redhat-cop · djdanielsson · Oct 16, 2024 · Oct 15, 2024 · Oct 15, 2024 · Oct 16, 2024
@@ -1,4 +1,4 @@
 [defaults]
-collections_paths=/home/runner/collections
+collections_path=/home/runner/collections
 roles_path=roles/
 lookup_plugins=plugins/lookup/
@@ -24,7 +24,7 @@ jobs:
     with:
       collection_namespace: infra
       collection_name: controller_configuration
-      collection_version: 2.10.0
+      collection_version: 1.0.0
       collection_repo: https://github.com/redhat-cop/aap_configuration/
       collection_dependencies: awx.awx
-      collection_dependencies: awx.awx
+      collection_dependencies: awx.awx ansible.eda ansible.hub
-      collection_dependencies: awx.awx
+      collection_dependencies: awx.awx ansible.eda ansible.hub
 ...
@@ -0,0 +1,3 @@
+---
+breaking_changes:
+  - Major overhaul to all code completed, variables have changed, role names have changed, please see the tranition guide for more details.
@@ -1,7 +1,7 @@
 ---
 namespace: infra
 name: aap_configuration
-version: 3.0.0
+version: 1.0.0
 description: A collection of roles to manage Ansible Controller
 readme: README.md
 authors:
@@ -18,6 +18,7 @@ build_ignore:
     - release.yml
     - .github
     - '*.tar.gz'
+    - tests/*
 license:
     - GPL-3.0-or-later
 tags:

@@ -19,7 +19,7 @@ Currently:
 |`ansible_config_group`|""|no|str|The group the resulting ansible config file or directory should have.|
 |`ah_configuration_working_dir`|"/var/tmp"|no|path|Location to render the ansible config file to.|
 |`automation_hub_list`|`[]`|no|list|A list of Automation hubs and galaxies to put in the ansible config, see below for details.|
-|`ansible_config_list`|`[{"header":"galaxy","keypairs":[{"key":"ignore_certs","value":"{{ not (ah_validate_certs \| bool) }}"}]}]`|no|list|A set of ansible config settings, a default is set, but can be overridden, see below for details.|
+|`ansible_config_list`|`[{"header":"galaxy","keypairs":[{"key":"ignore_certs","value":"{{ not (platform_validate_certs \| bool) }}"}]}]`|no|list|A set of ansible config settings, a default is set, but can be overridden, see below for details.|
 |`ah_token`|""|no|Tower Admin User's token on the Automation Hub Server.  This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.||
 |`ah_path_prefix`|`galaxy`|no|Tower Admin User's token on the Automation Hub Server.  This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.||
 
@@ -28,12 +28,12 @@ Currently:
 The following Variables compliment each other.
 If Both variables are not set, secure logging defaults to false.
 The role defaults to False as normally the ansible config task does not by default include sensitive information, we highly recommend the use of ansible vault for passwords and tokens.
-ah_configuration_ansible_config_secure_logging defaults to the value of ah_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it.
+platform_configuration_ansible_config_secure_logging defaults to the value of platform_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it.
 
 |Variable Name|Default Value|Required|Description|
 |:---:|:---:|:---:|:---:|
-|`ah_configuration_ansible_config_secure_logging`|`False`|no|Whether or not to include the sensitive ansible config role tasks in the log.  Set this value to `True` if you will be providing your sensitive values from elsewhere.|
-|`ah_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
+|`platform_configuration_ansible_config_secure_logging`|`False`|no|Whether or not to include the sensitive ansible config role tasks in the log.  Set this value to `True` if you will be providing your sensitive values from elsewhere.|
+|`platform_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
 
 ## Data Structures
 
@@ -70,7 +70,7 @@ ansible_config_list:
   - header: galaxy
     keypairs:
       - key: ignore_certs
-        value: "{{ not (ah_validate_certs | bool) }}"
+        value: "{{ not (platform_validate_certs | bool) }}"
       - key: server_list
         value: "{{ automation_hub_list | map(attribute='name') | join(',') }}"
 
@@ -92,7 +92,7 @@ automation_hub_list:
   connection: local
   gather_facts: false
   vars:
-    ah_validate_certs: false
+    platform_validate_certs: false
   # Define following vars here, or in ah_configs/ah_auth.yml
   # ah_host: ansible-ah-web-svc-test-project.example.com
   # ah_token: changeme

