From aa087bc5dfa7676c2bb24667471fe1efdbc45012 Mon Sep 17 00:00:00 2001 From: Sean Sullivan Date: Mon, 21 Oct 2024 13:34:54 -0400 Subject: [PATCH 1/2] Another Round (#941) * readme updates * gateway collection updates * udpate to global aap vars * more role conversions * update roles loops --- changelogs/fragments/Rewrite.yml | 1 + roles/ansible_config/meta/main.yml | 2 +- roles/controller_ad_hoc_command/meta/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_applications/README.md | 12 +-- .../controller_applications/defaults/main.yml | 4 +- .../meta/argument_specs.yml | 2 +- roles/controller_applications/meta/main.yml | 2 +- roles/controller_applications/tasks/main.yml | 2 +- .../tests/configs/applications.yml | 2 +- roles/controller_applications/tests/test.yml | 2 +- .../controller_bulk_host_create/meta/main.yml | 2 +- .../controller_bulk_job_launch/meta/main.yml | 2 +- .../README.md | 4 +- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_credential_types/README.md | 4 +- .../defaults/main.yml | 2 +- .../controller_credential_types/meta/main.yml | 2 +- roles/controller_credentials/README.md | 4 +- .../controller_credentials/defaults/main.yml | 2 +- roles/controller_credentials/meta/main.yml | 2 +- .../README.md | 4 +- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_host_groups/README.md | 4 +- .../controller_host_groups/defaults/main.yml | 2 +- roles/controller_host_groups/meta/main.yml | 2 +- roles/controller_hosts/README.md | 4 +- roles/controller_hosts/defaults/main.yml | 2 +- roles/controller_hosts/meta/main.yml | 2 +- roles/controller_instance_groups/README.md | 4 +- .../defaults/main.yml | 2 +- .../controller_instance_groups/meta/main.yml | 2 +- roles/controller_instances/README.md | 4 +- roles/controller_instances/defaults/main.yml | 2 +- roles/controller_instances/meta/main.yml | 2 +- roles/controller_inventories/README.md | 4 +- .../controller_inventories/defaults/main.yml | 2 +- roles/controller_inventories/meta/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_inventory_sources/README.md | 4 +- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_job_launch/meta/main.yml | 2 +- roles/controller_job_templates/README.md | 4 +- .../defaults/main.yml | 2 +- roles/controller_job_templates/meta/main.yml | 2 +- roles/controller_jobs_cancel/meta/main.yml | 2 +- roles/controller_labels/meta/main.yml | 2 +- roles/controller_license/meta/main.yml | 2 +- .../README.md | 4 +- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- roles/controller_organizations/README.md | 14 ++-- .../defaults/main.yml | 4 +- .../meta/argument_specs.yml | 2 +- roles/controller_organizations/meta/main.yml | 2 +- .../tests/configs/organizations.yml | 2 +- roles/controller_project_update/meta/main.yml | 2 +- roles/controller_projects/README.md | 4 +- roles/controller_projects/defaults/main.yml | 2 +- roles/controller_projects/meta/main.yml | 2 +- roles/controller_roles/README.md | 4 +- roles/controller_roles/defaults/main.yml | 2 +- roles/controller_roles/meta/main.yml | 2 +- roles/controller_schedules/README.md | 4 +- roles/controller_schedules/defaults/main.yml | 2 +- roles/controller_schedules/meta/main.yml | 2 +- roles/controller_settings/meta/main.yml | 2 +- roles/controller_teams/README.md | 10 +-- roles/controller_teams/defaults/main.yml | 4 +- .../controller_teams/meta/argument_specs.yml | 2 +- roles/controller_teams/meta/main.yml | 2 +- roles/controller_teams/tasks/main.yml | 2 +- .../controller_teams/tests/configs/teams.yml | 2 +- roles/controller_teams/tests/test.yml | 2 +- roles/controller_users/README.md | 12 +-- roles/controller_users/defaults/main.yml | 4 +- roles/controller_users/meta/main.yml | 2 +- roles/controller_users/tasks/main.yml | 2 +- .../controller_users/tests/configs/users.yml | 2 +- roles/controller_users/tests/test.yml | 2 +- .../README.md | 4 +- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- .../controller_workflow_launch/meta/main.yml | 2 +- roles/dispatch/README.md | 14 ++-- roles/dispatch/defaults/main.yml | 16 ++-- roles/dispatch/meta/argument_specs.yml | 14 ++-- roles/dispatch/meta/main.yml | 2 +- roles/dispatch/tasks/main.yml | 2 +- roles/eda_controller_tokens/meta/main.yml | 2 +- roles/eda_credentials/meta/main.yml | 2 +- roles/eda_decision_environments/meta/main.yml | 2 +- roles/eda_projects/meta/main.yml | 2 +- roles/eda_rulebook_activations/meta/main.yml | 2 +- roles/eda_users/meta/main.yml | 2 +- roles/gateway_applications/README.md | 84 +++++++++++++------ roles/gateway_applications/defaults/main.yml | 11 +-- .../meta/argument_specs.yml | 18 ++-- roles/gateway_applications/meta/main.yml | 2 +- roles/gateway_applications/tasks/main.yml | 39 +++++---- roles/gateway_applications/tests/test.yml | 10 +-- roles/gateway_authenticator_maps/README.md | 56 +++++++++---- .../defaults/main.yml | 7 +- .../meta/argument_specs.yml | 4 +- .../gateway_authenticator_maps/meta/main.yml | 2 +- .../gateway_authenticator_maps/tasks/main.yml | 9 +- roles/gateway_authenticators/README.md | 56 +++++++++---- .../gateway_authenticators/defaults/main.yml | 15 ++-- .../meta/argument_specs.yml | 10 +-- roles/gateway_authenticators/meta/main.yml | 2 +- roles/gateway_authenticators/tasks/main.yml | 17 ++-- roles/gateway_http_ports/README.md | 64 +++++++++----- roles/gateway_http_ports/defaults/main.yml | 15 ++-- .../meta/argument_specs.yml | 10 +-- roles/gateway_http_ports/meta/main.yml | 2 +- roles/gateway_http_ports/tasks/main.yml | 15 ++-- roles/gateway_organizations/README.md | 62 ++++++++++---- roles/gateway_organizations/defaults/main.yml | 15 ++-- .../meta/argument_specs.yml | 10 +-- roles/gateway_organizations/meta/main.yml | 2 +- roles/gateway_organizations/tasks/main.yml | 17 ++-- roles/gateway_role_user_assignments/README.md | 56 +++++++++---- .../defaults/main.yml | 15 ++-- .../meta/argument_specs.yml | 10 +-- .../meta/main.yml | 2 +- .../tasks/main.yml | 4 +- roles/gateway_routes/README.md | 64 +++++++++----- roles/gateway_routes/defaults/main.yml | 16 ++-- roles/gateway_routes/meta/argument_specs.yml | 10 +-- roles/gateway_routes/meta/main.yml | 2 +- roles/gateway_routes/tasks/main.yml | 13 +-- roles/gateway_service_clusters/README.md | 68 +++++++++------ .../defaults/main.yml | 14 ++-- .../meta/argument_specs.yml | 10 +-- roles/gateway_service_clusters/meta/main.yml | 2 +- roles/gateway_service_clusters/tasks/main.yml | 17 ++-- roles/gateway_service_keys/README.md | 66 ++++++++++----- roles/gateway_service_keys/defaults/main.yml | 13 ++- .../meta/argument_specs.yml | 10 +-- roles/gateway_service_keys/meta/main.yml | 2 +- roles/gateway_service_keys/tasks/main.yml | 17 ++-- roles/gateway_service_nodes/README.md | 80 +++++++++++++----- roles/gateway_service_nodes/defaults/main.yml | 15 ++-- .../meta/argument_specs.yml | 10 +-- roles/gateway_service_nodes/meta/main.yml | 2 +- roles/gateway_service_nodes/tasks/main.yml | 9 +- roles/gateway_services/README.md | 68 +++++++++------ roles/gateway_services/defaults/main.yml | 15 ++-- .../gateway_services/meta/argument_specs.yml | 10 +-- roles/gateway_services/meta/main.yml | 2 +- roles/gateway_services/tasks/main.yml | 9 +- roles/gateway_settings/README.md | 45 +++++----- .../gateway_settings/meta/argument_specs.yml | 2 +- roles/gateway_settings/meta/main.yml | 2 +- roles/gateway_settings/tasks/main.yml | 2 +- roles/gateway_teams/README.md | 60 ++++++++----- roles/gateway_teams/defaults/main.yml | 15 ++-- roles/gateway_teams/meta/argument_specs.yml | 10 +-- roles/gateway_teams/meta/main.yml | 2 +- roles/gateway_teams/tasks/main.yml | 15 ++-- roles/gateway_users/README.md | 67 ++++++++++----- roles/gateway_users/defaults/main.yml | 15 ++-- roles/gateway_users/meta/argument_specs.yml | 10 +-- roles/gateway_users/meta/main.yml | 2 +- roles/gateway_users/tasks/main.yml | 5 +- roles/global_vars/meta/main.yml | 2 +- roles/hub_collection/README.md | 2 + roles/hub_collection/defaults/main.yml | 1 + roles/hub_collection/meta/main.yml | 4 +- roles/hub_collection/tasks/main.yml | 3 + roles/hub_collection_remote/README.md | 2 + roles/hub_collection_remote/defaults/main.yml | 1 + roles/hub_collection_remote/meta/main.yml | 4 +- roles/hub_collection_repository/README.md | 2 + .../defaults/main.yml | 1 + roles/hub_collection_repository/meta/main.yml | 4 +- .../hub_collection_repository/tasks/main.yml | 3 + .../hub_collection_repository_sync/README.md | 2 + .../defaults/main.yml | 1 + .../meta/main.yml | 4 +- .../tasks/main.yml | 3 + roles/hub_ee_image/README.md | 2 + roles/hub_ee_image/defaults/main.yml | 1 + roles/hub_ee_image/meta/main.yml | 4 +- roles/hub_ee_image/tasks/main.yml | 3 + roles/hub_ee_registry/README.md | 2 + roles/hub_ee_registry/defaults/main.yml | 1 + roles/hub_ee_registry/meta/main.yml | 4 +- roles/hub_ee_registry/tasks/main.yml | 3 + roles/hub_ee_registry_index/README.md | 2 + roles/hub_ee_registry_index/defaults/main.yml | 1 + roles/hub_ee_registry_index/meta/main.yml | 4 +- roles/hub_ee_registry_index/tasks/main.yml | 3 + roles/hub_ee_registry_sync/README.md | 2 + roles/hub_ee_registry_sync/defaults/main.yml | 1 + roles/hub_ee_registry_sync/meta/main.yml | 4 +- roles/hub_ee_registry_sync/tasks/main.yml | 3 + roles/hub_ee_repository/README.md | 2 + roles/hub_ee_repository/meta/main.yml | 4 +- roles/hub_ee_repository/tasks/main.yml | 3 + roles/hub_ee_repository_sync/README.md | 2 + .../hub_ee_repository_sync/defaults/main.yml | 1 + roles/hub_ee_repository_sync/meta/main.yml | 4 +- roles/hub_ee_repository_sync/tasks/main.yml | 3 + roles/hub_group/README.md | 2 + roles/hub_group/defaults/main.yml | 1 + roles/hub_group/meta/main.yml | 4 +- roles/hub_group/tasks/main.yml | 3 + roles/hub_group_roles/README.md | 2 + roles/hub_group_roles/defaults/main.yml | 1 + roles/hub_group_roles/meta/main.yml | 4 +- roles/hub_group_roles/tasks/main.yml | 3 + roles/hub_namespace/README.md | 2 + roles/hub_namespace/defaults/main.yml | 1 + roles/hub_namespace/meta/main.yml | 4 +- roles/hub_namespace/tasks/main.yml | 27 +++--- roles/hub_publish/README.md | 2 + roles/hub_publish/defaults/main.yml | 1 + roles/hub_publish/meta/main.yml | 4 +- roles/hub_publish/tasks/main.yml | 3 + roles/hub_role/defaults/main.yml | 1 + roles/hub_role/meta/main.yml | 4 +- roles/hub_role/tasks/main.yml | 3 + roles/hub_user/README.md | 6 +- roles/hub_user/defaults/main.yml | 3 +- roles/hub_user/meta/argument_specs.yml | 2 +- roles/hub_user/meta/main.yml | 4 +- roles/hub_user/tasks/main.yml | 5 +- roles/hub_user/tests/vars/users.yml | 2 +- roles/meta_dependency_check/defaults/main.yml | 2 +- roles/meta_dependency_check/meta/main.yml | 2 +- 234 files changed, 1207 insertions(+), 739 deletions(-) diff --git a/changelogs/fragments/Rewrite.yml b/changelogs/fragments/Rewrite.yml index 29f37e34c..46dc6fa35 100644 --- a/changelogs/fragments/Rewrite.yml +++ b/changelogs/fragments/Rewrite.yml @@ -7,3 +7,4 @@ major_changes: - Introduction of roles for gateway bugfixes: - Controller credentials role now includes request timeout option. + - meta_dependency_check set to default to false. This is due to feature not working on controller, or in offline environments without a hub. Set controller_dependency_check to 'true' to re-enable feature. diff --git a/roles/ansible_config/meta/main.yml b/roles/ansible_config/meta/main.yml index 768a65e75..6ad9e673d 100644 --- a/roles/ansible_config/meta/main.yml +++ b/roles/ansible_config/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_ad_hoc_command/meta/main.yml b/roles/controller_ad_hoc_command/meta/main.yml index 45df3a254..c075e9696 100644 --- a/roles/controller_ad_hoc_command/meta/main.yml +++ b/roles/controller_ad_hoc_command/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_ad_hoc_command_cancel/meta/main.yml b/roles/controller_ad_hoc_command_cancel/meta/main.yml index 745b8c023..3716ffe97 100644 --- a/roles/controller_ad_hoc_command_cancel/meta/main.yml +++ b/roles/controller_ad_hoc_command_cancel/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_applications/README.md b/roles/controller_applications/README.md index d6d4f23a3..28515ac19 100644 --- a/roles/controller_applications/README.md +++ b/roles/controller_applications/README.md @@ -23,7 +23,7 @@ Currently: |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| -|`controller_applications`|`see below`|yes|Data structure describing your applications, described below. Alias: applications || +|`aap_applications`|`see below`|yes|Data structure describing your applications, described below. Alias: applications || ### Enforcing defaults @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_applications_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_applications_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_applications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables @@ -92,7 +92,7 @@ This also speeds up the overall role. ```json { - "controller_applications": [ + "aap_applications": [ { "name": "controller Config Default Application", "description": "Generic application, which can be used for oauth tokens", @@ -109,7 +109,7 @@ This also speeds up the overall role. ```yaml --- -controller_applications: +aap_applications: - name: "controller Config Default Application" description: "Generic application, which can be used for oauth tokens" organization: "Default" @@ -137,7 +137,7 @@ controller_applications: ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.aap_configuration.applications, when: controller_applications is defined} + - {role: infra.aap_configuration.applications, when: aap_applications is defined} ``` ## License diff --git a/roles/controller_applications/defaults/main.yml b/roles/controller_applications/defaults/main.yml index db6775aa1..6af8cb9e2 100644 --- a/roles/controller_applications/defaults/main.yml +++ b/roles/controller_applications/defaults/main.yml @@ -1,10 +1,10 @@ --- # a list of dictionaries describing the Controller applications -controller_applications: [] +aap_applications: [] controller_configuration_applications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" controller_configuration_applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_applications_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_applications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_applications/meta/argument_specs.yml b/roles/controller_applications/meta/argument_specs.yml index 1b53fabd8..f645674e8 100644 --- a/roles/controller_applications/meta/argument_specs.yml +++ b/roles/controller_applications/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create Applications on Ansible Controller. options: - controller_applications: + aap_applications: description: Data structure describing your applications type: list elements: dict diff --git a/roles/controller_applications/meta/main.yml b/roles/controller_applications/meta/main.yml index 9008a3932..6c24e3365 100644 --- a/roles/controller_applications/meta/main.yml +++ b/roles/controller_applications/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_applications/tasks/main.yml b/roles/controller_applications/tasks/main.yml index 31a6ed2bb..49013891e 100644 --- a/roles/controller_applications/tasks/main.yml +++ b/roles/controller_applications/tasks/main.yml @@ -19,7 +19,7 @@ request_timeout: "{{ aap_request_timeout | default(omit, true) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ applications if applications is defined else controller_applications }}" + loop: "{{ aap_applications }}" loop_control: loop_var: "__application_item" label: "{{ __operation.verb }} Controller Application {{ __application_item.name }}" diff --git a/roles/controller_applications/tests/configs/applications.yml b/roles/controller_applications/tests/configs/applications.yml index 9733dc76e..05da63a47 100644 --- a/roles/controller_applications/tests/configs/applications.yml +++ b/roles/controller_applications/tests/configs/applications.yml @@ -1,5 +1,5 @@ --- -controller_applications: +aap_applications: - name: controller_application-app1 organization: Satellite authorization_grant_type: password diff --git a/roles/controller_applications/tests/test.yml b/roles/controller_applications/tests/test.yml index e5506c212..8318a6492 100644 --- a/roles/controller_applications/tests/test.yml +++ b/roles/controller_applications/tests/test.yml @@ -19,5 +19,5 @@ extensions: ["yml"] roles: - - {role: ../.., when: controller_applications is defined} + - {role: ../.., when: aap_applications is defined} ... diff --git a/roles/controller_bulk_host_create/meta/main.yml b/roles/controller_bulk_host_create/meta/main.yml index 432e4435e..aa383d4b6 100644 --- a/roles/controller_bulk_host_create/meta/main.yml +++ b/roles/controller_bulk_host_create/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_bulk_job_launch/meta/main.yml b/roles/controller_bulk_job_launch/meta/main.yml index 01b4edfd0..3f64988da 100644 --- a/roles/controller_bulk_job_launch/meta/main.yml +++ b/roles/controller_bulk_job_launch/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_credential_input_sources/README.md b/roles/controller_credential_input_sources/README.md index 426c83f37..d8c5ef580 100644 --- a/roles/controller_credential_input_sources/README.md +++ b/roles/controller_credential_input_sources/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_credential_input_sources_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_credential_input_sources_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credential_input_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_credential_input_sources/defaults/main.yml b/roles/controller_credential_input_sources/defaults/main.yml index f18ad9106..19da75759 100644 --- a/roles/controller_credential_input_sources/defaults/main.yml +++ b/roles/controller_credential_input_sources/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_credential_input_sources_async_retries: "{{ aap_configu controller_configuration_credential_input_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_input_sources_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_credential_input_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_credential_input_sources_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_input_sources/meta/main.yml b/roles/controller_credential_input_sources/meta/main.yml index d9e2600bd..195dc3acf 100644 --- a/roles/controller_credential_input_sources/meta/main.yml +++ b/roles/controller_credential_input_sources/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_credential_types/README.md b/roles/controller_credential_types/README.md index e376ffa54..a1f2e3cd0 100644 --- a/roles/controller_credential_types/README.md +++ b/roles/controller_credential_types/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_credential_types_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_credential_types_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credential_types_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_credential_types/defaults/main.yml b/roles/controller_credential_types/defaults/main.yml index deb44815d..de811b45b 100644 --- a/roles/controller_credential_types/defaults/main.yml +++ b/roles/controller_credential_types/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_credential_types_async_retries: "{{ aap_configuration_a controller_configuration_credential_types_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_types_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_credential_types_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_credential_types_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_types/meta/main.yml b/roles/controller_credential_types/meta/main.yml index c9b4cb390..911b83f3a 100644 --- a/roles/controller_credential_types/meta/main.yml +++ b/roles/controller_credential_types/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_credentials/README.md b/roles/controller_credentials/README.md index 17bcab681..234708b86 100644 --- a/roles/controller_credentials/README.md +++ b/roles/controller_credentials/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_credentials_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_credentials_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_credentials_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_credentials/defaults/main.yml b/roles/controller_credentials/defaults/main.yml index 223303bc4..1ed0a629d 100644 --- a/roles/controller_credentials/defaults/main.yml +++ b/roles/controller_credentials/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_credentials_async_retries: "{{ aap_configuration_async_ controller_configuration_credentials_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credentials_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_credentials_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_credentials_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credentials/meta/main.yml b/roles/controller_credentials/meta/main.yml index 56def8f0d..417d310af 100644 --- a/roles/controller_credentials/meta/main.yml +++ b/roles/controller_credentials/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_execution_environments/README.md b/roles/controller_execution_environments/README.md index ecc554d8a..6ed41a1b2 100644 --- a/roles/controller_execution_environments/README.md +++ b/roles/controller_execution_environments/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_execution_environments_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_execution_environments_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_execution_environments_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_execution_environments/defaults/main.yml b/roles/controller_execution_environments/defaults/main.yml index b2e509f8d..b2bbecd58 100644 --- a/roles/controller_execution_environments/defaults/main.yml +++ b/roles/controller_execution_environments/defaults/main.yml @@ -5,5 +5,5 @@ controller_configuration_execution_environments_async_retries: "{{ aap_configura controller_configuration_execution_environments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_execution_environments_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_execution_environments_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_execution_environments_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_execution_environments/meta/main.yml b/roles/controller_execution_environments/meta/main.yml index f710a771d..7911e9b4b 100644 --- a/roles/controller_execution_environments/meta/main.yml +++ b/roles/controller_execution_environments/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_host_groups/README.md b/roles/controller_host_groups/README.md index 496904c35..80f093c10 100644 --- a/roles/controller_host_groups/README.md +++ b/roles/controller_host_groups/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_groups_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_groups_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_host_groups/defaults/main.yml b/roles/controller_host_groups/defaults/main.yml index 841d2adf7..70b2a15ed 100644 --- a/roles/controller_host_groups/defaults/main.yml +++ b/roles/controller_host_groups/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_group_async_retries: "{{ aap_configuration_async_retrie controller_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_group_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_groups_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_host_groups/meta/main.yml b/roles/controller_host_groups/meta/main.yml index bc0cf2c0e..1ee25158e 100644 --- a/roles/controller_host_groups/meta/main.yml +++ b/roles/controller_host_groups/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_hosts/README.md b/roles/controller_hosts/README.md index 76444eb5a..00aa48fe7 100644 --- a/roles/controller_hosts/README.md +++ b/roles/controller_hosts/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_host_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_host_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_host_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_hosts/defaults/main.yml b/roles/controller_hosts/defaults/main.yml index 350aedad5..cf935fd17 100644 --- a/roles/controller_hosts/defaults/main.yml +++ b/roles/controller_hosts/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_hosts_async_retries: "{{ aap_configuration_async_retrie controller_configuration_hosts_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_hosts_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_host_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_host_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_hosts/meta/main.yml