks/manage_credentials.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.credentials + name: infra.aap_configuration.credentials tags: - credentials - alltags diff --git a/tests/templates/tasks/manage_execution_environments.yml b/tests/templates/tasks/manage_execution_environments.yml index aa68c734e..7be8d7994 100644 --- a/tests/templates/tasks/manage_execution_environments.yml +++ b/tests/templates/tasks/manage_execution_environments.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.execution_environments + name: infra.aap_configuration.execution_environments tags: - ees - alltags diff --git a/tests/templates/tasks/manage_groups.yml b/tests/templates/tasks/manage_groups.yml index f6faa34f3..cc12b8f74 100644 --- a/tests/templates/tasks/manage_groups.yml +++ b/tests/templates/tasks/manage_groups.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.groups + name: infra.aap_configuration.groups tags: - groups - alltags diff --git a/tests/templates/tasks/manage_hosts.yml b/tests/templates/tasks/manage_hosts.yml index a4f6ea2de..c0296d5dd 100644 --- a/tests/templates/tasks/manage_hosts.yml +++ b/tests/templates/tasks/manage_hosts.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.hosts + name: infra.aap_configuration.hosts tags: - hosts - alltags diff --git a/tests/templates/tasks/manage_instance_groups.yml b/tests/templates/tasks/manage_instance_groups.yml index 6669ef073..994232f7b 100644 --- a/tests/templates/tasks/manage_instance_groups.yml +++ b/tests/templates/tasks/manage_instance_groups.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.instance_groups + name: infra.aap_configuration.instance_groups tags: - instancegroups - alltags diff --git a/tests/templates/tasks/manage_inventories.yml b/tests/templates/tasks/manage_inventories.yml index 46c8bf43d..ab11a6a75 100644 --- a/tests/templates/tasks/manage_inventories.yml +++ b/tests/templates/tasks/manage_inventories.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.inventories + name: infra.aap_configuration.inventories tags: - inventory - alltags diff --git a/tests/templates/tasks/manage_inventory_sources.yml b/tests/templates/tasks/manage_inventory_sources.yml index acafea87c..430c32c35 100644 --- a/tests/templates/tasks/manage_inventory_sources.yml +++ b/tests/templates/tasks/manage_inventory_sources.yml @@ -6,7 +6,7 @@ - alltags - include_role: - name: infra.controller_configuration.inventory_sources + name: infra.aap_configuration.inventory_sources tags: - inventorysources - alltags diff --git a/tests/templates/tasks/manage_job_templates.yml b/tests/templates/tasks/manage_job_templates.yml index 5939a9ca4..3f8a9a4fc 100644 --- a/tests/templates/tasks/manage_job_templates.yml +++ b/tests/templates/tasks/manage_job_templates.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.job_templates + name: infra.aap_configuration.job_templates tags: - jobtemplates - alltags diff --git a/tests/templates/tasks/manage_labels.yml b/tests/templates/tasks/manage_labels.yml index bbbcfabf6..efe84558b 100644 --- a/tests/templates/tasks/manage_labels.yml +++ b/tests/templates/tasks/manage_labels.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.labels + name: infra.aap_configuration.labels tags: - labels - alltags diff --git a/tests/templates/tasks/manage_notification_templates.yml b/tests/templates/tasks/manage_notification_templates.yml index b85a865ba..ecfb52e9c 100644 --- a/tests/templates/tasks/manage_notification_templates.yml +++ b/tests/templates/tasks/manage_notification_templates.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.notification_templates + name: infra.aap_configuration.notification_templates tags: - notifications - alltags diff --git a/tests/templates/tasks/manage_organizations.yml b/tests/templates/tasks/manage_organizations.yml index b46d79289..009384116 100644 --- a/tests/templates/tasks/manage_organizations.yml +++ b/tests/templates/tasks/manage_organizations.yml @@ -3,11 +3,11 @@ uri: force_basic_auth: true method: GET - password: "{{ controller_password }}" + password: "{{ aap_password }}" return_content: true - url: "https://{{ controller_hostname }}/api/v2/organizations/" - user: "{{ controller_username }}" - validate_certs: "{{ controller_validate_certs }}" + url: "https://{{ aap_hostname }}/api/v2/organizations/" + user: "{{ aap_username }}" + validate_certs: "{{ aap_validate_certs }}" register: existing_organizations tags: - orgs @@ -42,7 +42,7 @@ - alltags - include_role: - name: infra.controller_configuration.organizations + name: infra.aap_configuration.organizations tags: - orgs - alltags diff --git a/tests/templates/tasks/manage_projects.yml b/tests/templates/tasks/manage_projects.yml index bc80ebb0a..60fd134a4 100644 --- a/tests/templates/tasks/manage_projects.yml +++ b/tests/templates/tasks/manage_projects.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.projects + name: infra.aap_configuration.projects tags: - projects - alltags diff --git a/tests/templates/tasks/manage_roles.yml b/tests/templates/tasks/manage_roles.yml index 431fcde06..139bf1209 100644 --- a/tests/templates/tasks/manage_roles.yml +++ b/tests/templates/tasks/manage_roles.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.roles + name: infra.aap_configuration.roles tags: - roles - alltags diff --git a/tests/templates/tasks/manage_schedules.yml b/tests/templates/tasks/manage_schedules.yml index 7b813feae..b033800ff 100644 --- a/tests/templates/tasks/manage_schedules.yml +++ b/tests/templates/tasks/manage_schedules.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.schedules + name: infra.aap_configuration.schedules tags: - schedules - alltags diff --git a/tests/templates/tasks/manage_teams.yml b/tests/templates/tasks/manage_teams.yml index aafa45dc4..ba8d3de47 100644 --- a/tests/templates/tasks/manage_teams.yml +++ b/tests/templates/tasks/manage_teams.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.teams + name: infra.aap_configuration.teams tags: - teams - alltags diff --git a/tests/templates/tasks/manage_users.yml b/tests/templates/tasks/manage_users.yml index ef806c48b..d0157cfaa 100644 --- a/tests/templates/tasks/manage_users.yml +++ b/tests/templates/tasks/manage_users.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.users + name: infra.aap_configuration.users tags: - users - alltags diff --git a/tests/templates/tasks/manage_workflow_templates.yml b/tests/templates/tasks/manage_workflow_templates.yml index dc1648dbc..a20b6ff76 100644 --- a/tests/templates/tasks/manage_workflow_templates.yml +++ b/tests/templates/tasks/manage_workflow_templates.yml @@ -6,7 +6,7 @@ - alltags - import_role: - name: infra.controller_configuration.workflow_job_templates + name: infra.aap_configuration.workflow_job_templates tags: - workflows - alltags diff --git a/tests/templates/vars/controller_vars.yml b/tests/templates/vars/controller_vars.yml index 3d1e958d5..b51567ba4 100644 --- a/tests/templates/vars/controller_vars.yml +++ b/tests/templates/vars/controller_vars.yml @@ -1,6 +1,6 @@ --- -controller_hostname: '' -controller_password: '' -controller_username: '' -controller_validate_certs: false +aap_hostname: '' +aap_password: '' +aap_username: '' +aap_validate_certs: false ...