@@ -4,7 +4,7 @@
 # You shouldn't need to define them again and again but they should be defined
 # ah_hostname: "{{ inventory_hostname }}"
 # ah_oauthtoken: ""
-# ah_validate_certs: false
+# platform_validate_certs: false
 
 # These are the default variables specific to the ansible config role
 # ansible_config_owner: # optional
@@ -27,9 +27,9 @@ ansible_config_list:
   - header: galaxy
     keypairs:
       - key: ignore_certs
-        value: "{{ not (ah_validate_certs | default(true) | bool) }}"
+        value: "{{ not (platform_validate_certs | default(true) | bool) }}"
 #      - key: server_list
 #        value: "{{ automation_hub_list | map(attribute="name") | join(",") }}"
 
-ah_configuration_ansible_config_secure_logging: "{{ ah_configuration_secure_logging | default(false) }}"
+platform_configuration_ansible_config_secure_logging: "{{ platform_configuration_secure_logging | default(false) }}"
 ...
@@ -59,7 +59,7 @@ argument_specs:
           - header: galaxy
             keypairs:
               - key: ignore_certs
-                value: "{{ not (ah_validate_certs | default(true) | bool) }}"
+                value: "{{ not (platform_validate_certs | default(true) | bool) }}"
         required: false
         type: list
         description: A set of ansible config settings, a default is set, but can be overridden.
@@ -86,12 +86,12 @@ argument_specs:
                 description: Value for entry for the corresponding key.
 
       # No_log variables
-      ah_configuration_ansible_config_secure_logging:
-        default: "{{ ah_configuration_secure_logging | default(false) }}"
+      platform_configuration_ansible_config_secure_logging:
+        default: "{{ platform_configuration_secure_logging | default(false) }}"
         required: false
         type: bool
         description: Whether or not to include the sensitive role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.
-      ah_configuration_secure_logging:
+      platform_configuration_secure_logging:
         default: false
         required: false
         type: bool

@@ -1,6 +1,6 @@
 ---
 galaxy_info:
-  role_name: "namespace"
+  role_name: "ansible_config"
   author: "Sean Sullivan"
   description: "An Ansible Role to create namespace in Automation Hub."
   company: "Red Hat"
@@ -33,8 +33,8 @@ galaxy_info:
     - "automationhub"
     - "galaxy"
     - "configuration"
-    - "namespace"
-    - "namespaces"
+    - "ansible"
+    - "config"
 
 dependencies: []
 # List your role dependencies here, one per line. Be sure to remove the '[]' above,

@@ -7,5 +7,5 @@
     owner:  "{{ ansible_config_owner | default(omit) }}"
     group:  "{{ ansible_config_group | default(omit) }}"
     mode:   "{{ ansible_config_mode }}"
-  no_log: "{{ ah_configuration_ansible_config_secure_logging }}"
+  no_log: "{{ platform_configuration_ansible_config_secure_logging }}"
 ...
@@ -1,10 +1,10 @@
 ---
-- name: Add namespace to Automation Hub
+- name: Create ansible config to Automation Platform
   hosts: localhost
   connection: local
   gather_facts: false
   vars:
-    ah_validate_certs: false
+    platform_validate_certs: false
   # Define following vars here, or in ah_configs/ah_auth.yml
   # ah_host: ansible-ah-web-svc-test-project.example.com
   # ah_token: changeme
@@ -16,5 +16,5 @@
       tags:
         - always
   roles:
-    - ../../namespace
+    - ../../ansible_config
 ...
@@ -16,26 +16,26 @@ Currently:
 
 |Variable Name|Default Value|Required|Description|Example|
 |:---|:---:|:---:|:---|:---|
-|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
-|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1|
-|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.||
-|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.||
-|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
-|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
-|`controller_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
+|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
+|`platform_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1|
+|`platform_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.||
+|`platform_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.||
+|`platform_password`|""|no|Platform Admin User's password on the Server.  This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.||
+|`platform_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
+|`platform_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.||
 |`controller_ad_hoc_commands`|`see below`|yes|Data structure describing your ad hoc commands to run Described below.||
 
 ### Secure Logging Variables
 
 The following Variables compliment each other.
 If Both variables are not set, secure logging defaults to false.
 The role defaults to False as normally the add ad hoc commands task does not include sensitive information.
-controller_configuration_ad_hoc_command_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.
+controller_configuration_ad_hoc_command_secure_logging defaults to the value of platform_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.
 