b/roles/controller_hosts/meta/main.yml index f9dd3edb2..909beea91 100644 --- a/roles/controller_hosts/meta/main.yml +++ b/roles/controller_hosts/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_instance_groups/README.md b/roles/controller_instance_groups/README.md index b5bcbd2a7..85917de1f 100644 --- a/roles/controller_instance_groups/README.md +++ b/roles/controller_instance_groups/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_instance_groups_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_instance_groups_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_instance_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_instance_groups/defaults/main.yml b/roles/controller_instance_groups/defaults/main.yml index 442b4ec98..340b38af6 100644 --- a/roles/controller_instance_groups/defaults/main.yml +++ b/roles/controller_instance_groups/defaults/main.yml @@ -5,5 +5,5 @@ controller_configuration_instance_groups_async_retries: "{{ aap_configuration_as controller_configuration_instance_groups_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instance_groups_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_instance_groups_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_instance_groups_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instance_groups/meta/main.yml b/roles/controller_instance_groups/meta/main.yml index 8299d8b8d..7eefca3fa 100644 --- a/roles/controller_instance_groups/meta/main.yml +++ b/roles/controller_instance_groups/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_instances/README.md b/roles/controller_instances/README.md index b29ff3299..f17af3c71 100644 --- a/roles/controller_instances/README.md +++ b/roles/controller_instances/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_instances_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_instances_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_instances_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_instances/defaults/main.yml b/roles/controller_instances/defaults/main.yml index 8df64a8b7..8138719a4 100644 --- a/roles/controller_instances/defaults/main.yml +++ b/roles/controller_instances/defaults/main.yml @@ -5,5 +5,5 @@ controller_configuration_instances_async_retries: "{{ aap_configuration_async_re controller_configuration_instances_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instances_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_instances_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_instances_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instances/meta/main.yml b/roles/controller_instances/meta/main.yml index f3a0bf43f..203be01b4 100644 --- a/roles/controller_instances/meta/main.yml +++ b/roles/controller_instances/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_inventories/README.md b/roles/controller_inventories/README.md index cf1f5ab8d..b60c38d8d 100644 --- a/roles/controller_inventories/README.md +++ b/roles/controller_inventories/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_inventories_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_inventories_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_inventories_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_inventories/defaults/main.yml b/roles/controller_inventories/defaults/main.yml index 3433e4724..57f68ac55 100644 --- a/roles/controller_inventories/defaults/main.yml +++ b/roles/controller_inventories/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_inventories_async_retries: "{{ aap_configuration_async_ controller_configuration_inventories_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventories_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_inventories_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_inventories_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventories/meta/main.yml b/roles/controller_inventories/meta/main.yml index 7443a6257..42fd52eb2 100644 --- a/roles/controller_inventories/meta/main.yml +++ b/roles/controller_inventories/meta/main.yml @@ -7,7 +7,7 @@ galaxy_info: license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 platforms: - name: "EL" diff --git a/roles/controller_inventory_source_update/meta/main.yml b/roles/controller_inventory_source_update/meta/main.yml index 8cd277b56..f07a636d8 100644 --- a/roles/controller_inventory_source_update/meta/main.yml +++ b/roles/controller_inventory_source_update/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_inventory_sources/README.md b/roles/controller_inventory_sources/README.md index 310bf7fb1..9e5d09d54 100644 --- a/roles/controller_inventory_sources/README.md +++ b/roles/controller_inventory_sources/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_inventory_sources_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_inventory_sources_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_inventory_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_inventory_sources/defaults/main.yml b/roles/controller_inventory_sources/defaults/main.yml index 2c097154b..20eacf2db 100644 --- a/roles/controller_inventory_sources/defaults/main.yml +++ b/roles/controller_inventory_sources/defaults/main.yml @@ -5,5 +5,5 @@ controller_configuration_inventory_sources_async_retries: "{{ aap_configuration_ controller_configuration_inventory_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventory_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_inventory_sources_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_inventory_sources_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventory_sources/meta/main.yml b/roles/controller_inventory_sources/meta/main.yml index 9c44f6f0b..5807022b1 100644 --- a/roles/controller_inventory_sources/meta/main.yml +++ b/roles/controller_inventory_sources/meta/main.yml @@ -7,7 +7,7 @@ galaxy_info: license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 platforms: - name: "EL" diff --git a/roles/controller_job_launch/meta/main.yml b/roles/controller_job_launch/meta/main.yml index ab83e0876..af6265f6e 100644 --- a/roles/controller_job_launch/meta/main.yml +++ b/roles/controller_job_launch/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_job_templates/README.md b/roles/controller_job_templates/README.md index 4c8965aca..9db0ac7b9 100644 --- a/roles/controller_job_templates/README.md +++ b/roles/controller_job_templates/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_job_templates_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_job_templates_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_job_templates_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_job_templates/defaults/main.yml b/roles/controller_job_templates/defaults/main.yml index d042a0ec6..7ca24fccd 100644 --- a/roles/controller_job_templates/defaults/main.yml +++ b/roles/controller_job_templates/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_job_templates_async_retries: "{{ aap_configuration_asyn controller_configuration_job_templates_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_job_templates_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_job_templates_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_job_templates_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_job_templates/meta/main.yml b/roles/controller_job_templates/meta/main.yml index 4c2e6fb53..a2fa68f81 100644 --- a/roles/controller_job_templates/meta/main.yml +++ b/roles/controller_job_templates/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_jobs_cancel/meta/main.yml b/roles/controller_jobs_cancel/meta/main.yml index 9a79d8967..6324d35e9 100644 --- a/roles/controller_jobs_cancel/meta/main.yml +++ b/roles/controller_jobs_cancel/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_labels/meta/main.yml b/roles/controller_labels/meta/main.yml index cc73ed4d3..ae3fa16c5 100644 --- a/roles/controller_labels/meta/main.yml +++ b/roles/controller_labels/meta/main.yml @@ -7,7 +7,7 @@ galaxy_info: license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 platforms: - name: "EL" diff --git a/roles/controller_license/meta/main.yml b/roles/controller_license/meta/main.yml index 6b97702d1..8ef2fd0f4 100644 --- a/roles/controller_license/meta/main.yml +++ b/roles/controller_license/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: # - CC-BY-4.0 license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: diff --git a/roles/controller_notification_templates/README.md b/roles/controller_notification_templates/README.md index b15b7144e..0fc3f2faf 100644 --- a/roles/controller_notification_templates/README.md +++ b/roles/controller_notification_templates/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_notifications_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_notifications_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_notifications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_notification_templates/defaults/main.yml b/roles/controller_notification_templates/defaults/main.yml index 26f1a20a0..f3722dc28 100644 --- a/roles/controller_notification_templates/defaults/main.yml +++ b/roles/controller_notification_templates/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_notifications_async_retries: "{{ aap_configuration_asyn controller_configuration_notifications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_notifications_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_notifications_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_notifications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_notification_templates/meta/main.yml b/roles/controller_notification_templates/meta/main.yml index 3d41deb74..50a0e7a58 100644 --- a/roles/controller_notification_templates/meta/main.yml +++ b/roles/controller_notification_templates/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_organizations/README.md b/roles/controller_organizations/README.md index a1dcc9eda..e7c706e5f 100644 --- a/roles/controller_organizations/README.md +++ b/roles/controller_organizations/README.md @@ -23,7 +23,7 @@ Currently: |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| -|`controller_organizations`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: organizations || +|`aap_organizations`|`see below`|yes|Data structure describing your organization or organizations Described below. Alias: organizations || |`assign_galaxy_credentials_to_org`|`true`|no|Boolean to indicate whether credentials should be assigned or not. It should be noted that credentials must exist before adding it. The dispatch role will set this to `false`, before re-running the role with it set to `true`. || |`assign_default_ee_to_org`|`true`|no|Boolean to indicate whether default execution environment should be assigned or not. It should be noted that execution environment must exist before adding it. The dispatch role will set this to `false`, before re-running the role with it set to `true`. || |`assign_notification_templates_to_org`|`true`|no|Boolean to indicate whether notification templates should be assigned or not. It should be noted that the templates must exist before adding them. The dispatch role will set this to `false`, before re-running the role with it set to `true`. || @@ -38,12 +38,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_organizations_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_organizations_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_organizations_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables @@ -102,7 +102,7 @@ This role accepts two data models. A simple straightforward easy to maintain mod ```json { - "controller_organizations": [ + "aap_organizations": [ { "name": "Default", "description": "This is the Default Group" @@ -125,7 +125,7 @@ This role accepts two data models. A simple straightforward easy to maintain mod ```yaml --- -controller_organizations: +aap_organizations: - name: Default description: This is the Default Group - name: Automation Group @@ -140,7 +140,7 @@ controller_organizations: ```yaml --- -controller_organizations: +aap_organizations: - name: Satellite description: Satellite max_hosts: 0 @@ -184,7 +184,7 @@ controller_organizations: ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.aap_configuration.organizations, when: controller_organizations is defined} + - {role: infra.aap_configuration.organizations, when: aap_organizations is defined} ``` ## License diff --git a/roles/controller_organizations/defaults/main.yml b/roles/controller_organizations/defaults/main.yml index 66edee4e6..af1985192 100644 --- a/roles/controller_organizations/defaults/main.yml +++ b/roles/controller_organizations/defaults/main.yml @@ -1,11 +1,11 @@ --- -controller_organizations: [] +aap_organizations: [] controller_configuration_organizations_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" controller_configuration_organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_organizations_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_organizations_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_organizations_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true assign_notification_templates_to_org: true diff --git a/roles/controller_organizations/meta/argument_specs.yml b/roles/controller_organizations/meta/argument_specs.yml index 65ae07b20..47d61f400 100644 --- a/roles/controller_organizations/meta/argument_specs.yml +++ b/roles/controller_organizations/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create organizations on Ansible Controller. options: - controller_organizations: + aap_organizations: description: Data structure describing your organizations type: list elements: dict diff --git a/roles/controller_organizations/meta/main.yml b/roles/controller_organizations/meta/main.yml index 7207716b7..e7631144f 100644 --- a/roles/controller_organizations/meta/main.yml +++ b/roles/controller_organizations/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_organizations/tests/configs/organizations.yml b/roles/controller_organizations/tests/configs/organizations.yml index 99a348df3..2a8d4c214 100644 --- a/roles/controller_organizations/tests/configs/organizations.yml +++ b/roles/controller_organizations/tests/configs/organizations.yml @@ -1,5 +1,5 @@ --- -controller_organizations: +aap_organizations: - name: Default description: Default ... diff --git a/roles/controller_project_update/meta/main.yml b/roles/controller_project_update/meta/main.yml index a370e9ad5..0d39811b2 100644 --- a/roles/controller_project_update/meta/main.yml +++ b/roles/controller_project_update/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_projects/README.md b/roles/controller_projects/README.md index 1308402e1..b828d1753 100644 --- a/roles/controller_projects/README.md +++ b/roles/controller_projects/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_projects_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_projects_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_projects_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_projects/defaults/main.yml b/roles/controller_projects/defaults/main.yml index 154433d6c..a23d94fb5 100644 --- a/roles/controller_projects/defaults/main.yml +++ b/roles/controller_projects/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_projects_async_retries: "{{ aap_configuration_async_ret controller_configuration_projects_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_projects_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_projects_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_projects_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_projects/meta/main.yml b/roles/controller_projects/meta/main.yml index 619207c97..9f18e2b7e 100644 --- a/roles/controller_projects/meta/main.yml +++ b/roles/controller_projects/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_roles/README.md b/roles/controller_roles/README.md index c7b370e90..a882e0303 100644 --- a/roles/controller_roles/README.md +++ b/roles/controller_roles/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_role_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_role_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_role_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_roles/defaults/main.yml b/roles/controller_roles/defaults/main.yml index b1dc9383f..710d2f0db 100644 --- a/roles/controller_roles/defaults/main.yml +++ b/roles/controller_roles/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_role_async_retries: "{{ aap_configuration_async_retries controller_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_role_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_role_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_role_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_roles/meta/main.yml b/roles/controller_roles/meta/main.yml index 5ad26d3e1..6414e9e1e 100644 --- a/roles/controller_roles/meta/main.yml +++ b/roles/controller_roles/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: # - CC-BY license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: diff --git a/roles/controller_schedules/README.md b/roles/controller_schedules/README.md index 022b95fcd..6161c23a3 100644 --- a/roles/controller_schedules/README.md +++ b/roles/controller_schedules/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_schedules_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_schedules_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_schedules_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_schedules/defaults/main.yml b/roles/controller_schedules/defaults/main.yml index 57da3e241..b3887bc17 100644 --- a/roles/controller_schedules/defaults/main.yml +++ b/roles/controller_schedules/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_schedules_async_retries: "{{ aap_configuration_async_re controller_configuration_schedules_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_schedules_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_schedules_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_schedules_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_schedules/meta/main.yml b/roles/controller_schedules/meta/main.yml index 7034a6e76..05abaef1f 100644 --- a/roles/controller_schedules/meta/main.yml +++ b/roles/controller_schedules/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_settings/meta/main.yml b/roles/controller_settings/meta/main.yml index 3e87617ac..4bd8a58a7 100644 --- a/roles/controller_settings/meta/main.yml +++ b/roles/controller_settings/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: # - CC-BY-4.0 license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: diff --git a/roles/controller_teams/README.md b/roles/controller_teams/README.md index 925f33603..28946df86 100644 --- a/roles/controller_teams/README.md +++ b/roles/controller_teams/README.md @@ -23,7 +23,7 @@ Currently: |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| -|`controller_teams`|`see below`|yes|Data structure describing your Teams described below. Alias: teams || +|`aap_teams`|`see below`|yes|Data structure describing your Teams described below. Alias: teams || ### Enforcing defaults @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_platform_teams_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_platform_teams_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_platform_teams_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables @@ -70,7 +70,7 @@ This also speeds up the overall role. |`controller_configuration_teams_loop_delay`|`aap_configuration_loop_delay`|no|This sets the pause between each item in the loop for the role. To help when API is getting overloaded.| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| -### Data structure `controller_teams:` should include following vars +### Data structure `aap_teams:` should include following vars |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| @@ -100,7 +100,7 @@ This also speeds up the overall role. ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.aap_configuration.teams, when: controller_teams is defined} + - {role: infra.aap_configuration.teams, when: aap_teams is defined} ``` ## License diff --git a/roles/controller_teams/defaults/main.yml b/roles/controller_teams/defaults/main.yml index 3dda581ab..6561dd83f 100644 --- a/roles/controller_teams/defaults/main.yml +++ b/roles/controller_teams/defaults/main.yml @@ -1,10 +1,10 @@ --- # These are the default variables specific to the teams role -controller_teams: [] +aap_teams: [] controller_configuration_platform_teams_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" controller_configuration_platform_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_platform_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_teams_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_platform_teams_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_platform_teams_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_teams/meta/argument_specs.yml b/roles/controller_teams/meta/argument_specs.yml index 172a537dc..4953515dd 100644 --- a/roles/controller_teams/meta/argument_specs.yml +++ b/roles/controller_teams/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create teams on Ansible Controller. options: - controller_teams: + aap_teams: description: Data structure describing your teams type: list elements: dict diff --git a/roles/controller_teams/meta/main.yml b/roles/controller_teams/meta/main.yml index 6573c03ff..7da8d5488 100644 --- a/roles/controller_teams/meta/main.yml +++ b/roles/controller_teams/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: # - CC-BY license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: diff --git a/roles/controller_teams/tasks/main.yml b/roles/controller_teams/tasks/main.yml index c9ce4239b..b78bdc0e8 100644 --- a/roles/controller_teams/tasks/main.yml +++ b/roles/controller_teams/tasks/main.yml @@ -14,7 +14,7 @@ controller_oauthtoken: "{{ aap_token | default(omit, true) }}" request_timeout: "{{ aap_request_timeout | default(omit, true) }}" validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ teams if teams is defined else controller_teams }}" + loop: "{{ aap_teams }}" loop_control: loop_var: __controller_team_item label: "{{ __operation.verb }} Ansible Controller Team {{ __controller_team_item.name }}" diff --git a/roles/controller_teams/tests/configs/teams.yml b/roles/controller_teams/tests/configs/teams.yml index d6886f235..2441977c5 100644 --- a/roles/controller_teams/tests/configs/teams.yml +++ b/roles/controller_teams/tests/configs/teams.yml @@ -1,5 +1,5 @@ --- -controller_teams: +aap_teams: - name: "team1" description: "My first team" organization: "Default" diff --git a/roles/controller_teams/tests/test.yml b/roles/controller_teams/tests/test.yml index 6747ba4c7..052cbae16 100644 --- a/roles/controller_teams/tests/test.yml +++ b/roles/controller_teams/tests/test.yml @@ -19,5 +19,5 @@ extensions: ["yml"] roles: - - {role: ../.., when: controller_teams is defined} + - {role: ../.., when: aap_teams is defined} ... diff --git a/roles/controller_users/README.md b/roles/controller_users/README.md index 3e17a4d80..ae922f95c 100644 --- a/roles/controller_users/README.md +++ b/roles/controller_users/README.md @@ -23,7 +23,7 @@ Currently: |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| -|`controller_user_accounts`|`see below`|yes|Data structure describing your user entries described below. Alias: users || +|`aap_user_accounts`|`see below`|yes|Data structure describing your user entries described below. Alias: users || |`controller_user_default_password`|""|no|Global variable to set the password for all users.|| ### Enforcing defaults @@ -35,12 +35,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_users_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_users_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_users_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables @@ -95,7 +95,7 @@ This also speeds up the overall role. ```json { - "controller_user_accounts": [ + "aap_user_accounts": [ { "user": "jsmith", "is_superuser": false, @@ -110,7 +110,7 @@ This also speeds up the overall role. ```yaml --- -controller_user_accounts: +aap_user_accounts: - user: controller_user is_superuser: false password: aap_password @@ -136,7 +136,7 @@ controller_user_accounts: ignore_files: [controller_config.yml.template] extensions: ["yml"] roles: - - {role: infra.aap_configuration.users, when: controller_user_accounts is defined} + - {role: infra.aap_configuration.users, when: aap_user_accounts is defined} ``` ## License diff --git a/roles/controller_users/defaults/main.yml b/roles/controller_users/defaults/main.yml index d662c4fbb..720d871c4 100644 --- a/roles/controller_users/defaults/main.yml +++ b/roles/controller_users/defaults/main.yml @@ -1,6 +1,6 @@ --- # list of dicts describing Controller users -controller_user_accounts: [] +aap_user_accounts: [] # if you're too lazy to give your users a password, this is the default they will get # set this variable to something false and there won't be a default password controller_user_default_password: "change_me" @@ -10,5 +10,5 @@ controller_configuration_users_async_retries: "{{ aap_configuration_async_retrie controller_configuration_users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_users_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_users_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_users_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_users/meta/main.yml b/roles/controller_users/meta/main.yml index 42c436ba4..937eef2f1 100644 --- a/roles/controller_users/meta/main.yml +++ b/roles/controller_users/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_users/tasks/main.yml b/roles/controller_users/tasks/main.yml index e0d2b8954..a2a5d34c1 100644 --- a/roles/controller_users/tasks/main.yml +++ b/roles/controller_users/tasks/main.yml @@ -23,7 +23,7 @@ controller_oauthtoken: "{{ aap_token | default(omit, true) }}" request_timeout: "{{ aap_request_timeout | default(omit, true) }}" validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ users if users is defined else controller_user_accounts }}" + loop: "{{ aap_user_accounts }}" loop_control: loop_var: __controller_user_accounts_item label: "{{ __operation.verb }} Controller User {{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) }}" diff --git a/roles/controller_users/tests/configs/users.yml b/roles/controller_users/tests/configs/users.yml index 58e879b86..7a19d7d95 100644 --- a/roles/controller_users/tests/configs/users.yml +++ b/roles/controller_users/tests/configs/users.yml @@ -1,5 +1,5 @@ --- -controller_user_accounts: +aap_user_accounts: - user: johnsmith superuser: false password: password1 diff --git a/roles/controller_users/tests/test.yml b/roles/controller_users/tests/test.yml index 15b18e08f..74f215954 100644 --- a/roles/controller_users/tests/test.yml +++ b/roles/controller_users/tests/test.yml @@ -19,5 +19,5 @@ extensions: ["yml"] roles: - - {role: ../.., when: controller_user_accounts is defined} + - {role: ../.., when: aap_user_accounts is defined} ... diff --git a/roles/controller_workflow_job_templates/README.md b/roles/controller_workflow_job_templates/README.md index 335758768..fda4a4367 100644 --- a/roles/controller_workflow_job_templates/README.md +++ b/roles/controller_workflow_job_templates/README.md @@ -34,12 +34,12 @@ This should be enabled to enforce configuration and prevent configuration drift. Enabling this will enforce configurtion without specifying every option in the configuration files. -'controller_configuration_workflows_enforce_defaults' defaults to the value of 'controller_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. +'controller_configuration_workflows_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| |`controller_configuration_workflows_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`controller_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables diff --git a/roles/controller_workflow_job_templates/defaults/main.yml b/roles/controller_workflow_job_templates/defaults/main.yml index 3d2cae9be..4d308e44a 100644 --- a/roles/controller_workflow_job_templates/defaults/main.yml +++ b/roles/controller_workflow_job_templates/defaults/main.yml @@ -6,5 +6,5 @@ controller_configuration_workflow_async_retries: "{{ aap_configuration_async_ret controller_configuration_workflow_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_workflow__loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null -controller_configuration_workflows_enforce_defaults: "{{ controller_configuration_enforce_defaults | default(false) }}" +controller_configuration_workflows_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_workflow_job_templates/meta/main.yml b/roles/controller_workflow_job_templates/meta/main.yml index fdfe9cf01..1d211f709 100644 --- a/roles/controller_workflow_job_templates/meta/main.yml +++ b/roles/controller_workflow_job_templates/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/controller_workflow_launch/meta/main.yml b/roles/controller_workflow_launch/meta/main.yml index 355bb3cb9..bce3bf056 100644 --- a/roles/controller_workflow_launch/meta/main.yml +++ b/roles/controller_workflow_launch/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/dispatch/README.md b/roles/dispatch/README.md index ceb259642..8a302903a 100644 --- a/roles/dispatch/README.md +++ b/roles/dispatch/README.md @@ -1,8 +1,8 @@ -# infra.platform_configuration.dispatch +# infra.aap_configuration.dispatch ## Description -An Ansible Role to run all roles in the infra.platform_configuration collection. +An Ansible Role to run all roles in the infra.aap_configuration collection. ## Variables @@ -17,17 +17,17 @@ gateway_dispatch_roles: - {role: http_ports, var: http_ports_list, tags: http_ports} - {role: organizations, var: organizations_list, tags: organizations} - {role: teams, var: platform_teams, tags: teams} - - {role: service_clusters, var: service_clusters_list, tags: service_clusters} + - {role: service_clusters, var: gateway_service_clusters, tags: service_clusters} - {role: service_keys, var: service_keys_list, tags: service_keys} - - {role: service_nodes, var: service_nodes_list, tags: service_nodes} - - {role: services, var: services_list, tags: services} - - {role: routes, var: routes_list, tags: routes} + - {role: service_nodes, var: gateway_service_nodes, tags: service_nodes} + - {role: services, var: gateway_services, tags: services} + - {role: routes, var: gateway_routes, tags: routes} - {role: role_user_assignments, var: role_user_assignments_list, tags: role_user_assignments} ``` Note that each item has three elements: -- `role` which is the name of the role within infra.platform_configuration +- `role` which is the name of the role within infra.aap_configuration - `var` which is the variable which is used in that role. We use this to prevent the role being called if the variable is not set - `tags` the tags which are applied to the role so it is possible to apply tags to a playbook using the dispatcher with these tags. diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index a6c5310b0..44b506fd3 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -9,14 +9,17 @@ gateway_configuration_dispatcher_roles: - role: gateway_settings var: gateway_settings tags: settings + - role: gateway_applications + var: gateway_applications + tags: applications - role: gateway_http_ports var: http_ports_list tags: http_ports - role: gateway_organizations - var: controller_organizations + var: aap_organizations tags: organizations - role: gateway_service_clusters - var: service_clusters_list + var: gateway_service_nodes tags: service_clusters - role: gateway_service_keys var: service_keys_list @@ -34,7 +37,7 @@ gateway_configuration_dispatcher_roles: var: routes_list tags: routes - role: gateway_teams - var: platform_teams + var: aap_teams tags: teams ah_configuration_dispatcher_roles: - role: hub_namespace @@ -75,7 +78,7 @@ controller_configuration_dispatcher_roles: var: controller_settings tags: settings - role: controller_organizations - var: controller_organizations + var: aap_organizations tags: organizations assign_galaxy_credentials_to_org: false assign_default_ee_to_org: false @@ -101,11 +104,14 @@ controller_configuration_dispatcher_roles: - role: controller_execution_environments var: controller_execution_environments tags: execution_environments + - role: controller_applications + var: aap_applications + tags: applications - role: controller_notification_templates var: controller_notifications tags: notification_templates - role: controller_organizations - var: controller_organizations + var: aap_organizations tags: organizations assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index 0ff91687e..7e9380c97 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -18,25 +18,25 @@ argument_specs: var: http_ports_list tags: http_ports - role: gateway_organizations - var: organizations_list + var: aap_organizations tags: organizations - role: gateway_service_clusters - var: service_clusters_list + var: gateway_service_clusters tags: service_clusters - role: gateway_service_keys var: service_keys_list tags: service_keys - role: gateway_service_nodes - var: service_nodes_list + var: gateway_service_nodes tags: service_nodes - role: gateway_services - var: services_list + var: gateway_services tags: services - role: gateway_role_user_assignments var: role_user_assignments_list tags: role_user_assignments - role: gateway_routes - var: routes_list + var: gateway_routes tags: routes - role: gateway_teams var: platform_teams @@ -83,7 +83,7 @@ argument_specs: var: controller_inventory_sources tags: inventory_sources - role: controller_applications - var: controller_applications + var: aap_applications tags: applications - role: controller_hosts var: controller_hosts @@ -118,7 +118,7 @@ argument_specs: var: ah_groups tags: groups - role: pah_user - var: ah_users + var: aap_user_accounts tags: users - role: pah_namespace var: ah_namespaces diff --git a/roles/dispatch/meta/main.yml b/roles/dispatch/meta/main.yml index c67c11450..fd10c867e 100644 --- a/roles/dispatch/meta/main.yml +++ b/roles/dispatch/meta/main.yml @@ -2,7 +2,7 @@ galaxy_info: role_name: "dispatch" author: Tom Pag, Alan Wong, and Sean Sullivan - description: "An Ansible Role which launches all of the roles within the platform_configuration Collection." + description: "An Ansible Role which launches all of the roles within the aap_configuration Collection." company: "Red Hat" # If the issue tracker for your role is not on github, uncomment the diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index e058bc09b..75e08bd3b 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: "Run the following infra.platform_configuration roles: {{ aap_configuration_dispatcher_roles | map(attribute='role') | join(', ') }}" +- name: "Run the following infra.aap_configuration roles: {{ aap_configuration_dispatcher_roles | map(attribute='role') | join(', ') }}" ansible.builtin.include_role: name: "{{ __role.role }}" apply: diff --git a/roles/eda_controller_tokens/meta/main.yml b/roles/eda_controller_tokens/meta/main.yml index 2c9060f81..5412a6087 100644 --- a/roles/eda_controller_tokens/meta/main.yml +++ b/roles/eda_controller_tokens/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/eda_credentials/meta/main.yml b/roles/eda_credentials/meta/main.yml index 92529651c..094b2300a 100644 --- a/roles/eda_credentials/meta/main.yml +++ b/roles/eda_credentials/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/eda_decision_environments/meta/main.yml b/roles/eda_decision_environments/meta/main.yml index d08b54046..6dbb089d8 100644 --- a/roles/eda_decision_environments/meta/main.yml +++ b/roles/eda_decision_environments/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/eda_projects/meta/main.yml b/roles/eda_projects/meta/main.yml index facc259b5..53945a740 100644 --- a/roles/eda_projects/meta/main.yml +++ b/roles/eda_projects/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/eda_rulebook_activations/meta/main.yml b/roles/eda_rulebook_activations/meta/main.yml index dce59504a..dd2127d5a 100644 --- a/roles/eda_rulebook_activations/meta/main.yml +++ b/roles/eda_rulebook_activations/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/eda_users/meta/main.yml b/roles/eda_users/meta/main.yml index 29cb28600..5ed9c155c 100644 --- a/roles/eda_users/meta/main.yml +++ b/roles/eda_users/meta/main.yml @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: "GPLv3+" - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/gateway_applications/README.md b/roles/gateway_applications/README.md index aaca798b4..d7b36c86d 100644 --- a/roles/gateway_applications/README.md +++ b/roles/gateway_applications/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.applications +# Ansible Role infra.aap_configuration.applications ## Description @@ -6,23 +6,67 @@ An Ansible Role to create/update/remove Applications on Ansible gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | -|:------------------------------------------------------|:---------------------------------------------------:|:--------:|:-----------:| -| `applications_list` (Alias: `applications`) | [below](#application-arguments) | yes | Data structure describing your applications entries described below. Alias: applications (../../ | -| `applications_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive Application role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | -| `applications_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the applications role | -| `applications_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | -| `applications_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`aap_applications`|`see below`|yes|Data structure describing your aap_applications Described below.|| + +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'aap_applications_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_applications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared globally.| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +aap_applications_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_applications_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`aap_applications_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`aap_applications_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`aap_applications_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### Application Arguments -Options for the `applications_list` variable: +Options for the `aap_applications` variable: | Variable Name | Default Value | Required | Type | Description | |:----------------------------|:-------------------:|:--------:|:----:|:---------------------------------------------------------------------------------------| @@ -46,7 +90,7 @@ Options for the `applications_list` variable: ```json { - "applications_list": [ + "aap_applications": [ { "name": "gateway Config Default Application", "description": "Generic application, which can be used for oauth tokens", @@ -61,11 +105,11 @@ Options for the `applications_list` variable: #### Yaml Example -File name: `data/gateway_applications.yml` +File name: `data/aap_applications.yml` ```yaml --- -applications_list: +aap_applications: - name: "gateway Config Default Application" description: "Generic application, which can be used for oauth tokens" organization: "Default" @@ -74,14 +118,6 @@ applications_list: authorization_grant_type: "password" ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_applications.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_applications/defaults/main.yml b/roles/gateway_applications/defaults/main.yml index f65b9f0bb..48e85182d 100644 --- a/roles/gateway_applications/defaults/main.yml +++ b/roles/gateway_applications/defaults/main.yml @@ -1,8 +1,9 @@ --- # a list of dictionaries describing the gateway applications -applications_list: [] -applications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" -applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +aap_applications: [] +gateway_applications_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_applications/meta/argument_specs.yml b/roles/gateway_applications/meta/argument_specs.yml index 76de5f842..f4e64e581 100644 --- a/roles/gateway_applications/meta/argument_specs.yml +++ b/roles/gateway_applications/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create Applications on Ansible gateway. options: - applications_list: + aap_applications: description: Data structure describing your applications type: list required: true @@ -56,7 +56,7 @@ argument_specs: type: str description: The ID or username of the user who owns this application state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the application. @@ -86,7 +86,7 @@ argument_specs: The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables - applications_secure_logging: + gateway_applications_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool @@ -100,27 +100,27 @@ argument_specs: description: This variable enables secure logging across all roles as a default. # Generic across all roles - gateway_state: + platform_state: default: present required: false description: The state all objects will take unless overridden by object default type: str - gateway_hostname: + aap_hostname: default: None required: false description: URL to the Ansible gateway Server. type: str - gateway_validate_certs: + aap_validate_certs: default: true required: false description: Whether or not to validate the Ansible gateway Server's SSL certificate. type: str - gateway_username: + aap_username: default: None required: false description: Admin User on the Ansible gateway Server. Either username / password or oauthtoken need to be specified. type: str - gateway_password: + aap_password: default: None required: false description: > @@ -128,7 +128,7 @@ argument_specs: This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str - gateway_oauthtoken: + aap_token: default: None required: false description: > diff --git a/roles/gateway_applications/meta/main.yml b/roles/gateway_applications/meta/main.yml index 7d940fc43..027706ab5 100644 --- a/roles/gateway_applications/meta/main.yml +++ b/roles/gateway_applications/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: applications + role_name: gateway_applications author: John Westcott IV description: An Ansible Role to create applications in Ansible gateway. company: Red Hat diff --git a/roles/gateway_applications/tasks/main.yml b/roles/gateway_applications/tasks/main.yml index b6325af2f..97daa4ecd 100644 --- a/roles/gateway_applications/tasks/main.yml +++ b/roles/gateway_applications/tasks/main.yml @@ -2,19 +2,19 @@ # Create gateway applications - name: Managing gateway Applications ansible.platform.application: - name: "{{ __application_item.name | mandatory }}" - new_name: "{{ __application_item.new_name | default(omit, true) }}" - organization: "{{ __application_item.organization | mandatory }}" - new_organization: "{{ __application_item.new_organization | default(omit, true) }}" - description: "{{ __application_item.description | default(('' if applications_enforce_defaults else omit), true) }}" - authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" - client_type: "{{ __application_item.client_type | default('public') }}" - redirect_uris: "{{ __application_item.redirect_uris | default(omit) }}" - skip_authorization: "{{ __application_item.skip_authorization | default((false if applications_enforce_defaults else omit), true) }}" - algorithm: "{{ __application_item.algorithm | default(omit, true) }}" - post_logout_redirect_uris: "{{ __application_item.post_logout_redirect_uris | default(omit, true) }}" - user: "{{ __application_item.user | default(omit, true) }}" - state: "{{ __application_item.state | default(gateway_state | default(omit, true)) }}" + name: "{{ __gateway_application_item.name | mandatory }}" + new_name: "{{ __gateway_application_item.new_name | default(omit, true) }}" + organization: "{{ __gateway_application_item.organization | mandatory }}" + new_organization: "{{ __gateway_application_item.new_organization | default(omit, true) }}" + description: "{{ __gateway_application_item.description | default(('' if gateway_applications_enforce_defaults else omit), true) }}" + authorization_grant_type: "{{ __gateway_application_item.authorization_grant_type | default('password') }}" + client_type: "{{ __gateway_application_item.client_type | default('public') }}" + redirect_uris: "{{ __gateway_application_item.redirect_uris | default(omit) }}" + skip_authorization: "{{ __gateway_application_item.skip_authorization | default((false if gateway_applications_enforce_defaults else omit), true) }}" + algorithm: "{{ __gateway_application_item.algorithm | default(omit, true) }}" + post_logout_redirect_uris: "{{ __gateway_application_item.post_logout_redirect_uris | default(omit, true) }}" + user: "{{ __gateway_application_item.user | default(omit, true) }}" + state: "{{ __gateway_application_item.state | default(platform_state | default(omit, true)) }}" # Role specific options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" @@ -23,10 +23,12 @@ gateway_token: "{{ aap_token | default(omit, true) }}" gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ applications if applications is defined else applications_list }}" + loop: "{{ aap_applications }}" loop_control: - loop_var: __application_item - no_log: "{{ applications_secure_logging }}" + loop_var: __gateway_application_item + label: "{{ __operation.verb }} AAP Platform Applications {{ __gateway_application_item.name }}" + pause: "{{ gateway_applications_loop_delay }}" + no_log: "{{ gateway_applications_secure_logging }}" async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __gateway_applications_job_async @@ -39,11 +41,12 @@ jid: "{{ __gateway_applications_job_async_results_item.ansible_job_id }}" register: __gateway_applications_job_async_result until: __gateway_applications_job_async_result.finished - retries: "{{ applications_async_retries }}" - delay: "{{ applications_async_delay }}" + retries: "{{ gateway_applications_async_retries }}" + delay: "{{ gateway_applications_async_delay }}" loop: "{{ __gateway_applications_job_async.results }}" loop_control: loop_var: __gateway_applications_job_async_results_item + label: "{{ __operation.verb }} AAP Platform Applications {{ __gateway_applications_job_async_result.