 |Variable Name|Default Value|Required|Description|
 |:---:|:---:|:---:|:---:|
 |`controller_configuration_ad_hoc_command_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.|
-|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
+|`platform_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
 
 ## Data Structure
 
@@ -83,12 +83,12 @@ controller_ad_hoc_commands:
 - name: Playbook to configure ansible controller post installation
   hosts: localhost
   connection: local
-  # Define following vars here, or in controller_configs/controller_auth.yml
+  # Define following vars here, or in platform_configs/controller_auth.yml
   # controller_hostname: ansible-controller-web-svc-test-project.example.com
-  # controller_username: admin
+  # platform_username: admin
   # controller_password: changeme
   pre_tasks:
-    - name: Include vars from controller_configs directory
+    - name: Include vars from platform_configs directory
       ansible.builtin.include_vars:
         dir: ./yaml
         ignore_files: [controller_config.yml.template]

@@ -1,4 +1,4 @@
 ---
 # These are the default variables specific to the ad_hoc_command role
-controller_configuration_ad_hoc_command_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}"
+controller_configuration_ad_hoc_command_secure_logging: "{{ platform_configuration_secure_logging | default('false') }}"
 ...
@@ -76,45 +76,45 @@ argument_specs:
 
       # No_log variables
       controller_configuration_ad_hoc_command_secure_logging:
-        default: "{{ controller_configuration_secure_logging | default(false) }}"
+        default: "{{ platform_configuration_secure_logging | default(false) }}"
         required: false
         type: bool
         description: Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.
-      controller_configuration_secure_logging:
+      platform_configuration_secure_logging:
         default: false
         required: false
         type: bool
         description: This variable enables secure logging across all roles as a default.
 
       # Generic across all roles
-      controller_state:
+      platform_state:
         default: present
         required: false
         description: The state all objects will take unless overridden by object default
         type: str
-      controller_hostname:
+      platform_hostname:
         default: None
         required: false
-        description: URL to the Ansible Controller Server.
+        description: URL to the Ansible Automation Platform Server.
         type: str
-      controller_validate_certs:
+      platform_validate_certs:
         default: true
         required: false
-        description: Whether or not to validate the Ansible Controller Server's SSL certificate.
+        description: Whether or not to validate the Ansible Automation Platform Server's SSL certificate.
         type: str
-      controller_username:
+      platform_username:
         default: None
         required: false
-        description: Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.
+        description: Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.
         type: str
-      controller_password:
+      platform_password:
         default: None
         required: false
-        description: Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
+        description: Platform Admin User's password on the Server.  This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.
         type: str
-      controller_oauthtoken:
+      platform_token:
         default: None
         required: false
-        description: Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
+        description: Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.
         type: str
 ...
@@ -19,13 +19,12 @@
     timeout:                "{{ __ad_hoc_command_item.timeout | default(omit, true) }}"
 
     # Role Standard Options
-    controller_username:    "{{ controller_username | default(omit, true) }}"
-    controller_password:    "{{ controller_password | default(omit, true) }}"
-    controller_oauthtoken:  "{{ controller_oauthtoken | default(omit, true) }}"
-    request_timeout:        "{{ controller_request_timeout | default(omit, true) }}"
-    controller_host:        "{{ controller_hostname | default(omit, true) }}"
-    controller_config_file: "{{ controller_config_file | default(omit, true) }}"
-    validate_certs:         "{{ controller_validate_certs | default(omit) }}"
+    controller_username:    "{{ platform_username | default(omit, true) }}"
+    controller_password:    "{{ platform_password | default(omit, true) }}"
+    controller_oauthtoken:  "{{ platform_token | default(omit, true) }}"
+    request_timeout:        "{{ platform_request_timeout | default(omit, true) }}"
+    controller_host:        "{{ platform_hostname | default(omit, true) }}"
+    validate_certs:         "{{ platform_validate_certs | default(omit) }}"
   loop: "{{ controller_ad_hoc_commands }}"
   loop_control:
     loop_var: "__ad_hoc_command_item"

@@ -6,14 +6,14 @@
   vars:
     controller_validate_certs: false
     controller_hostname: controller.example.com
-    controller_username: admin
+    platform_username: admin
     controller_password: changeme
 
   collections:
     - awx.awx
 
   pre_tasks:
-    - name: Include vars from controller_configs directory
+    - name: Include vars from platform_configs directory
       ansible.builtin.include_vars:
         dir: ./configs
         extensions: ["yml"]