__gateway_application_item.name }} | Wait for finish the Applications {{ __operation.action }}" when: __gateway_applications_job_async_results_item.ansible_job_id is defined no_log: "{{ applications_secure_logging }}" vars: diff --git a/roles/gateway_applications/tests/test.yml b/roles/gateway_applications/tests/test.yml index f092758b7..a5ea5f4b6 100644 --- a/roles/gateway_applications/tests/test.yml +++ b/roles/gateway_applications/tests/test.yml @@ -4,10 +4,10 @@ connection: local gather_facts: false vars: - gateway_validate_certs: false - gateway_hostname: gateway.example.com - gateway_username: admin - gateway_password: changeme + aap_validate_certs: false + aap_hostname: gateway.example.com + aap_username: admin + aap_password: changeme pre_tasks: - name: Include vars from gateway_configs directory @@ -16,5 +16,5 @@ extensions: ["yml"] roles: - - {role: gateway_applications, when: applications_list is defined} + - {role: gateway_applications, when: gateway_applications is defined} ... diff --git a/roles/gateway_authenticator_maps/README.md b/roles/gateway_authenticator_maps/README.md index 77dcf6806..e9a129871 100644 --- a/roles/gateway_authenticator_maps/README.md +++ b/roles/gateway_authenticator_maps/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.authenticator_maps +# Ansible Role infra.aap_configuration.authenticator_maps ## Description @@ -6,17 +6,45 @@ An Ansible Role to add Authenticator Maps on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:------------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `authenticator_maps_list` (Alias: `authenticator_maps`) | [below](#Authenticator Map Arguments) | yes | Data structure describing your authenticator_map entries described below. | | -| `gateway_authenticator_maps_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive authenticator_map role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `authenticator_maps_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the authenticator_map role. | README.md#enforcing-defaults) | -| `gateway_authenticator_maps_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `gateway_authenticator_maps_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_authenticator_maps`|`see below`|yes|Data structure describing your gateway_authenticator_maps Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_authenticator_maps_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_authenticator_maps_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_authenticator_maps_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_authenticator_maps_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_authenticator_maps_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -52,7 +80,7 @@ Options for the `authenticator_maps_list` variable: ```json { - "authenticator_maps_list": [ + "gateway_authenticator_maps": [ { "name": "AMap-1", "authenticator": "Authenticator-1", @@ -87,7 +115,7 @@ Options for the `authenticator_maps_list` variable: ```yaml --- -authenticator_maps_list: +gateway_authenticator_maps: - name: AuthMap 1 authenticator: Auth 1 revoke: true diff --git a/roles/gateway_authenticator_maps/defaults/main.yml b/roles/gateway_authenticator_maps/defaults/main.yml index 5e0aa0cff..fff94f280 100644 --- a/roles/gateway_authenticator_maps/defaults/main.yml +++ b/roles/gateway_authenticator_maps/defaults/main.yml @@ -2,16 +2,15 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the authenticator maps -authenticator_maps_list: [] +gateway_authenticator_maps: [] gateway_authenticator_maps_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" gateway_authenticator_maps_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_authenticator_maps_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -authenticator_maps_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/gateway_authenticator_maps/meta/argument_specs.yml b/roles/gateway_authenticator_maps/meta/argument_specs.yml index 0c324900b..f09d286dc 100644 --- a/roles/gateway_authenticator_maps/meta/argument_specs.yml +++ b/roles/gateway_authenticator_maps/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create authenticator maps on automation platform gateway. options: - authenticator_maps_list: + gateway_authenticator_maps: description: Data structure describing your authenticator maps type: list required: true @@ -57,7 +57,7 @@ argument_specs: Items with the same order will be executed in random order Value must be greater or equal to 0 state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. diff --git a/roles/gateway_authenticator_maps/meta/main.yml b/roles/gateway_authenticator_maps/meta/main.yml index 73b04a56e..3848e287a 100644 --- a/roles/gateway_authenticator_maps/meta/main.yml +++ b/roles/gateway_authenticator_maps/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: authenticator_maps + role_name: gateway_authenticator_maps author: Martin Slemr description: An Ansible Role to create authenticator maps in automation platform gateway. company: Red Hat diff --git a/roles/gateway_authenticator_maps/tasks/main.yml b/roles/gateway_authenticator_maps/tasks/main.yml index 01b2f013e..519b19b41 100644 --- a/roles/gateway_authenticator_maps/tasks/main.yml +++ b/roles/gateway_authenticator_maps/tasks/main.yml @@ -12,18 +12,20 @@ role: "{{ __gateway_authenticator_maps_item.role | default(omit) }}" triggers: "{{ __gateway_authenticator_maps_item.triggers | default(omit) }}" order: "{{ __gateway_authenticator_maps_item.order | default(omit) }}" - state: "{{ __gateway_authenticator_maps_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_authenticator_maps_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ authenticator_maps if authenticator_maps is defined else authenticator_maps_list }}" + loop: "{{ gateway_authenticator_maps }}" loop_control: loop_var: __gateway_authenticator_maps_item + label: "{{ __operation.verb }} AAP Platform Authenticator Maps {{ __gateway_authenticator_maps_item.name }}" + pause: "{{ gateway_authenticator_maps_loop_delay }}" no_log: "{{ gateway_authenticator_maps_secure_logging }}" async: 1000 poll: 0 @@ -42,6 +44,7 @@ loop: "{{ __gateway_authenticator_maps_job_async.results }}" loop_control: loop_var: __gateway_authenticator_maps_job_async_results_item + label: "{{ __operation.verb }} AAP Platform Authenticator Maps {{ __gateway_authenticator_maps_job_async_result.__gateway_authenticator_maps_item.name }} | Wait for finish the Authenticator Map {{ __operation.action }}" when: __gateway_authenticator_maps_job_async_results_item.ansible_job_id is defined no_log: "{{ gateway_authenticator_maps_secure_logging }}" vars: diff --git a/roles/gateway_authenticators/README.md b/roles/gateway_authenticators/README.md index 6fe404e59..7a40ec711 100644 --- a/roles/gateway_authenticators/README.md +++ b/roles/gateway_authenticators/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.authenticators +# Ansible Role infra.aap_configuration.authenticators ## Description @@ -6,17 +6,45 @@ An Ansible Role to add Authenticators on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:--------------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `authenticators_list` (Alias: `authenticators`) | [below](#Authenticator Arguments) | yes | Data structure describing your organization entries described below. | | -| `authenticators_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `authenticators_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | README.md#enforcing-defaults) | -| `authenticators_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `authenticators_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_authenticators`|`see below`|yes|Data structure describing your gateway_authenticators Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_authenticators_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_authenticators_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_authenticators_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_authenticators_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_authenticators_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -51,7 +79,7 @@ Options for the `authenticators_list` variable: ```json { - "authenticators_list": [ + "gateway_authenticators": [ { "name": "local authenticator", "slug": "local-authenticator", @@ -77,7 +105,7 @@ File name: `data/gateway_authenticators.yml` ```yaml --- -authenticators_list: +gateway_authenticators: - name: "Deprecated Authenticator" state: absent - name: Auth AzureAD diff --git a/roles/gateway_authenticators/defaults/main.yml b/roles/gateway_authenticators/defaults/main.yml index 5eb3081bb..5e610ef32 100644 --- a/roles/gateway_authenticators/defaults/main.yml +++ b/roles/gateway_authenticators/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the authenticators -authenticators_list: [] -authenticators_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -authenticators_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -authenticators_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -authenticators_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_authenticators: [] +gateway_authenticators_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_authenticators_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_authenticators_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_authenticators_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_authenticators/meta/argument_specs.yml b/roles/gateway_authenticators/meta/argument_specs.yml index f58cc912e..37f20fd04 100644 --- a/roles/gateway_authenticators/meta/argument_specs.yml +++ b/roles/gateway_authenticators/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create authenticators on automation platform gateway. options: - authenticators_list: + gateway_authenticators: description: Data structure describing your authenticators type: list required: true @@ -44,13 +44,13 @@ argument_specs: type: int description: The order in which an authenticator will be tried. This only pertains to username/password authenticators defaults to 1 (by API) state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - authenticators_async_retries: + gateway_authenticators_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -58,7 +58,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - authenticators_async_delay: + gateway_authenticators_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -75,7 +75,7 @@ argument_specs: # No_log variables - authenticators_secure_logging: + gateway_authenticators_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_authenticators/meta/main.yml b/roles/gateway_authenticators/meta/main.yml index 939f6716c..ae56bc6b5 100644 --- a/roles/gateway_authenticators/meta/main.yml +++ b/roles/gateway_authenticators/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: authenticators + role_name: gateway_authenticators author: Martin Slemr description: An Ansible Role to create authenticators in Automation Platform Gateway. company: Red Hat diff --git a/roles/gateway_authenticators/tasks/main.yml b/roles/gateway_authenticators/tasks/main.yml index 32fa17b56..f15bbd9bb 100644 --- a/roles/gateway_authenticators/tasks/main.yml +++ b/roles/gateway_authenticators/tasks/main.yml @@ -10,19 +10,21 @@ configuration: "{{ __gateway_authenticators_item.configuration | default(omit) }}" type: "{{ __gateway_authenticators_item.type | default(omit) }}" order: "{{ __gateway_authenticators_item.order | default(omit) }}" - state: "{{ __gateway_authenticators_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_authenticators_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ authenticators if authenticators is defined else authenticators_list }}" + loop: "{{ gateway_authenticators }}" loop_control: loop_var: __gateway_authenticators_item - no_log: "{{ authenticators_secure_logging }}" + label: "{{ __operation.verb }} AAP Platform Authenticators {{ __gateway_authenticators_item.name }}" + pause: "{{ gateway_authenticators_loop_delay }}" + no_log: "{{gateway_authenticators_secure_logging }}" async: 1000 poll: 0 register: __gateway_authenticators_job_async @@ -35,13 +37,14 @@ jid: "{{ __gateway_authenticators_job_async_results_item.ansible_job_id }}" register: __gateway_authenticators_job_async_result until: __gateway_authenticators_job_async_result.finished - retries: "{{ authenticators_async_retries }}" - delay: "{{ authenticators_async_delay }}" + retries: "{{ gateway_authenticators_async_retries }}" + delay: "{{ gateway_authenticators_async_delay }}" loop: "{{ __gateway_authenticators_job_async.results }}" loop_control: loop_var: __gateway_authenticators_job_async_results_item + label: "{{ __operation.verb }} AAP Platform Authenticators {{ __gateway_authenticators_job_async_result.__gateway_authenticators_item.name }} | Wait for finish the Authenticators {{ __operation.action }}" when: __gateway_authenticators_job_async_results_item.ansible_job_id is defined - no_log: "{{ authenticators_secure_logging }}" + no_log: "{{gateway_authenticators_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_http_ports/README.md b/roles/gateway_http_ports/README.md index 672b06339..c862fdea9 100644 --- a/roles/gateway_http_ports/README.md +++ b/roles/gateway_http_ports/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.http_ports +# Ansible Role infra.aap_configuration.http_ports ## Description @@ -6,17 +6,45 @@ An Ansible Role to add proxy Http Ports on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:----------------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `http_ports_list` (Alias: `http_ports`) | [below](#http-port-arguments) | yes | Data structure describing your http port entries described below. | | -| `http_ports_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive http_ports role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `http_ports_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the http port role. | README.md#enforcing-defaults) | -| `http_ports_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `http_ports_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_http_ports`|`see below`|yes|Data structure describing your http_ports entries Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_http_ports_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_http_ports_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_http_ports_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_http_ports_hosts_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_http_ports_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -46,7 +74,7 @@ Options for the `http_ports_list` variable: ```json { - "http_ports_list": [ + "gateway_http_ports": [ { "name": "API port", "new_name": "Proxy API port", @@ -68,7 +96,7 @@ File name: `data/gateway_http_ports.yml` ```yaml --- -http_ports_list: +gateway_http_ports: - name: "Service Port 8001" number: 8001 state: absent @@ -79,14 +107,6 @@ http_ports_list: use_https: true ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_http_ports.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_http_ports/defaults/main.yml b/roles/gateway_http_ports/defaults/main.yml index cdff321a7..9df4a4b40 100644 --- a/roles/gateway_http_ports/defaults/main.yml +++ b/roles/gateway_http_ports/defaults/main.yml @@ -2,21 +2,22 @@ # These are the default variables common to most gw_conf roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the envoy http ports (available GW API ports) -http_ports_list: [] +http_ports: [] # possible fields: # - number # - use_https # - is_api_port # - state -http_ports_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -http_ports_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -http_ports_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -http_ports_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_http_ports_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_http_ports_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_http_ports_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_http_ports_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_http_ports/meta/argument_specs.yml b/roles/gateway_http_ports/meta/argument_specs.yml index 0e6351a6c..0220be1dd 100644 --- a/roles/gateway_http_ports/meta/argument_specs.yml +++ b/roles/gateway_http_ports/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create http ports on automation platform gateway. options: - http_ports_list: + http_ports: description: Data structure describing http(s) ports where Envoy proxy listens type: list required: true @@ -30,13 +30,13 @@ argument_specs: type: bool description: If true, port is used for serving remote AAP APIs. Only one can be set to True state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource # Async variables - http_ports_async_retries: + gateway_http_ports_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -44,7 +44,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - http_ports_async_delay: + gateway_http_ports_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -61,7 +61,7 @@ argument_specs: # No_log variables - http_ports_secure_logging: + gateway_http_ports_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_http_ports/meta/main.yml b/roles/gateway_http_ports/meta/main.yml index a057c2bbb..d8fabb15a 100644 --- a/roles/gateway_http_ports/meta/main.yml +++ b/roles/gateway_http_ports/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: http_ports + role_name: gateway_http_ports author: Martin Slemr description: An Ansible Role to define http ports in automation platform gateway. company: Red Hat diff --git a/roles/gateway_http_ports/tasks/main.yml b/roles/gateway_http_ports/tasks/main.yml index 4f50b2ff3..4ba160fd6 100644 --- a/roles/gateway_http_ports/tasks/main.yml +++ b/roles/gateway_http_ports/tasks/main.yml @@ -6,7 +6,7 @@ number: "{{ __gateway_http_ports_item.number | default(omit) }}" use_https: "{{ __gateway_http_ports_item.use_https | default(false) }}" is_api_port: "{{ __gateway_http_ports_item.is_api_port | default(false) }}" - state: "{{ __gateway_http_ports_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_http_ports_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" @@ -15,10 +15,12 @@ gateway_token: "{{ aap_token | default(omit, true) }}" gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ http_ports if http_ports is defined else http_ports_list }}" + loop: "{{ http_ports }}" loop_control: loop_var: __gateway_http_ports_item - no_log: "{{ http_ports_secure_logging }}" + label: "{{ __operation.verb }} AAP Platform Http Ports {{ __gateway_http_ports_item.name }}" + pause: "{{ gateway_http_ports_loop_delay }}" + no_log: "{{ gateway_http_ports_secure_logging }}" async: 1000 poll: 0 register: __gateway_http_ports_job_async @@ -31,13 +33,14 @@ jid: "{{ __gateway_http_ports_job_async_results_item.ansible_job_id }}" register: __gateway_http_ports_job_async_result until: __gateway_http_ports_job_async_result.finished - retries: "{{ http_ports_async_retries }}" - delay: "{{ http_ports_async_delay }}" + retries: "{{ gateway_http_ports_async_retries }}" + delay: "{{ gateway_http_ports_async_delay }}" loop: "{{ __gateway_http_ports_job_async.results }}" loop_control: loop_var: __gateway_http_ports_job_async_results_item + label: "{{ __operation.verb }} AAP Platform Http Ports {{ __gateway_http_ports_job_async_result.__gateway_http_ports_item.name }} | Wait for finish the Http Ports {{ __operation.action }}" when: __gateway_http_ports_job_async_results_item.ansible_job_id is defined - no_log: "{{ http_ports_secure_logging }}" + no_log: "{{ gateway_http_ports_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_organizations/README.md b/roles/gateway_organizations/README.md index 2165c352a..9837c5417 100644 --- a/roles/gateway_organizations/README.md +++ b/roles/gateway_organizations/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.organizations +# Ansible Role infra.aap_configuration.organizations ## Description @@ -6,23 +6,51 @@ An Ansible Role to add Organizations on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:-------------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `organizations_list` (Alias: `organizations`) | [below](#organization-arguments) | yes | Data structure describing your organization entries described below. | | -| `organizations_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive organizations role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `organizations_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the organizations role. | README.md#enforcing-defaults) | -| `organizations_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `organizations_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`aap_organizations`|`see below`|yes|Data structure describing your organizations Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +aap_organizations_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_organizations_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`aap_organizations_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`aap_organizations_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`aap_organizations_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### Organization Arguments -Options for the `gateway_organizations` variable: +Options for the `aap_organizations` variable: | Variable Name | Default Value | Required | Type | Description | |:--------------|:-------------:|:--------:|:----:|:---------------------------------------------------------------------------------| @@ -43,7 +71,7 @@ Options for the `gateway_organizations` variable: ```json { - "organizations_list": [ + "aap_organizations": [ { "name": "Org 1", "description": "First Organization" @@ -62,11 +90,11 @@ Options for the `gateway_organizations` variable: - Get or create Org 2 - Rename Org 3 -File name: `data/gateway_organizations.yml` +File name: `data/aap_organizations.yml` ```yaml --- -organizations_list: +aap_organizations: - name: "Deprecated Org" state: absent - name: Org 1 @@ -81,7 +109,7 @@ organizations_list: File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. ```shell -ansible-playbook manage_data.yml -e @data/gateway_organizations.yml +ansible-playbook manage_data.yml -e @data/aap_organizations.yml ``` ## License diff --git a/roles/gateway_organizations/defaults/main.yml b/roles/gateway_organizations/defaults/main.yml index 3fd16b720..45d844ebb 100644 --- a/roles/gateway_organizations/defaults/main.yml +++ b/roles/gateway_organizations/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the organizations -organizations_list: [] -organizations_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -organizations_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +aap_organizations: [] +gateway_organizations_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_organizations_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_organizations/meta/argument_specs.yml b/roles/gateway_organizations/meta/argument_specs.yml index 860d13da4..de10b5d4f 100644 --- a/roles/gateway_organizations/meta/argument_specs.yml +++ b/roles/gateway_organizations/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create organizations on automation platform gateway. options: - organizations_list: + aap_organizations: description: Data structure describing your organizations type: list required: true @@ -20,13 +20,13 @@ argument_specs: type: str description: Description of the organization state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - organizations_async_retries: + gateway_organizations_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -34,7 +34,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - organizations_async_delay: + gateway_organizations_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -51,7 +51,7 @@ argument_specs: # No_log variables - organizations_secure_logging: + gateway_organizations_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_organizations/meta/main.yml b/roles/gateway_organizations/meta/main.yml index ea5a59a72..fbb5550f5 100644 --- a/roles/gateway_organizations/meta/main.yml +++ b/roles/gateway_organizations/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: organizations + role_name: gateway_organizations author: Martin Slemr description: An Ansible Role to create organizations in Automation Platform Gateway. company: Red Hat diff --git a/roles/gateway_organizations/tasks/main.yml b/roles/gateway_organizations/tasks/main.yml index a8e7caa7a..047ac3b83 100644 --- a/roles/gateway_organizations/tasks/main.yml +++ b/roles/gateway_organizations/tasks/main.yml @@ -4,19 +4,21 @@ name: "{{ __gateway_organizations_item.name | mandatory }}" new_name: "{{ __gateway_organizations_item.new_name | default(omit) }}" description: "{{ __gateway_organizations_item.description | default(omit) }}" - state: "{{ __gateway_organizations_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_organizations_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ organizations if organizations is defined else controller_organizations }}" + loop: "{{ aap_organizations }}" loop_control: loop_var: __gateway_organizations_item - no_log: "{{ organizations_secure_logging }}" + label: "{{ __operation.verb }} AAP Platform Organizations {{ __gateway_organizations_item.name }}" + pause: "{{ gateway_organizations_loop_delay }}" + no_log: "{{ gateway_organizations_secure_logging }}" async: 1000 poll: 0 register: __gateway_organizations_job_async @@ -29,13 +31,14 @@ jid: "{{ __gateway_organizations_job_async_results_item.ansible_job_id }}" register: __gateway_organizations_job_async_result until: __gateway_organizations_job_async_result.finished - retries: "{{ organizations_async_retries }}" - delay: "{{ organizations_async_delay }}" + retries: "{{ gateway_organizations_async_retries }}" + delay: "{{ gateway_organizations_async_delay }}" loop: "{{ __gateway_organizations_job_async.results }}" loop_control: loop_var: __gateway_organizations_job_async_results_item + label: "{{ __operation.verb }} AAP Platform Organizations {{ __gateway_organizations_job_async_result.__gateway_organizations_item.name }} | Wait for finish the Organizations {{ __operation.action }}" when: __gateway_organizations_job_async_results_item.ansible_job_id is defined - no_log: "{{ organizations_secure_logging }}" + no_log: "{{ gateway_organizations_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_role_user_assignments/README.md b/roles/gateway_role_user_assignments/README.md index 173a2fbab..0d3489d5d 100644 --- a/roles/gateway_role_user_assignments/README.md +++ b/roles/gateway_role_user_assignments/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.role_user_assignments +# Ansible Role infra.aap_configuration.role_user_assignments ## Description @@ -6,17 +6,45 @@ An Ansible Role to give a user permission to a resource like an organization. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:-----------------------------------------------------------------|:---------------------------------------------------:|:--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `role_user_assignments_list` (Alias: `role_user_assignments`) | [below](#role-user-assignments-arguments) | yes | Data structure describing your organization entries described below. | | -| `role_user_assignments_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive role_user_assignments role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `role_user_assignments_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the role_user_assignments role. | README.md#enforcing-defaults) | -| `role_user_assignments_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `role_user_assignments_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_role_user_assignments`|`see below`|yes|Data structure describing your gateway_role_user_assignment Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_role_user_assignments_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_role_user_assignments_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_role_user_assignments_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_role_user_assignments_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_role_user_assignments_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -45,7 +73,7 @@ Options for the `role_user_assignments` variable: ```json { - "role_user_assignments_list": [ + "gateway_role_user_assignments": [ { "role_definition": "Organization Member", "user": "Bob", @@ -63,7 +91,7 @@ File name: `data/gateway_role_user_assignments.yml` ```yaml --- -role_user_assignments_list: +gateway_role_user_assignments: - role_definition: Team Admin user: 1 object_id: 10 diff --git a/roles/gateway_role_user_assignments/defaults/main.yml b/roles/gateway_role_user_assignments/defaults/main.yml index d596198ae..add6389fe 100644 --- a/roles/gateway_role_user_assignments/defaults/main.yml +++ b/roles/gateway_role_user_assignments/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the role_user_assignments -role_user_assignments_list: [] -role_user_assignments_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -role_user_assignments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -role_user_assignments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -role_user_assignments_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_role_user_assignments: [] +gateway_role_user_assignments_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_role_user_assignments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_role_user_assignments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_role_user_assignments_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_role_user_assignments/meta/argument_specs.yml b/roles/gateway_role_user_assignments/meta/argument_specs.yml index 49b6a5356..db06bf68e 100644 --- a/roles/gateway_role_user_assignments/meta/argument_specs.yml +++ b/roles/gateway_role_user_assignments/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create role user assignment on automation platform gateway. options: - role_user_assignments_list: + gateway_role_user_assignments: description: Data structure describing your role user assignment type: list required: true @@ -35,13 +35,13 @@ argument_specs: required: false type: str state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - role_user_assignments_async_retries: + gateway_role_user_assignments_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -49,7 +49,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - role_user_assignments_async_delay: + gateway_role_user_assignments_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -66,7 +66,7 @@ argument_specs: # No_log variables - role_user_assignments_secure_logging: + gateway_role_user_assignments_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_role_user_assignments/meta/main.yml b/roles/gateway_role_user_assignments/meta/main.yml index baf4a3bee..b29634afa 100644 --- a/roles/gateway_role_user_assignments/meta/main.yml +++ b/roles/gateway_role_user_assignments/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: role_user_assignments + role_name: gateway_role_user_assignments author: Martin Slemr description: An Ansible Role to create RBAC Role User Assignments in Automation Platform gateway. company: Red Hat diff --git a/roles/gateway_role_user_assignments/tasks/main.yml b/roles/gateway_role_user_assignments/tasks/main.yml index ad71e3595..018b546cc 100644 --- a/roles/gateway_role_user_assignments/tasks/main.yml +++ b/roles/gateway_role_user_assignments/tasks/main.yml @@ -6,14 +6,14 @@ user_ansible_id: "{{ __gateway_role_user_assignments_item.user_ansible_id | default(omit) }}" object_id: "{{ __gateway_role_user_assignments_item.object_id | default(omit) }}" object_ansible_id: "{{ __gateway_role_user_assignments_item.object_ansible_id | default(omit) }}" - state: "{{ __gateway_role_user_assignments_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_role_user_assignments_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ role_user_assignments if role_user_assignments is defined else role_user_assignments_list }}" loop_control: diff --git a/roles/gateway_routes/README.md b/roles/gateway_routes/README.md index f330df29c..24323c552 100644 --- a/roles/gateway_routes/README.md +++ b/roles/gateway_routes/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.routes +# Ansible Role infra.aap_configuration.routes ## Description @@ -8,17 +8,45 @@ http port and path in the destination service (gateway, controller, hub, eda). ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `routes_list` (Alias: routes) | [below](#service-arguments) | yes | Data structure describing your route entries described below. | | -| `routes_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive route role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `routes_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the route role. | README.md#enforcing-defaults) | -| `routes_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `routes_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_routes`|`see below`|yes|Data structure describing your gateway_routes Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_routes_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_routes_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_routes_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_routes_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_routes_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -58,7 +86,7 @@ Options for the `routes_list` variable: ```json { - "services_list": [ + "gateway_services": [ { "name": "Controller Config Route", "state": "exists" @@ -90,7 +118,7 @@ File name: `data/gateway_routes.yml` ```yaml --- -gateway_state: exists +platform_state: exists routes_list: - name: "Controller Config route" gateway_path: '/config/controller/' @@ -100,14 +128,6 @@ routes_list: - name: 4 ``` -## Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_routes.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_routes/defaults/main.yml b/roles/gateway_routes/defaults/main.yml index 9fcccd950..d4ceebe30 100644 --- a/roles/gateway_routes/defaults/main.yml +++ b/roles/gateway_routes/defaults/main.yml @@ -2,16 +2,18 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the service nodes -routes_list: [] -routes_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -routes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -routes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -routes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_gateway_routes: [] +gateway_routes_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_routes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_routes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_routes_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +gateway_routes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_routes/meta/argument_specs.yml b/roles/gateway_routes/meta/argument_specs.yml index a152bf262..4135cfc16 100644 --- a/roles/gateway_routes/meta/argument_specs.yml +++ b/roles/gateway_routes/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create service nodes on automation platform gateway. options: - routes_list: + gateway_routes: description: Data structure describing your service nodes type: list required: true @@ -57,13 +57,13 @@ argument_specs: Comma separated string Selects which (tagged) nodes receive traffic from this route state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - routes_async_retries: + gateway_routes_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -71,7 +71,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - routes_async_delay: + gateway_routes_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -88,7 +88,7 @@ argument_specs: # No_log variables - routes_secure_logging: + gateway_routes_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_routes/meta/main.yml b/roles/gateway_routes/meta/main.yml index ead81e3e9..65086f31e 100644 --- a/roles/gateway_routes/meta/main.yml +++ b/roles/gateway_routes/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: routes + role_name: gateway_routes author: Martin Slemr description: An Ansible Role to create service non-API routes in automation platform gateway. company: Red Hat diff --git a/roles/gateway_routes/tasks/main.yml b/roles/gateway_routes/tasks/main.yml index ffba561c0..61c59ea76 100644 --- a/roles/gateway_routes/tasks/main.yml +++ b/roles/gateway_routes/tasks/main.yml @@ -12,19 +12,21 @@ service_path: "{{ __gateway_routes_item.service_path | default(omit) }}" service_port: "{{ __gateway_routes_item.service_port | default(omit) }}" node_tags: "{{ __gateway_routes_item.node_tags | default(omit) }}" - state: "{{ __gateway_routes_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_routes_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ routes if routes is defined else routes_list }}" + loop: "{{ gateway_routes }}" loop_control: loop_var: __gateway_routes_item - no_log: "{{ routes_secure_logging }}" + label: "{{ __operation.verb }} the label {{ __gateway_routes_item.name }} to Controller" + pause: "{{ controller_configuration_labels_loop_delay }}" + no_log: "{{ gateway_routes_secure_logging }}" async: 1000 poll: 0 register: __gateway_routes_job_async @@ -42,8 +44,9 @@ loop: "{{ __gateway_routes_job_async.results }}" loop_control: loop_var: __gateway_routes_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_routes_job_async_results_item.__gateway_routes_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_routes_job_async_results_item.ansible_job_id is defined - no_log: "{{ routes_secure_logging }}" + no_log: "{{ gateway_routes_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_clusters/README.md b/roles/gateway_service_clusters/README.md index 73df71618..1e7beeaab 100644 --- a/roles/gateway_service_clusters/README.md +++ b/roles/gateway_service_clusters/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.service_clusters +# Ansible Role infra.aap_configuration.service_clusters ## Description @@ -6,23 +6,51 @@ An Ansible Role to configure Service Clusters on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:----------------------------------------------------------|:---------------------------------------------------:|:--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `service_clusters_list` (Alias: service_clusters) | [below](#service-cluster-arguments) | yes | Data structure describing your service_cluster entries described below. | | -| `service_clusters_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_cluster role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `service_clusters_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service cluster role. | README.md#enforcing-defaults) | -| `service_clusters_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `service_clusters_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_service_clusters`|`see below`|yes|Data structure describing your gateway_service_clusters Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_service_clusters_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_service_clusters_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_service_clusters_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_service_clusters_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_service_clusters_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### Service Cluster Arguments -Options for the `service_clusters_list` variable: +Options for the `gateway_service_nodes` variable: | Variable Name | Default Value | Required | Type | Description | |:---------------|:-------------:|:------------------:|:----:|:----------------------------------------------------------------------------------------| @@ -45,8 +73,8 @@ Options for the `service_clusters_list` variable: ```json { - "gateway_state": "absent", - "service_clusters_list": [ + "platform_state": "absent", + "gateway_service_clusters": [ { "name": "Automation Controller" }, @@ -71,7 +99,7 @@ File name: `data/service_clusters.yml` ```yaml --- -service_clusters_list: +gateway_service_clusters: - name: "Automation Controller" service_type: controller state: present @@ -81,14 +109,6 @@ service_clusters_list: new_name: "Ansible Galaxy" ``` -## Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_service_clusters.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_clusters/defaults/main.yml b/roles/gateway_service_clusters/defaults/main.yml index ed54fd928..3594095ed 100644 --- a/roles/gateway_service_clusters/defaults/main.yml +++ b/roles/gateway_service_clusters/defaults/main.yml @@ -2,16 +2,16 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the service clusters -service_clusters_list: [] -service_clusters_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -service_clusters_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -service_clusters_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -service_clusters_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_service_clusters: [] +gateway_service_clusters_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_service_clusters_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_service_clusters_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_service_clusters/meta/argument_specs.yml b/roles/gateway_service_clusters/meta/argument_specs.yml index 59e44ac62..6f140f839 100644 --- a/roles/gateway_service_clusters/meta/argument_specs.yml +++ b/roles/gateway_service_clusters/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create service clusters on automation platform gateway. options: - service_clusters_list: + gateway_service_clusters: description: Data structure describing your service clusters type: list required: true @@ -22,7 +22,7 @@ argument_specs: Type of service ["hub", "controller", "eda", "gateway"] Required when creating new Service Cluster state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. @@ -58,7 +58,7 @@ argument_specs: description: The number of consecutive successful health checks before a node is considered healthy. # Async variables - service_clusters_async_retries: + gateway_service_clusters_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -66,7 +66,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - service_clusters_async_delay: + gateway_service_clusters_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -83,7 +83,7 @@ argument_specs: # No_log variables - service_clusters_secure_logging: + gateway_service_clusters_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_service_clusters/meta/main.yml b/roles/gateway_service_clusters/meta/main.yml index 681d783d6..505b755b6 100644 --- a/roles/gateway_service_clusters/meta/main.yml +++ b/roles/gateway_service_clusters/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: service_clusters + role_name: gateway_service_clusters author: Martin Slemr description: An Ansible Role to create service clusters in automation platform gateway. company: Red Hat diff --git a/roles/gateway_service_clusters/tasks/main.yml b/roles/gateway_service_clusters/tasks/main.yml index 4cfe94c61..47b6accad 100644 --- a/roles/gateway_service_clusters/tasks/main.yml +++ b/roles/gateway_service_clusters/tasks/main.yml @@ -4,7 +4,7 @@ name: "{{ __gateway_service_clusters_item.name | mandatory }}" new_name: "{{ __gateway_service_clusters_item.new_name | default(omit) }}" service_type: "{{ __gateway_service_clusters_item.service_type | default(omit) }}" - state: "{{ __gateway_service_clusters_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_service_clusters_item.state | default(platform_state | default(omit, true)) }}" outlier_detection_enabled: "{{ __gateway_service_clusters_item.outlier_detection_enabled | default(omit) }}" outlier_detection_consecutive_5xx: "{{ __gateway_service_clusters_item.outlier_detection_consecutive_5xx | default(omit) }}" outlier_detection_interval_seconds: "{{ __gateway_service_clusters_item.outlier_detection_interval_seconds | default(omit) }}" @@ -21,12 +21,14 @@ gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ service_clusters if service_clusters is defined else service_clusters_list }}" + loop: "{{ gateway_service_clusters }}" loop_control: loop_var: __gateway_service_clusters_item - no_log: "{{ service_clusters_secure_logging }}" + label: "{{ __operation.verb }} the label {{ __gateway_service_clusters_item.name }} to Controller" + pause: "{{ controller_configuration_labels_loop_delay }}" + no_log: "{{ gateway_service_clusters_secure_logging }}" async: 1000 poll: 0 register: __gateway_service_clusters_job_async @@ -39,13 +41,14 @@ jid: "{{ __gateway_service_clusters_job_async_results_item.ansible_job_id }}" register: __gateway_service_clusters_job_async_result until: __gateway_service_clusters_job_async_result.finished - retries: "{{ service_clusters_async_retries }}" - delay: "{{ service_clusters_async_delay }}" + retries: "{{ gateway_service_clusters_async_retries }}" + delay: "{{ gateway_service_clusters_async_delay }}" loop: "{{ __gateway_service_clusters_job_async.results }}" loop_control: loop_var: __gateway_service_clusters_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_service_clusters_job_async_results_item.__gateway_service_clusters_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_service_clusters_job_async_results_item.ansible_job_id is defined - no_log: "{{ service_clusters_secure_logging }}" + no_log: "{{ gateway_service_clusters_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_keys/README.md b/roles/gateway_service_keys/README.md index 043dcd516..ddaf24571 100644 --- a/roles/gateway_service_keys/README.md +++ b/roles/gateway_service_keys/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.service_keys +# Ansible Role infra.aap_configuration.service_keys ## Description @@ -6,23 +6,51 @@ An Ansible Role to configure Service Keys on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:------------------------------------------------------|:---------------------------------------------------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `service_keys_list` (Alias: `service_keys`) | [below](#service-key-arguments) | yes | Data structure describing your service_key entries described below. | | -| `service_keys_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_key role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `service_keys_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service key role. | README.md#enforcing-defaults) | -| `service_keys_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `service_keys_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_gateway_service_keys`|`see below`|yes|Data structure describing your gateway_gateway_service_keys Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_gateway_service_keys_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_gateway_service_keys_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_gateway_service_keys_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_gateway_service_keys_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_gateway_service_keys_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### Service Key Arguments -Options for the `service_keys_list` variable: +Options for the `gateway_service_keys` variable: | Variable Name | Default Value | Required | Type | Description | |:-------------------------|:------------------:|:--------:|:----:|:---------------------------------------------------------------------------------| @@ -49,7 +77,7 @@ Options for the `service_keys_list` variable: ```json { - "service_keys_list": [ + "gateway_service_keys": [ { "name": "Key 1", "state": "exists" @@ -73,7 +101,7 @@ File name: `data/gateway_service_keys.yml` ```yaml --- -service_keys_list: +gateway_service_keys: - name: "Controller Key 1" is_active: false service_cluster: controller @@ -82,14 +110,6 @@ service_keys_list: state: absent ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_service_keys.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_keys/defaults/main.yml b/roles/gateway_service_keys/defaults/main.yml index 871695730..5d47d0fef 100644 --- a/roles/gateway_service_keys/defaults/main.yml +++ b/roles/gateway_service_keys/defaults/main.yml @@ -2,16 +2,15 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the service_key role # a list of dictionaries describing the service keys -service_keys_list: [] -service_keys_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -service_keys_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_gateway_service_keys: [] +gateway_service_keys_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" +gateway_service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}" ... diff --git a/roles/gateway_service_keys/meta/argument_specs.yml b/roles/gateway_service_keys/meta/argument_specs.yml index fa0143ad8..6a910e606 100644 --- a/roles/gateway_service_keys/meta/argument_specs.yml +++ b/roles/gateway_service_keys/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create service keys on automation platform gateway. options: - service_keys_list: + gateway_gateway_service_keys: description: Data structure describing your service keys type: list required: true @@ -40,13 +40,13 @@ argument_specs: description: | If true any other secret keys for this service will become inactive state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - service_keys_async_retries: + gateway_service_keys_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -54,7 +54,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - service_keys_async_delay: + gateway_service_keys_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -71,7 +71,7 @@ argument_specs: # No_log variables - service_keys_secure_logging: + gateway_service_keys_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_service_keys/meta/main.yml b/roles/gateway_service_keys/meta/main.yml index ac7519324..378cb6926 100644 --- a/roles/gateway_service_keys/meta/main.yml +++ b/roles/gateway_service_keys/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: service_keys + role_name: gateway_gateway_service_keys author: Martin Slemr description: An Ansible Role to create service keys in automation platform gateway. company: Red Hat diff --git a/roles/gateway_service_keys/tasks/main.yml b/roles/gateway_service_keys/tasks/main.yml index 29aedf940..74f0c45a7 100644 --- a/roles/gateway_service_keys/tasks/main.yml +++ b/roles/gateway_service_keys/tasks/main.yml @@ -9,19 +9,21 @@ secret: "{{ __gateway_service_keys_item.secret | default(omit) }}" secret_length: "{{ __gateway_service_keys_item.secret_length | default(omit) }}" mark_previous_inactive: "{{ __gateway_service_keys_item.mark_previous_inactive | default(omit) }}" - state: "{{ __gateway_service_keys_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_service_keys_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ service_keys if service_keys is defined else service_keys_list }}" + loop: "{{ gateway_gateway_service_keys }}" loop_control: loop_var: __gateway_service_keys_item - no_log: "{{ service_keys_secure_logging }}" + label: "{{ __operation.verb }} the label {{ __gateway_service_keys_item.name }} to Controller" + pause: "{{ gateway_gateway_service_keys_loop_delay }}" + no_log: "{{ gateway_service_keys_secure_logging }}" async: 1000 poll: 0 register: __gateway_service_keys_job_async @@ -34,13 +36,14 @@ jid: "{{ __gateway_service_keys_job_async_results_item.ansible_job_id }}" register: __gateway_service_keys_job_async_result until: __gateway_service_keys_job_async_result.finished - retries: "{{ service_keys_async_retries }}" - delay: "{{ service_keys_async_delay }}" + retries: "{{ gateway_service_keys_async_retries }}" + delay: "{{ gateway_service_keys_async_delay }}" loop: "{{ __gateway_service_keys_job_async.results }}" loop_control: loop_var: __gateway_service_keys_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_service_keys_job_async_results_item.__gateway_service_keys_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_service_keys_job_async_results_item.ansible_job_id is defined - no_log: "{{ service_keys_secure_logging }}" + no_log: "{{ gateway_gateway_service_keys_secure_logging }}" vars: ansible_async_dir: "{{ aap_configuration_async_dir | default(omit) }}" ... diff --git a/roles/gateway_service_nodes/README.md b/roles/gateway_service_nodes/README.md index 39b81071c..6683b548a 100644 --- a/roles/gateway_service_nodes/README.md +++ b/roles/gateway_service_nodes/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.service_nodes +# Ansible Role infra.aap_configuration.service_nodes ## Description @@ -6,17 +6,61 @@ An Ansible Role to configure Service Nodes on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:-------------------------------------------------------|:---------------------------------------------------:|:--------:|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `service_nodes_list` (Alias: `service_nodes`) | [below](#service-node-arguments) | yes | Data structure describing your service_node entries described below. | | -| `service_nodes_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service_node role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `service_nodes_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service node role. | README.md#enforcing-defaults) | -| `service_nodes_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `service_nodes_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_service_nodes`|`see below`|yes|Data structure describing your gateway_service_nodes Described below.|| + +### Enforcing defaults + +The following Variables compliment each other. +If Both variables are not set, enforcing default values is not done. +Enabling these variables enforce default values on options that are optional in the controller API. +This should be enabled to enforce configuration and prevent configuration drift. It is recomended to be enabled, however it is not enforced by default. + +Enabling this will enforce configurtion without specifying every option in the configuration files. + +'gateway_service_nodes_enforce_defaults' defaults to the value of 'aap_configuration_enforce_defaults' if it is not explicitly called. This allows for enforced defaults to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_service_nodes_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared globally.| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_service_nodes_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_service_nodes_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_service_nodes_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_service_nodes_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_service_nodes_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -47,7 +91,7 @@ Options for the `service_nodes_list` variable: ```json { - "service_nodes_list": [ + "gateway_service_nodes": [ { "name": "EDA - 10.0.0.1", "state": "exists" @@ -69,7 +113,7 @@ File name: `data/service_nodes.yml` ```yaml --- -service_nodes_list: +gateway_service_nodes: - name: "Controller Node 1" address: 10.0.0.1 service_cluster: controller @@ -77,14 +121,6 @@ service_nodes_list: state: absent ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_service_nodes.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_service_nodes/defaults/main.yml b/roles/gateway_service_nodes/defaults/main.yml index 46bfa76c4..8a4694edd 100644 --- a/roles/gateway_service_nodes/defaults/main.yml +++ b/roles/gateway_service_nodes/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the service nodes -service_nodes_list: [] -service_nodes_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -service_nodes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -service_nodes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -service_nodes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_service_nodes: [] +gateway_service_nodes_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_service_nodes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_service_nodes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_service_nodes_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_service_nodes/meta/argument_specs.yml b/roles/gateway_service_nodes/meta/argument_specs.yml index 7afdf1f76..c278a2068 100644 --- a/roles/gateway_service_nodes/meta/argument_specs.yml +++ b/roles/gateway_service_nodes/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create service nodes on automation platform gateway. options: - service_nodes_list: + gateway_service_nodes: description: Data structure describing your service nodes type: list required: true @@ -28,13 +28,13 @@ argument_specs: - Comma separated string - Selects which (tagged) nodes receive traffic from this route state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - service_nodes_async_retries: + gateway_service_nodes_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -42,7 +42,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - service_nodes_async_delay: + gateway_service_nodes_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -59,7 +59,7 @@ argument_specs: # No_log variables - service_nodes_secure_logging: + gateway_service_nodes_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_service_nodes/meta/main.yml b/roles/gateway_service_nodes/meta/main.yml index aa8adefeb..dc06538ab 100644 --- a/roles/gateway_service_nodes/meta/main.yml +++ b/roles/gateway_service_nodes/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: service_nodes + role_name: gateway_service_nodes author: Martin Slemr description: An Ansible Role to create service nodes in automation platform gateway. company: Red Hat diff --git a/roles/gateway_service_nodes/tasks/main.yml b/roles/gateway_service_nodes/tasks/main.yml index fb7e46636..b9216651e 100644 --- a/roles/gateway_service_nodes/tasks/main.yml +++ b/roles/gateway_service_nodes/tasks/main.yml @@ -6,18 +6,20 @@ address: "{{ __gateway_service_nodes_item.address | default(omit) }}" service_cluster: "{{ __gateway_service_nodes_item.service_cluster | default(omit) }}" tags: "{{ __gateway_service_nodes_item.tags | default(omit) }}" - state: "{{ __gateway_service_nodes_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_service_nodes_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ service_nodes if service_nodes is defined else service_nodes_list }}" + loop: "{{ gateway_service_nodes }}" loop_control: loop_var: __gateway_service_nodes_item + label: "{{ __operation.verb }} the label {{ __gateway_service_nodes_item.name }} to Controller" + pause: "{{ gateway_service_nodes_loop_delay }}" no_log: "{{ service_nodes_secure_logging }}" async: 1000 poll: 0 @@ -36,6 +38,7 @@ loop: "{{ __gateway_service_nodes_job_async.results }}" loop_control: loop_var: __gateway_service_nodes_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_service_nodes_job_async_results_item.__gateway_service_nodes_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_service_nodes_job_async_results_item.ansible_job_id is defined no_log: "{{ service_nodes_secure_logging }}" vars: diff --git a/roles/gateway_services/README.md b/roles/gateway_services/README.md index b277e6a51..282bd530c 100644 --- a/roles/gateway_services/README.md +++ b/roles/gateway_services/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.services +# Ansible Role infra.aap_configuration.services ## Description @@ -8,23 +8,51 @@ http port and path in the destination service (gateway, controller, hub, eda). ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:--------------------------------------------------|:---------------------------------------------------:|:--------:|:---------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `services_list` (Alias: services) | [below](#service-arguments) | yes | Data structure describing your service entries described below. | | -| `services_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive service role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `services_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the service role. | README.md#enforcing-defaults) | -| `services_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `services_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_services`|`see below`|yes|Data structure describing your gateway_services Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_services_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_services_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_services_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_services_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_services_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### Service Arguments -Options for the `services_list` variable: +Options for the `gateway_services` variable: | Variable Name | Default Value | Required | Type | Description | |:----------------------|:-------------------:|:--------:|:----:|:--------------------------------------------------------------------------------------------------------------------------------------------------| @@ -61,7 +89,7 @@ Options for the `services_list` variable: ```json { - "services_list": [ + "gateway_services": [ { "name": "Controller API", "state": "exists" @@ -94,22 +122,14 @@ File name: `data/services.yml` ```yaml --- -gateway_state: absent -service_clusters_list: +platform_state: absent +gateway_service_clusters: - name: Controller API - name: Hub API - name: EDA API - name: Gateway API ``` -## Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_services.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_services/defaults/main.yml b/roles/gateway_services/defaults/main.yml index 70890e3b3..f63eb9f96 100644 --- a/roles/gateway_services/defaults/main.yml +++ b/roles/gateway_services/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the services -services_list: [] -services_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -services_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -services_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -services_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_services: [] +gateway_services_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_services_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_services_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_services_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_services/meta/argument_specs.yml b/roles/gateway_services/meta/argument_specs.yml index 22c045df2..62b2095af 100644 --- a/roles/gateway_services/meta/argument_specs.yml +++ b/roles/gateway_services/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create services on automation platform gateway. options: - services_list: + gateway_services: description: Data structure describing your services type: list required: true @@ -60,13 +60,13 @@ argument_specs: type: int description: The order to apply the routes in lower numbers are first. Items with the same value have no guaranteed order state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - services_async_retries: + gateway_services_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -74,7 +74,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - services_async_delay: + gateway_services_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -91,7 +91,7 @@ argument_specs: # No_log variables - services_secure_logging: + gateway_services_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_services/meta/main.yml b/roles/gateway_services/meta/main.yml index dbfb09aa9..a0e43feb9 100644 --- a/roles/gateway_services/meta/main.yml +++ b/roles/gateway_services/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: services + role_name: gateway_services author: Martin Slemr description: An Ansible Role to create service API routes in automation platform gateway. company: Red Hat diff --git a/roles/gateway_services/tasks/main.yml b/roles/gateway_services/tasks/main.yml index 76c865477..c41f2ae3c 100644 --- a/roles/gateway_services/tasks/main.yml +++ b/roles/gateway_services/tasks/main.yml @@ -13,18 +13,20 @@ service_port: "{{ __gateway_services_item.service_port | default(omit) }}" node_tags: "{{ __gateway_services_item.node_tags | default(omit) }}" order: "{{ __gateway_services_item.order | default(omit) }}" - state: "{{ __gateway_services_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_services_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ services if services is defined else services_list }}" + loop: "{{ gateway_services }}" loop_control: loop_var: __gateway_services_item + label: "{{ __operation.verb }} the label {{ __gateway_services_item.name }} to Controller" + pause: "{{ gateway_services_loop_delay }}" no_log: "{{ services_secure_logging }}" async: 1000 poll: 0 @@ -43,6 +45,7 @@ loop: "{{ __gateway_services_job_async.results }}" loop_control: loop_var: __gateway_services_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_services_job_async_results_item.__gateway_services_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_services_job_async_results_item.ansible_job_id is defined no_log: "{{ services_secure_logging }}" vars: diff --git a/roles/gateway_settings/README.md b/roles/gateway_settings/README.md index d356cfa79..9b017e7c2 100644 --- a/roles/gateway_settings/README.md +++ b/roles/gateway_settings/README.md @@ -1,22 +1,31 @@ -# Ansible Role infra.platform_configuration.settings +# Ansible Role infra.aap_configuration.settings An Ansible role to alter Settings on Ansible Automation Gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md). -Settings doesn't implement the `gateway_configuration_enforce_defaults` because it's not applicable. - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:------------------------------------------------|:--------------------------------------------------:|:--------:|:----------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `gateway_settings` | [below](#settings-arguments) | yes | Data structure describing your setting entries described below. | | -| `gateway_settings_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive settings role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `gateway_settings_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `gateway_settings_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | - -**Note**: Secure Logging defaults to `True` if both variables are not set +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`gateway_settings`|`see below`|yes|Data structure describing your gateway_services Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_services_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_services_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -67,14 +76,6 @@ gateway_settings: ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_settings.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_settings/meta/argument_specs.yml b/roles/gateway_settings/meta/argument_specs.yml index aea362d07..3c202a8b1 100644 --- a/roles/gateway_settings/meta/argument_specs.yml +++ b/roles/gateway_settings/meta/argument_specs.yml @@ -35,7 +35,7 @@ argument_specs: # No_log variables - settings_secure_logging: + gateway_services_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool diff --git a/roles/gateway_settings/meta/main.yml b/roles/gateway_settings/meta/main.yml index 8f10590ec..07bfefa08 100644 --- a/roles/gateway_settings/meta/main.yml +++ b/roles/gateway_settings/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: settings + role_name: gateway_settings author: Sean Sullivan description: A role to set some Ansible Automation gateway settings company: Red Hat diff --git a/roles/gateway_settings/tasks/main.yml b/roles/gateway_settings/tasks/main.yml index 48c84ffe0..b2e5f0240 100644 --- a/roles/gateway_settings/tasks/main.yml +++ b/roles/gateway_settings/tasks/main.yml @@ -6,8 +6,8 @@ # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" - gateway_password: "{{ aap_password | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" + gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" diff --git a/roles/gateway_teams/README.md b/roles/gateway_teams/README.md index 03a0d8f19..6f4b7431e 100644 --- a/roles/gateway_teams/README.md +++ b/roles/gateway_teams/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.teams +# Ansible Role infra.aap_configuration.teams ## Description @@ -6,17 +6,45 @@ An Ansible Role to add Teams on Ansible Automation gateway. ## Variables -Detailed description of variables are provided in the [top-level README](../../README.md) - -Variables specific for this role are following: - -| Variable Name | Default Value | Required | Description | | -|:-----------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `platform_teams` (Alias: `teams`) | [below](#Team Arguments) | yes | Data structure describing your team entries described below. | | -| `platform_teams_secure_logging` | `aap_configuration_secure_logging` OR `false` | no | Whether or not to include the sensitive team role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `platform_teams_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the team role. | README.md#enforcing-defaults) | -| `platform_teams_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `platform_teams_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`aap_teams`|`see below`|yes|Data structure describing your teams Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_teams_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_teams_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_teams_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_teams_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_teams_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure @@ -82,14 +110,6 @@ teams: new_organization: "Secret Organization" ``` -### Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_teams.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_teams/defaults/main.yml b/roles/gateway_teams/defaults/main.yml index f6a155aa9..e2131b7bf 100644 --- a/roles/gateway_teams/defaults/main.yml +++ b/roles/gateway_teams/defaults/main.yml @@ -2,16 +2,17 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the teams -platform_teams: [] -platform_teams_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" -platform_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -platform_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -platform_teams_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +aap_teams: [] +gateway_teams_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_teams_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_teams/meta/argument_specs.yml b/roles/gateway_teams/meta/argument_specs.yml index 78b5b60b9..69b572e04 100644 --- a/roles/gateway_teams/meta/argument_specs.yml +++ b/roles/gateway_teams/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create teams on automation platform gateway. options: - platform_teams: + aap_teams: description: Data structure describing your teams type: list required: true @@ -27,13 +27,13 @@ argument_specs: type: str description: Setting this option will change the existing organization (looked up via the organization field) state: - default: "{{ gateway_state | default('present') }}" + default: "{{ platform_state | default('present') }}" required: false type: str description: Desired state of the resource. # Async variables - platform_teams_async_retries: + gateway_teams_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -41,7 +41,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - platform_teams_async_delay: + gateway_teams_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -58,7 +58,7 @@ argument_specs: # No_log variables - platform_teams_secure_logging: + gateway_teams_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool diff --git a/roles/gateway_teams/meta/main.yml b/roles/gateway_teams/meta/main.yml index b515bdee0..fdca9958b 100644 --- a/roles/gateway_teams/meta/main.yml +++ b/roles/gateway_teams/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: teams + role_name: gateway_teams author: Martin Slemr description: An Ansible Role to create teams in automation platform gateway. company: Red Hat diff --git a/roles/gateway_teams/tasks/main.yml b/roles/gateway_teams/tasks/main.yml index 4b41556c6..9bdf4d44a 100644 --- a/roles/gateway_teams/tasks/main.yml +++ b/roles/gateway_teams/tasks/main.yml @@ -6,19 +6,21 @@ description: "{{ __gateway_teams_item.description | default(omit) }}" organization: "{{ __gateway_teams_item.organization | default(omit) }}" new_organization: "{{ __gateway_teams_item.new_organization | default(omit) }}" - state: "{{ __gateway_teams_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_teams_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" gateway_username: "{{ aap_username | default(omit, true) }}" gateway_password: "{{ aap_password | default(omit, true) }}" gateway_token: "{{ aap_token | default(omit, true) }}" - gateway_request_timeout: "{{ aap_request_timeout | default(omit, 10) }}" + gateway_request_timeout: "{{ aap_request_timeout | default(omit, true) }}" gateway_validate_certs: "{{ aap_validate_certs | default(omit) }}" - loop: "{{ platform_teams }}" + loop: "{{ aap_teams }}" loop_control: loop_var: __gateway_teams_item - no_log: "{{ platform_teams_secure_logging }}" + label: "{{ __operation.verb }} the label {{ __gateway_teams_item.name }} to Controller" + pause: "{{ gateway_teams_loop_delay }}" + no_log: "{{ gateway_teams_secure_logging }}" async: 1000 poll: 0 register: __gateway_teams_job_async @@ -31,11 +33,12 @@ jid: "{{ __gateway_teams_job_async_results_item.ansible_job_id }}" register: __gateway_teams_job_async_result until: __gateway_teams_job_async_result.finished - retries: "{{ platform_teams_async_retries }}" - delay: "{{ platform_teams_async_delay }}" + retries: "{{ gateway_teams_async_retries }}" + delay: "{{ gateway_teams_async_delay }}" loop: "{{ __gateway_teams_job_async.results }}" loop_control: loop_var: __gateway_teams_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_teams_job_async_results_item.__gateway_teams_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_teams_job_async_results_item.ansible_job_id is defined no_log: "{{ platform_teams_secure_logging }}" vars: diff --git a/roles/gateway_users/README.md b/roles/gateway_users/README.md index 03c82c2cf..b87a5f8a2 100644 --- a/roles/gateway_users/README.md +++ b/roles/gateway_users/README.md @@ -1,4 +1,4 @@ -# Ansible Role infra.platform_configuration.users +# Ansible Role infra.aap_configuration.users ## Description @@ -6,22 +6,51 @@ An Ansible Role to configure users on Ansible Automation gateway. ## Variables -| Variable Name | Default Value | Required | Description | | -|:--------------------------------------------------|:---------------------------------------------------:|:--------:|:------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------:| -| `users_list` (Alias: `users`) | [below](#user-arguments) | yes | Data structure describing your user entries described below. | | -| `users_secure_logging` | `aap_configuration_secure_logging` OR `true` | no | Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere. | | -| `users_enforce_defaults` | `aap_configuration_enforce_defaults` OR `false` | no | Whether or not to enforce default option values on only the user role. | README.md#enforcing-defaults) | -| `users_async_retries` | `aap_configuration_async_retries` OR `30` | no | This variable sets the number of retries to attempt for the role. | | -| `users_async_delay` | `aap_configuration_async_delay` OR `1` | no | This sets the delay between retries for the role. | | -| `users_default_password` | "" | no | Global variable to set the password for all users. | | - -**Note**: Secure Logging defaults to True if both variables are not set +|Variable Name|Default Value|Required|Description|Example| +|:---|:---:|:---:|:---|:---| +|`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| +|`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| +|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| +|`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| +|`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| +|`aap_request_timeout`|`10`|no|Specify the timeout in seconds Ansible should use in requests to the controller host.|| +|`aap_user_accounts`|`see below`|yes|Data structure describing your users Described below.|| + +### Secure Logging Variables + +The following Variables compliment each other. +If Both variables are not set, secure logging defaults to false. +The role defaults to False as normally the add ee_registry task does not include sensitive information. +gateway_users_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`gateway_users_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| + +### Asynchronous Retry Variables + +The following Variables set asynchronous retries for the role. +If neither of the retries or delay or retries are set, they will default to their respective defaults. +This allows for all items to be created, then checked that the task finishes successfully. +This also speeds up the overall role. + +|Variable Name|Default Value|Required|Description| +|:---:|:---:|:---:|:---:| +|`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| +|`gateway_users_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| +|`gateway_users_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`gateway_users_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| +|`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.| ## Data Structure ### User Arguments -Options for the `gateway_users` variable: +Options for the `aap_user_accounts` variable: | Variable Name | Default Value | Required | Type | Description | |:--------------------|:-------------------------------------:|:--------:|:----:|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -49,7 +78,7 @@ Options for the `gateway_users` variable: ```json { "users_default_password": "changeme", - "users_list": [ + "aap_user_accounts": [ { "username": "jsmith", "is_superuser": false, @@ -72,21 +101,13 @@ File name: `data/gateway_users.yml` ```yaml --- -gateway_state: exists -users_list: +platform_state: exists +aap_user_accounts: - username: jsmith - username: jdoe - username: admin ``` -## Run Playbook - -File name: [manage_data.yml](../../README.md#example-ansible-playbook) can be found in the top-level README. - -```shell -ansible-playbook manage_data.yml -e @data/gateway_users.yml -``` - ## License [GPL-3.0](https://github.com/redhat-cop/aap_configuration#licensing) diff --git a/roles/gateway_users/defaults/main.yml b/roles/gateway_users/defaults/main.yml index 875f038dd..0541602a3 100644 --- a/roles/gateway_users/defaults/main.yml +++ b/roles/gateway_users/defaults/main.yml @@ -2,14 +2,14 @@ # These are the default variables common to most gateway_configuration roles # You shouldn't need to define them again and again but they should be defined -# gateway_hostname: "{{ inventory_hostname }}" +# aap_hostname: "{{ inventory_hostname }}" # gateway_token: "" -# gateway_validate_certs: false +# aap_validate_certs: false # These are the default variables specific to the license role # a list of dictionaries describing the users -users_list: [] +aap_user_accounts: [] # possible fields: # - username # - groups @@ -25,8 +25,9 @@ users_list: [] users_default_password: change_me -users_secure_logging: "{{ aap_configuration_secure_logging | default('true') }}" -users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" -users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -users_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" +gateway_users_secure_logging: "{{ aap_configuration_secure_logging | default('false') }}" +gateway_users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" +gateway_users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +gateway_users_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" +aap_configuration_async_dir: null ... diff --git a/roles/gateway_users/meta/argument_specs.yml b/roles/gateway_users/meta/argument_specs.yml index 4341b130c..c7f71efa1 100644 --- a/roles/gateway_users/meta/argument_specs.yml +++ b/roles/gateway_users/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create users on automation platform gateway. options: - users_list: + aap_user_accounts: description: Data structure describing your users type: list required: true @@ -54,7 +54,7 @@ argument_specs: # type: str # description: The uid associated with the users authenticators # state: - # default: "{{ gateway_state | default('present') }}" + # default: "{{ platform_state | default('present') }}" # required: false # type: str # description: Desired state of the resource. @@ -66,7 +66,7 @@ argument_specs: description: Global variable to set the password for all users. # Async variables - users_async_retries: + gateway_users_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" required: false description: This variable sets the number of retries to attempt for the role. @@ -74,7 +74,7 @@ argument_specs: default: 30 required: false description: This variable sets number of retries across all roles as a default. - users_async_delay: + gateway_users_async_delay: default: "{{ aap_configuration_async_delay | default(1) }}" required: false description: This variable sets delay between retries for the role. @@ -91,7 +91,7 @@ argument_specs: # No_log variables - users_secure_logging: + gateway_users_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool diff --git a/roles/gateway_users/meta/main.yml b/roles/gateway_users/meta/main.yml index 922223466..3f5496f9e 100644 --- a/roles/gateway_users/meta/main.yml +++ b/roles/gateway_users/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: users + role_name: gateway_users author: Sean Sullivan description: An Ansible Role to create users in automation platform gateway. company: Red Hat diff --git a/roles/gateway_users/tasks/main.yml b/roles/gateway_users/tasks/main.yml index 2f15fee2b..1afeb1521 100644 --- a/roles/gateway_users/tasks/main.yml +++ b/roles/gateway_users/tasks/main.yml @@ -12,7 +12,7 @@ organizations: "{{ __gateway_user_accounts_item.organizations | default(omit) }}" authenticators: "{{ __gateway_user_accounts_item.authenticators | default(omit) }}" authenticator_uid: "{{ __gateway_user_accounts_item.authenticator_uid | default(omit) }}" - state: "{{ __gateway_user_accounts_item.state | default(gateway_state | default(omit, true)) }}" + state: "{{ __gateway_user_accounts_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options gateway_hostname: "{{ aap_hostname | default(omit, true) }}" @@ -24,6 +24,8 @@ loop: "{{ users if users is defined else users_list }}" loop_control: loop_var: __gateway_user_accounts_item + label: "{{ __operation.verb }} the label {{ __gateway_user_accounts_item.name }} to Controller" + pause: "{{ gateway_users_loop_delay }}" no_log: "{{ users_secure_logging }}" async: 1000 poll: 0 @@ -42,6 +44,7 @@ loop: "{{ __gateway_user_accounts_job_async.results }}" loop_control: loop_var: __gateway_user_accounts_job_async_results_item + label: "{{ __operation.verb }} Label {{ __gateway_user_accounts_job_async_result.__gateway_user_accounts_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __gateway_user_accounts_job_async_results_item.ansible_job_id is defined no_log: "{{ users_secure_logging }}" vars: diff --git a/roles/global_vars/meta/main.yml b/roles/global_vars/meta/main.yml index e133cc4ef..c8a431681 100644 --- a/roles/global_vars/meta/main.yml +++ b/roles/global_vars/meta/main.yml @@ -17,7 +17,7 @@ galaxy_info: # - CC-BY-4.0 license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: diff --git a/roles/hub_collection/README.md b/roles/hub_collection/README.md index 0f08203ce..ab04171e9 100644 --- a/roles/hub_collection/README.md +++ b/roles/hub_collection/README.md @@ -48,6 +48,8 @@ This also speeds up the overall role. |`ah_configuration_collection_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_collection_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_collection_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_collection_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_collection/defaults/main.yml b/roles/hub_collection/defaults/main.yml index 805e2bf18..307f8d346 100644 --- a/roles/hub_collection/defaults/main.yml +++ b/roles/hub_collection/defaults/main.yml @@ -22,5 +22,6 @@ ah_configuration_collection_secure_logging: "{{ aap_configuration_secure_logging ah_configuration_collection_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_collection_async_retries: "{{ aap_configuration_async_retries | default(50) }}" ah_configuration_collection_async_delay: "{{ aap_configuration_async_delay | default(1) }}" +ah_configuration_collection_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_collection/meta/main.yml b/roles/hub_collection/meta/main.yml index e89b485d7..fe182e596 100644 --- a/roles/hub_collection/meta/main.yml +++ b/roles/hub_collection/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "collection" + role_name: "hub_collection" author: "Inderpal Tiwana" description: "An Ansible Role to update, or destroy Automation Hub Collections." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_collection/tasks/main.yml b/roles/hub_collection/tasks/main.yml index b3c1a80fa..d73b42bcd 100644 --- a/roles/hub_collection/tasks/main.yml +++ b/roles/hub_collection/tasks/main.yml @@ -37,6 +37,8 @@ loop: "{{ ah_collections }}" loop_control: loop_var: "__collection" + label: "{{ __operation.verb }} the label {{ __ah_configuration_collection__item.name }} to Controller" + pause: "{{ ah_configuration_collection__loop_delay }}" no_log: "{{ ah_configuration_collection_secure_logging }}" async: "{{ ah_configuration_collection_async_timeout }}" poll: 0 @@ -59,6 +61,7 @@ loop: "{{ __collections_job_async.results }}" loop_control: loop_var: __collections_job_async_result_item + label: "{{ __operation.verb }} Label {{ __collections_job_async_result_item.__collection.name }} | Wait for finish the Label {{ __operation.action }}" when: __collections_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_secure_logging }}" vars: diff --git a/roles/hub_collection_remote/README.md b/roles/hub_collection_remote/README.md index 108a2b131..a397875a0 100644 --- a/roles/hub_collection_remote/README.md +++ b/roles/hub_collection_remote/README.md @@ -45,6 +45,8 @@ This also speeds up the overall role. |`ah_configuration_collection_remote_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_collection_remote_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_collection_remote_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_collection_remote_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_collection_remote/defaults/main.yml b/roles/hub_collection_remote/defaults/main.yml index 526e20bb8..2b072fe89 100644 --- a/roles/hub_collection_remote/defaults/main.yml +++ b/roles/hub_collection_remote/defaults/main.yml @@ -10,6 +10,7 @@ ah_configuration_collection_remote_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_collection_remote_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_collection_remote_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_remote_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_collection_remote_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_remote/meta/main.yml b/roles/hub_collection_remote/meta/main.yml index 71d194ab4..f9d5ace1f 100644 --- a/roles/hub_collection_remote/meta/main.yml +++ b/roles/hub_collection_remote/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "collection_remote" + role_name: "hub_collection_remote" author: "Sean Sullivan" description: "An Ansible Role to create collection remotes in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_collection_repository/README.md b/roles/hub_collection_repository/README.md index 849c592c4..7dfb97973 100644 --- a/roles/hub_collection_repository/README.md +++ b/roles/hub_collection_repository/README.md @@ -45,6 +45,8 @@ This also speeds up the overall role. |`ah_configuration_collection_repository_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_collection_repository_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_collection_repository_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_collection_repository_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_collection_repository/defaults/main.yml b/roles/hub_collection_repository/defaults/main.yml index 2213e12af..3fc781eaa 100644 --- a/roles/hub_collection_repository/defaults/main.yml +++ b/roles/hub_collection_repository/defaults/main.yml @@ -10,6 +10,7 @@ ah_configuration_collection_repository_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_collection_repository_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_collection_repository_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_repository_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_collection_repository_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_repository/meta/main.yml b/roles/hub_collection_repository/meta/main.yml index 2555bb034..971cc748b 100644 --- a/roles/hub_collection_repository/meta/main.yml +++ b/roles/hub_collection_repository/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "collection_repository" + role_name: "hub_collection_repository" author: "Sean Sullivan" description: "An Ansible Role to create collection remote in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_collection_repository/tasks/main.yml b/roles/hub_collection_repository/tasks/main.yml index 721e6594a..1a9c2282d 100644 --- a/roles/hub_collection_repository/tasks/main.yml +++ b/roles/hub_collection_repository/tasks/main.yml @@ -23,6 +23,8 @@ loop: "{{ ah_collection_repositories }}" loop_control: loop_var: "__collection_repository_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_collection_repository__item.name }} to Controller" + pause: "{{ ah_configuration_collection_repository__loop_delay }}" no_log: "{{ ah_configuration_collection_repository_secure_logging }}" async: "{{ ah_configuration_collection_repository_async_timeout }}" poll: 0 @@ -41,6 +43,7 @@ loop: "{{ __collection_repository_job_async.results }}" loop_control: loop_var: __collection_repository_job_async_result_item + label: "{{ __operation.verb }} Label {{ __collection_repository_job_async_result_item.__collection_repository_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __collection_repository_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_repository_secure_logging }}" vars: diff --git a/roles/hub_collection_repository_sync/README.md b/roles/hub_collection_repository_sync/README.md index e059b1f6b..5868a4508 100644 --- a/roles/hub_collection_repository_sync/README.md +++ b/roles/hub_collection_repository_sync/README.md @@ -45,6 +45,8 @@ This also speeds up the overall role. |`ah_configuration_collection_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_collection_repository_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_collection_repository_sync_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_collection_repository_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_collection_repository_sync/defaults/main.yml b/roles/hub_collection_repository_sync/defaults/main.yml index 507433d5f..f2173fbb1 100644 --- a/roles/hub_collection_repository_sync/defaults/main.yml +++ b/roles/hub_collection_repository_sync/defaults/main.yml @@ -10,6 +10,7 @@ ah_configuration_collection_repository_sync_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_collection_repository_sync_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_collection_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_collection_repository_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_collection_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_collection_repository_sync/meta/main.yml b/roles/hub_collection_repository_sync/meta/main.yml index 2555bb034..f744f2024 100644 --- a/roles/hub_collection_repository_sync/meta/main.yml +++ b/roles/hub_collection_repository_sync/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "collection_repository" + role_name: "hub_collection_repository_sync" author: "Sean Sullivan" description: "An Ansible Role to create collection remote in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_collection_repository_sync/tasks/main.yml b/roles/hub_collection_repository_sync/tasks/main.yml index 72d9532c5..6d6bc3039 100644 --- a/roles/hub_collection_repository_sync/tasks/main.yml +++ b/roles/hub_collection_repository_sync/tasks/main.yml @@ -15,6 +15,8 @@ loop: "{{ ah_collection_repositories }}" loop_control: loop_var: "__collection_repository_sync_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_collection_repository_sync__item.name }} to Controller" + pause: "{{ ah_configuration_collection_repository_sync__loop_delay }}" no_log: "{{ ah_configuration_collection_repository_sync_secure_logging }}" async: "{{ ah_configuration_collection_repository_sync_async_timeout }}" poll: 0 @@ -33,6 +35,7 @@ loop: "{{ __collection_repository_sync_job_async.results }}" loop_control: loop_var: __collection_repository_sync_job_async_result_item + label: "{{ __operation.verb }} Label {{ __collection_repository_sync_job_async_result_item.__collection_repository_sync_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __collection_repository_sync_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_collection_repository_sync_secure_logging }}" vars: diff --git a/roles/hub_ee_image/README.md b/roles/hub_ee_image/README.md index f79f73cff..3988665e6 100644 --- a/roles/hub_ee_image/README.md +++ b/roles/hub_ee_image/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_ee_image_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_image_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_ee_image_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_image_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_image/defaults/main.yml b/roles/hub_ee_image/defaults/main.yml index 32eef1070..fd863dd6f 100644 --- a/roles/hub_ee_image/defaults/main.yml +++ b/roles/hub_ee_image/defaults/main.yml @@ -22,6 +22,7 @@ ah_ee_images: [] ah_configuration_ee_image_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_ee_image_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_ee_image_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_image_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_ee_image_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_image/meta/main.yml b/roles/hub_ee_image/meta/main.yml index c945674ee..dcf8d1e16 100644 --- a/roles/hub_ee_image/meta/main.yml +++ b/roles/hub_ee_image/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_image" + role_name: "hub_ee_image" author: "Tom Page" description: "An Ansible Role to manage an execution environment image in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_image/tasks/main.yml b/roles/hub_ee_image/tasks/main.yml index 938f594cc..7b246eba9 100644 --- a/roles/hub_ee_image/tasks/main.yml +++ b/roles/hub_ee_image/tasks/main.yml @@ -17,6 +17,8 @@ loop: "{{ ah_ee_images }}" loop_control: loop_var: "__ee_image_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_ee_image__item.name }} to Controller" + pause: "{{ ah_configuration_ee_image__loop_delay }}" no_log: "{{ ah_configuration_ee_image_secure_logging }}" async: "{{ ah_configuration_ee_image_async_timeout }}" poll: 0 @@ -35,6 +37,7 @@ loop: "{{ __ee_images_job_async.results }}" loop_control: loop_var: __ee_images_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_images_job_async_result_item.__ee_image_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_images_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_image_secure_logging }}" vars: diff --git a/roles/hub_ee_registry/README.md b/roles/hub_ee_registry/README.md index 7d213170b..d02a58886 100644 --- a/roles/hub_ee_registry/README.md +++ b/roles/hub_ee_registry/README.md @@ -45,6 +45,8 @@ This also speeds up the overall role. |`ah_configuration_ee_registry_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_registry_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_ee_registry_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_registry_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_registry/defaults/main.yml b/roles/hub_ee_registry/defaults/main.yml index 0102a1287..d56767f90 100644 --- a/roles/hub_ee_registry/defaults/main.yml +++ b/roles/hub_ee_registry/defaults/main.yml @@ -26,6 +26,7 @@ ah_ee_registries: [] ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_ee_registry_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_ee_registry_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_ee_registry_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry/meta/main.yml b/roles/hub_ee_registry/meta/main.yml index d66b3feaf..eb7961f07 100644 --- a/roles/hub_ee_registry/meta/main.yml +++ b/roles/hub_ee_registry/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_registry" + role_name: "hub_ee_registry" author: "Tom Page" description: "An Ansible Role to create ee_registry in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_registry/tasks/main.yml b/roles/hub_ee_registry/tasks/main.yml index 15ebca09a..ff3a03f96 100644 --- a/roles/hub_ee_registry/tasks/main.yml +++ b/roles/hub_ee_registry/tasks/main.yml @@ -23,6 +23,8 @@ loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_ee_registry__item.name }} to Controller" + pause: "{{ ah_configuration_ee_registry__loop_delay }}" no_log: "{{ ah_configuration_ee_registry_secure_logging }}" async: "{{ ah_configuration_ee_registry_async_timeout }}" poll: 0 @@ -41,6 +43,7 @@ loop: "{{ __ee_registries_job_async.results }}" loop_control: loop_var: __ee_registries_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_registries_job_async_result_item.__ee_registry_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_registries_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: diff --git a/roles/hub_ee_registry_index/README.md b/roles/hub_ee_registry_index/README.md index 64caf6eec..bd77f6cc2 100644 --- a/roles/hub_ee_registry_index/README.md +++ b/roles/hub_ee_registry_index/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_ee_registry_index_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_registry_index_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_ee_registry_index_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_registry_index_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_registry_index/defaults/main.yml b/roles/hub_ee_registry_index/defaults/main.yml index ded65991d..076d41407 100644 --- a/roles/hub_ee_registry_index/defaults/main.yml +++ b/roles/hub_ee_registry_index/defaults/main.yml @@ -19,6 +19,7 @@ ah_ee_registries: [] ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_ee_registry_index_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_ee_registry_index_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_index_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_ee_registry_index_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry_index/meta/main.yml b/roles/hub_ee_registry_index/meta/main.yml index c5766bf43..200f47e39 100644 --- a/roles/hub_ee_registry_index/meta/main.yml +++ b/roles/hub_ee_registry_index/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_registry_index" + role_name: "hub_ee_registry_index" author: "Tom Page" description: "An Ansible Role to index ee_registry in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_registry_index/tasks/main.yml b/roles/hub_ee_registry_index/tasks/main.yml index 20cf849ef..ceb1b9782 100644 --- a/roles/hub_ee_registry_index/tasks/main.yml +++ b/roles/hub_ee_registry_index/tasks/main.yml @@ -16,6 +16,8 @@ loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_ee_registry_index__item.name }} to Controller" + pause: "{{ ah_configuration_ee_registry_index__loop_delay }}" when: __ee_registry_item.index | default(false) no_log: "{{ ah_configuration_ee_registry_secure_logging }}" async: "{{ ah_configuration_ee_registry_index_async_timeout }}" @@ -35,6 +37,7 @@ loop: "{{ __ee_registry_indexes_job_async.results }}" loop_control: loop_var: __ee_registry_indexes_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_registries_job_async_result_item.__ee_registry_index_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_registry_indexes_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: diff --git a/roles/hub_ee_registry_sync/README.md b/roles/hub_ee_registry_sync/README.md index d5b16b2c1..188f0b9d0 100644 --- a/roles/hub_ee_registry_sync/README.md +++ b/roles/hub_ee_registry_sync/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_ee_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_registry_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_registry_sync_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_registry_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_registry_sync/defaults/main.yml b/roles/hub_ee_registry_sync/defaults/main.yml index 013e7ce80..d80230f03 100644 --- a/roles/hub_ee_registry_sync/defaults/main.yml +++ b/roles/hub_ee_registry_sync/defaults/main.yml @@ -19,6 +19,7 @@ ah_ee_registries: [] ah_configuration_ee_registry_sync_async_timeout: "{{ aap_configuration_async_timeout }}" ah_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_ee_registry_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_registry_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_ee_registry_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_registry_sync/meta/main.yml b/roles/hub_ee_registry_sync/meta/main.yml index 9253dc1ab..58bf8f783 100644 --- a/roles/hub_ee_registry_sync/meta/main.yml +++ b/roles/hub_ee_registry_sync/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_registry_sync" + role_name: "hub_ee_registry_sync" author: "Tom Page" description: "An Ansible Role to sync ee_registry in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_registry_sync/tasks/main.yml b/roles/hub_ee_registry_sync/tasks/main.yml index 54b1841ca..afcec921d 100644 --- a/roles/hub_ee_registry_sync/tasks/main.yml +++ b/roles/hub_ee_registry_sync/tasks/main.yml @@ -16,6 +16,8 @@ loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" + label: "{{ __operation.verb }} the label {{ __ee_registry_item.name }} to Controller" + pause: "{{ ah_configuration_registry_sync__loop_delay }}" when: __ee_registry_item.sync | default(false) no_log: "{{ ah_configuration_ee_registry_secure_logging }}" async: "{{ ah_configuration_ee_registry_sync_async_timeout }}" @@ -35,6 +37,7 @@ loop: "{{ __ee_registry_syncs_job_async.results }}" loop_control: loop_var: __ee_registry_syncs_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_registry_syncs_job_async_result_item.__ee_registry_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_registry_syncs_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_registry_secure_logging }}" vars: diff --git a/roles/hub_ee_repository/README.md b/roles/hub_ee_repository/README.md index bbc20071e..2f7ce9b90 100644 --- a/roles/hub_ee_repository/README.md +++ b/roles/hub_ee_repository/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_ee_repository_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_repository_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_ee_registry_sync_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_repository_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_repository/meta/main.yml b/roles/hub_ee_repository/meta/main.yml index 3d3c27222..634325e7b 100644 --- a/roles/hub_ee_repository/meta/main.yml +++ b/roles/hub_ee_repository/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_repository" + role_name: "hub_ee_repository" author: "Tom Page" description: "An Ansible Role to create ee_repository in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_repository/tasks/main.yml b/roles/hub_ee_repository/tasks/main.yml index 73d4ecfd8..0c4b84a48 100644 --- a/roles/hub_ee_repository/tasks/main.yml +++ b/roles/hub_ee_repository/tasks/main.yml @@ -21,6 +21,8 @@ loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_ee_registry_sync__item.name }} to Controller" + pause: "{{ ah_configuration_ee_registry_sync__loop_delay }}" no_log: "{{ ah_configuration_ee_repository_secure_logging }}" async: "{{ ah_configuration_ee_repository_async_timeout }}" poll: 0 @@ -39,6 +41,7 @@ loop: "{{ __ee_repositories_job_async.results }}" loop_control: loop_var: __ee_repositories_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_repositories_job_async_result_item.__ee_registry_sync_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_repositories_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_repository_secure_logging }}" vars: diff --git a/roles/hub_ee_repository_sync/README.md b/roles/hub_ee_repository_sync/README.md index b574caad4..d69548a68 100644 --- a/roles/hub_ee_repository_sync/README.md +++ b/roles/hub_ee_repository_sync/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_ee_repository_sync_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_ee_repository_sync_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_ee_repository_sync_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_ee_repository_sync_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_ee_repository_sync/defaults/main.yml b/roles/hub_ee_repository_sync/defaults/main.yml index 5a6897736..d8f93fd51 100644 --- a/roles/hub_ee_repository_sync/defaults/main.yml +++ b/roles/hub_ee_repository_sync/defaults/main.yml @@ -19,6 +19,7 @@ ah_ee_repositories: [] ah_configuration_ee_repository_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_ee_repository_sync_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_ee_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_ee_repository_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_ee_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_ee_repository_sync/meta/main.yml b/roles/hub_ee_repository_sync/meta/main.yml index 1b622ddd6..aba6e18ea 100644 --- a/roles/hub_ee_repository_sync/meta/main.yml +++ b/roles/hub_ee_repository_sync/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "ee_repository_sync" + role_name: "hub_ee_repository_sync" author: "Tom Page" description: "An Ansible Role to sync ee_repository in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_ee_repository_sync/tasks/main.yml b/roles/hub_ee_repository_sync/tasks/main.yml index bbb5799ee..983fd21cc 100644 --- a/roles/hub_ee_repository_sync/tasks/main.yml +++ b/roles/hub_ee_repository_sync/tasks/main.yml @@ -16,6 +16,8 @@ loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_ee_repository_sync__item.name }} to Controller" + pause: "{{ ah_configuration_ee_repository_sync__loop_delay }}" when: __ee_repository_item.sync | default(false) no_log: "{{ ah_configuration_ee_repository_secure_logging }}" async: "{{ ah_configuration_ee_repository_sync_async_timeout }}" @@ -35,6 +37,7 @@ loop: "{{ __ee_repository_syncs_job_async.results }}" loop_control: loop_var: __ee_repository_syncs_job_async_result_item + label: "{{ __operation.verb }} Label {{ __ee_repository_syncs_job_async_result_item.__ee_repository_sync_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __ee_repository_syncs_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_ee_repository_secure_logging }}" vars: diff --git a/roles/hub_group/README.md b/roles/hub_group/README.md index 7f880dfe9..d02a4dbbf 100644 --- a/roles/hub_group/README.md +++ b/roles/hub_group/README.md @@ -40,6 +40,8 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_group_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_group_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_group_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_group/defaults/main.yml b/roles/hub_group/defaults/main.yml index c1a4c789b..90e38a937 100644 --- a/roles/hub_group/defaults/main.yml +++ b/roles/hub_group/defaults/main.yml @@ -17,6 +17,7 @@ ah_groups: [] ah_configuration_group_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_group_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_group_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_group_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_group/meta/main.yml b/roles/hub_group/meta/main.yml index d2edeb4a7..ce0154768 100644 --- a/roles/hub_group/meta/main.yml +++ b/roles/hub_group/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "group" + role_name: "hub_group" author: "Tom Page" description: "An Ansible Role to manage groups in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_group/tasks/main.yml b/roles/hub_group/tasks/main.yml index d243eaa17..b5a984ed9 100644 --- a/roles/hub_group/tasks/main.yml +++ b/roles/hub_group/tasks/main.yml @@ -15,6 +15,8 @@ loop: "{{ ah_groups }}" loop_control: loop_var: "__group" + label: "{{ __operation.verb }} the label {{ __ah_configuration_group__item.name }} to Controller" + pause: "{{ ah_configuration_group__loop_delay }}" no_log: "{{ ah_configuration_group_secure_logging }}" async: "{{ ah_configuration_group_async_timeout }}" poll: 0 @@ -33,6 +35,7 @@ loop: "{{ __groups_job_async.results }}" loop_control: loop_var: __groups_job_async_result_item + label: "{{ __operation.verb }} Label {{ __groups_job_async_result_item.__group_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __groups_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_group_secure_logging }}" vars: diff --git a/roles/hub_group_roles/README.md b/roles/hub_group_roles/README.md index 0345d2b5b..4707fa6d5 100644 --- a/roles/hub_group_roles/README.md +++ b/roles/hub_group_roles/README.md @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_group_roles_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_group_roles_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_group_roles_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_group_roles_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_group_roles/defaults/main.yml b/roles/hub_group_roles/defaults/main.yml index 2a61ab0cc..271c6624b 100644 --- a/roles/hub_group_roles/defaults/main.yml +++ b/roles/hub_group_roles/defaults/main.yml @@ -16,6 +16,7 @@ ah_group_roles: [] ah_configuration_group_roles_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_group_roles_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_group_roles_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_group_roles_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_group_roles_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_group_roles/meta/main.yml b/roles/hub_group_roles/meta/main.yml index 98d28c3a0..d67ff4b58 100644 --- a/roles/hub_group_roles/meta/main.yml +++ b/roles/hub_group_roles/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: group_roles + role_name: hub_group_roles author: Sean Sullivan description: "An Ansible Role to manage groups roles in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_group_roles/tasks/main.yml b/roles/hub_group_roles/tasks/main.yml index 22d354f59..7164d9f0e 100644 --- a/roles/hub_group_roles/tasks/main.yml +++ b/roles/hub_group_roles/tasks/main.yml @@ -14,6 +14,8 @@ loop: "{{ ah_group_roles }}" loop_control: loop_var: "__group_role" + label: "{{ __operation.verb }} the label {{ __ah_configuration_group_roles__item.name }} to Controller" + pause: "{{ ah_configuration_group_roles__loop_delay }}" no_log: "{{ ah_configuration_group_roles_secure_logging }}" async: "{{ ah_configuration_group_roles_async_timeout }}" poll: 0 @@ -32,6 +34,7 @@ loop: "{{ __group_roles_job_async.results }}" loop_control: loop_var: __group_roles_job_async_result_item + label: "{{ __operation.verb }} Label {{ __group_roles_job_async_result_item.__group_roles_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __group_roles_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_group_roles_secure_logging }}" vars: diff --git a/roles/hub_namespace/README.md b/roles/hub_namespace/README.md index c29869449..f8553c25f 100644 --- a/roles/hub_namespace/README.md +++ b/roles/hub_namespace/README.md @@ -43,6 +43,8 @@ This also speeds up the overall role. |`ah_configuration_namespace_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_namespace_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_namespace_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_namespace_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_namespace/defaults/main.yml b/roles/hub_namespace/defaults/main.yml index 7d13e846e..c56f9b99b 100644 --- a/roles/hub_namespace/defaults/main.yml +++ b/roles/hub_namespace/defaults/main.yml @@ -28,6 +28,7 @@ ah_namespaces: [] ah_configuration_namespace_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_namespace_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_namespace_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_namespace_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_namespace_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_namespace/meta/main.yml b/roles/hub_namespace/meta/main.yml index 06f4bda5b..495f06e7d 100644 --- a/roles/hub_namespace/meta/main.yml +++ b/roles/hub_namespace/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "namespace" + role_name: "hub_namespace" author: "Sean Sullivan" description: "An Ansible Role to create namespace in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_namespace/tasks/main.yml b/roles/hub_namespace/tasks/main.yml index e8bb815c2..5ba348c90 100644 --- a/roles/hub_namespace/tasks/main.yml +++ b/roles/hub_namespace/tasks/main.yml @@ -1,17 +1,17 @@ --- # Create AH Namespace -- name: Get token - ansible.hub.ah_token: - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" - when: - - ah_token is not defined - - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" - - ah_namespaces | length > 1 +# - name: Get token +# ansible.hub.ah_token: +# ah_host: "{{ aap_hostname | default(omit) }}" +# ah_username: "{{ aap_username | default(omit) }}" +# ah_password: "{{ aap_password | default(omit) }}" +# ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" +# validate_certs: "{{ aap_validate_certs | default(omit) }}" +# request_timeout: "{{ aap_request_timeout | default(omit) }}" +# when: +# - ah_token is not defined +# - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" +# - ah_namespaces | length > 1 - name: Add Automation Hub Namespace ansible.hub.ah_namespace: @@ -35,6 +35,8 @@ loop: "{{ ah_namespaces }}" loop_control: loop_var: "__namespace_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_namespace__item.name }} to Controller" + pause: "{{ ah_configuration_namespace__loop_delay }}" no_log: "{{ ah_configuration_namespace_secure_logging }}" async: "{{ ah_configuration_namespace_async_timeout }}" poll: 0 @@ -53,6 +55,7 @@ loop: "{{ __namespaces_job_async.results }}" loop_control: loop_var: __namespaces_job_async_result_item + label: "{{ __operation.verb }} Label {{ __namespaces_job_async_result_item.__namespace_item.name }} | Wait for finish the Label {{ __operation.action }}" when: __namespaces_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_namespace_secure_logging }}" vars: diff --git a/roles/hub_publish/README.md b/roles/hub_publish/README.md index e15077f3f..684b0ec3e 100644 --- a/roles/hub_publish/README.md +++ b/roles/hub_publish/README.md @@ -47,6 +47,8 @@ This also speeds up the overall role. |`ah_configuration_publish_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_publish_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_publish_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_publish_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| diff --git a/roles/hub_publish/defaults/main.yml b/roles/hub_publish/defaults/main.yml index f631cc8ee..bba5aa20e 100644 --- a/roles/hub_publish/defaults/main.yml +++ b/roles/hub_publish/defaults/main.yml @@ -25,6 +25,7 @@ ah_overwrite_existing: false ah_configuration_publish_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_publish_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_publish_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_publish_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_publish_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_publish/meta/main.yml b/roles/hub_publish/meta/main.yml index 1fe766beb..e6a6993b4 100644 --- a/roles/hub_publish/meta/main.yml +++ b/roles/hub_publish/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "publish" + role_name: "hub_publish" author: "Sean Sullivan" description: "An Ansible Role to publish collections to Automation Hub or Galaxies." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_publish/tasks/main.yml b/roles/hub_publish/tasks/main.yml index c88f5aba9..3280b5a82 100644 --- a/roles/hub_publish/tasks/main.yml +++ b/roles/hub_publish/tasks/main.yml @@ -9,6 +9,8 @@ loop: "{{ ah_collections }}" loop_control: loop_var: "__ah_collection_item" + label: "{{ __operation.verb }} the label {{ __ah_configuration_publish__item.name }} to Controller" + pause: "{{ ah_configuration_publish__loop_delay }}" no_log: "{{ ah_configuration_publish_secure_logging }}" when: - ah_collection_list is not defined @@ -23,6 +25,7 @@ loop: "{{ ah_collections }}" loop_control: loop_var: "__ah_collection_item" + label: "{{ __operation.verb }} Label {{ __ah_collection_item.__ah_collection_item.name }} | Wait for finish the Label {{ __operation.action }}" no_log: "{{ ah_configuration_publish_secure_logging }}" when: - ah_collection_list is not defined diff --git a/roles/hub_role/defaults/main.yml b/roles/hub_role/defaults/main.yml index c64021868..a687bd4aa 100644 --- a/roles/hub_role/defaults/main.yml +++ b/roles/hub_role/defaults/main.yml @@ -18,6 +18,7 @@ ah_roles: [] ah_configuration_role_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_role_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_role_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_role_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_role/meta/main.yml b/roles/hub_role/meta/main.yml index bc1d1d80e..a0ca2539e 100644 --- a/roles/hub_role/meta/main.yml +++ b/roles/hub_role/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "role" + role_name: "hub_role" author: Sean Sullivan description: "An Ansible Role to manage roles in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_role/tasks/main.yml b/roles/hub_role/tasks/main.yml index f88b3c6e2..9fa741b37 100644 --- a/roles/hub_role/tasks/main.yml +++ b/roles/hub_role/tasks/main.yml @@ -16,6 +16,8 @@ loop: "{{ ah_roles }}" loop_control: loop_var: "__role" + label: "{{ __operation.verb }} the label {{ __ah_configuration_role__item.name }} to Controller" + pause: "{{ ah_configuration_role__loop_delay }}" no_log: "{{ ah_configuration_role_secure_logging }}" async: "{{ ah_configuration_role_async_timeout }}" poll: 0 @@ -34,6 +36,7 @@ loop: "{{ __roles_job_async.results }}" loop_control: loop_var: __roles_job_async_result_item + label: "{{ __operation.verb }} Label {{ __roles_job_async_result_item.__role.name }} | Wait for finish the Label {{ __operation.action }}" when: __roles_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_role_secure_logging }}" vars: diff --git a/roles/hub_user/README.md b/roles/hub_user/README.md index 6bd04b0d5..a4f5321cc 100644 --- a/roles/hub_user/README.md +++ b/roles/hub_user/README.md @@ -15,7 +15,7 @@ An Ansible Role to create users in Automation Hub. |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| -|`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| +|`aap_user_accounts`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables @@ -42,6 +42,8 @@ This also speeds up the overall role. |`ah_configuration_user_async_timeout`|`aap_configuration_async_timeout`|no|This variable sets the async timeout for the role.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for the role globally.| |`ah_configuration_user_async_retries`|`aap_configuration_async_retries`|no|This variable sets the number of retries to attempt for the role.| +|`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for the role globally.| +|`ah_configuration_user_accounts_loop_delay`|`aap_configuration_loop_delay`|no|This variable sets the loop_delay for the role.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |`ah_configuration_user_async_delay`|`aap_configuration_async_delay`|no|This sets the delay between retries for the role.| @@ -68,7 +70,7 @@ This also speeds up the overall role. ```yaml --- -ah_users: +aap_user_accounts: - username: user1 groups: - group1 diff --git a/roles/hub_user/defaults/main.yml b/roles/hub_user/defaults/main.yml index b5ce41754..973235d84 100644 --- a/roles/hub_user/defaults/main.yml +++ b/roles/hub_user/defaults/main.yml @@ -9,7 +9,7 @@ # These are the default variables specific to the license role # a list of dictionaries describing the Automation Hub users -ah_users: [] +aap_user_accounts: [] # possible fields: # - username # - groups @@ -24,6 +24,7 @@ ah_users: [] ah_configuration_user_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" ah_configuration_user_async_timeout: "{{ aap_configuration_async_timeout | default(1000) }}" ah_configuration_user_async_retries: "{{ aap_configuration_async_retries | default(50) }}" +ah_configuration_user_accounts_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" ah_configuration_user_async_delay: "{{ aap_configuration_async_delay | default(1) }}" aap_configuration_async_dir: null ... diff --git a/roles/hub_user/meta/argument_specs.yml b/roles/hub_user/meta/argument_specs.yml index cf469596e..4cf547ed7 100644 --- a/roles/hub_user/meta/argument_specs.yml +++ b/roles/hub_user/meta/argument_specs.yml @@ -3,7 +3,7 @@ argument_specs: main: short_description: An Ansible Role to create users in Automation Hub. options: - ah_users: + aap_user_accounts: default: [] required: false description: Data structure describing your users to manage. diff --git a/roles/hub_user/meta/main.yml b/roles/hub_user/meta/main.yml index 03602f29c..b00555fbe 100644 --- a/roles/hub_user/meta/main.yml +++ b/roles/hub_user/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "user" + role_name: "hub_user" author: "Tom Page" description: "An Ansible Role to manage users in Automation Hub." company: "Red Hat" @@ -10,7 +10,7 @@ galaxy_info: # issue_tracker_url: http://example.com/issue/tracker license: GPL-3.0-or-later - min_ansible_version: 2.14.0 + min_ansible_version: 2.16.0 # Optionally specify the branch Galaxy will use when accessing the GitHub # repo for this role. During role install, if no tags are available, diff --git a/roles/hub_user/tasks/main.yml b/roles/hub_user/tasks/main.yml index 642395b2a..ff55b6249 100644 --- a/roles/hub_user/tasks/main.yml +++ b/roles/hub_user/tasks/main.yml @@ -19,9 +19,11 @@ ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ aap_validate_certs | default(omit) }}" request_timeout: "{{ aap_request_timeout | default(omit) }}" - loop: "{{ ah_users }}" + loop: "{{ aap_user_accounts }}" loop_control: loop_var: "__user" + label: "{{ __operation.verb }} the label {{ __user.name }} to Controller" + pause: "{{ ah_configuration_user_accounts__loop_delay }}" no_log: "{{ ah_configuration_user_secure_logging }}" async: "{{ ah_configuration_user_async_timeout }}" poll: 0 @@ -40,6 +42,7 @@ loop: "{{ __users_job_async.results }}" loop_control: loop_var: __users_job_async_result_item + label: "{{ __operation.verb }} Label {{ __users_job_async_result_item.__user.name }} | Wait for finish the Label {{ __operation.action }}" when: __users_job_async_result_item.ansible_job_id is defined no_log: "{{ ah_configuration_user_secure_logging }}" vars: diff --git a/roles/hub_user/tests/vars/users.yml b/roles/hub_user/tests/vars/users.yml index 37e3938e0..71e664f86 100644 --- a/roles/hub_user/tests/vars/users.yml +++ b/roles/hub_user/tests/vars/users.yml @@ -1,5 +1,5 @@ --- -ah_users: +aap_user_accounts: - username: user1 groups: - group1 diff --git a/roles/meta_dependency_check/defaults/main.yml b/roles/meta_dependency_check/defaults/main.yml index 5660c9b6c..1f4a8fa16 100644 --- a/roles/meta_dependency_check/defaults/main.yml +++ b/roles/meta_dependency_check/defaults/main.yml @@ -1,3 +1,3 @@ --- -controller_dependency_check: true +controller_dependency_check: false ... diff --git a/roles/meta_dependency_check/meta/main.yml b/roles/meta_dependency_check/meta/main.yml index 65fac2bf7..088dd5d0c 100644 --- a/roles/meta_dependency_check/meta/main.yml +++ b/roles/meta_dependency_check/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: # - CC-BY-4.0 license: GPL-3.0-or-later - min_ansible_version: 2.15.0 + min_ansible_version: 2.16.0 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: From 7d6daa66c459cff184a2eed4bf8783bb27cc35d8 Mon Sep 17 00:00:00 2001 From: dbk-rabel <57803476+dbk-rabel@users.noreply.github.com> Date: Mon, 21 Oct 2024 19:35:32 +0200 Subject: [PATCH 2/2] Fix test "Validate error handling" (#943) Co-authored-by: David Danielsson --- tests/configure_controller.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index a74838538..3c45dc182 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -102,7 +102,7 @@ fail_msg: "No errors found, validate test example" success_msg: "Errors found, proceeding" vars: - job_templates_errors: __job_templates_errors_set_stats.ansible_stats.data.job_templates_errors + job_templates_errors: "{{ __job_templates_errors_set_stats.ansible_stats.data.job_templates_errors }}" - name: Add Controller Settings Individually ansible.builtin.include_role: