From f74483f265e7e63089ae75f33e21479a136c162f Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Thu, 7 Nov 2024 21:46:42 -0600 Subject: [PATCH] Linting (#947) * modified: .ansible-lint modified: .markdownlint.yml modified: .pre-commit-config.yaml renamed: .yamllint.yml -> .yamllint modified: meta/runtime.yml modified: playbooks/configure_aap.yml modified: playbooks/get_stats.yml modified: playbooks/rename_objects.yaml modified: playbooks/set_organization.yaml modified: roles/ansible_config/defaults/main.yml modified: roles/ansible_config/meta/argument_specs.yml modified: roles/ansible_config/meta/main.yml modified: roles/ansible_config/tasks/main.yml modified: roles/ansible_config/tests/test.yml modified: roles/controller_ad_hoc_command/meta/argument_specs.yml modified: roles/controller_ad_hoc_command/meta/main.yml modified: roles/controller_ad_hoc_command/tasks/main.yml modified: roles/controller_ad_hoc_command/tests/test.yml modified: roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml modified: roles/controller_ad_hoc_command_cancel/meta/main.yml modified: roles/controller_ad_hoc_command_cancel/tasks/main.yml modified: roles/controller_ad_hoc_command_cancel/tests/test.yml modified: roles/controller_applications/defaults/main.yml modified: roles/controller_applications/meta/argument_specs.yml modified: roles/controller_applications/meta/main.yml modified: roles/controller_applications/tasks/main.yml modified: roles/controller_applications/tests/test.yml modified: roles/controller_bulk_host_create/defaults/main.yml modified: roles/controller_bulk_host_create/meta/argument_specs.yml modified: roles/controller_bulk_host_create/meta/main.yml modified: roles/controller_bulk_host_create/tasks/main.yml modified: roles/controller_bulk_job_launch/meta/argument_specs.yml modified: roles/controller_bulk_job_launch/meta/main.yml modified: roles/controller_bulk_job_launch/tasks/main.yml modified: roles/controller_credential_input_sources/defaults/main.yml modified: roles/controller_credential_input_sources/meta/argument_specs.yml modified: roles/controller_credential_input_sources/meta/main.yml modified: roles/controller_credential_input_sources/tasks/main.yml modified: roles/controller_credential_input_sources/tests/test.yml modified: roles/controller_credential_types/defaults/main.yml modified: roles/controller_credential_types/meta/argument_specs.yml modified: roles/controller_credential_types/meta/main.yml modified: roles/controller_credential_types/tasks/main.yml modified: roles/controller_credential_types/tests/test.yml modified: roles/controller_credentials/defaults/main.yml modified: roles/controller_credentials/meta/argument_specs.yml modified: roles/controller_credentials/meta/main.yml modified: roles/controller_credentials/tasks/main.yml modified: roles/controller_credentials/tests/test.yml modified: roles/controller_execution_environments/defaults/main.yml modified: roles/controller_execution_environments/meta/argument_specs.yml modified: roles/controller_execution_environments/meta/main.yml modified: roles/controller_execution_environments/tasks/main.yml modified: roles/controller_execution_environments/tests/test.yml modified: roles/controller_host_groups/defaults/main.yml modified: roles/controller_host_groups/meta/argument_specs.yml modified: roles/controller_host_groups/meta/main.yml modified: roles/controller_host_groups/tasks/main.yml modified: roles/controller_host_groups/tests/test.yml modified: roles/controller_hosts/defaults/main.yml modified: roles/controller_hosts/meta/argument_specs.yml modified: roles/controller_hosts/meta/main.yml modified: roles/controller_hosts/tasks/main.yml modified: roles/controller_hosts/tests/test.yml modified: roles/controller_instance_groups/defaults/main.yml modified: roles/controller_instance_groups/meta/argument_specs.yml modified: roles/controller_instance_groups/meta/main.yml modified: roles/controller_instance_groups/tasks/main.yml modified: roles/controller_instance_groups/tests/test.yml modified: roles/controller_instances/defaults/main.yml modified: roles/controller_instances/meta/argument_specs.yml modified: roles/controller_instances/meta/main.yml modified: roles/controller_instances/tasks/main.yml modified: roles/controller_instances/tests/test.yml modified: roles/controller_inventories/defaults/main.yml modified: roles/controller_inventories/meta/argument_specs.yml modified: roles/controller_inventories/meta/main.yml modified: roles/controller_inventories/tasks/main.yml modified: roles/controller_inventories/tests/configs/inventories.yml modified: roles/controller_inventories/tests/test.yml modified: roles/controller_inventory_source_update/defaults/main.yml modified: roles/controller_inventory_source_update/meta/argument_specs.yml modified: roles/controller_inventory_source_update/meta/main.yml modified: roles/controller_inventory_source_update/tasks/main.yml modified: roles/controller_inventory_source_update/tests/test.yml modified: roles/controller_inventory_sources/defaults/main.yml modified: roles/controller_inventory_sources/meta/argument_specs.yml modified: roles/controller_inventory_sources/meta/main.yml modified: roles/controller_inventory_sources/tasks/main.yml modified: roles/controller_inventory_sources/tests/test.yml modified: roles/controller_job_launch/meta/argument_specs.yml modified: roles/controller_job_launch/meta/main.yml modified: roles/controller_job_launch/tasks/main.yml modified: roles/controller_job_launch/tests/test.yml modified: roles/controller_job_templates/defaults/main.yml modified: roles/controller_job_templates/meta/argument_specs.yml modified: roles/controller_job_templates/meta/main.yml modified: roles/controller_job_templates/tasks/async.yml modified: roles/controller_job_templates/tasks/main.yml modified: roles/controller_job_templates/tests/test.yml modified: roles/controller_jobs_cancel/meta/argument_specs.yml modified: roles/controller_jobs_cancel/meta/main.yml modified: roles/controller_jobs_cancel/tasks/main.yml modified: roles/controller_jobs_cancel/tests/test.yml modified: roles/controller_labels/defaults/main.yml modified: roles/controller_labels/meta/argument_specs.yml modified: roles/controller_labels/meta/main.yml modified: roles/controller_labels/tasks/main.yml modified: roles/controller_labels/tests/test.yml modified: roles/controller_license/meta/argument_specs.yml modified: roles/controller_license/meta/main.yml modified: roles/controller_license/tasks/main.yml modified: roles/controller_license/tasks/manifest.yml modified: roles/controller_license/tasks/subscription.yml modified: roles/controller_license/tests/config/license.yml modified: roles/controller_license/tests/test.yml modified: roles/controller_notification_templates/defaults/main.yml modified: roles/controller_notification_templates/meta/argument_specs.yml modified: roles/controller_notification_templates/meta/main.yml modified: roles/controller_notification_templates/tasks/main.yml modified: roles/controller_notification_templates/tests/configs/notifications.yml modified: roles/controller_notification_templates/tests/test.yml modified: roles/controller_organizations/defaults/main.yml modified: roles/controller_organizations/meta/argument_specs.yml modified: roles/controller_organizations/meta/main.yml modified: roles/controller_organizations/tasks/main.yml modified: roles/controller_organizations/tests/test.yml modified: roles/controller_project_update/defaults/main.yml modified: roles/controller_project_update/meta/argument_specs.yml modified: roles/controller_project_update/meta/main.yml modified: roles/controller_project_update/tasks/main.yml modified: roles/controller_project_update/tests/test.yml modified: roles/controller_projects/defaults/main.yml modified: roles/controller_projects/meta/argument_specs.yml modified: roles/controller_projects/meta/main.yml modified: roles/controller_projects/tasks/main.yml modified: roles/controller_projects/tests/test.yml modified: roles/controller_roles/defaults/main.yml modified: roles/controller_roles/meta/argument_specs.yml modified: roles/controller_roles/meta/main.yml modified: roles/controller_roles/tasks/main.yml modified: roles/controller_roles/tests/test.yml modified: roles/controller_schedules/defaults/main.yml modified: roles/controller_schedules/meta/argument_specs.yml modified: roles/controller_schedules/meta/main.yml modified: roles/controller_schedules/tasks/main.yml modified: roles/controller_schedules/tests/test.yml modified: roles/controller_settings/defaults/main.yml modified: roles/controller_settings/meta/argument_specs.yml modified: roles/controller_settings/meta/main.yml modified: roles/controller_settings/tasks/main.yml modified: roles/controller_settings/tests/configs/settings.yml modified: roles/controller_settings/tests/test.yml modified: roles/controller_teams/defaults/main.yml modified: roles/controller_teams/meta/argument_specs.yml modified: roles/controller_teams/meta/main.yml modified: roles/controller_teams/tasks/main.yml modified: roles/controller_teams/tests/configs/teams.yml modified: roles/controller_teams/tests/test.yml modified: roles/controller_users/defaults/main.yml modified: roles/controller_users/meta/argument_specs.yml modified: roles/controller_users/meta/main.yml modified: roles/controller_users/tasks/main.yml modified: roles/controller_users/tests/test.yml modified: roles/controller_workflow_job_templates/defaults/main.yml modified: roles/controller_workflow_job_templates/meta/argument_specs.yml modified: roles/controller_workflow_job_templates/meta/main.yml modified: roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml modified: roles/controller_workflow_job_templates/tasks/main.yml modified: roles/controller_workflow_job_templates/tests/configs/controller_workflows.yml modified: roles/controller_workflow_job_templates/tests/test.yaml modified: roles/controller_workflow_launch/meta/argument_specs.yml modified: roles/controller_workflow_launch/meta/main.yml modified: roles/controller_workflow_launch/tasks/main.yml modified: roles/controller_workflow_launch/tests/test.yml modified: roles/dispatch/meta/argument_specs.yml modified: roles/dispatch/meta/main.yml modified: roles/dispatch/tasks/main.yml modified: roles/dispatch/tests/configs/credentials.yml modified: roles/dispatch/tests/configs/inventories.yml modified: roles/dispatch/tests/test.yml modified: roles/eda_controller_tokens/defaults/main.yml modified: roles/eda_controller_tokens/meta/argument_specs.yml modified: roles/eda_controller_tokens/meta/main.yml modified: roles/eda_controller_tokens/tasks/main.yml modified: roles/eda_controller_tokens/tests/test.yml modified: roles/eda_credential_types/defaults/main.yml modified: roles/eda_credential_types/meta/argument_specs.yml modified: roles/eda_credential_types/meta/main.yml modified: roles/eda_credential_types/tasks/main.yml modified: roles/eda_credential_types/tests/test.yml modified: roles/eda_credentials/defaults/main.yml modified: roles/eda_credentials/meta/argument_specs.yml modified: roles/eda_credentials/meta/main.yml modified: roles/eda_credentials/tasks/main.yml modified: roles/eda_credentials/tests/test.yml modified: roles/eda_credentials/tests/vars/credentials.yml modified: roles/eda_decision_environments/defaults/main.yml modified: roles/eda_decision_environments/meta/argument_specs.yml modified: roles/eda_decision_environments/meta/main.yml modified: roles/eda_decision_environments/tasks/main.yml modified: roles/eda_decision_environments/tests/test.yml modified: roles/eda_event_streams/defaults/main.yml modified: roles/eda_event_streams/meta/argument_specs.yml modified: roles/eda_event_streams/meta/main.yml modified: roles/eda_event_streams/tasks/main.yml modified: roles/eda_event_streams/tests/test.yml modified: roles/eda_event_streams/tests/vars/event_streams.yml modified: roles/eda_projects/defaults/main.yml modified: roles/eda_projects/meta/argument_specs.yml modified: roles/eda_projects/meta/main.yml modified: roles/eda_projects/tasks/main.yml modified: roles/eda_projects/tests/test.yml modified: roles/eda_rulebook_activations/defaults/main.yml modified: roles/eda_rulebook_activations/meta/argument_specs.yml modified: roles/eda_rulebook_activations/meta/main.yml modified: roles/eda_rulebook_activations/tasks/main.yml modified: roles/eda_rulebook_activations/tests/test.yml modified: roles/eda_users/defaults/main.yml modified: roles/eda_users/meta/argument_specs.yml modified: roles/eda_users/meta/main.yml modified: roles/eda_users/tasks/main.yml modified: roles/eda_users/tests/test.yml modified: roles/gateway_applications/defaults/main.yml modified: roles/gateway_applications/meta/argument_specs.yml modified: roles/gateway_applications/tasks/main.yml modified: roles/gateway_applications/tests/test.yml modified: roles/gateway_authenticator_maps/defaults/main.yml modified: roles/gateway_authenticator_maps/meta/argument_specs.yml modified: roles/gateway_authenticator_maps/tasks/main.yml modified: roles/gateway_authenticators/defaults/main.yml modified: roles/gateway_authenticators/meta/argument_specs.yml modified: roles/gateway_authenticators/tasks/main.yml modified: roles/gateway_http_ports/defaults/main.yml modified: roles/gateway_http_ports/meta/argument_specs.yml modified: roles/gateway_http_ports/tasks/main.yml modified: roles/gateway_organizations/defaults/main.yml modified: roles/gateway_organizations/meta/argument_specs.yml modified: roles/gateway_organizations/tasks/main.yml modified: roles/gateway_role_user_assignments/defaults/main.yml modified: roles/gateway_role_user_assignments/meta/argument_specs.yml modified: roles/gateway_role_user_assignments/tasks/main.yml modified: roles/gateway_routes/defaults/main.yml modified: roles/gateway_routes/meta/argument_specs.yml modified: roles/gateway_routes/tasks/main.yml modified: roles/gateway_service_clusters/defaults/main.yml modified: roles/gateway_service_clusters/meta/argument_specs.yml modified: roles/gateway_service_clusters/tasks/main.yml modified: roles/gateway_service_keys/defaults/main.yml modified: roles/gateway_service_keys/meta/argument_specs.yml modified: roles/gateway_service_keys/tasks/main.yml modified: roles/gateway_service_nodes/defaults/main.yml modified: roles/gateway_service_nodes/meta/argument_specs.yml modified: roles/gateway_service_nodes/tasks/main.yml modified: roles/gateway_services/defaults/main.yml modified: roles/gateway_services/meta/argument_specs.yml modified: roles/gateway_services/tasks/main.yml modified: roles/gateway_settings/meta/argument_specs.yml modified: roles/gateway_teams/defaults/main.yml modified: roles/gateway_teams/meta/argument_specs.yml modified: roles/gateway_teams/tasks/main.yml modified: roles/gateway_users/defaults/main.yml modified: roles/gateway_users/meta/argument_specs.yml modified: roles/gateway_users/tasks/main.yml modified: roles/global_vars/defaults/main.yml modified: roles/global_vars/meta/main.yml modified: roles/hub_collection/defaults/main.yml modified: roles/hub_collection/meta/argument_specs.yml modified: roles/hub_collection/meta/main.yml modified: roles/hub_collection/tasks/main.yml modified: roles/hub_collection/tests/test.yml modified: roles/hub_collection_remote/defaults/main.yml modified: roles/hub_collection_remote/meta/argument_specs.yml modified: roles/hub_collection_remote/meta/main.yml modified: roles/hub_collection_remote/tasks/main.yml modified: roles/hub_collection_remote/tests/test.yml modified: roles/hub_collection_repository/defaults/main.yml modified: roles/hub_collection_repository/meta/argument_specs.yml modified: roles/hub_collection_repository/meta/main.yml modified: roles/hub_collection_repository/tasks/main.yml modified: roles/hub_collection_repository/tests/test.yml modified: roles/hub_collection_repository/tests/vars/repositories.yml modified: roles/hub_collection_repository_sync/defaults/main.yml modified: roles/hub_collection_repository_sync/meta/argument_specs.yml modified: roles/hub_collection_repository_sync/meta/main.yml modified: roles/hub_collection_repository_sync/tasks/main.yml modified: roles/hub_collection_repository_sync/tests/test.yml modified: roles/hub_collection_repository_sync/tests/vars/repositories.yml modified: roles/hub_ee_image/defaults/main.yml modified: roles/hub_ee_image/meta/argument_specs.yml modified: roles/hub_ee_image/meta/main.yml modified: roles/hub_ee_image/tasks/main.yml modified: roles/hub_ee_image/tests/test.yml modified: roles/hub_ee_registry/defaults/main.yml modified: roles/hub_ee_registry/meta/argument_specs.yml modified: roles/hub_ee_registry/meta/main.yml modified: roles/hub_ee_registry/tasks/main.yml modified: roles/hub_ee_registry/tests/test.yml modified: roles/hub_ee_registry_index/defaults/main.yml modified: roles/hub_ee_registry_index/meta/argument_specs.yml modified: roles/hub_ee_registry_index/meta/main.yml modified: roles/hub_ee_registry_index/tasks/main.yml modified: roles/hub_ee_registry_index/tests/test.yml modified: roles/hub_ee_registry_sync/defaults/main.yml modified: roles/hub_ee_registry_sync/meta/argument_specs.yml modified: roles/hub_ee_registry_sync/meta/main.yml modified: roles/hub_ee_registry_sync/tasks/main.yml modified: roles/hub_ee_registry_sync/tests/test.yml modified: roles/hub_ee_repository/defaults/main.yml modified: roles/hub_ee_repository/meta/argument_specs.yml modified: roles/hub_ee_repository/meta/main.yml modified: roles/hub_ee_repository/tasks/main.yml modified: roles/hub_ee_repository/tests/test.yml modified: roles/hub_ee_repository_sync/defaults/main.yml modified: roles/hub_ee_repository_sync/meta/argument_specs.yml modified: roles/hub_ee_repository_sync/meta/main.yml modified: roles/hub_ee_repository_sync/tasks/main.yml modified: roles/hub_ee_repository_sync/tests/test.yml modified: roles/hub_group/defaults/main.yml modified: roles/hub_group/meta/argument_specs.yml modified: roles/hub_group/meta/main.yml modified: roles/hub_group/tasks/main.yml modified: roles/hub_group/tests/test.yml modified: roles/hub_group_roles/defaults/main.yml modified: roles/hub_group_roles/meta/argument_specs.yml modified: roles/hub_group_roles/meta/main.yml modified: roles/hub_group_roles/tasks/main.yml modified: roles/hub_group_roles/tests/test.yml modified: roles/hub_namespace/defaults/main.yml modified: roles/hub_namespace/meta/argument_specs.yml modified: roles/hub_namespace/meta/main.yml modified: roles/hub_namespace/tasks/main.yml modified: roles/hub_namespace/tests/test.yml modified: roles/hub_namespace/tests/vars/namespaces.yml modified: roles/hub_publish/defaults/main.yml modified: roles/hub_publish/meta/argument_specs.yml modified: roles/hub_publish/meta/main.yml modified: roles/hub_publish/tasks/main.yml modified: roles/hub_publish/tests/test.yml modified: roles/hub_role/defaults/main.yml modified: roles/hub_role/meta/argument_specs.yml modified: roles/hub_role/meta/main.yml modified: roles/hub_role/tasks/main.yml modified: roles/hub_role/tests/test.yml modified: roles/hub_user/defaults/main.yml modified: roles/hub_user/meta/argument_specs.yml modified: roles/hub_user/meta/main.yml modified: roles/hub_user/tasks/main.yml modified: roles/hub_user/tests/test.yml modified: roles/meta_dependency_check/meta/main.yml modified: roles/meta_dependency_check/tasks/main.yml modified: roles/meta_dependency_check/tests/test.yml modified: tests/configs/controller/credential_input_sources.yml modified: tests/configs/controller/credentials.yml modified: tests/configs/controller/differential_items.yml modified: tests/configs/controller/execution_environments.yml modified: tests/configs/controller/inventories.yml modified: tests/configs/controller/notifications.yml modified: tests/configs/controller/roles.yml modified: tests/configs/controller/schedule.yml modified: tests/configs/controller/settings.yml modified: tests/configs/controller/settings_individuale.yml modified: tests/configs/controller/teams.yml modified: tests/configs/controller/templates.yml modified: tests/configs/gateway/authenticator_maps.yml modified: tests/configs/gateway/service_cluster.yml modified: tests/configs/gateway/services.yml modified: tests/configs/hub/ah_ansible_config.yml modified: tests/configs/hub/ah_auth.yml modified: tests/configs/hub/ah_collections.yml modified: tests/configs/hub/ah_namespaces.yml modified: tests/configs/hub/ah_repository.yml modified: tests/configs_export_model/credentials_export.yml modified: tests/configs_export_model/differential_items.yml modified: tests/configs_export_model/inventory_export.yml modified: tests/configs_export_model/inventory_sources_export.yml modified: tests/configs_export_model/job_templates_export.yml modified: tests/configs_export_model/notifications_templates_export.yml modified: tests/configs_export_model/organizations_export.yml modified: tests/configs_export_model/projects_export.yml modified: tests/configs_export_model/teams_export.yml modified: tests/configs_export_model/workflows.yml modified: tests/configure_controller.yml modified: tests/configure_controller_export_model.yml modified: tests/configure_platform.yml modified: tests/tasks/ad_hoc_cancel.yml modified: tests/tasks/differential.yml * modified: roles/controller_credential_input_sources/tasks/main.yml modified: roles/controller_credential_types/tasks/main.yml modified: roles/controller_credentials/tasks/main.yml modified: roles/controller_execution_environments/tasks/main.yml modified: roles/controller_host_groups/tasks/main.yml modified: roles/controller_hosts/tasks/main.yml modified: roles/controller_instance_groups/tasks/main.yml modified: roles/controller_instances/tasks/main.yml modified: roles/controller_inventories/tasks/main.yml modified: roles/controller_inventory_source_update/tasks/main.yml modified: roles/controller_inventory_sources/tasks/main.yml modified: roles/controller_job_templates/tasks/main.yml modified: roles/controller_labels/tasks/main.yml modified: roles/controller_notification_templates/tasks/main.yml modified: roles/controller_organizations/tasks/main.yml modified: roles/controller_projects/tasks/main.yml modified: roles/controller_roles/tasks/main.yml modified: roles/controller_schedules/tasks/main.yml modified: roles/controller_users/tasks/main.yml modified: roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml modified: roles/controller_workflow_job_templates/tasks/main.yml modified: roles/dispatch/defaults/main.yml modified: roles/eda_controller_tokens/tasks/main.yml modified: roles/eda_credential_types/tasks/main.yml modified: roles/eda_credentials/tasks/main.yml modified: roles/eda_event_streams/tasks/main.yml modified: roles/gateway_organizations/tasks/main.yml modified: roles/gateway_role_user_assignments/tasks/main.yml modified: roles/gateway_routes/tasks/main.yml modified: roles/gateway_service_keys/tasks/main.yml modified: roles/gateway_service_nodes/tasks/main.yml modified: roles/gateway_services/tasks/main.yml modified: roles/gateway_teams/tasks/main.yml modified: roles/gateway_users/tasks/main.yml modified: roles/hub_collection/tasks/main.yml modified: roles/hub_ee_registry/tasks/main.yml modified: roles/hub_ee_registry_index/tasks/main.yml modified: roles/hub_ee_registry_sync/tasks/main.yml modified: roles/hub_ee_repository/tasks/main.yml modified: roles/hub_ee_repository_sync/tasks/main.yml modified: roles/hub_group_roles/tasks/main.yml modified: roles/hub_namespace/tasks/main.yml modified: tests/configure_controller.yml modified: tests/configure_controller_export_model.yml * modified: playbooks/get_stats.yml modified: roles/controller_ad_hoc_command/meta/argument_specs.yml modified: roles/controller_ad_hoc_command_cancel/meta/argument_specs.yml modified: roles/controller_applications/meta/argument_specs.yml modified: roles/controller_bulk_host_create/meta/argument_specs.yml modified: roles/controller_bulk_job_launch/meta/argument_specs.yml modified: roles/controller_credential_input_sources/meta/argument_specs.yml modified: roles/controller_credential_types/meta/argument_specs.yml modified: roles/controller_credentials/meta/argument_specs.yml modified: roles/controller_execution_environments/meta/argument_specs.yml modified: roles/controller_host_groups/meta/argument_specs.yml modified: roles/controller_hosts/meta/argument_specs.yml modified: roles/controller_instance_groups/meta/argument_specs.yml modified: roles/controller_instances/meta/argument_specs.yml modified: roles/controller_inventories/meta/argument_specs.yml modified: roles/controller_inventory_source_update/meta/argument_specs.yml modified: roles/controller_inventory_sources/meta/argument_specs.yml modified: roles/controller_job_launch/meta/argument_specs.yml modified: roles/controller_job_templates/meta/argument_specs.yml modified: roles/controller_jobs_cancel/meta/argument_specs.yml modified: roles/controller_labels/meta/argument_specs.yml modified: roles/controller_license/meta/argument_specs.yml modified: roles/controller_notification_templates/meta/argument_specs.yml modified: roles/controller_organizations/meta/argument_specs.yml modified: roles/controller_project_update/meta/argument_specs.yml modified: roles/controller_projects/meta/argument_specs.yml modified: roles/controller_roles/meta/argument_specs.yml modified: roles/controller_schedules/meta/argument_specs.yml modified: roles/controller_settings/meta/argument_specs.yml modified: roles/controller_teams/meta/argument_specs.yml modified: roles/controller_users/meta/argument_specs.yml modified: roles/controller_workflow_job_templates/meta/argument_specs.yml modified: roles/controller_workflow_launch/meta/argument_specs.yml modified: roles/dispatch/meta/argument_specs.yml modified: roles/eda_controller_tokens/meta/argument_specs.yml modified: roles/eda_credential_types/meta/argument_specs.yml modified: roles/eda_credentials/meta/argument_specs.yml modified: roles/eda_decision_environments/meta/argument_specs.yml modified: roles/eda_event_streams/meta/argument_specs.yml modified: roles/eda_projects/meta/argument_specs.yml modified: roles/eda_rulebook_activations/meta/argument_specs.yml modified: roles/eda_users/meta/argument_specs.yml modified: roles/gateway_applications/meta/argument_specs.yml modified: roles/gateway_authenticator_maps/meta/argument_specs.yml modified: roles/gateway_authenticators/meta/argument_specs.yml modified: roles/gateway_http_ports/meta/argument_specs.yml modified: roles/gateway_organizations/meta/argument_specs.yml modified: roles/gateway_role_user_assignments/meta/argument_specs.yml modified: roles/gateway_routes/meta/argument_specs.yml modified: roles/gateway_service_clusters/meta/argument_specs.yml modified: roles/gateway_service_keys/meta/argument_specs.yml modified: roles/gateway_service_nodes/meta/argument_specs.yml modified: roles/gateway_services/meta/argument_specs.yml modified: roles/gateway_settings/meta/argument_specs.yml modified: roles/gateway_teams/meta/argument_specs.yml modified: roles/gateway_users/meta/argument_specs.yml modified: roles/hub_collection/meta/argument_specs.yml modified: roles/hub_collection_remote/meta/argument_specs.yml modified: roles/hub_collection_repository/meta/argument_specs.yml modified: roles/hub_collection_repository_sync/meta/argument_specs.yml modified: roles/hub_ee_image/meta/argument_specs.yml modified: roles/hub_ee_registry/meta/argument_specs.yml modified: roles/hub_ee_registry_index/meta/argument_specs.yml modified: roles/hub_ee_registry_sync/meta/argument_specs.yml modified: roles/hub_ee_repository/meta/argument_specs.yml modified: roles/hub_ee_repository_sync/meta/argument_specs.yml modified: roles/hub_group/meta/argument_specs.yml modified: roles/hub_group_roles/meta/argument_specs.yml modified: roles/hub_namespace/meta/argument_specs.yml modified: roles/hub_publish/meta/argument_specs.yml modified: roles/hub_role/meta/argument_specs.yml modified: roles/hub_user/meta/argument_specs.yml * modified: roles/controller_credential_types/tasks/main.yml modified: roles/controller_execution_environments/tasks/main.yml modified: roles/controller_host_groups/tasks/main.yml modified: roles/controller_hosts/tasks/main.yml modified: roles/controller_instance_groups/tasks/main.yml modified: roles/controller_instances/tasks/main.yml modified: roles/controller_inventories/tasks/main.yml modified: roles/controller_inventory_sources/tasks/main.yml modified: roles/controller_job_templates/tasks/async.yml modified: roles/controller_job_templates/tasks/main.yml modified: roles/controller_license/tasks/main.yml modified: roles/controller_license/tasks/manifest.yml modified: roles/controller_notification_templates/tasks/main.yml modified: roles/controller_organizations/tasks/main.yml modified: roles/controller_projects/tasks/main.yml modified: roles/controller_roles/tasks/main.yml modified: roles/controller_schedules/tasks/main.yml modified: roles/controller_users/tasks/main.yml modified: roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml modified: roles/controller_workflow_job_templates/tasks/main.yml * modified: CONVERSION_GUIDE.md modified: EXPORT_README.md modified: roles/ansible_config/README.md modified: roles/controller_ad_hoc_command/README.md modified: roles/controller_ad_hoc_command_cancel/README.md modified: roles/controller_applications/README.md modified: roles/controller_applications/meta/argument_specs.yml modified: roles/controller_bulk_host_create/README.md modified: roles/controller_bulk_job_launch/README.md modified: roles/controller_credential_input_sources/README.md modified: roles/controller_credential_types/README.md modified: roles/controller_credentials/README.md modified: roles/controller_credentials/meta/argument_specs.yml modified: roles/controller_execution_environments/README.md modified: roles/controller_host_groups/README.md modified: roles/controller_hosts/README.md modified: roles/controller_instance_groups/README.md modified: roles/controller_instances/README.md modified: roles/controller_inventories/README.md modified: roles/controller_inventory_source_update/README.md modified: roles/controller_inventory_sources/README.md modified: roles/controller_job_launch/README.md modified: roles/controller_job_launch/meta/argument_specs.yml modified: roles/controller_job_templates/README.md modified: roles/controller_jobs_cancel/README.md modified: roles/controller_labels/README.md modified: roles/controller_license/README.md modified: roles/controller_notification_templates/README.md modified: roles/controller_organizations/README.md modified: roles/controller_project_update/README.md modified: roles/controller_projects/README.md modified: roles/controller_projects/meta/argument_specs.yml modified: roles/controller_roles/README.md modified: roles/controller_schedules/README.md modified: roles/controller_settings/README.md modified: roles/controller_teams/README.md modified: roles/controller_users/README.md modified: roles/controller_users/meta/argument_specs.yml modified: roles/controller_workflow_job_templates/README.md modified: roles/controller_workflow_launch/README.md modified: roles/controller_workflow_launch/meta/argument_specs.yml modified: roles/eda_controller_tokens/README.md modified: roles/eda_credential_types/README.md modified: roles/eda_credentials/README.md modified: roles/eda_decision_environments/README.md modified: roles/eda_event_streams/README.md modified: roles/eda_projects/README.md modified: roles/eda_rulebook_activations/README.md modified: roles/eda_users/README.md modified: roles/gateway_applications/README.md modified: roles/gateway_applications/meta/argument_specs.yml modified: roles/gateway_authenticator_maps/README.md modified: roles/gateway_authenticators/README.md modified: roles/gateway_http_ports/README.md modified: roles/gateway_http_ports/meta/argument_specs.yml modified: roles/gateway_organizations/README.md modified: roles/gateway_role_user_assignments/README.md modified: roles/gateway_routes/README.md modified: roles/gateway_service_clusters/README.md modified: roles/gateway_service_keys/README.md modified: roles/gateway_service_nodes/README.md modified: roles/gateway_services/README.md modified: roles/gateway_settings/README.md modified: roles/gateway_teams/README.md modified: roles/gateway_users/README.md modified: roles/gateway_users/meta/argument_specs.yml modified: roles/hub_collection/README.md modified: roles/hub_collection_remote/README.md modified: roles/hub_collection_repository/README.md modified: roles/hub_collection_repository_sync/README.md modified: roles/hub_ee_image/README.md modified: roles/hub_ee_registry/README.md modified: roles/hub_ee_registry_index/README.md modified: roles/hub_ee_registry_sync/README.md modified: roles/hub_ee_repository/README.md modified: roles/hub_ee_repository_sync/README.md modified: roles/hub_group/README.md modified: roles/hub_group_roles/README.md modified: roles/hub_namespace/README.md modified: roles/hub_publish/README.md modified: roles/hub_role/README.md modified: roles/hub_user/README.md modified: tests/configs/controller/settings.yml modified: tests/configs/controller/settings_individuale.yml modified: tests/templated_role_example/README.md --- .ansible-lint | 159 ++++++++++++++---- .markdownlint.yml | 4 +- .pre-commit-config.yaml | 12 +- .yamllint.yml => .yamllint | 6 +- CONVERSION_GUIDE.md | 6 +- EXPORT_README.md | 4 +- meta/runtime.yml | 2 +- playbooks/configure_aap.yml | 2 +- playbooks/get_stats.yml | 6 +- playbooks/rename_objects.yaml | 10 +- playbooks/set_organization.yaml | 10 +- roles/ansible_config/README.md | 6 +- roles/ansible_config/defaults/main.yml | 2 +- roles/ansible_config/meta/argument_specs.yml | 1 - roles/ansible_config/meta/main.yml | 24 ++- roles/ansible_config/tasks/main.yml | 8 +- roles/ansible_config/tests/test.yml | 2 +- roles/controller_ad_hoc_command/README.md | 16 +- roles/controller_ad_hoc_command/meta/main.yml | 22 +-- .../controller_ad_hoc_command/tasks/main.yml | 44 ++--- .../controller_ad_hoc_command/tests/test.yml | 4 +- .../README.md | 10 +- .../meta/main.yml | 22 +-- .../tasks/main.yml | 22 +-- .../tests/test.yml | 4 +- roles/controller_applications/README.md | 14 +- .../controller_applications/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 5 +- roles/controller_applications/meta/main.yml | 24 +-- roles/controller_applications/tasks/main.yml | 47 +++--- roles/controller_applications/tests/test.yml | 4 +- roles/controller_bulk_host_create/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- .../controller_bulk_host_create/meta/main.yml | 20 +-- .../tasks/main.yml | 26 +-- roles/controller_bulk_job_launch/README.md | 12 +- .../controller_bulk_job_launch/meta/main.yml | 20 +-- .../controller_bulk_job_launch/tasks/main.yml | 38 ++--- .../README.md | 12 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../meta/main.yml | 32 ++-- .../tasks/main.yml | 38 ++--- .../tests/test.yml | 4 +- roles/controller_credential_types/README.md | 14 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../controller_credential_types/meta/main.yml | 24 +-- .../tasks/main.yml | 38 ++--- .../tests/test.yml | 4 +- roles/controller_credentials/README.md | 16 +- .../controller_credentials/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 5 +- roles/controller_credentials/meta/main.yml | 24 +-- roles/controller_credentials/tasks/main.yml | 46 ++--- roles/controller_credentials/tests/test.yml | 4 +- .../README.md | 12 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../meta/main.yml | 24 +-- .../tasks/main.yml | 45 ++--- .../tests/test.yml | 4 +- roles/controller_host_groups/README.md | 18 +- .../controller_host_groups/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 6 +- roles/controller_host_groups/meta/main.yml | 22 +-- roles/controller_host_groups/tasks/main.yml | 44 ++--- roles/controller_host_groups/tests/test.yml | 4 +- roles/controller_hosts/README.md | 12 +- roles/controller_hosts/defaults/main.yml | 2 +- .../controller_hosts/meta/argument_specs.yml | 3 +- roles/controller_hosts/meta/main.yml | 22 +-- roles/controller_hosts/tasks/main.yml | 38 ++--- roles/controller_hosts/tests/test.yml | 4 +- roles/controller_instance_groups/README.md | 14 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../controller_instance_groups/meta/main.yml | 14 +- .../controller_instance_groups/tasks/main.yml | 51 +++--- .../controller_instance_groups/tests/test.yml | 4 +- roles/controller_instances/README.md | 18 +- roles/controller_instances/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 6 +- roles/controller_instances/meta/main.yml | 14 +- roles/controller_instances/tasks/main.yml | 40 ++--- roles/controller_instances/tests/test.yml | 4 +- roles/controller_inventories/README.md | 14 +- .../controller_inventories/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- roles/controller_inventories/meta/main.yml | 26 +-- roles/controller_inventories/tasks/main.yml | 51 +++--- .../tests/configs/inventories.yml | 2 +- roles/controller_inventories/tests/test.yml | 4 +- .../README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../meta/main.yml | 22 +-- .../tasks/main.yml | 34 ++-- .../tests/test.yml | 4 +- roles/controller_inventory_sources/README.md | 14 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../meta/main.yml | 26 +-- .../tasks/main.yml | 78 ++++----- .../tests/test.yml | 4 +- roles/controller_job_launch/README.md | 10 +- .../meta/argument_specs.yml | 2 +- roles/controller_job_launch/meta/main.yml | 22 +-- roles/controller_job_launch/tasks/main.yml | 58 +++---- roles/controller_job_launch/tests/test.yml | 4 +- roles/controller_job_templates/README.md | 14 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- roles/controller_job_templates/meta/main.yml | 22 +-- .../controller_job_templates/tasks/async.yml | 25 +-- roles/controller_job_templates/tasks/main.yml | 134 +++++++-------- roles/controller_job_templates/tests/test.yml | 4 +- roles/controller_jobs_cancel/README.md | 10 +- roles/controller_jobs_cancel/meta/main.yml | 22 +-- roles/controller_jobs_cancel/tasks/main.yml | 18 +- roles/controller_jobs_cancel/tests/test.yml | 4 +- roles/controller_labels/README.md | 10 +- roles/controller_labels/defaults/main.yml | 2 +- .../controller_labels/meta/argument_specs.yml | 3 +- roles/controller_labels/meta/main.yml | 24 +-- roles/controller_labels/tasks/main.yml | 32 ++-- roles/controller_labels/tests/test.yml | 4 +- roles/controller_license/README.md | 14 +- .../meta/argument_specs.yml | 3 +- roles/controller_license/meta/main.yml | 16 +- roles/controller_license/tasks/main.yml | 4 +- roles/controller_license/tasks/manifest.yml | 22 +-- .../controller_license/tasks/subscription.yml | 10 +- .../tests/config/license.yml | 2 +- roles/controller_license/tests/test.yml | 4 +- .../README.md | 12 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 5 +- .../meta/main.yml | 22 +-- .../tasks/main.yml | 45 ++--- .../tests/configs/notifications.yml | 4 +- .../tests/test.yml | 4 +- roles/controller_organizations/README.md | 14 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- roles/controller_organizations/meta/main.yml | 24 +-- roles/controller_organizations/tasks/main.yml | 53 +++--- roles/controller_organizations/tests/test.yml | 4 +- roles/controller_project_update/README.md | 10 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/controller_project_update/meta/main.yml | 22 +-- .../controller_project_update/tasks/main.yml | 34 ++-- .../controller_project_update/tests/test.yml | 4 +- roles/controller_projects/README.md | 20 +-- roles/controller_projects/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 5 +- roles/controller_projects/meta/main.yml | 24 +-- roles/controller_projects/tasks/main.yml | 80 ++++----- roles/controller_projects/tests/test.yml | 4 +- roles/controller_roles/README.md | 12 +- roles/controller_roles/defaults/main.yml | 2 +- .../controller_roles/meta/argument_specs.yml | 3 +- roles/controller_roles/meta/main.yml | 22 +-- roles/controller_roles/tasks/main.yml | 68 ++++---- roles/controller_roles/tests/test.yml | 4 +- roles/controller_schedules/README.md | 14 +- roles/controller_schedules/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- roles/controller_schedules/meta/main.yml | 22 +-- roles/controller_schedules/tasks/main.yml | 77 ++++----- roles/controller_schedules/tests/test.yml | 4 +- roles/controller_settings/README.md | 8 +- roles/controller_settings/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 4 +- roles/controller_settings/meta/main.yml | 18 +- roles/controller_settings/tasks/main.yml | 28 +-- .../tests/configs/settings.yml | 6 +- roles/controller_settings/tests/test.yml | 4 +- roles/controller_teams/README.md | 12 +- roles/controller_teams/defaults/main.yml | 2 +- .../controller_teams/meta/argument_specs.yml | 3 +- roles/controller_teams/meta/main.yml | 24 +-- roles/controller_teams/tasks/main.yml | 34 ++-- .../controller_teams/tests/configs/teams.yml | 18 +- roles/controller_teams/tests/test.yml | 4 +- roles/controller_users/README.md | 14 +- roles/controller_users/defaults/main.yml | 4 +- .../controller_users/meta/argument_specs.yml | 5 +- roles/controller_users/meta/main.yml | 22 +-- roles/controller_users/tasks/main.yml | 46 ++--- roles/controller_users/tests/test.yml | 4 +- .../README.md | 12 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 3 +- .../meta/main.yml | 26 +-- .../tasks/add_workflows_schema.yml | 117 ++++++------- .../tasks/main.yml | 88 +++++----- .../tests/configs/controller_workflows.yml | 30 ++-- .../tests/test.yaml | 4 +- roles/controller_workflow_launch/README.md | 10 +- .../meta/argument_specs.yml | 2 +- .../controller_workflow_launch/meta/main.yml | 22 +-- .../controller_workflow_launch/tasks/main.yml | 32 ++-- .../controller_workflow_launch/tests/test.yml | 4 +- roles/dispatch/defaults/main.yml | 3 +- roles/dispatch/meta/argument_specs.yml | 1 - roles/dispatch/meta/main.yml | 26 +-- roles/dispatch/tasks/main.yml | 4 +- roles/dispatch/tests/configs/credentials.yml | 4 +- roles/dispatch/tests/configs/inventories.yml | 2 +- roles/dispatch/tests/test.yml | 3 +- roles/eda_controller_tokens/README.md | 8 +- roles/eda_controller_tokens/defaults/main.yml | 3 +- .../meta/argument_specs.yml | 2 +- roles/eda_controller_tokens/meta/main.yml | 18 +- roles/eda_controller_tokens/tasks/main.yml | 15 +- roles/eda_controller_tokens/tests/test.yml | 2 +- roles/eda_credential_types/README.md | 8 +- roles/eda_credential_types/defaults/main.yml | 3 +- .../meta/argument_specs.yml | 2 +- roles/eda_credential_types/meta/main.yml | 28 +-- roles/eda_credential_types/tasks/main.yml | 9 +- roles/eda_credential_types/tests/test.yml | 2 +- roles/eda_credentials/README.md | 8 +- roles/eda_credentials/defaults/main.yml | 3 +- roles/eda_credentials/meta/argument_specs.yml | 2 +- roles/eda_credentials/meta/main.yml | 24 +-- roles/eda_credentials/tasks/main.yml | 21 ++- roles/eda_credentials/tests/test.yml | 2 +- .../tests/vars/credentials.yml | 4 +- roles/eda_decision_environments/README.md | 8 +- .../defaults/main.yml | 3 +- .../meta/argument_specs.yml | 2 +- roles/eda_decision_environments/meta/main.yml | 24 +-- .../eda_decision_environments/tasks/main.yml | 28 +-- .../eda_decision_environments/tests/test.yml | 2 +- roles/eda_event_streams/README.md | 8 +- roles/eda_event_streams/defaults/main.yml | 3 +- .../eda_event_streams/meta/argument_specs.yml | 2 +- roles/eda_event_streams/meta/main.yml | 28 +-- roles/eda_event_streams/tasks/main.yml | 9 +- roles/eda_event_streams/tests/test.yml | 2 +- .../tests/vars/event_streams.yml | 4 +- roles/eda_projects/README.md | 8 +- roles/eda_projects/defaults/main.yml | 3 +- roles/eda_projects/meta/argument_specs.yml | 2 +- roles/eda_projects/meta/main.yml | 24 +-- roles/eda_projects/tasks/main.yml | 25 ++- roles/eda_projects/tests/test.yml | 2 +- roles/eda_rulebook_activations/README.md | 8 +- .../defaults/main.yml | 3 +- .../meta/argument_specs.yml | 2 +- roles/eda_rulebook_activations/meta/main.yml | 28 +-- roles/eda_rulebook_activations/tasks/main.yml | 42 ++--- roles/eda_rulebook_activations/tests/test.yml | 2 +- roles/eda_users/README.md | 8 +- roles/eda_users/defaults/main.yml | 3 +- roles/eda_users/meta/argument_specs.yml | 2 +- roles/eda_users/meta/main.yml | 24 +-- roles/eda_users/tasks/main.yml | 29 ++-- roles/eda_users/tests/test.yml | 2 +- roles/gateway_applications/README.md | 14 +- roles/gateway_applications/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 22 +-- roles/gateway_applications/tasks/main.yml | 3 +- roles/gateway_applications/tests/test.yml | 4 +- roles/gateway_authenticator_maps/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 29 +--- .../gateway_authenticator_maps/tasks/main.yml | 3 +- roles/gateway_authenticators/README.md | 8 +- .../gateway_authenticators/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 14 +- roles/gateway_authenticators/tasks/main.yml | 3 +- roles/gateway_http_ports/README.md | 10 +- roles/gateway_http_ports/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 16 +- roles/gateway_http_ports/tasks/main.yml | 3 +- roles/gateway_organizations/README.md | 8 +- roles/gateway_organizations/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 11 +- roles/gateway_role_user_assignments/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 10 +- roles/gateway_routes/README.md | 8 +- roles/gateway_routes/defaults/main.yml | 2 +- roles/gateway_routes/meta/argument_specs.yml | 34 +--- roles/gateway_service_clusters/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 15 +- roles/gateway_service_clusters/tasks/main.yml | 3 +- roles/gateway_service_keys/README.md | 8 +- roles/gateway_service_keys/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 20 +-- roles/gateway_service_nodes/README.md | 12 +- roles/gateway_service_nodes/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 11 +- roles/gateway_services/README.md | 8 +- roles/gateway_services/defaults/main.yml | 2 +- .../gateway_services/meta/argument_specs.yml | 35 +--- roles/gateway_settings/README.md | 8 +- .../gateway_settings/meta/argument_specs.yml | 15 +- roles/gateway_teams/README.md | 8 +- roles/gateway_teams/defaults/main.yml | 2 +- roles/gateway_teams/meta/argument_specs.yml | 11 +- roles/gateway_users/README.md | 10 +- roles/gateway_users/defaults/main.yml | 2 +- roles/gateway_users/meta/argument_specs.yml | 15 +- roles/global_vars/defaults/main.yml | 12 +- roles/global_vars/meta/main.yml | 8 +- roles/hub_collection/README.md | 8 +- roles/hub_collection/defaults/main.yml | 2 +- roles/hub_collection/meta/argument_specs.yml | 2 +- roles/hub_collection/meta/main.yml | 22 +-- roles/hub_collection/tasks/main.yml | 42 ++--- roles/hub_collection/tests/test.yml | 2 +- roles/hub_collection_remote/README.md | 14 +- roles/hub_collection_remote/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/hub_collection_remote/meta/main.yml | 20 +-- roles/hub_collection_remote/tasks/main.yml | 73 ++++---- roles/hub_collection_remote/tests/test.yml | 2 +- roles/hub_collection_repository/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/hub_collection_repository/meta/main.yml | 20 +-- .../hub_collection_repository/tasks/main.yml | 45 ++--- .../hub_collection_repository/tests/test.yml | 2 +- .../tests/vars/repositories.yml | 8 +- .../hub_collection_repository_sync/README.md | 8 +- .../defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- .../meta/main.yml | 20 +-- .../tasks/main.yml | 29 ++-- .../tests/test.yml | 2 +- .../tests/vars/repositories.yml | 8 +- roles/hub_ee_image/README.md | 8 +- roles/hub_ee_image/defaults/main.yml | 2 +- roles/hub_ee_image/meta/argument_specs.yml | 2 +- roles/hub_ee_image/meta/main.yml | 22 +-- roles/hub_ee_image/tasks/main.yml | 23 ++- roles/hub_ee_image/tests/test.yml | 2 +- roles/hub_ee_registry/README.md | 8 +- roles/hub_ee_registry/defaults/main.yml | 2 +- roles/hub_ee_registry/meta/argument_specs.yml | 2 +- roles/hub_ee_registry/meta/main.yml | 22 +-- roles/hub_ee_registry/tasks/main.yml | 41 +++-- roles/hub_ee_registry/tests/test.yml | 2 +- roles/hub_ee_registry_index/README.md | 8 +- roles/hub_ee_registry_index/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/hub_ee_registry_index/meta/main.yml | 24 +-- roles/hub_ee_registry_index/tasks/main.yml | 27 ++- roles/hub_ee_registry_index/tests/test.yml | 2 +- roles/hub_ee_registry_sync/README.md | 8 +- roles/hub_ee_registry_sync/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/hub_ee_registry_sync/meta/main.yml | 24 +-- roles/hub_ee_registry_sync/tasks/main.yml | 27 ++- roles/hub_ee_registry_sync/tests/test.yml | 2 +- roles/hub_ee_repository/README.md | 8 +- roles/hub_ee_repository/defaults/main.yml | 2 +- .../hub_ee_repository/meta/argument_specs.yml | 2 +- roles/hub_ee_repository/meta/main.yml | 22 +-- roles/hub_ee_repository/tasks/main.yml | 37 ++-- roles/hub_ee_repository/tests/test.yml | 2 +- roles/hub_ee_repository_sync/README.md | 8 +- .../hub_ee_repository_sync/defaults/main.yml | 2 +- .../meta/argument_specs.yml | 2 +- roles/hub_ee_repository_sync/meta/main.yml | 24 +-- roles/hub_ee_repository_sync/tasks/main.yml | 27 ++- roles/hub_ee_repository_sync/tests/test.yml | 2 +- roles/hub_group/README.md | 8 +- roles/hub_group/defaults/main.yml | 2 +- roles/hub_group/meta/argument_specs.yml | 2 +- roles/hub_group/meta/main.yml | 22 +-- roles/hub_group/tasks/main.yml | 23 ++- roles/hub_group/tests/test.yml | 2 +- roles/hub_group_roles/README.md | 8 +- roles/hub_group_roles/defaults/main.yml | 2 +- roles/hub_group_roles/meta/argument_specs.yml | 2 +- roles/hub_group_roles/meta/main.yml | 22 +-- roles/hub_group_roles/tasks/main.yml | 24 +-- roles/hub_group_roles/tests/test.yml | 2 +- roles/hub_namespace/README.md | 8 +- roles/hub_namespace/defaults/main.yml | 2 +- roles/hub_namespace/meta/argument_specs.yml | 2 +- roles/hub_namespace/meta/main.yml | 22 +-- roles/hub_namespace/tasks/main.yml | 40 ++--- roles/hub_namespace/tests/test.yml | 2 +- roles/hub_namespace/tests/vars/namespaces.yml | 4 +- roles/hub_publish/README.md | 12 +- roles/hub_publish/defaults/main.yml | 4 +- roles/hub_publish/meta/argument_specs.yml | 2 +- roles/hub_publish/meta/main.yml | 24 +-- roles/hub_publish/tasks/main.yml | 80 ++++----- roles/hub_publish/tests/test.yml | 2 +- roles/hub_role/README.md | 8 +- roles/hub_role/defaults/main.yml | 2 +- roles/hub_role/meta/argument_specs.yml | 2 +- roles/hub_role/meta/main.yml | 20 +-- roles/hub_role/tasks/main.yml | 27 ++- roles/hub_role/tests/test.yml | 2 +- roles/hub_user/README.md | 8 +- roles/hub_user/defaults/main.yml | 2 +- roles/hub_user/meta/argument_specs.yml | 2 +- roles/hub_user/meta/main.yml | 22 +-- roles/hub_user/tasks/main.yml | 37 ++-- roles/hub_user/tests/test.yml | 2 +- roles/meta_dependency_check/meta/main.yml | 6 +- roles/meta_dependency_check/tasks/main.yml | 4 +- roles/meta_dependency_check/tests/test.yml | 1 - .../controller/credential_input_sources.yml | 4 +- tests/configs/controller/credentials.yml | 12 +- .../configs/controller/differential_items.yml | 14 +- .../controller/execution_environments.yml | 2 +- tests/configs/controller/inventories.yml | 2 +- tests/configs/controller/notifications.yml | 13 +- tests/configs/controller/roles.yml | 6 +- tests/configs/controller/schedule.yml | 4 +- tests/configs/controller/settings.yml | 2 +- .../controller/settings_individuale.yml | 2 +- tests/configs/controller/teams.yml | 16 +- tests/configs/controller/templates.yml | 11 +- tests/configs/gateway/authenticator_maps.yml | 20 +-- tests/configs/gateway/service_cluster.yml | 12 +- tests/configs/gateway/services.yml | 16 +- tests/configs/hub/ah_ansible_config.yml | 6 +- tests/configs/hub/ah_auth.yml | 2 +- tests/configs/hub/ah_collections.yml | 4 +- tests/configs/hub/ah_namespaces.yml | 4 +- tests/configs/hub/ah_repository.yml | 14 +- .../credentials_export.yml | 26 ++- .../differential_items.yml | 20 +-- .../configs_export_model/inventory_export.yml | 16 +- .../inventory_sources_export.yml | 10 +- .../job_templates_export.yml | 70 ++++---- .../notifications_templates_export.yml | 24 +-- .../organizations_export.yml | 4 +- .../configs_export_model/projects_export.yml | 8 +- tests/configs_export_model/teams_export.yml | 2 +- tests/configs_export_model/workflows.yml | 14 +- tests/configure_controller.yml | 43 +++-- tests/configure_controller_export_model.yml | 45 +++-- tests/configure_platform.yml | 21 ++- tests/tasks/ad_hoc_cancel.yml | 6 +- tests/tasks/differential.yml | 56 +++--- tests/templated_role_example/README.md | 10 +- 450 files changed, 3045 insertions(+), 3113 deletions(-) rename .yamllint.yml => .yamllint (93%) diff --git a/.ansible-lint b/.ansible-lint index 5a98c4203..f99d8513a 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,37 +1,25 @@ --- -# The exclude_paths does not appear to be working in pre-commit -# this issue describes similar behavior but suggested fix doesn't work -# https://github.com/ansible/ansible-lint/issues/371 -# exclude_paths: +# .ansible-lint + +profile: production # min, basic, moderate,safety, shared, production + +# Allows dumping of results in SARIF format +# sarif_file: result.sarif + +# exclude_paths included in this file are parsed relative to this file's location +# and not relative to the CWD of execution. CLI arguments passed to the --exclude +# option are parsed relative to the CWD of execution. exclude_paths: - - '.github/' - - 'changelogs/' - - 'tests/templated_role_example' + - .github/ + - changelogs/ + - tests/templated_role_example + parseable: true -use_default_rules: true -# https://github.com/ansible/ansible-lint/issues/808 -# with verbosity set to 1, its dumping 'unknown file type messages' +# quiet: true +# strict: true # verbosity: 1 -skip_list: - # Skipping fqcn[action] because this collection supports using either the awx.awx or ansible.controller collection - # so a FQCN cannot be used in module names - - fqcn[action] - - fqcn[keyword] - - jinja[spacing] - - meta-runtime # This collection with the appropriate awx.awx or ansible.controller still works with older ansible. - - role-name[path] - - sanity[cannot-ignore] # We're only ignoring sanity rules when we have to - - var-naming[no-role-prefix] -kinds: - - playbooks: "**/examples/templates/*.{yml,yaml}" - - playbooks: "**/examples/*.{yml,yaml}" - - playbooks: "**/examples/automatetheautomation/*.{yml,yaml}" - - tasks: "**/examples/tasks/*.yml" - - vars: "**/examples/automatetheautomation/orgs_vars/**/*.yml" - - vars: "**/examples/configs/*.yml" - - vars: "**/examples/configs_export_model/*.yml" - - vars: "**/examples/vars/*.yml" - - vars: "**/roles/**/tests/configs/*.yml" + +# Mock modules or roles in order to pass ansible-playbook --syntax-check mock_modules: - ansible.platform.authenticator_map - ansible.platform.user @@ -48,4 +36,115 @@ mock_modules: - ansible.platform.http_port - ansible.platform.route - job_wait + +# mock_roles: +# - mocked_role +# - author.role_name # old standalone galaxy role +# - fake_namespace.fake_collection.fake_role # role within a collection + +# Enable checking of loop variable prefixes in roles +loop_var_prefix: ^(__|{role}_) + +# Enforce variable names to follow pattern below, in addition to Ansible own +# requirements, like avoiding python identifiers. To disable add `var-naming` +# to skip_list. +var_naming_pattern: ^[a-z_][a-z0-9_]*$ + +use_default_rules: true +# Load custom rules from this specific folder +# rulesdir: +# - ./rule/directory/ + +# Ansible-lint is able to recognize and load skip rules stored inside +# `.ansible-lint-ignore` (or `.config/ansible-lint-ignore.txt`) files. +# To skip a rule just enter filename and tag, like "playbook.yml package-latest" +# on a new line. +# Optionally you can add comments after the tag, prefixed by "#". We discourage +# the use of skip_list below because that will hide violations from the output. +# When putting ignores inside the ignore file, they are marked as ignored, but +# still visible, making it easier to address later. +skip_list: + # Skipping fqcn[action] because this collection supports using either the awx.awx or ansible.controller collection + # so a FQCN cannot be used in module names + - fqcn[action] + - fqcn[keyword] + - jinja[spacing] + - meta-runtime # This collection with the appropriate awx.awx or ansible.controller still works with older ansible. + - role-name[path] + - sanity[cannot-ignore] # We're only ignoring sanity rules when we have to + - var-naming[no-role-prefix] + +# Ansible-lint does not automatically load rules that have the 'opt-in' tag. +# You must enable opt-in rules by listing each rule 'id' below. +enable_list: + - args + - empty-string-compare # opt-in + - no-log-password # opt-in + - no-same-owner # opt-in + - name[prefix] # opt-in + - galaxy-version-incorrect # opt-in + # add yaml here if you want to avoid ignoring yaml checks when yamllint + # library is missing. Normally its absence just skips using that rule. + - yaml +# Report only a subset of tags and fully ignore any others +# tags: +# - jinja[spacing] + +# Ansible-lint does not fail on warnings from the rules or tags listed below +warn_list: + - experimental # experimental is included in the implicit list + # - role-name + # - yaml[document-start] # you can also use sub-rule matches + +# Some rules can transform files to fix (or make it easier to fix) identified +# errors. `ansible-lint --fix` will reformat YAML files and run these transforms. +# By default it will run all transforms (effectively `write_list: ["all"]`). +# You can disable running transforms by setting `write_list: ["none"]`. +# Or only enable a subset of rule transforms by listing rules/tags here. +# write_list: +# - all + +# Offline mode disables installation of requirements.yml and schema refreshing +offline: true + +# Define required Ansible's variables to satisfy syntax check +# extra_vars: +# foo: bar +# multiline_string_variable: | +# line1 +# line2 +# complex_variable: ":{;\t$()" + +# Uncomment to enforce action validation with tasks, usually is not +# needed as Ansible syntax check also covers it. +# skip_action_validation: false + +# List of additional kind:pattern to be added at the top of the default +# match list, first match determines the file kind. +# kinds: +# - playbook: "**/examples/*.{yml,yaml}" +# - galaxy: "**/folder/galaxy.yml" +# - tasks: "**/tasks/*.yml" +# - vars: "**/vars/*.yml" +# - meta: "**/meta/main.yml" +# - yaml: "**/*.yaml-too" + +# List of additional collections to allow in only-builtins rule. +# only_builtins_allow_collections: +# - example_ns.example_collection + +# List of additions modules to allow in only-builtins rule. +# only_builtins_allow_modules: +# - example_module + +# Allow setting custom prefix for name[prefix] rule +task_name_prefix: "{stem} | " +# Complexity related settings + +# Limit the depth of the nested blocks: +# max_block_depth: 20 + +# Also recognize these versions of Ansible as supported: +# supported_ansible_also: +# - "2.14" ... diff --git a/.markdownlint.yml b/.markdownlint.yml index eb1dcb865..ace084ec5 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -4,7 +4,7 @@ default: true # MD003/heading-style/header-style - Heading style # This will ensure that the heading format is consistent across all markdown files MD003: - style: "atx" + style: atx # MD013/line-length - Line length # Setting to false to match the yamllint setting @@ -17,5 +17,5 @@ MD0046: MD033: allowed_elements: - - "br" + - br ... diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f6274fdfe..ed1ad5189 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,11 +1,11 @@ --- repos: - - repo: 'https://github.com/pre-commit/pre-commit-hooks' + - repo: https://github.com/pre-commit/pre-commit-hooks rev: v5.0.0 hooks: - id: end-of-file-fixer - id: trailing-whitespace - - repo: 'https://github.com/ansible-community/ansible-lint.git' + - repo: https://github.com/ansible-community/ansible-lint.git rev: v24.9.2 hooks: # see discussions here about what arguments are used, and behavior @@ -15,12 +15,12 @@ repos: - id: ansible-lint pass_filenames: false always_run: true - entry: "ansible-lint" + entry: ansible-lint args: - - "--profile=production" + - --profile=production additional_dependencies: - - "ansible-core>=2.15" - - "yamllint>=1.26,<2.0" + - ansible-core>=2.15 + - yamllint>=1.26,<2.0 - repo: https://github.com/DavidAnson/markdownlint-cli2 rev: v0.14.0 hooks: diff --git a/.yamllint.yml b/.yamllint similarity index 93% rename from .yamllint.yml rename to .yamllint index f84073ebe..c9157e24a 100644 --- a/.yamllint.yml +++ b/.yamllint @@ -14,7 +14,7 @@ rules: min-spaces-from-content: 1 # prettier compatibility comments-indentation: false document-start: disable - document-end: {present: true} + document-end: { present: true } indentation: level: error # Require indentation https://redhat-cop.github.io/automation-good-practices/#_yaml_and_jinja2_syntax @@ -31,6 +31,6 @@ rules: level: error # Allow only YAML 1.2 booleans https://redhat-cop.github.io/automation-good-practices/#_yaml_and_jinja2_syntax allowed-values: - - 'true' - - 'false' + - "true" + - "false" ... diff --git a/CONVERSION_GUIDE.md b/CONVERSION_GUIDE.md index ae4b56ff4..dbf6f2b27 100644 --- a/CONVERSION_GUIDE.md +++ b/CONVERSION_GUIDE.md @@ -40,7 +40,7 @@ These are the connection variables, These are used to connect to the platform. T |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -52,8 +52,8 @@ Other Variables that will apply to all roles when used globally. Each of these h |Variable Name|Default Value|Required|Description| |:---|:---:|:---:|:---| -|`aap_configuration_enforce_defaults`|`False`|no|Whether or not to enforce default option values. This is not universal and it is a best effort to enforce the default values of fields.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_enforce_defaults`|`false`|no|Whether or not to enforce default option values. This is not universal and it is a best effort to enforce the default values of fields.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| |`aap_configuration_async_retries`|50|no|This variable sets the number of retries to attempt for each role globally.| |`aap_configuration_async_delay`|1|no|This sets the delay between retries for each role globally.| |`aap_configuration_loop_delay`|1000|no|This variable sets the loop_delay for each role globally.| diff --git a/EXPORT_README.md b/EXPORT_README.md index e406641e8..4777e698c 100644 --- a/EXPORT_README.md +++ b/EXPORT_README.md @@ -36,7 +36,7 @@ awx export --conf.host https://localhost --conf.username admin --conf.password * CONTROLLER_HOST: https://localhost CONTROLLER_USERNAME: admin CONTROLLER_PASSWORD: password - CONTROLLER_VERIFY_SSL: False + CONTROLLER_VERIFY_SSL: false tasks: - name: Export projects @@ -50,7 +50,7 @@ awx export --conf.host https://localhost --conf.username admin --conf.password * - name: Export projects to file ansible.builtin.copy: - content: "{{ export_results | to_nice_yaml(width=50, explicit_start=True, explicit_end=True) }}" + content: "{{ export_results | to_nice_yaml(width=50, explicit_start=true, explicit_end=true) }}" dest: projects.yaml ... ``` diff --git a/meta/runtime.yml b/meta/runtime.yml index 6e3dd2a81..d26157b06 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,3 +1,3 @@ --- -requires_ansible: '>=2.15.0' +requires_ansible: ">=2.15.0" ... diff --git a/playbooks/configure_aap.yml b/playbooks/configure_aap.yml index 0c4b671e3..b4ea34f6b 100644 --- a/playbooks/configure_aap.yml +++ b/playbooks/configure_aap.yml @@ -7,7 +7,7 @@ ansible.builtin.include_vars: dir: "{{ aap_configs_dir | default((lookup('env', 'AAP_CONFIGS_DIR') == '') | ternary('./configs', lookup('env', 'AAP_CONFIGS_DIR'))) }}" ignore_files: [controller_config.yml.template] - extensions: ["yml"] + extensions: [yml] tags: - always diff --git a/playbooks/get_stats.yml b/playbooks/get_stats.yml index 287925aec..ae4c38a88 100644 --- a/playbooks/get_stats.yml +++ b/playbooks/get_stats.yml @@ -15,7 +15,7 @@ tasks: - name: Get number of JT ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/metrics/?format=json" + url: https://{{ aap_hostname }}/api/v2/metrics/?format=json method: GET force_basic_auth: true user: "{{ aap_username }}" @@ -39,7 +39,7 @@ - name: Get users info ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/users/?format=json" + url: https://{{ aap_hostname }}/api/v2/users/?format=json method: GET force_basic_auth: true user: "{{ aap_username }}" @@ -82,7 +82,7 @@ - name: Get subscription info ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/settings/all/?format=json" + url: https://{{ aap_hostname }}/api/v2/settings/all/?format=json method: GET force_basic_auth: true user: "{{ aap_username }}" diff --git a/playbooks/rename_objects.yaml b/playbooks/rename_objects.yaml index 2772dc3b0..354ba72bc 100644 --- a/playbooks/rename_objects.yaml +++ b/playbooks/rename_objects.yaml @@ -1,10 +1,10 @@ --- -- name: "Play to rename an object to every other object that is using it" +- name: Play to rename an object to every other object that is using it hosts: localhost connection: local gather_facts: false tasks: - - name: "Get all the files using this object from the specified path" + - name: Get all the files using this object from the specified path ansible.builtin.find: paths: "{{ path }}" file_type: file @@ -13,11 +13,11 @@ contains: "{{ current_name | regex_escape() }}" register: __list_files - - name: "Update the name into the found files" + - name: Update the name into the found files ansible.builtin.replace: path: "{{ __file.path }}" - regexp: '^(.*){{ current_name | regex_escape() }}(.*)$' - replace: '\1{{ new_name }}\2' + regexp: ^(.*){{ current_name | regex_escape() }}(.*)$ + replace: \1{{ new_name }}\2 loop: "{{ __list_files.files }}" loop_control: loop_var: __file diff --git a/playbooks/set_organization.yaml b/playbooks/set_organization.yaml index 55e26317c..13f3f3985 100644 --- a/playbooks/set_organization.yaml +++ b/playbooks/set_organization.yaml @@ -1,21 +1,21 @@ --- -- name: "Play to set given organization to every object found in the search path" +- name: Play to set given organization to every object found in the search path hosts: localhost connection: local gather_facts: false tasks: - - name: "Get all the files from the specified path" + - name: Get all the files from the specified path ansible.builtin.find: paths: "{{ path }}" file_type: file recurse: true register: __list_files - - name: "Update the organization into the found files" + - name: Update the organization into the found files ansible.builtin.replace: path: "{{ __file.path }}" - regexp: '^(.*)organization: (.*)$' - replace: '\1organization: {{ new_organization }}' + regexp: "^(.*)organization: (.*)$" + replace: "\\1organization: {{ new_organization }}" loop: "{{ __list_files.files }}" loop_control: loop_var: __file diff --git a/roles/ansible_config/README.md b/roles/ansible_config/README.md index 52d757986..dac79d917 100644 --- a/roles/ansible_config/README.md +++ b/roles/ansible_config/README.md @@ -27,13 +27,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the ansible config task does not by default include sensitive information, we highly recommend the use of ansible vault for passwords and tokens. +The role defaults to false as normally the ansible config task does not by default include sensitive information, we highly recommend the use of ansible vault for passwords and tokens. aap_configuration_ansible_config_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`aap_configuration_ansible_config_secure_logging`|`False`|no|Whether or not to include the sensitive ansible config role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_configuration_ansible_config_secure_logging`|`false`|no|Whether or not to include the sensitive ansible config role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structures diff --git a/roles/ansible_config/defaults/main.yml b/roles/ansible_config/defaults/main.yml index 155c528d1..e4238cff7 100644 --- a/roles/ansible_config/defaults/main.yml +++ b/roles/ansible_config/defaults/main.yml @@ -10,7 +10,7 @@ # ansible_config_owner: # optional # ansible_config_group: # optional ansible_config_mode: "0644" -aap_configuration_working_dir: "/var/tmp" +aap_configuration_working_dir: /var/tmp validate_certs: false ah_path_prefix: galaxy # a list of dictionaries describing the Automation Hub namespace diff --git a/roles/ansible_config/meta/argument_specs.yml b/roles/ansible_config/meta/argument_specs.yml index 159414e5a..675b98fec 100644 --- a/roles/ansible_config/meta/argument_specs.yml +++ b/roles/ansible_config/meta/argument_specs.yml @@ -96,5 +96,4 @@ argument_specs: required: false type: bool description: This variable enables secure logging across all roles as a default. - ... diff --git a/roles/ansible_config/meta/main.yml b/roles/ansible_config/meta/main.yml index 6ad9e673d..6c3963ad7 100644 --- a/roles/ansible_config/meta/main.yml +++ b/roles/ansible_config/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "ansible_config" - author: "Sean Sullivan" - description: "An Ansible Role to create namespace in Automation Hub." - company: "Red Hat" + role_name: ansible_config + author: Sean Sullivan + description: An Ansible Role to create namespace in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,18 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ansible" - - "config" + - automationhub + - galaxy + - configuration + - ansible + - config dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. ... diff --git a/roles/ansible_config/tasks/main.yml b/roles/ansible_config/tasks/main.yml index 4e74c7303..ea2601aca 100644 --- a/roles/ansible_config/tasks/main.yml +++ b/roles/ansible_config/tasks/main.yml @@ -3,9 +3,9 @@ - name: Template config template ansible.builtin.template: src: ansible.cfg.j2 - dest: "{{ aap_configuration_working_dir }}/ansible.cfg" - owner: "{{ ansible_config_owner | default(omit) }}" - group: "{{ ansible_config_group | default(omit) }}" - mode: "{{ ansible_config_mode }}" + dest: "{{ aap_configuration_working_dir }}/ansible.cfg" + owner: "{{ ansible_config_owner | default(omit) }}" + group: "{{ ansible_config_group | default(omit) }}" + mode: "{{ ansible_config_mode }}" no_log: "{{ aap_configuration_ansible_config_secure_logging }}" ... diff --git a/roles/ansible_config/tests/test.yml b/roles/ansible_config/tests/test.yml index 7828cd4ea..7481c4731 100644 --- a/roles/ansible_config/tests/test.yml +++ b/roles/ansible_config/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/controller_ad_hoc_command/README.md b/roles/controller_ad_hoc_command/README.md index 76a0f151e..ff299aa49 100644 --- a/roles/controller_ad_hoc_command/README.md +++ b/roles/controller_ad_hoc_command/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ad hoc commands task does not include sensitive information. +The role defaults to false as normally the add ad hoc commands task does not include sensitive information. controller_configuration_ad_hoc_command_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_ad_hoc_command_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_ad_hoc_command_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -45,17 +45,17 @@ controller_configuration_ad_hoc_command_secure_logging defaults to the value of |:---:|:---:|:---:|:---:|:---:| |`job_type`|"run"|no|str|Job_type to use for the ad hoc command. Either run or check.| |`inventory`|""|yes|str|Inventory to use for the ad hoc command.| -|`limit`|`False`|no|str|Limit to use for the ad hoc command.| +|`limit`|`false`|no|str|Limit to use for the ad hoc command.| |`credential`|""|yes|str|Credential to use for ad hoc command.| |`execution_environment`|""|no|str|Execution Environment to use for ad hoc command.| |`module_name`|""|str|yes|The Ansible module to execute.| -|`module_args`|`False`|no|str|The arguments to pass to the module.| +|`module_args`|`false`|no|str|The arguments to pass to the module.| |`forks`|0|yes|int|The number of forks to use for this ad hoc execution.| |`verbosity`|0|no|int|Verbosity level for this ad hoc command run| -|`extra_vars`|`False`|no|dict|Extra variables to use for the ad hoc command.| +|`extra_vars`|`false`|no|dict|Extra variables to use for the ad hoc command.| |`become_enabled`|""|no|bool|If the become flag should be set.| |`diff_mode`|""|no|bool|Show the changes made by Ansible tasks where supported| -|`wait`|`False`|no|bool|Wait for the command to complete.| +|`wait`|`false`|no|bool|Wait for the command to complete.| |`interval`|2|no|int|The interval to request an update from controller.| |`timeout`|""|no|int|If waiting for the command to complete this will abort after this amount of seconds.| diff --git a/roles/controller_ad_hoc_command/meta/main.yml b/roles/controller_ad_hoc_command/meta/main.yml index c075e9696..7f97de3db 100644 --- a/roles/controller_ad_hoc_command/meta/main.yml +++ b/roles/controller_ad_hoc_command/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "ad_hoc_command" - author: "Sean Sullivan" - description: "An Ansible Role to run ad hoc commands in Ansible Controller." - company: "Red Hat" + role_name: ad_hoc_command + author: Sean Sullivan + description: An Ansible Role to run ad hoc commands in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "adhoc" - - "commands" + - controller + - aap + - awx + - adhoc + - commands collections: - ansible.controller diff --git a/roles/controller_ad_hoc_command/tasks/main.yml b/roles/controller_ad_hoc_command/tasks/main.yml index 826854f99..ec6a64f83 100644 --- a/roles/controller_ad_hoc_command/tasks/main.yml +++ b/roles/controller_ad_hoc_command/tasks/main.yml @@ -2,32 +2,32 @@ # Run Ad Hoc Commands - name: Run Controller ad hoc command ad_hoc_command: - job_type: "{{ __ad_hoc_command_item.job_type | default('run') }}" - inventory: "{{ __ad_hoc_command_item.inventory }}" - limit: "{{ __ad_hoc_command_item.limit | default(omit, true) }}" - credential: "{{ __ad_hoc_command_item.credential }}" - execution_environment: "{{ __ad_hoc_command_item.execution_environment | default(omit, true) }}" - module_name: "{{ __ad_hoc_command_item.module_name }}" - module_args: "{{ __ad_hoc_command_item.module_args | default(omit, true) }}" - forks: "{{ __ad_hoc_command_item.forks | default(omit, true) }}" - verbosity: "{{ __ad_hoc_command_item.verbosity | default(omit, true) }}" - extra_vars: "{{ __ad_hoc_command_item.extra_vars | default(omit, true) }}" - become_enabled: "{{ __ad_hoc_command_item.become_enabled | default(omit) }}" - diff_mode: "{{ __ad_hoc_command_item.diff_mode | default(omit) }}" - wait: "{{ __ad_hoc_command_item.wait | default(omit) }}" - interval: "{{ __ad_hoc_command_item.interval | default(omit) }}" - timeout: "{{ __ad_hoc_command_item.timeout | default(omit, true) }}" + job_type: "{{ __ad_hoc_command_item.job_type | default('run') }}" + inventory: "{{ __ad_hoc_command_item.inventory }}" + limit: "{{ __ad_hoc_command_item.limit | default(omit, true) }}" + credential: "{{ __ad_hoc_command_item.credential }}" + execution_environment: "{{ __ad_hoc_command_item.execution_environment | default(omit, true) }}" + module_name: "{{ __ad_hoc_command_item.module_name }}" + module_args: "{{ __ad_hoc_command_item.module_args | default(omit, true) }}" + forks: "{{ __ad_hoc_command_item.forks | default(omit, true) }}" + verbosity: "{{ __ad_hoc_command_item.verbosity | default(omit, true) }}" + extra_vars: "{{ __ad_hoc_command_item.extra_vars | default(omit, true) }}" + become_enabled: "{{ __ad_hoc_command_item.become_enabled | default(omit) }}" + diff_mode: "{{ __ad_hoc_command_item.diff_mode | default(omit) }}" + wait: "{{ __ad_hoc_command_item.wait | default(omit) }}" + interval: "{{ __ad_hoc_command_item.interval | default(omit) }}" + timeout: "{{ __ad_hoc_command_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_ad_hoc_commands }}" loop_control: - loop_var: "__ad_hoc_command_item" + loop_var: __ad_hoc_command_item no_log: "{{ controller_configuration_ad_hoc_command_secure_logging }}" register: controller_ad_hoc_commands_output when: controller_ad_hoc_commands is defined diff --git a/roles/controller_ad_hoc_command/tests/test.yml b/roles/controller_ad_hoc_command/tests/test.yml index be9ad4a01..812a96006 100644 --- a/roles/controller_ad_hoc_command/tests/test.yml +++ b/roles/controller_ad_hoc_command/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_ad_hoc_commands is defined} + - { role: ../.., when: controller_ad_hoc_commands is defined } ... diff --git a/roles/controller_ad_hoc_command_cancel/README.md b/roles/controller_ad_hoc_command_cancel/README.md index 424d535e2..6611105f8 100644 --- a/roles/controller_ad_hoc_command_cancel/README.md +++ b/roles/controller_ad_hoc_command_cancel/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ad hoc commands cancel task does not include sensitive information. +The role defaults to false as normally the add ad hoc commands cancel task does not include sensitive information. controller_configuration_ad_hoc_command_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_ad_hoc_command_cancel_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command_cancel role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_ad_hoc_command_cancel_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command_cancel role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -44,7 +44,7 @@ controller_configuration_ad_hoc_command_secure_logging defaults to the value of |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`id`|""|yes|int|ID of the command to cancel Recommended to be in a separate list of ID's see example, defaults to output of ad_hoc_command_role of controller_ad_hoc_commands_output.| -|`fail_if_not_running`|`False`|no|bool|Fail loudly if the I(command_id) can not be canceled.| +|`fail_if_not_running`|`false`|no|bool|Fail loudly if the I(command_id) can not be canceled.| |`interval`|1|no|int|The interval in seconds, to request an update from.| |`timeout`|0|no|int|Maximum time in seconds to wait for a job to finish, 0 means wait until it is finished regardless.| diff --git a/roles/controller_ad_hoc_command_cancel/meta/main.yml b/roles/controller_ad_hoc_command_cancel/meta/main.yml index 3716ffe97..82180c9c2 100644 --- a/roles/controller_ad_hoc_command_cancel/meta/main.yml +++ b/roles/controller_ad_hoc_command_cancel/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "ad_hoc_command_cancel" - author: "Sean Sullivan" - description: "An Ansible Role to cancel ad hoc commands in Ansible Controller." - company: "Red Hat" + role_name: ad_hoc_command_cancel + author: Sean Sullivan + description: An Ansible Role to cancel ad hoc commands in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "adhoc" - - "commands" + - controller + - aap + - awx + - adhoc + - commands collections: - ansible.controller diff --git a/roles/controller_ad_hoc_command_cancel/tasks/main.yml b/roles/controller_ad_hoc_command_cancel/tasks/main.yml index dd1b46261..68f3e2469 100644 --- a/roles/controller_ad_hoc_command_cancel/tasks/main.yml +++ b/roles/controller_ad_hoc_command_cancel/tasks/main.yml @@ -2,21 +2,21 @@ # Cancel Ad Hoc Commands - name: Cancel Controller ad hoc command ad_hoc_command_cancel: - command_id: "{{ __ad_hoc_command_cancel_item.id }}" - fail_if_not_running: "{{ __ad_hoc_command_cancel_item.fail_if_not_running | default(omit) }}" - interval: "{{ __ad_hoc_command_cancel_item.interval | default(omit) }}" - timeout: "{{ __ad_hoc_command_cancel_item.timeout | default(omit, true) }}" + command_id: "{{ __ad_hoc_command_cancel_item.id }}" + fail_if_not_running: "{{ __ad_hoc_command_cancel_item.fail_if_not_running | default(omit) }}" + interval: "{{ __ad_hoc_command_cancel_item.interval | default(omit) }}" + timeout: "{{ __ad_hoc_command_cancel_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_ad_hoc_commands_cancel }}" loop_control: - loop_var: "__ad_hoc_command_cancel_item" + loop_var: __ad_hoc_command_cancel_item no_log: "{{ controller_configuration_ad_hoc_command_cancel_secure_logging }}" when: controller_ad_hoc_commands_cancel is defined ... diff --git a/roles/controller_ad_hoc_command_cancel/tests/test.yml b/roles/controller_ad_hoc_command_cancel/tests/test.yml index 2d9a948fe..03163a070 100644 --- a/roles/controller_ad_hoc_command_cancel/tests/test.yml +++ b/roles/controller_ad_hoc_command_cancel/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_ad_hoc_commands is defined} + - { role: ../.., when: controller_ad_hoc_commands is defined } ... diff --git a/roles/controller_applications/README.md b/roles/controller_applications/README.md index 09e58223c..3d996d061 100644 --- a/roles/controller_applications/README.md +++ b/roles/controller_applications/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_applications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_applications_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add application task does not include sensitive information. +The role defaults to false as normally the add application task does not include sensitive information. controller_configuration_applications_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_applications_secure_logging`|`False`|no|Whether or not to include the sensitive Application role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_applications_secure_logging`|`false`|no|Whether or not to include the sensitive Application role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -83,7 +83,7 @@ This also speeds up the overall role. |`authorization_grant_type`|"password"|yes|str|Grant type for tokens in this application, "password" or "authorization-code"| |`client_type`|"public"|yes|str|Application client type, "confidential" or "public"| |`redirect_uris`|""|no|str|Allowed urls list, space separated. Required with "authorization-code" grant type| -|`skip_authorization`|"false"|yes|bool|Set True to skip authorization step for completely trusted applications.| +|`skip_authorization`|"false"|yes|bool|Set true to skip authorization step for completely trusted applications.| |`state`|`present`|no|str|Desired state of the application.| ### Standard Application Data Structure diff --git a/roles/controller_applications/defaults/main.yml b/roles/controller_applications/defaults/main.yml index 6af8cb9e2..6d3398ab3 100644 --- a/roles/controller_applications/defaults/main.yml +++ b/roles/controller_applications/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_applications_secure_logging: "{{ aap_configuration_secu controller_configuration_applications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_applications_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_applications/meta/argument_specs.yml b/roles/controller_applications/meta/argument_specs.yml index f645674e8..7d9d39a12 100644 --- a/roles/controller_applications/meta/argument_specs.yml +++ b/roles/controller_applications/meta/argument_specs.yml @@ -38,7 +38,7 @@ argument_specs: # default: false # required: false # type: bool - # description: Set True to skip authorization step for completely trusted applications. + # description: Set true to skip authorization step for completely trusted applications. # state: # default: "{{ controller_state | default('present') }}" # required: false @@ -63,11 +63,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_applications_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_applications/meta/main.yml b/roles/controller_applications/meta/main.yml index 6c24e3365..4a0ba801e 100644 --- a/roles/controller_applications/meta/main.yml +++ b/roles/controller_applications/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "applications" - author: "Mike Shriver" - description: "An Ansible Role to create applications in Ansible Controller." - company: "Red Hat" + role_name: applications + author: Mike Shriver + description: An Ansible Role to create applications in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "application" - - "applications" + - controller + - aap + - awx + - configuration + - application + - applications collections: - ansible.controller diff --git a/roles/controller_applications/tasks/main.yml b/roles/controller_applications/tasks/main.yml index 49013891e..822d1fb70 100644 --- a/roles/controller_applications/tasks/main.yml +++ b/roles/controller_applications/tasks/main.yml @@ -1,44 +1,44 @@ --- # Create Controller applications -- name: "Managing Controller Applications" +- name: Managing Controller Applications application: - name: "{{ __application_item.name | mandatory }}" - new_name: "{{ __application_item.new_name | default(omit, true) }}" - organization: "{{ __application_item.organization | mandatory }}" - description: "{{ __application_item.description | default(('' if controller_configuration_applications_enforce_defaults else omit), true) }}" - authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" - client_type: "{{ __application_item.client_type | default('public') }}" - redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" - skip_authorization: "{{ __application_item.skip_authorization | default((false if controller_configuration_applications_enforce_defaults else omit), true) }}" - state: "{{ __application_item.state | default(platform_state | default('present')) }}" + name: "{{ __application_item.name | mandatory }}" + new_name: "{{ __application_item.new_name | default(omit, true) }}" + organization: "{{ __application_item.organization | mandatory }}" + description: "{{ __application_item.description | default(('' if controller_configuration_applications_enforce_defaults else omit), true) }}" + authorization_grant_type: "{{ __application_item.authorization_grant_type | default('password') }}" + client_type: "{{ __application_item.client_type | default('public') }}" + redirect_uris: "{{ __application_item.redirect_uris | default([]) }}" + skip_authorization: "{{ __application_item.skip_authorization | default((false if controller_configuration_applications_enforce_defaults else omit), true) }}" + state: "{{ __application_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ aap_applications }}" loop_control: - loop_var: "__application_item" + loop_var: __application_item label: "{{ __operation.verb }} Controller Application {{ __application_item.name }}" pause: "{{ controller_configuration_applications_loop_delay }}" no_log: "{{ controller_configuration_applications_secure_logging }}" async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __applications_job_async - changed_when: "(__applications_job_async.changed if ansible_check_mode else false)" + changed_when: (__applications_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__application_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __applications_job_async.failed is defined and __applications_job_async.failed -- name: "Managing Controller Applications | Wait for finish the Application management" +- name: Managing Controller Applications | Wait for finish the Application management ansible.builtin.async_status: jid: "{{ __applications_job_async_results_item.ansible_job_id }}" register: __applications_job_async_result @@ -48,10 +48,11 @@ loop: "{{ __applications_job_async.results }}" loop_control: loop_var: __applications_job_async_results_item - label: "{{ __operation.verb }} Controller Application {{ __applications_job_async_results_item.__application_item.name }} | Wait for finish the Application {{ __operation.action }}" + label: "{{ __operation.verb }} Controller Application {{ __applications_job_async_results_item.__application_item.name }} | Wait for finish the Application {{ + __operation.action }}" when: not ansible_check_mode and __applications_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_applications_secure_logging }}" vars: __operation: "{{ operation_translate[__applications_job_async_results_item.__application_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_applications/tests/test.yml b/roles/controller_applications/tests/test.yml index 8318a6492..21598dea5 100644 --- a/roles/controller_applications/tests/test.yml +++ b/roles/controller_applications/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: aap_applications is defined} + - { role: ../.., when: aap_applications is defined } ... diff --git a/roles/controller_bulk_host_create/README.md b/roles/controller_bulk_host_create/README.md index 2277c6a3a..53bfda932 100644 --- a/roles/controller_bulk_host_create/README.md +++ b/roles/controller_bulk_host_create/README.md @@ -17,7 +17,7 @@ Currently: |Variable Name|Default Value|Required|Description|Example| |:---|:---:|:---:|:---|:---| |`aap_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -28,13 +28,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ******* task does not include sensitive information. +The role defaults to false as normally the add ******* task does not include sensitive information. controller_configuration_*******_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_bulk_hosts_secure_logging`|`False`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_bulk_hosts_secure_logging`|`false`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_bulk_host_create/defaults/main.yml b/roles/controller_bulk_host_create/defaults/main.yml index 7b6312414..ca163e189 100644 --- a/roles/controller_bulk_host_create/defaults/main.yml +++ b/roles/controller_bulk_host_create/defaults/main.yml @@ -3,5 +3,5 @@ controller_configuration_bulk_hosts_secure_logging: "{{ aap_configuration_secure controller_configuration_bulk_hosts_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_bulk_hosts_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_bulk_hosts_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/controller_bulk_host_create/meta/argument_specs.yml b/roles/controller_bulk_host_create/meta/argument_specs.yml index 8b3a4433e..d0a68cf9f 100644 --- a/roles/controller_bulk_host_create/meta/argument_specs.yml +++ b/roles/controller_bulk_host_create/meta/argument_specs.yml @@ -10,7 +10,7 @@ argument_specs: # Async variables aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/controller_bulk_host_create/meta/main.yml b/roles/controller_bulk_host_create/meta/main.yml index aa383d4b6..b9e707810 100644 --- a/roles/controller_bulk_host_create/meta/main.yml +++ b/roles/controller_bulk_host_create/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: role_name: bulk_host_create - author: "Sean Sullivan" - description: "An Ansible Role to create hosts in bulk in Ansible Controller." - company: "Red Hat" + author: Sean Sullivan + description: An Ansible Role to create hosts in bulk in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "host" - - "hosts" + - controller + - aap + - awx + - host + - hosts collections: - ansible.controller diff --git a/roles/controller_bulk_host_create/tasks/main.yml b/roles/controller_bulk_host_create/tasks/main.yml index 3a8e2f98d..d3c6dc24d 100644 --- a/roles/controller_bulk_host_create/tasks/main.yml +++ b/roles/controller_bulk_host_create/tasks/main.yml @@ -2,16 +2,16 @@ # Create Job Template - name: Add Controller hosts in bulk bulk_host_create: - hosts: "{{ __controller_bulk_hosts_item.hosts }}" - inventory: "{{ __controller_bulk_hosts_item.inventory }}" + hosts: "{{ __controller_bulk_hosts_item.hosts }}" + inventory: "{{ __controller_bulk_hosts_item.inventory }}" # Role Standard options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_bulk_hosts }}" loop_control: loop_var: __controller_bulk_hosts_item @@ -20,16 +20,16 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_bulk_hosts_job_async - changed_when: "(__controller_bulk_hosts_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_bulk_hosts_job_async.changed if ansible_check_mode else false) vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_bulk_hosts_job_async.failed is defined and __controller_bulk_hosts_job_async.failed -- name: "Configure bulk_hosts | Wait for finish the bulk_hosts creation" +- name: Configure bulk_hosts | Wait for finish the bulk_hosts creation ansible.builtin.async_status: jid: "{{ __controller_bulk_hosts_job_async_results_item.ansible_job_id }}" register: __controller_bulk_hosts_job_async_result @@ -42,5 +42,5 @@ when: not ansible_check_mode and __controller_bulk_hosts_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_bulk_hosts_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_bulk_job_launch/README.md b/roles/controller_bulk_job_launch/README.md index 378464425..181347ac5 100644 --- a/roles/controller_bulk_job_launch/README.md +++ b/roles/controller_bulk_job_launch/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ******* task does not include sensitive information. +The role defaults to false as normally the add ******* task does not include sensitive information. controller_configuration_*******_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_bulk_job_launch_secure_logging`|`False`|no|Whether or not to include the sensitive bulk_job_launch role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_bulk_job_launch_secure_logging`|`false`|no|Whether or not to include the sensitive bulk_job_launch role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -64,7 +64,7 @@ This also speeds up the overall role. |`organization`|""|no|str|Organization for the bulk job. Affects who can see the resulting bulk job. If not provided, will use the organization the user is in.| |`inventory`|""|no|str|Inventory to use for the job, only used if prompt for inventory is set.| |`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| -|`extra_vars`|""|no|dict|extra_vars to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module.| +|`extra_vars`|""|no|dict|extra_vars to use for the Job Template. ask_extra_vars needs to be set to true via controller_job_template module.| |`limit`|""|no|str|Limit to use for the job_template.| |`job_tags`|""|no|str|Specific tags to use for from playbook.| |`skip_tags`|""|no|str|Specific tags to skip from the playbook.| @@ -81,7 +81,7 @@ This also speeds up the overall role. |`instance_groups`|Job Template default|no|str| List of Instance Groups applied as a prompt. Job Template default used if not set. Only allowed if `ask_instance_groups_on_launch` set to true on Job Template| |`credentials`|""|no|list|TCredential to use for job, only used if prompt for credential is set.| |`labels`|Job Template default|no|list|List of labels to use in the job run. Job Template default used if not set. Only allowed if `ask_labels_on_launch` set to true on Job Template| -|`extra_data`|""|no|dict|extra_data to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module.| +|`extra_data`|""|no|dict|extra_data to use for the Job Template. ask_extra_vars needs to be set to true via controller_job_template module.| |`diff_mode`|""|no|bool|Show the changes made by Ansible tasks where supported.| |`verbosity`|""|no|int|Verbosity level for this job run.| |`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| diff --git a/roles/controller_bulk_job_launch/meta/main.yml b/roles/controller_bulk_job_launch/meta/main.yml index 3f64988da..83c72aa31 100644 --- a/roles/controller_bulk_job_launch/meta/main.yml +++ b/roles/controller_bulk_job_launch/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: role_name: bulk_job_launch - author: "Sean Sullivan" - description: "An Ansible Role to launch bulk jobs in Ansible Controller." - company: "Red Hat" + author: Sean Sullivan + description: An Ansible Role to launch bulk jobs in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "job" - - "jobs" + - controller + - aap + - awx + - job + - jobs collections: - ansible.controller diff --git a/roles/controller_bulk_job_launch/tasks/main.yml b/roles/controller_bulk_job_launch/tasks/main.yml index 16dc176da..5247a678e 100644 --- a/roles/controller_bulk_job_launch/tasks/main.yml +++ b/roles/controller_bulk_job_launch/tasks/main.yml @@ -2,29 +2,29 @@ # Launch Controller Job - name: Bulk Launch Controller Jobs bulk_job_launch: - jobs: "{{ __bulk_job_launch_item.jobs | mandatory }}" - name: "{{ __bulk_job_launch_item.name | default(omit, true) }}" - description: "{{ __bulk_job_launch_item.description | default(omit, true) }}" - organization: "{{ __bulk_job_launch_item.organization | default(omit, true) }}" - inventory: "{{ __bulk_job_launch_item.inventory | default(omit, true) }}" - scm_branch: "{{ __bulk_job_launch_item.scm_branch | default(omit, true) }}" - extra_vars: "{{ __bulk_job_launch_item.extra_vars | default(omit, true) }}" - limit: "{{ __bulk_job_launch_item.limit | default(omit, true) }}" - job_tags: "{{ __bulk_job_launch_item.tags | default(omit, true) }}" - skip_tags: "{{ __bulk_job_launch_item.skip_tags | default(omit, true) }}" - wait: "{{ __bulk_job_launch_item.wait | default(omit) }}" - interval: "{{ __bulk_job_launch_item.interval | default(omit) }}" + jobs: "{{ __bulk_job_launch_item.jobs | mandatory }}" + name: "{{ __bulk_job_launch_item.name | default(omit, true) }}" + description: "{{ __bulk_job_launch_item.description | default(omit, true) }}" + organization: "{{ __bulk_job_launch_item.organization | default(omit, true) }}" + inventory: "{{ __bulk_job_launch_item.inventory | default(omit, true) }}" + scm_branch: "{{ __bulk_job_launch_item.scm_branch | default(omit, true) }}" + extra_vars: "{{ __bulk_job_launch_item.extra_vars | default(omit, true) }}" + limit: "{{ __bulk_job_launch_item.limit | default(omit, true) }}" + job_tags: "{{ __bulk_job_launch_item.tags | default(omit, true) }}" + skip_tags: "{{ __bulk_job_launch_item.skip_tags | default(omit, true) }}" + wait: "{{ __bulk_job_launch_item.wait | default(omit) }}" + interval: "{{ __bulk_job_launch_item.interval | default(omit) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_bulk_launch_jobs }}" loop_control: - loop_var: "__bulk_job_launch_item" + loop_var: __bulk_job_launch_item label: "{{ (__bulk_job_launch_item.organization | default('')) }}/{{ __bulk_job_launch_item.name }}" pause: "{{ controller_configuration_bulk_job_launch_loop_delay }}" no_log: "{{ controller_configuration_bulk_job_launch_secure_logging }}" diff --git a/roles/controller_credential_input_sources/README.md b/roles/controller_credential_input_sources/README.md index 77661e53b..e0d19dc92 100644 --- a/roles/controller_credential_input_sources/README.md +++ b/roles/controller_credential_input_sources/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credential_input_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_credential_input_sources_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add credential input source task does not include sensitive information. +The role defaults to false as normally the add credential input source task does not include sensitive information. controller_configuration_credential_input_sources_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credential_input_sources_secure_logging`|`False`|no|Whether or not to include the sensitive credential_input_source role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_credential_input_sources_secure_logging`|`false`|no|Whether or not to include the sensitive credential_input_source role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_credential_input_sources/defaults/main.yml b/roles/controller_credential_input_sources/defaults/main.yml index 19da75759..0fed12746 100644 --- a/roles/controller_credential_input_sources/defaults/main.yml +++ b/roles/controller_credential_input_sources/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_credential_input_sources_secure_logging: "{{ aap_config controller_configuration_credential_input_sources_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_credential_input_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_input_sources_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_credential_input_sources_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_input_sources/meta/argument_specs.yml b/roles/controller_credential_input_sources/meta/argument_specs.yml index 31c36a633..cbecdeda4 100644 --- a/roles/controller_credential_input_sources/meta/argument_specs.yml +++ b/roles/controller_credential_input_sources/meta/argument_specs.yml @@ -52,11 +52,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_credential_input_sources_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_credential_input_sources/meta/main.yml b/roles/controller_credential_input_sources/meta/main.yml index 195dc3acf..404f8b49c 100644 --- a/roles/controller_credential_input_sources/meta/main.yml +++ b/roles/controller_credential_input_sources/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "credential_input_sources" - author: "Tom Page" - description: "An Ansible Role to create Credential Input Sources in Ansible Controller." - company: "Red Hat" + role_name: credential_input_sources + author: Tom Page + description: An Ansible Role to create Credential Input Sources in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,21 +25,21 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "credential" - - "input" - - "sources" - - "credentials" - - "credentialinputsource" - - "credentialinputsources" + - controller + - aap + - awx + - configuration + - credential + - input + - sources + - credentials + - credentialinputsource + - credentialinputsources collections: - ansible.controller diff --git a/roles/controller_credential_input_sources/tasks/main.yml b/roles/controller_credential_input_sources/tasks/main.yml index 713a3cb28..cebb2cff8 100644 --- a/roles/controller_credential_input_sources/tasks/main.yml +++ b/roles/controller_credential_input_sources/tasks/main.yml @@ -1,40 +1,40 @@ --- -- name: "Managing Controller Credential Input Sources" +- name: Managing Controller Credential Input Sources credential_input_source: - target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" - input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" - source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" - description: "{{ __cred_input_src_item.description | default(('' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" - metadata: "{{ __cred_input_src_item.metadata | default(({} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" - state: "{{ __cred_input_src_item.state | default(platform_state | default('present')) }}" + target_credential: "{{ __cred_input_src_item.target_credential | mandatory }}" + input_field_name: "{{ __cred_input_src_item.input_field_name | mandatory }}" + source_credential: "{{ __cred_input_src_item.source_credential | default(omit, true) }}" + description: "{{ __cred_input_src_item.description | default(('' if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" + metadata: "{{ __cred_input_src_item.metadata | default(({} if controller_configuration_credential_input_sources_enforce_defaults else omit), true) }}" + state: "{{ __cred_input_src_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_credential_input_sources }}" loop_control: - loop_var: "__cred_input_src_item" + loop_var: __cred_input_src_item label: "{{ __operation.verb }} Controller Credential Input Source for Credential {{ __cred_input_src_item.target_credential }}" pause: "{{ controller_configuration_credential_input_sources_loop_delay }}" no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credential_input_sources_job_async - changed_when: "(__credential_input_sources_job_async.changed if ansible_check_mode else false)" + changed_when: (__credential_input_sources_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__cred_input_src_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __credential_input_sources_job_async.failed is defined and __credential_input_sources_job_async.failed -- name: "Managing Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources management" +- name: Managing Controller Credential Input Sources | Wait for finish the Controller Credential Input Sources management ansible.builtin.async_status: jid: "{{ __credential_input_sources_job_async_results_item.ansible_job_id }}" register: __credential_input_sources_job_async_result @@ -49,5 +49,5 @@ no_log: "{{ controller_configuration_credential_input_sources_secure_logging }}" vars: __operation: "{{ operation_translate[__credential_input_sources_job_async_results_item.__cred_input_src_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_credential_input_sources/tests/test.yml b/roles/controller_credential_input_sources/tests/test.yml index 112551e4a..628a4bbbf 100644 --- a/roles/controller_credential_input_sources/tests/test.yml +++ b/roles/controller_credential_input_sources/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_credential_input_sources is defined} + - { role: ../.., when: controller_credential_input_sources is defined } ... diff --git a/roles/controller_credential_types/README.md b/roles/controller_credential_types/README.md index c16710bd7..bb3463ba4 100644 --- a/roles/controller_credential_types/README.md +++ b/roles/controller_credential_types/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credential_types_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_credential_types_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add credential type task does not include sensitive information. +The role defaults to false as normally the add credential type task does not include sensitive information. controller_configuration_credential_types_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credential_types_secure_logging`|`False`|no|Whether or not to include the sensitive Credential Type role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_credential_types_secure_logging`|`false`|no|Whether or not to include the sensitive Credential Type role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -78,7 +78,7 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:| |`name`|""|yes|Name of Credential Type| |`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| -|`description`|`False`|no|The description of the credential type to give more detail about it.| +|`description`|`false`|no|The description of the credential type to give more detail about it.| |`injectors`|""|no|Enter injectors using either JSON or YAML syntax. Refer to the Ansible controller documentation for example syntax. See below on proper formatting.| |`inputs`|""|no|Enter inputs using either JSON or YAML syntax. Refer to the Ansible controller documentation for example syntax.| |`kind`|"cloud"|no|The type of credential type being added. Note that only cloud and net can be used for creating credential types.| diff --git a/roles/controller_credential_types/defaults/main.yml b/roles/controller_credential_types/defaults/main.yml index de811b45b..c65caf891 100644 --- a/roles/controller_credential_types/defaults/main.yml +++ b/roles/controller_credential_types/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_credential_types_secure_logging: "{{ aap_configuration_ controller_configuration_credential_types_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_credential_types_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credential_types_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_credential_types_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credential_types/meta/argument_specs.yml b/roles/controller_credential_types/meta/argument_specs.yml index 3d0b9bacc..2359e9557 100644 --- a/roles/controller_credential_types/meta/argument_specs.yml +++ b/roles/controller_credential_types/meta/argument_specs.yml @@ -60,11 +60,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_credential_types_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_credential_types/meta/main.yml b/roles/controller_credential_types/meta/main.yml index 911b83f3a..a78b4665f 100644 --- a/roles/controller_credential_types/meta/main.yml +++ b/roles/controller_credential_types/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "credential_types" - author: "Sean Sulivan" - description: "An Ansible Role to create Credential Types in Ansible Controller." - company: "Red Hat" + role_name: credential_types + author: Sean Sulivan + description: An Ansible Role to create Credential Types in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,17 +24,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "credentialtype" - - "credentialtypes" + - controller + - aap + - awx + - configuration + - credentialtype + - credentialtypes collections: - ansible.controller diff --git a/roles/controller_credential_types/tasks/main.yml b/roles/controller_credential_types/tasks/main.yml index 53879cf29..d8c042ec0 100644 --- a/roles/controller_credential_types/tasks/main.yml +++ b/roles/controller_credential_types/tasks/main.yml @@ -1,21 +1,21 @@ --- -- name: "Managing Credential Types" +- name: Managing Credential Types credential_type: - name: "{{ __controller_credential_type_item.name | mandatory }}" - new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" - description: "{{ __controller_credential_type_item.description | default(('' if controller_configuration_credential_types_enforce_defaults else omit), true) }}" - injectors: "{{ __controller_credential_type_item.injectors | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - inputs: "{{ __controller_credential_type_item.inputs | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" - kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" - state: "{{ __controller_credential_type_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_credential_type_item.name | mandatory }}" + new_name: "{{ __controller_credential_type_item.new_name | default(omit, true) }}" + description: "{{ __controller_credential_type_item.description | default(('' if controller_configuration_credential_types_enforce_defaults else omit), true) }}" + injectors: "{{ __controller_credential_type_item.injectors | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + inputs: "{{ __controller_credential_type_item.inputs | default(({} if controller_configuration_credential_types_enforce_defaults else omit), true) }}" + kind: "{{ __controller_credential_type_item.kind | default('cloud') }}" + state: "{{ __controller_credential_type_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ credential_types if credential_types is defined else controller_credential_types }}" loop_control: loop_var: __controller_credential_type_item @@ -25,17 +25,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credentialtypes_job_async - changed_when: "(__credentialtypes_job_async.changed if ansible_check_mode else false)" + changed_when: (__credentialtypes_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_credential_type_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __credentialtypes_job_async.failed is defined and __credentialtypes_job_async.failed -- name: "Managing Controller Credential Types | Wait for finish the credential types management" +- name: Managing Controller Credential Types | Wait for finish the credential types management ansible.builtin.async_status: jid: "{{ __credentialtypes_job_async_result_item.ansible_job_id }}" register: __credentialtypes_job_async_result @@ -50,5 +50,5 @@ no_log: "{{ controller_configuration_credential_types_secure_logging }}" vars: __operation: "{{ operation_translate[__credentialtypes_job_async_result_item.__controller_credential_type_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_credential_types/tests/test.yml b/roles/controller_credential_types/tests/test.yml index 9c150c553..419d21932 100644 --- a/roles/controller_credential_types/tests/test.yml +++ b/roles/controller_credential_types/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_credential_types is defined} + - { role: ../.., when: controller_credential_types is defined } ... diff --git a/roles/controller_credentials/README.md b/roles/controller_credentials/README.md index 1a2d9294a..0e347cc33 100644 --- a/roles/controller_credentials/README.md +++ b/roles/controller_credentials/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credentials_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_credentials_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add credentials task does not include sensitive information. +The role defaults to false as normally the add credentials task does not include sensitive information. controller_configuration_credentials_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_credentials_secure_logging`|`False`|no|Whether or not to include the sensitive Credential role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_credentials_secure_logging`|`false`|no|Whether or not to include the sensitive Credential role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -79,14 +79,14 @@ This also speeds up the overall role. |`name`|""|yes|Name of Credential| |`new_name`|""|no|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|Name or id to copy the credential from. This will copy an existing credential and change any parameters supplied.| -|`description`|`False`|no|Description of of Credential.| +|`description`|`false`|no|Description of of Credential.| |`organization`|""|no|Organization this Credential belongs to. If provided on creation, do not give either user or team.| |`credential_type`|""|no|Name of credential type. See below for list of options. More information in Ansible controller documentation. | |`inputs`|""|no|Credential inputs where the keys are var names used in templating. Refer to the Ansible controller documentation for example syntax. Individual examples can be found at /api/v2/credential_types/ on an controller.| |`user`|""|no|User that should own this credential. If provided, do not give either team or organization. | |`team`|""|no|Team that should own this credential. If provided, do not give either user or organization. | |`state`|`present`|no|Desired state of the resource.| -|`update_secrets`|true|no| True will always change password if user specifies password, even if API gives $encrypted$ for password. False will only set the password if other values change too.| +|`update_secrets`|true|no| true will always change password if user specifies password, even if API gives $encrypted$ for password. false will only set the password if other values change too.| ### Credential types diff --git a/roles/controller_credentials/defaults/main.yml b/roles/controller_credentials/defaults/main.yml index 1ed0a629d..52219c86f 100644 --- a/roles/controller_credentials/defaults/main.yml +++ b/roles/controller_credentials/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_credentials_secure_logging: "{{ aap_configuration_secur controller_configuration_credentials_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_credentials_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_credentials_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_credentials_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_credentials/meta/argument_specs.yml b/roles/controller_credentials/meta/argument_specs.yml index 49d9a304e..c8f74857f 100644 --- a/roles/controller_credentials/meta/argument_specs.yml +++ b/roles/controller_credentials/meta/argument_specs.yml @@ -48,7 +48,7 @@ argument_specs: # default: true # type: bool # required: false - # description: True will always change password if user specifies password, even if API gives $encrypted$ for password. False will only set the password if other values change too. + # description: true will always change password if user specifies password, even if API gives $encrypted$ for password. false will only set the password if other values change too. # state: # default: "{{ controller_state | default('present') }}" # type: str @@ -73,11 +73,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_credentials_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" diff --git a/roles/controller_credentials/meta/main.yml b/roles/controller_credentials/meta/main.yml index 417d310af..b55ed8cfe 100644 --- a/roles/controller_credentials/meta/main.yml +++ b/roles/controller_credentials/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "credentials" - author: "Sean Sulivan" - description: "An Ansible Role to create Credentials in Ansible Controller." - company: "Red Hat" + role_name: credentials + author: Sean Sulivan + description: An Ansible Role to create Credentials in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,17 +24,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "credential" - - "credentials" + - controller + - aap + - awx + - configuration + - credential + - credentials collections: - ansible.controller diff --git a/roles/controller_credentials/tasks/main.yml b/roles/controller_credentials/tasks/main.yml index 01ea25d29..67c298994 100644 --- a/roles/controller_credentials/tasks/main.yml +++ b/roles/controller_credentials/tasks/main.yml @@ -1,25 +1,25 @@ --- -- name: "Managing Credentials" +- name: Managing Credentials credential: - name: "{{ __controller_credentials_item.name | mandatory }}" - new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" - copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" - description: "{{ __controller_credentials_item.description | default(('' if controller_configuration_credentials_enforce_defaults else omit), true) }}" - organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(omit, true)) }}" - credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory) }}" - inputs: "{{ __controller_credentials_item.inputs | default(({} if controller_configuration_credentials_enforce_defaults else omit), true) }}" - user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(omit, true)) }}" - team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(omit, true)) }}" - update_secrets: "{{ __controller_credentials_item.update_secrets | default(true if controller_configuration_credentials_enforce_defaults else omit) }}" - state: "{{ __controller_credentials_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_credentials_item.name | mandatory }}" + new_name: "{{ __controller_credentials_item.new_name | default(omit, true) }}" + copy_from: "{{ __controller_credentials_item.copy_from | default(omit, true) }}" + description: "{{ __controller_credentials_item.description | default(('' if controller_configuration_credentials_enforce_defaults else omit), true) }}" + organization: "{{ __controller_credentials_item.organization.name | default(__controller_credentials_item.organization | default(omit, true)) }}" + credential_type: "{{ __controller_credentials_item.credential_type.name | default(__controller_credentials_item.credential_type | mandatory) }}" + inputs: "{{ __controller_credentials_item.inputs | default(({} if controller_configuration_credentials_enforce_defaults else omit), true) }}" + user: "{{ __controller_credentials_item.user.username | default(__controller_credentials_item.user | default(omit, true)) }}" + team: "{{ __controller_credentials_item.team.name | default(__controller_credentials_item.team | default(omit, true)) }}" + update_secrets: "{{ __controller_credentials_item.update_secrets | default(true if controller_configuration_credentials_enforce_defaults else omit) }}" + state: "{{ __controller_credentials_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ credentials if credentials is defined else controller_credentials }}" loop_control: loop_var: __controller_credentials_item @@ -29,17 +29,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __credentials_job_async - changed_when: "(__credentials_job_async.changed if ansible_check_mode else false)" + changed_when: (__credentials_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_credentials_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __credentials_job_async.failed is defined and __credentials_job_async.failed -- name: "Managing Controller Credentials | Wait for finish the credential management" +- name: Managing Controller Credentials | Wait for finish the credential management ansible.builtin.async_status: jid: "{{ __credentials_job_async_results_item.ansible_job_id }}" register: __credentials_job_async_result @@ -54,5 +54,5 @@ no_log: "{{ controller_configuration_credentials_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_credentials_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_credentials/tests/test.yml b/roles/controller_credentials/tests/test.yml index ece2853fb..63509ee7d 100644 --- a/roles/controller_credentials/tests/test.yml +++ b/roles/controller_credentials/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_credentials is defined} + - { role: ../.., when: controller_credentials is defined } ... diff --git a/roles/controller_execution_environments/README.md b/roles/controller_execution_environments/README.md index 893a34cc9..b621c7095 100644 --- a/roles/controller_execution_environments/README.md +++ b/roles/controller_execution_environments/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_execution_environments_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_execution_environments_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add execution_environments task does not include sensitive information. +The role defaults to false as normally the add execution_environments task does not include sensitive information. controller_configuration_execution_environments_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_execution_environments_secure_logging`|`False`|no|Whether or not to include the sensitive execution_environments role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_execution_environments_secure_logging`|`false`|no|Whether or not to include the sensitive execution_environments role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_execution_environments/defaults/main.yml b/roles/controller_execution_environments/defaults/main.yml index b2bbecd58..4d601f74b 100644 --- a/roles/controller_execution_environments/defaults/main.yml +++ b/roles/controller_execution_environments/defaults/main.yml @@ -4,6 +4,6 @@ controller_configuration_execution_environments_secure_logging: "{{ aap_configur controller_configuration_execution_environments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_execution_environments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_execution_environments_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_execution_environments_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_execution_environments/meta/argument_specs.yml b/roles/controller_execution_environments/meta/argument_specs.yml index 41c6e9a78..492c9fb11 100644 --- a/roles/controller_execution_environments/meta/argument_specs.yml +++ b/roles/controller_execution_environments/meta/argument_specs.yml @@ -61,11 +61,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_execution_environments_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_execution_environments/meta/main.yml b/roles/controller_execution_environments/meta/main.yml index 7911e9b4b..054288499 100644 --- a/roles/controller_execution_environments/meta/main.yml +++ b/roles/controller_execution_environments/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "execution_environments" - author: "Tom Page" - description: "An Ansible Role to create execution environments in Ansible Controller." - company: "Red Hat" + role_name: execution_environments + author: Tom Page + description: An Ansible Role to create execution environments in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "execution" - - "environment" - - "environments" + - controller + - aap + - awx + - execution + - environment + - environments collections: - ansible.controller diff --git a/roles/controller_execution_environments/tasks/main.yml b/roles/controller_execution_environments/tasks/main.yml index 240576187..61c00a98d 100644 --- a/roles/controller_execution_environments/tasks/main.yml +++ b/roles/controller_execution_environments/tasks/main.yml @@ -1,26 +1,26 @@ --- # Create Controller Execution Environments -- name: "Managing Controller Execution Environments" +- name: Managing Controller Execution Environments execution_environment: - name: "{{ __execution_environments_item.name | mandatory }}" - new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" - description: "{{ __execution_environments_item.description | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" - image: "{{ __execution_environments_item.image | mandatory }}" - organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" - credential: "{{ __execution_environments_item.credential | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" - pull: "{{ __execution_environments_item.pull | default(('missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" - state: "{{ __execution_environments_item.state | default(platform_state | default('present')) }}" + name: "{{ __execution_environments_item.name | mandatory }}" + new_name: "{{ __execution_environments_item.new_name | default(omit, true) }}" + description: "{{ __execution_environments_item.description | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + image: "{{ __execution_environments_item.image | mandatory }}" + organization: "{{ __execution_environments_item.organization.name | default(__execution_environments_item.organization | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true)) }}" + credential: "{{ __execution_environments_item.credential | default(('' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + pull: "{{ __execution_environments_item.pull | default(('missing' if controller_configuration_execution_environments_enforce_defaults else omit), true) }}" + state: "{{ __execution_environments_item.state | default(platform_state | default('present')) }}" # Role specific options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ execution_environments if execution_environments is defined else controller_execution_environments }}" loop_control: - loop_var: "__execution_environments_item" + loop_var: __execution_environments_item label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_item }}" pause: "{{ controller_configuration_execution_environments_loop_delay }}" no_log: "{{ controller_configuration_execution_environments_secure_logging }}" @@ -28,17 +28,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __execution_environments_job_async - changed_when: "(__execution_environments_job_async.changed if ansible_check_mode else false)" + changed_when: (__execution_environments_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__execution_environments_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __execution_environments_job_async.failed is defined and __execution_environments_job_async.failed -- name: "Managing Controller Execution Environments | Wait for finish the Controller Execution Environments management" +- name: Managing Controller Execution Environments | Wait for finish the Controller Execution Environments management ansible.builtin.async_status: jid: "{{ __execution_environments_job_async_results_item.ansible_job_id }}" register: __execution_environments_job_async_result @@ -48,10 +48,11 @@ loop: "{{ __execution_environments_job_async.results }}" loop_control: loop_var: __execution_environments_job_async_results_item - label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_job_async_results_item.__execution_environments_item.name }} | Wait for finish the Controller Execution Environment {{ __operation.action }}" + label: "{{ __operation.verb }} Controller Execution Environment {{ __execution_environments_job_async_results_item.__execution_environments_item.name }} | Wait + for finish the Controller Execution Environment {{ __operation.action }}" when: not ansible_check_mode and __execution_environments_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_execution_environments_secure_logging }}" vars: __operation: "{{ operation_translate[__execution_environments_job_async_results_item.__execution_environments_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_execution_environments/tests/test.yml b/roles/controller_execution_environments/tests/test.yml index 9aa57234c..562a207bc 100644 --- a/roles/controller_execution_environments/tests/test.yml +++ b/roles/controller_execution_environments/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_execution_environments is defined} + - { role: ../.., when: controller_execution_environments is defined } ... diff --git a/roles/controller_host_groups/README.md b/roles/controller_host_groups/README.md index 4b8f4154b..90d531b57 100644 --- a/roles/controller_host_groups/README.md +++ b/roles/controller_host_groups/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_groups_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add groups task does not include sensitive information. +The role defaults to false as normally the add groups task does not include sensitive information. controller_configuration_groups_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_groups_secure_logging`|`False`|no|Whether or not to include the sensitive Group role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_groups_secure_logging`|`false`|no|Whether or not to include the sensitive Group role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -98,13 +98,13 @@ The role will strip the double space between the curly bracket in order to provi |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of Group| |`new_name`|""|yes|str|Name of Group, used in updating a Group.| -|`description`|`False`|no|str|Description of the Group.| +|`description`|`false`|no|str|Description of the Group.| |`inventory`|""|yes|str|Name of inventory the group should be made a member of.| |`variables`|{}|no|dict|variables applicable to group.| |`hosts`|""|no|list|hosts (list) in group| |`children`|""|no|list|List of groups that should be nested inside in this group| -|`preserve_existing_hosts`|`False`|no|bool|Whether to preserve existing hosts in an existing group| -|`preserve_existing_children`|`False`|no|bool|Whether to preserve existing children in an existing group| +|`preserve_existing_hosts`|`false`|no|bool|Whether to preserve existing hosts in an existing group| +|`preserve_existing_children`|`false`|no|bool|Whether to preserve existing children in an existing group| |`state`|`present`|no|str|Desired state of the resource.| ### Standard Group Data Structure diff --git a/roles/controller_host_groups/defaults/main.yml b/roles/controller_host_groups/defaults/main.yml index 70b2a15ed..51ea1538e 100644 --- a/roles/controller_host_groups/defaults/main.yml +++ b/roles/controller_host_groups/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_group_secure_logging: "{{ aap_configuration_secure_logg controller_configuration_group_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_group_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_groups_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_host_groups/meta/argument_specs.yml b/roles/controller_host_groups/meta/argument_specs.yml index d4747ce3b..58b791ef6 100644 --- a/roles/controller_host_groups/meta/argument_specs.yml +++ b/roles/controller_host_groups/meta/argument_specs.yml @@ -72,17 +72,17 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_groups_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values + from elsewhere. aap_configuration_secure_logging: default: false required: false diff --git a/roles/controller_host_groups/meta/main.yml b/roles/controller_host_groups/meta/main.yml index 1ee25158e..e534a0b8c 100644 --- a/roles/controller_host_groups/meta/main.yml +++ b/roles/controller_host_groups/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "groups" - author: "Wei-Yen Tan" - description: "An Ansible Role to create hosts in Ansible Controller." - company: "Red Hat" + role_name: groups + author: Wei-Yen Tan + description: An Ansible Role to create hosts in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "group" - - "groups" + - controller + - aap + - awx + - group + - groups collections: - ansible.controller diff --git a/roles/controller_host_groups/tasks/main.yml b/roles/controller_host_groups/tasks/main.yml index d67e5f9fa..1cb8ec940 100644 --- a/roles/controller_host_groups/tasks/main.yml +++ b/roles/controller_host_groups/tasks/main.yml @@ -1,26 +1,26 @@ --- # The group module is also an ansible.builtin module, but due to supporting both the awx.awx and automation.controller collections # the FQCN cannot be used here. -- name: "Managing Controller Groups" # noqa fqcn[action-core] +- name: Managing Controller Groups # noqa fqcn[action-core] group: - name: "{{ __controller_groups_item.name | mandatory }}" - new_name: "{{ __controller_groups_item.new_name | default(omit, true) }}" - description: "{{ __controller_groups_item.description | default(('' if controller_configuration_groups_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_groups_item.inventory | mandatory }}" - variables: "{{ __controller_groups_item.variables | default(({} if controller_configuration_groups_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - hosts: "{{ __controller_groups_item.hosts | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" - children: "{{ __controller_groups_item.children | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" - preserve_existing_hosts: "{{ __controller_groups_item.preserve_existing_hosts | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" - preserve_existing_children: "{{ __controller_groups_item.preserve_existing_children | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" - state: "{{ __controller_groups_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_groups_item.name | mandatory }}" + new_name: "{{ __controller_groups_item.new_name | default(omit, true) }}" + description: "{{ __controller_groups_item.description | default(('' if controller_configuration_groups_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_groups_item.inventory | mandatory }}" + variables: "{{ __controller_groups_item.variables | default(({} if controller_configuration_groups_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + hosts: "{{ __controller_groups_item.hosts | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" + children: "{{ __controller_groups_item.children | default(([] if controller_configuration_groups_enforce_defaults else omit), true) }}" + preserve_existing_hosts: "{{ __controller_groups_item.preserve_existing_hosts | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" + preserve_existing_children: "{{ __controller_groups_item.preserve_existing_children | default((false if controller_configuration_groups_enforce_defaults else omit)) }}" + state: "{{ __controller_groups_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_groups }}" loop_control: loop_var: __controller_groups_item @@ -30,17 +30,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __group_job_async - changed_when: "(__group_job_async.changed if ansible_check_mode else false)" + changed_when: (__group_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_groups_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __group_job_async.failed is defined and __group_job_async.failed -- name: "Managing Controller Groups | Wait for finish the Controller Groups management" +- name: Managing Controller Groups | Wait for finish the Controller Groups management ansible.builtin.async_status: jid: "{{ __group_job_async_results_item.ansible_job_id }}" register: __group_job_async_result @@ -55,5 +55,5 @@ no_log: "{{ controller_configuration_group_secure_logging }}" vars: __operation: "{{ operation_translate[__group_job_async_results_item.__controller_groups_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_host_groups/tests/test.yml b/roles/controller_host_groups/tests/test.yml index 2d7c6a500..0e5a1a828 100644 --- a/roles/controller_host_groups/tests/test.yml +++ b/roles/controller_host_groups/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_groups is defined} + - { role: ../.., when: controller_groups is defined } ... diff --git a/roles/controller_hosts/README.md b/roles/controller_hosts/README.md index 162a78cff..e79e7a8bc 100644 --- a/roles/controller_hosts/README.md +++ b/roles/controller_hosts/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_host_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_host_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add host task does not include sensitive information. +The role defaults to false as normally the add host task does not include sensitive information. `controller_configuration_host_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_host_secure_logging`|`False`|no|Whether or not to include the sensitive host role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_host_secure_logging`|`false`|no|Whether or not to include the sensitive host role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_hosts/defaults/main.yml b/roles/controller_hosts/defaults/main.yml index cf935fd17..db0def7d9 100644 --- a/roles/controller_hosts/defaults/main.yml +++ b/roles/controller_hosts/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_hosts_secure_logging: "{{ aap_configuration_secure_logg controller_configuration_hosts_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_hosts_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_hosts_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_host_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_hosts/meta/argument_specs.yml b/roles/controller_hosts/meta/argument_specs.yml index 74d5f6bc2..42370f7a1 100644 --- a/roles/controller_hosts/meta/argument_specs.yml +++ b/roles/controller_hosts/meta/argument_specs.yml @@ -57,11 +57,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_hosts_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_hosts/meta/main.yml b/roles/controller_hosts/meta/main.yml index 909beea91..bc0ea524d 100644 --- a/roles/controller_hosts/meta/main.yml +++ b/roles/controller_hosts/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hosts" - author: "Tom Page" - description: "An Ansible Role to create hosts in Ansible Controller." - company: "Red Hat" + role_name: hosts + author: Tom Page + description: An Ansible Role to create hosts in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "host" - - "hosts" + - controller + - aap + - awx + - host + - hosts collections: - ansible.controller diff --git a/roles/controller_hosts/tasks/main.yml b/roles/controller_hosts/tasks/main.yml index 8818638bf..727db93e7 100644 --- a/roles/controller_hosts/tasks/main.yml +++ b/roles/controller_hosts/tasks/main.yml @@ -1,21 +1,21 @@ --- -- name: "Managing Controller Hosts" +- name: Managing Controller Hosts host: - name: "{{ __controller_host_item.name | mandatory }}" - new_name: "{{ __controller_host_item.new_name | default(omit, true) }}" - description: "{{ __controller_host_item.description | default(('' if controller_configuration_host_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_host_item.inventory | mandatory }}" - enabled: "{{ __controller_host_item.enabled | default((false if controller_configuration_host_enforce_defaults else omit), true) }}" - state: "{{ __controller_host_item.state | default(platform_state | default('present')) }}" - variables: "{{ __controller_host_item.variables | default(({} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + name: "{{ __controller_host_item.name | mandatory }}" + new_name: "{{ __controller_host_item.new_name | default(omit, true) }}" + description: "{{ __controller_host_item.description | default(('' if controller_configuration_host_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_host_item.inventory | mandatory }}" + enabled: "{{ __controller_host_item.enabled | default((false if controller_configuration_host_enforce_defaults else omit), true) }}" + state: "{{ __controller_host_item.state | default(platform_state | default('present')) }}" + variables: "{{ __controller_host_item.variables | default(({} if controller_configuration_host_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_hosts }}" loop_control: loop_var: __controller_host_item @@ -25,17 +25,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __host_job_async - changed_when: "(__host_job_async.changed if ansible_check_mode else false)" + changed_when: (__host_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_host_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __host_job_async.failed is defined and __host_job_async.failed -- name: "Managing Controller Hosts | Wait for finish the Hosts management" +- name: Managing Controller Hosts | Wait for finish the Hosts management ansible.builtin.async_status: jid: "{{ __host_job_async_results_item.ansible_job_id }}" register: __host_job_async_result @@ -50,5 +50,5 @@ no_log: "{{ controller_configuration_hosts_secure_logging }}" vars: __operation: "{{ operation_translate[__host_job_async_results_item.__controller_host_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_hosts/tests/test.yml b/roles/controller_hosts/tests/test.yml index fe194efec..2ab362bb1 100644 --- a/roles/controller_hosts/tests/test.yml +++ b/roles/controller_hosts/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_hosts is defined} + - { role: ../.., when: controller_hosts is defined } ... diff --git a/roles/controller_instance_groups/README.md b/roles/controller_instance_groups/README.md index a4273b69e..eb0768f56 100644 --- a/roles/controller_instance_groups/README.md +++ b/roles/controller_instance_groups/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_instance_groups_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_instance_groups_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add instance groups task does not include sensitive information. +The role defaults to false as normally the add instance groups task does not include sensitive information. controller_configuration_instance_groups_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_instance_groups_secure_logging`|`False`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_instance_groups_secure_logging`|`false`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -79,7 +79,7 @@ This also speeds up the overall role. |`name`|""|yes|str|Name of this instance group.| |`new_name`|""|str|no|Setting this option will change the existing name (looked up via the name field).| |`credential`|""|no|str|Credential to authenticate with Kubernetes or OpenShift. Must be of type "Kubernetes/OpenShift API Bearer Token". Will make instance part of a Container Group.| -|`is_container_group`|False|no|bool|Signifies that this InstanceGroup should act as a ContainerGroup. If no credential is specified, the underlying Pod's ServiceAccount will be used.| +|`is_container_group`|false|no|bool|Signifies that this InstanceGroup should act as a ContainerGroup. If no credential is specified, the underlying Pod's ServiceAccount will be used.| |`policy_instance_percentage`|""|no|int|Minimum percentage of all instances that will be automatically assigned to this group when new instances come online.| |`policy_instance_minimum`|""|no|int|Static minimum number of Instances that will be automatically assign to this group when new instances come online.| |`policy_instance_list`|""|no|list|List of exact-match Instances that will be assigned to this group.| diff --git a/roles/controller_instance_groups/defaults/main.yml b/roles/controller_instance_groups/defaults/main.yml index 340b38af6..f9116c061 100644 --- a/roles/controller_instance_groups/defaults/main.yml +++ b/roles/controller_instance_groups/defaults/main.yml @@ -4,6 +4,6 @@ controller_configuration_instance_groups_secure_logging: "{{ aap_configuration_s controller_configuration_instance_groups_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_instance_groups_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instance_groups_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_instance_groups_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instance_groups/meta/argument_specs.yml b/roles/controller_instance_groups/meta/argument_specs.yml index 3697b3e74..9497848dc 100644 --- a/roles/controller_instance_groups/meta/argument_specs.yml +++ b/roles/controller_instance_groups/meta/argument_specs.yml @@ -81,11 +81,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_instance_groups_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_instance_groups/meta/main.yml b/roles/controller_instance_groups/meta/main.yml index 7eefca3fa..39d268731 100644 --- a/roles/controller_instance_groups/meta/main.yml +++ b/roles/controller_instance_groups/meta/main.yml @@ -2,8 +2,8 @@ galaxy_info: role_name: instance_groups author: Sean Sullivan - description: "An Ansible Role to create instance groups in Ansible Controller." - company: "Red Hat" + description: An Ansible Role to create instance groups in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,14 +25,14 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" + - controller + - aap + - awx - instance - instances diff --git a/roles/controller_instance_groups/tasks/main.yml b/roles/controller_instance_groups/tasks/main.yml index eb22d86e0..0748acebf 100644 --- a/roles/controller_instance_groups/tasks/main.yml +++ b/roles/controller_instance_groups/tasks/main.yml @@ -1,26 +1,26 @@ --- -- name: "Managing Controller Instance Groups" +- name: Managing Controller Instance Groups instance_group: - name: "{{ __controller_instance_group_item.name | mandatory }}" - new_name: "{{ __controller_instance_group_item.new_name | default(omit, true) }}" - credential: "{{ __controller_instance_group_item.credential | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - is_container_group: "{{ __controller_instance_group_item.is_container_group | default((false if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(0, true) if __controller_instance_group_item.policy_instance_percentage is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" - policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(0, true) if __controller_instance_group_item.policy_instance_minimum is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" - policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(0, true) if __controller_instance_group_item.max_concurrent_jobs is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" - max_forks: "{{ __controller_instance_group_item.max_forks | default(0, true) if __controller_instance_group_item.max_forks is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" - pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - instances: "{{ __controller_instance_group_item.instances | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" - state: "{{ __controller_instance_group_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_instance_group_item.name | mandatory }}" + new_name: "{{ __controller_instance_group_item.new_name | default(omit, true) }}" + credential: "{{ __controller_instance_group_item.credential | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + is_container_group: "{{ __controller_instance_group_item.is_container_group | default((false if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + policy_instance_percentage: "{{ __controller_instance_group_item.policy_instance_percentage | default(0, true) if __controller_instance_group_item.policy_instance_percentage is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" + policy_instance_minimum: "{{ __controller_instance_group_item.policy_instance_minimum | default(0, true) if __controller_instance_group_item.policy_instance_minimum is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" + policy_instance_list: "{{ __controller_instance_group_item.policy_instance_list | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + max_concurrent_jobs: "{{ __controller_instance_group_item.max_concurrent_jobs | default(0, true) if __controller_instance_group_item.max_concurrent_jobs is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" + max_forks: "{{ __controller_instance_group_item.max_forks | default(0, true) if __controller_instance_group_item.max_forks is defined or controller_configuration_instance_groups_enforce_defaults else omit }}" + pod_spec_override: "{{ __controller_instance_group_item.pod_spec_override | default(('' if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + instances: "{{ __controller_instance_group_item.instances | default(([] if controller_configuration_instance_groups_enforce_defaults else omit), true) }}" + state: "{{ __controller_instance_group_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_instance_groups }}" loop_control: loop_var: __controller_instance_group_item @@ -31,17 +31,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __instance_groups_job_async - changed_when: "(__instance_groups_job_async.changed if ansible_check_mode else false)" + changed_when: (__instance_groups_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_instance_group_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __instance_groups_job_async.failed is defined and __instance_groups_job_async.failed -- name: "Managing Controller instance groups | Wait for finish the instance groups management" +- name: Managing Controller instance groups | Wait for finish the instance groups management ansible.builtin.async_status: jid: "{{ __instance_groups_job_async_results_item.ansible_job_id }}" register: __instance_groups_job_async_result @@ -51,10 +51,11 @@ loop: "{{ __instance_groups_job_async.results }}" loop_control: loop_var: __instance_groups_job_async_results_item - label: "{{ __operation.verb }} Controller instance group {{ __instance_groups_job_async_results_item.__controller_instance_group_item.name }} | Wait for finish the instance groups {{ __operation.action }}" + label: "{{ __operation.verb }} Controller instance group {{ __instance_groups_job_async_results_item.__controller_instance_group_item.name }} | Wait for finish + the instance groups {{ __operation.action }}" when: not ansible_check_mode and __instance_groups_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instance_groups_secure_logging }}" vars: __operation: "{{ operation_translate[__instance_groups_job_async_results_item.__controller_instance_group_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_instance_groups/tests/test.yml b/roles/controller_instance_groups/tests/test.yml index 740f8d3b2..55d4da3e1 100644 --- a/roles/controller_instance_groups/tests/test.yml +++ b/roles/controller_instance_groups/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_instance_groups is defined} + - { role: ../.., when: controller_instance_groups is defined } ... diff --git a/roles/controller_instances/README.md b/roles/controller_instances/README.md index d2e002c45..6a4e65900 100644 --- a/roles/controller_instances/README.md +++ b/roles/controller_instances/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_instances_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_instances_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add instances task does not include sensitive information. +The role defaults to false as normally the add instances task does not include sensitive information. controller_configuration_instances_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_instances_secure_logging`|`False`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_instances_secure_logging`|`false`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -78,13 +78,13 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:|:---:| |`hostname`|""|yes|str|Hostname of this instance.| |`capacity_adjustment`|""|float|no|Capacity adjustment between 0 and 1.| -|`enabled`|False|no|bool|If true, the instance will be enabled and used.| -|`managed_by_policy`|False|no|bool|If true, will be managed by instance group policy.| +|`enabled`|false|no|bool|If true, the instance will be enabled and used.| +|`managed_by_policy`|false|no|bool|If true, will be managed by instance group policy.| |`node_type`|""|no|str|Role that this node plays in the mesh. Most likely Execution. Current options are 'execution'.| |`node_state`|""|no|str|Indicates the current life cycle stage of this instance. Current options are 'installed' and 'deprovisioning'.| |`listener_port`|""|no|int|Port that Receptor will listen for incoming connections on.| |`peers`|[]|no|list|List of peers to connect outbound to. Only configurable for hop and execution nodes.| -|`peers_from_control_nodes`|False|no|bool|If enabled, control plane nodes will automatically peer to this node.| +|`peers_from_control_nodes`|false|no|bool|If enabled, control plane nodes will automatically peer to this node.| ### Standard Instance Data Structure diff --git a/roles/controller_instances/defaults/main.yml b/roles/controller_instances/defaults/main.yml index 8138719a4..2f64721ce 100644 --- a/roles/controller_instances/defaults/main.yml +++ b/roles/controller_instances/defaults/main.yml @@ -4,6 +4,6 @@ controller_configuration_instances_secure_logging: "{{ aap_configuration_secure_ controller_configuration_instances_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_instances_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_instances_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_instances_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_instances/meta/argument_specs.yml b/roles/controller_instances/meta/argument_specs.yml index 6d5c9071c..a399f2d61 100644 --- a/roles/controller_instances/meta/argument_specs.yml +++ b/roles/controller_instances/meta/argument_specs.yml @@ -57,17 +57,17 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_instances_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values + from elsewhere. aap_configuration_secure_logging: default: false required: false diff --git a/roles/controller_instances/meta/main.yml b/roles/controller_instances/meta/main.yml index 203be01b4..331c4c843 100644 --- a/roles/controller_instances/meta/main.yml +++ b/roles/controller_instances/meta/main.yml @@ -2,8 +2,8 @@ galaxy_info: role_name: instances author: Sean Sullivan - description: "An Ansible Role to create instances in Ansible Controller." - company: "Red Hat" + description: An Ansible Role to create instances in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,14 +25,14 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" + - controller + - aap + - awx - instance - instances diff --git a/roles/controller_instances/tasks/main.yml b/roles/controller_instances/tasks/main.yml index ff10d90fe..6b3074301 100644 --- a/roles/controller_instances/tasks/main.yml +++ b/roles/controller_instances/tasks/main.yml @@ -2,23 +2,23 @@ # Add Controller Instances - name: Add Controller Instance instance: - hostname: "{{ __controller_instance_item.hostname | mandatory }}" - capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default((1.0 if controller_configuration_instances_enforce_defaults else omit), true) }}" - enabled: "{{ __controller_instance_item.enabled | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" - managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" - node_type: "{{ __controller_instance_item.node_type | default(omit, true) }}" - node_state: "{{ __controller_instance_item.node_state | default(omit, true) }}" - listener_port: "{{ __controller_instance_item.listener_port | default((27199 if controller_configuration_instances_enforce_defaults else omit), true) }}" - peers: "{{ __controller_instance_item.peers | default(([] if controller_configuration_instances_enforce_defaults else omit), true) }}" - peers_from_control_nodes: "{{ __controller_instance_item.peers_from_control_nodes | default((false if controller_configuration_instances_enforce_defaults else omit), true) }}" + hostname: "{{ __controller_instance_item.hostname | mandatory }}" + capacity_adjustment: "{{ __controller_instance_item.capacity_adjustment | default((1.0 if controller_configuration_instances_enforce_defaults else omit), true) }}" + enabled: "{{ __controller_instance_item.enabled | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" + managed_by_policy: "{{ __controller_instance_item.managed_by_policy | default((true if controller_configuration_instances_enforce_defaults else omit), true) }}" + node_type: "{{ __controller_instance_item.node_type | default(omit, true) }}" + node_state: "{{ __controller_instance_item.node_state | default(omit, true) }}" + listener_port: "{{ __controller_instance_item.listener_port | default((27199 if controller_configuration_instances_enforce_defaults else omit), true) }}" + peers: "{{ __controller_instance_item.peers | default(([] if controller_configuration_instances_enforce_defaults else omit), true) }}" + peers_from_control_nodes: "{{ __controller_instance_item.peers_from_control_nodes | default((false if controller_configuration_instances_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_instances }}" loop_control: loop_var: __controller_instance_item @@ -29,16 +29,16 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __instance_job_async - changed_when: "(__instance_job_async.changed if ansible_check_mode else false)" + changed_when: (__instance_job_async.changed if ansible_check_mode else false) vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __instance_job_async.failed is defined and __instance_job_async.failed -- name: "Configure Controller instances | Wait for finish the instance creation" +- name: Configure Controller instances | Wait for finish the instance creation ansible.builtin.async_status: jid: "{{ __instance_job_async_results_item.ansible_job_id }}" register: __instance_job_async_result @@ -51,5 +51,5 @@ when: not ansible_check_mode and __instance_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_instances_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_instances/tests/test.yml b/roles/controller_instances/tests/test.yml index d006284f1..ab1c57e04 100644 --- a/roles/controller_instances/tests/test.yml +++ b/roles/controller_instances/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_instances is defined} + - { role: ../.., when: controller_instances is defined } ... diff --git a/roles/controller_inventories/README.md b/roles/controller_inventories/README.md index cfa95eadb..9331c9568 100644 --- a/roles/controller_inventories/README.md +++ b/roles/controller_inventories/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_inventories_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_inventories_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add inventories task does not include sensitive information. +The role defaults to false as normally the add inventories task does not include sensitive information. controller_configuration_inventories_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_inventories_secure_logging`|`False`|no|Whether or not to include the sensitive Inventory role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_inventories_secure_logging`|`false`|no|Whether or not to include the sensitive Inventory role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -106,7 +106,7 @@ The role will strip the double space between the curly bracket in order to provi |`variables`|`{}`|no|dict|Variables for the inventory.| |`kind`|""|no|str|The kind of inventory. Currently choices are '' and 'smart'| |`host_filter`|""|no|str|The host filter field, useful only when 'kind=smart'| -|`prevent_instance_group_fallback`|`False`|no|bool|Prevent falling back to instance groups set on the organization| +|`prevent_instance_group_fallback`|`false`|no|bool|Prevent falling back to instance groups set on the organization| |`state`|`present`|no|str|Desired state of the resource.| ### Standard Inventory Data Structure diff --git a/roles/controller_inventories/defaults/main.yml b/roles/controller_inventories/defaults/main.yml index 57f68ac55..b88d7e727 100644 --- a/roles/controller_inventories/defaults/main.yml +++ b/roles/controller_inventories/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_inventories_secure_logging: "{{ aap_configuration_secur controller_configuration_inventories_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_inventories_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventories_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_inventories_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventories/meta/argument_specs.yml b/roles/controller_inventories/meta/argument_specs.yml index c4b38b621..33ff6b115 100644 --- a/roles/controller_inventories/meta/argument_specs.yml +++ b/roles/controller_inventories/meta/argument_specs.yml @@ -75,11 +75,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_inventories_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_inventories/meta/main.yml b/roles/controller_inventories/meta/main.yml index 42fd52eb2..052197b1a 100644 --- a/roles/controller_inventories/meta/main.yml +++ b/roles/controller_inventories/meta/main.yml @@ -1,27 +1,27 @@ --- galaxy_info: - role_name: "inventories" - author: "Andrew J. Huffman, Kedar Kulkarni" - description: "An Ansible role to create inventories and inventory sources in Ansible Controller." - company: "Red Hat" + role_name: inventories + author: Andrew J. Huffman, Kedar Kulkarni + description: An Ansible role to create inventories and inventory sources in Ansible Controller. + company: Red Hat license: GPL-3.0-or-later min_ansible_version: 2.16.0 platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "inventory" - - "inventories" - - "source" + - controller + - aap + - awx + - configuration + - inventory + - inventories + - source collections: - ansible.controller diff --git a/roles/controller_inventories/tasks/main.yml b/roles/controller_inventories/tasks/main.yml index bb0b168e4..f0092fccc 100644 --- a/roles/controller_inventories/tasks/main.yml +++ b/roles/controller_inventories/tasks/main.yml @@ -1,26 +1,26 @@ --- -- name: "Managing Inventories" +- name: Managing Inventories inventory: - name: "{{ __controller_inventory_item.name | mandatory }}" - new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" - copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" - description: "{{ __controller_inventory_item.description | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" - organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" - instance_groups: "{{ __controller_inventory_item.instance_groups | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" - input_inventories: "{{ __controller_inventory_item.input_inventories | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" - variables: "{{ __controller_inventory_item.variables | default(({} if controller_configuration_inventories_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - kind: "{{ __controller_inventory_item.kind | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" - host_filter: "{{ __controller_inventory_item.host_filter | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" - prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default((false if controller_configuration_inventories_enforce_defaults else omit), true) }}" - state: "{{ __controller_inventory_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_inventory_item.name | mandatory }}" + new_name: "{{ __controller_inventory_item.new_name | default(omit, true) }}" + copy_from: "{{ __controller_inventory_item.copy_from | default(omit, true) }}" + description: "{{ __controller_inventory_item.description | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + organization: "{{ __controller_inventory_item.organization.name | default(__controller_inventory_item.organization) | mandatory }}" + instance_groups: "{{ __controller_inventory_item.instance_groups | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + input_inventories: "{{ __controller_inventory_item.input_inventories | default(([] if controller_configuration_inventories_enforce_defaults else omit), true) }}" + variables: "{{ __controller_inventory_item.variables | default(({} if controller_configuration_inventories_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + kind: "{{ __controller_inventory_item.kind | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_inventory_item.host_filter | default(('' if controller_configuration_inventories_enforce_defaults else omit), true) }}" + prevent_instance_group_fallback: "{{ __controller_inventory_item.prevent_instance_group_fallback | default((false if controller_configuration_inventories_enforce_defaults else omit), true) }}" + state: "{{ __controller_inventory_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory if inventory is defined else controller_inventories }}" loop_control: loop_var: __controller_inventory_item @@ -30,17 +30,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __inventories_job_async - changed_when: "(__inventories_job_async.changed if ansible_check_mode else false)" + changed_when: (__inventories_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_inventory_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __inventories_job_async.failed is defined and __inventories_job_async.failed -- name: "Managing Controller Inventories | Wait for finish the inventories management" +- name: Managing Controller Inventories | Wait for finish the inventories management ansible.builtin.async_status: jid: "{{ __inventories_job_async_result_item.ansible_job_id }}" register: __inventories_job_async_result @@ -50,10 +50,11 @@ loop: "{{ __inventories_job_async.results }}" loop_control: loop_var: __inventories_job_async_result_item - label: "{{ __operation.verb }} Controller inventory {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories {{ __operation.action }}" + label: "{{ __operation.verb }} Controller inventory {{ __inventories_job_async_result_item.__controller_inventory_item.name }} | Wait for finish the inventories + {{ __operation.action }}" when: not ansible_check_mode and __inventories_job_async_result_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventories_secure_logging }}" vars: __operation: "{{ operation_translate[__inventories_job_async_result_item.__controller_inventory_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_inventories/tests/configs/inventories.yml b/roles/controller_inventories/tests/configs/inventories.yml index bca330803..e8263930a 100644 --- a/roles/controller_inventories/tests/configs/inventories.yml +++ b/roles/controller_inventories/tests/configs/inventories.yml @@ -6,6 +6,6 @@ controller_inventories: - name: test2 organization: Default kind: smart - host_filter: "name__icontains=test" + host_filter: name__icontains=test variables: '{"key1":"val1", "key2":"val2"}' ... diff --git a/roles/controller_inventories/tests/test.yml b/roles/controller_inventories/tests/test.yml index 7c13a5d8f..c7745bebe 100644 --- a/roles/controller_inventories/tests/test.yml +++ b/roles/controller_inventories/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_inventories is defined} + - { role: ../.., when: controller_inventories is defined } ... diff --git a/roles/controller_inventory_source_update/README.md b/roles/controller_inventory_source_update/README.md index 796967699..7a022c735 100644 --- a/roles/controller_inventory_source_update/README.md +++ b/roles/controller_inventory_source_update/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the inventory source update task does not include sensitive information. +The role defaults to false as normally the inventory source update task does not include sensitive information. controller_configuration_inventory_source_update_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_inventory_source_update_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_inventory_source_update_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_inventory_source_update/defaults/main.yml b/roles/controller_inventory_source_update/defaults/main.yml index 3b3a7a40e..b49fa2ea8 100644 --- a/roles/controller_inventory_source_update/defaults/main.yml +++ b/roles/controller_inventory_source_update/defaults/main.yml @@ -3,5 +3,5 @@ controller_configuration_inventory_source_update_secure_logging: "{{ aap_configu controller_configuration_inventory_source_update_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_inventory_source_update_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventory_source_update_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/controller_inventory_source_update/meta/argument_specs.yml b/roles/controller_inventory_source_update/meta/argument_specs.yml index 8b0850cc0..9eda617d5 100644 --- a/roles/controller_inventory_source_update/meta/argument_specs.yml +++ b/roles/controller_inventory_source_update/meta/argument_specs.yml @@ -151,11 +151,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_inventory_source_updates_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_inventory_source_update/meta/main.yml b/roles/controller_inventory_source_update/meta/main.yml index f07a636d8..be9b7989f 100644 --- a/roles/controller_inventory_source_update/meta/main.yml +++ b/roles/controller_inventory_source_update/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "inventory_source_update" - author: "Sean Sullivan" - description: "An Ansible Role to update inventory sources in Ansible Controller." - company: "Red Hat" + role_name: inventory_source_update + author: Sean Sullivan + description: An Ansible Role to update inventory sources in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "inventory" - - "inventories" + - controller + - aap + - awx + - inventory + - inventories collections: - ansible.controller diff --git a/roles/controller_inventory_source_update/tasks/main.yml b/roles/controller_inventory_source_update/tasks/main.yml index 2b9fe39cf..8d8e4517a 100644 --- a/roles/controller_inventory_source_update/tasks/main.yml +++ b/roles/controller_inventory_source_update/tasks/main.yml @@ -2,23 +2,23 @@ # Update Inventory sources - name: Run Controller inventory source update inventory_source_update: - name: "{{ __inventory_source_update_item.name | mandatory }}" - inventory: "{{ __inventory_source_update_item.inventory | mandatory }}" - organization: "{{ __inventory_source_update_item.organization | default(omit, true) }}" - wait: "{{ __inventory_source_update_item.wait | default(omit) }}" - interval: "{{ __inventory_source_update_item.interval | default(controller_configuration_inventory_source_update_async_delay) }}" - timeout: "{{ __inventory_source_update_item.timeout | default(omit, true) }}" + name: "{{ __inventory_source_update_item.name | mandatory }}" + inventory: "{{ __inventory_source_update_item.inventory | mandatory }}" + organization: "{{ __inventory_source_update_item.organization | default(omit, true) }}" + wait: "{{ __inventory_source_update_item.wait | default(omit) }}" + interval: "{{ __inventory_source_update_item.interval | default(controller_configuration_inventory_source_update_async_delay) }}" + timeout: "{{ __inventory_source_update_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: - loop_var: "__inventory_source_update_item" + loop_var: __inventory_source_update_item label: "{{ (__inventory_source_update_item.organization | default('')) }}/{{ __inventory_source_update_item.inventory }}/{{ __inventory_source_update_item.name }}" pause: "{{ controller_configuration_inventory_source_update_loop_delay }}" no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" @@ -30,14 +30,14 @@ register: __inventory_source_update_async changed_when: not __inventory_source_update_async.changed vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __inventory_source_update_async.failed is defined and __inventory_source_update_async.failed -- name: "Controller inventory source update | Wait for finish of the inventory source update" +- name: Controller inventory source update | Wait for finish of the inventory source update ansible.builtin.async_status: jid: "{{ __inventory_source_update_async_results_item.ansible_job_id }}" register: __inventory_source_update_async_result @@ -50,5 +50,5 @@ when: not ansible_check_mode and __inventory_source_update_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_inventory_source_update_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_inventory_source_update/tests/test.yml b/roles/controller_inventory_source_update/tests/test.yml index 4cbcf7db8..373cd6555 100644 --- a/roles/controller_inventory_source_update/tests/test.yml +++ b/roles/controller_inventory_source_update/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_inventory_sources is defined} + - { role: ../.., when: controller_inventory_sources is defined } ... diff --git a/roles/controller_inventory_sources/README.md b/roles/controller_inventory_sources/README.md index 2d335da64..4bf2fdf5a 100644 --- a/roles/controller_inventory_sources/README.md +++ b/roles/controller_inventory_sources/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_inventory_sources_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_inventory_sources_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add inventory_source task does not include sensitive information. +The role defaults to false as normally the add inventory_source task does not include sensitive information. controller_configuration_inventory_sources_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_inventory_sources_secure_logging`|`False`|no|Whether or not to include the sensitive Inventory Sources role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_inventory_sources_secure_logging`|`false`|no|Whether or not to include the sensitive Inventory Sources role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -98,7 +98,7 @@ The role will strip the double space between the curly bracket in order to provi |:---:|:---:|:---:|:---:| |`name`|""|yes|The name to use for the inventory source.| |`new_name`|""|no|A new name for this assets (will rename the asset).| -|`description`|`False`|no|The description to use for the inventory source.| +|`description`|`false`|no|The description to use for the inventory source.| |`inventory`|""|yes|Inventory the group should be made a member of.| |`organization`|""|no|Organization the inventory belongs to.| |`source`|""|no|The source to use for this group. If set to `constructed` this role will be skipped as they are not meant to be edited.| diff --git a/roles/controller_inventory_sources/defaults/main.yml b/roles/controller_inventory_sources/defaults/main.yml index 20eacf2db..4b6d1ae21 100644 --- a/roles/controller_inventory_sources/defaults/main.yml +++ b/roles/controller_inventory_sources/defaults/main.yml @@ -4,6 +4,6 @@ controller_configuration_inventory_sources_secure_logging: "{{ aap_configuration controller_configuration_inventory_sources_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_inventory_sources_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_inventory_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_inventory_sources_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_inventory_sources/meta/argument_specs.yml b/roles/controller_inventory_sources/meta/argument_specs.yml index cdfa29fdb..25471cb45 100644 --- a/roles/controller_inventory_sources/meta/argument_specs.yml +++ b/roles/controller_inventory_sources/meta/argument_specs.yml @@ -151,11 +151,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_inventory_sources_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_inventory_sources/meta/main.yml b/roles/controller_inventory_sources/meta/main.yml index 5807022b1..35775f7f8 100644 --- a/roles/controller_inventory_sources/meta/main.yml +++ b/roles/controller_inventory_sources/meta/main.yml @@ -1,27 +1,27 @@ --- galaxy_info: - role_name: "inventory_sources" - author: "Andrew J. Huffman, Kedar Kulkarni" - description: "An Ansible role to create inventory sources in Ansible Controller." - company: "Red Hat" + role_name: inventory_sources + author: Andrew J. Huffman, Kedar Kulkarni + description: An Ansible role to create inventory sources in Ansible Controller. + company: Red Hat license: GPL-3.0-or-later min_ansible_version: 2.16.0 platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "inventory" - - "inventories" - - "source" + - controller + - aap + - awx + - configuration + - inventory + - inventories + - source collections: - ansible.controller diff --git a/roles/controller_inventory_sources/tasks/main.yml b/roles/controller_inventory_sources/tasks/main.yml index 08544b13f..ea0c7bc1b 100644 --- a/roles/controller_inventory_sources/tasks/main.yml +++ b/roles/controller_inventory_sources/tasks/main.yml @@ -1,41 +1,41 @@ --- -- name: "Managing Inventory Sources" +- name: Managing Inventory Sources inventory_source: - name: "{{ __controller_source_item.name | mandatory }}" - new_name: "{{ __controller_source_item.new_name | default(omit, true) }}" - description: "{{ __controller_source_item.description | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_source_item.inventory.name | default(__controller_source_item.inventory) | mandatory }}" - organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" - source: "{{ __controller_source_item.source | default(('scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - source_path: "{{ __controller_source_item.source_path | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - source_vars: "{{ __controller_source_item.source_vars | default(({} if controller_configuration_inventory_sources_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - enabled_var: "{{ __controller_source_item.enabled_var | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - enabled_value: "{{ __controller_source_item.enabled_value | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - host_filter: "{{ __controller_source_item.host_filter | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - limit: "{{ __controller_source_item.limit | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - credential: "{{ __controller_source_item.credential | default(omit, true) }}" - execution_environment: "{{ __controller_source_item.execution_environment | default(omit, true) }}" - overwrite: "{{ __controller_source_item.overwrite | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - overwrite_vars: "{{ __controller_source_item.overwrite_vars | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - timeout: "{{ __controller_source_item.timeout | default(0, true) if __controller_source_item.timeout is defined or controller_configuration_inventory_sources_enforce_defaults else omit }}" - verbosity: "{{ __controller_source_item.verbosity | default((1 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - update_on_launch: "{{ __controller_source_item.update_on_launch | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" - update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(0, true) if __controller_source_item.update_cache_timeout is defined or controller_configuration_inventory_sources_enforce_defaults else omit }}" - source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" - scm_branch: "{{ __controller_source_item.scm_branch | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - state: "{{ __controller_source_item.state | default(platform_state | default('present')) }}" - notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + name: "{{ __controller_source_item.name | mandatory }}" + new_name: "{{ __controller_source_item.new_name | default(omit, true) }}" + description: "{{ __controller_source_item.description | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_source_item.inventory.name | default(__controller_source_item.inventory) | mandatory }}" + organization: "{{ __controller_source_item.inventory.organization.name | default(__controller_source_item.organization | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + source: "{{ __controller_source_item.source | default(('scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_path: "{{ __controller_source_item.source_path | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + source_vars: "{{ __controller_source_item.source_vars | default(({} if controller_configuration_inventory_sources_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + enabled_var: "{{ __controller_source_item.enabled_var | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + enabled_value: "{{ __controller_source_item.enabled_value | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + host_filter: "{{ __controller_source_item.host_filter | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + limit: "{{ __controller_source_item.limit | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + credential: "{{ __controller_source_item.credential | default(omit, true) }}" + execution_environment: "{{ __controller_source_item.execution_environment | default(omit, true) }}" + overwrite: "{{ __controller_source_item.overwrite | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + overwrite_vars: "{{ __controller_source_item.overwrite_vars | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + custom_virtualenv: "{{ __controller_source_item.custom_virtualenv | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_source_item.timeout | default(0, true) if __controller_source_item.timeout is defined or controller_configuration_inventory_sources_enforce_defaults else omit }}" + verbosity: "{{ __controller_source_item.verbosity | default((1 if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + update_on_launch: "{{ __controller_source_item.update_on_launch | default((false if controller_configuration_inventory_sources_enforce_defaults else omit)) }}" + update_cache_timeout: "{{ __controller_source_item.update_cache_timeout | default(0, true) if __controller_source_item.update_cache_timeout is defined or controller_configuration_inventory_sources_enforce_defaults else omit }}" + source_project: "{{ __controller_source_item.source_project.name | default(__controller_source_item.source_project | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) }}" + scm_branch: "{{ __controller_source_item.scm_branch | default(('' if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + state: "{{ __controller_source_item.state | default(platform_state | default('present')) }}" + notification_templates_started: "{{ (__controller_source_item.related.notification_templates_started | map(attribute='name') | list if __controller_source_item.related.notification_templates_started is defined) | default(__controller_source_item.notification_templates_started) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_source_item.related.notification_templates_success | map(attribute='name') | list if __controller_source_item.related.notification_templates_success is defined) | default(__controller_source_item.notification_templates_success) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_source_item.related.notification_templates_error | map(attribute='name') | list if __controller_source_item.related.notification_templates_error is defined) | default(__controller_source_item.notification_templates_error) | default(([] if controller_configuration_inventory_sources_enforce_defaults else omit), true) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ inventory_sources if inventory_sources is defined else controller_inventory_sources }}" loop_control: loop_var: __controller_source_item @@ -45,18 +45,18 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __inventory_source_job_async - changed_when: "(__inventory_source_job_async.changed if ansible_check_mode else false)" + changed_when: (__inventory_source_job_async.changed if ansible_check_mode else false) when: (__controller_source_item.source | default(('scm' if controller_configuration_inventory_sources_enforce_defaults else omit), true)) != "constructed" vars: __operation: "{{ operation_translate[__controller_source_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __inventory_source_job_async.failed is defined and __inventory_source_job_async.failed -- name: "Managing Inventory Sources | Wait for finish the Inventory Sources management" +- name: Managing Inventory Sources | Wait for finish the Inventory Sources management ansible.builtin.async_status: jid: "{{ __inventory_source_job_async_results_item.ansible_job_id }}" register: __inventory_source_job_async_result @@ -71,5 +71,5 @@ no_log: "{{ controller_configuration_inventory_sources_secure_logging }}" vars: __operation: "{{ operation_translate[__inventory_source_job_async_results_item.__controller_source_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_inventory_sources/tests/test.yml b/roles/controller_inventory_sources/tests/test.yml index d76ba35c5..5cc6e75f1 100644 --- a/roles/controller_inventory_sources/tests/test.yml +++ b/roles/controller_inventory_sources/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_inventory_sources is defined} + - { role: ../.., when: controller_inventory_sources is defined } ... diff --git a/roles/controller_job_launch/README.md b/roles/controller_job_launch/README.md index cada2144d..4f3946099 100644 --- a/roles/controller_job_launch/README.md +++ b/roles/controller_job_launch/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the job launch task does not include sensitive information. +The role defaults to false as normally the job launch task does not include sensitive information. controller_configuration_job_launch_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_job_launch_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_job_launch_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -48,7 +48,7 @@ controller_configuration_job_launch_secure_logging defaults to the value of aap_ |`inventory`|""|no|str|Inventory to use for the job, only used if prompt for inventory is set.| |`organization`|""|no|str|Organization the inventory belongs to.| |`credentials`|""|no|list|TCredential to use for job, only used if prompt for credential is set.| -|`extra_vars`|""|no|dict|extra_vars to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module.| +|`extra_vars`|""|no|dict|extra_vars to use for the Job Template. ask_extra_vars needs to be set to true via controller_job_template module.| |`limit`|""|no|str|Limit to use for the job_template.| |`tags`|""|no|str|Specific tags to use for from playbook.| |`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| diff --git a/roles/controller_job_launch/meta/argument_specs.yml b/roles/controller_job_launch/meta/argument_specs.yml index bd9018cc2..883592439 100644 --- a/roles/controller_job_launch/meta/argument_specs.yml +++ b/roles/controller_job_launch/meta/argument_specs.yml @@ -34,7 +34,7 @@ argument_specs: # extra_vars: # required: false # type: dict - # description: extra_vars to use for the Job Template. ask_extra_vars needs to be set to True via controller_job_template module. + # description: extra_vars to use for the Job Template. ask_extra_vars needs to be set to true via controller_job_template module. # limit: # required: false # type: str diff --git a/roles/controller_job_launch/meta/main.yml b/roles/controller_job_launch/meta/main.yml index af6265f6e..42c160ac4 100644 --- a/roles/controller_job_launch/meta/main.yml +++ b/roles/controller_job_launch/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "job_launch" - author: "Sean Sullivan" - description: "An Ansible Role to launch job templates in Ansible Controller." - company: "Red Hat" + role_name: job_launch + author: Sean Sullivan + description: An Ansible Role to launch job templates in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "job" - - "jobs" + - controller + - aap + - awx + - job + - jobs collections: - ansible.controller diff --git a/roles/controller_job_launch/tasks/main.yml b/roles/controller_job_launch/tasks/main.yml index 87768c885..d8c5f0970 100644 --- a/roles/controller_job_launch/tasks/main.yml +++ b/roles/controller_job_launch/tasks/main.yml @@ -2,39 +2,39 @@ # Launch Controller Job - name: Launch a Controller Job job_launch: - name: "{{ __job_launch_item.name | mandatory }}" - job_type: "{{ __job_launch_item.job_type | default(omit, true) }}" - inventory: "{{ __job_launch_item.inventory | default(omit, true) }}" - organization: "{{ __job_launch_item.organization.name | default(__job_launch_item.organization | default(omit, true)) }}" - credentials: "{{ __job_launch_item.credentials | default(omit, true) }}" - extra_vars: "{{ __job_launch_item.extra_vars | default(omit, true) }}" - limit: "{{ __job_launch_item.limit | default(omit, true) }}" - tags: "{{ __job_launch_item.tags | default(omit, true) }}" - scm_branch: "{{ __job_launch_item.scm_branch | default(omit, true) }}" - skip_tags: "{{ __job_launch_item.skip_tags | default(omit, true) }}" - verbosity: "{{ __job_launch_item.verbosity | default(omit, true) }}" - diff_mode: "{{ __job_launch_item.diff_mode | default(omit) }}" - credential_passwords: "{{ __job_launch_item.credential_passwords | default(omit, true) }}" - execution_environment: "{{ __job_launch_item.execution_environment.name | default(__job_launch_item.execution_environment | default(omit, true)) }}" - forks: "{{ __job_launch_item.forks | default(omit, true) }}" - instance_groups: "{{ __job_launch_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __job_launch_item.job_slice_count | default(omit, true) }}" - labels: "{{ __job_launch_item.labels | default(__job_launch_item.related.labels | default([]) | map(attribute='name') | list) | default(omit, true) }}" - job_timeout: "{{ __job_launch_item.job_timeout | default(omit, true) }}" - wait: "{{ __job_launch_item.wait | default(omit) }}" - interval: "{{ __job_launch_item.interval | default(omit) }}" - timeout: "{{ __job_launch_item.timeout | default(omit, true) }}" + name: "{{ __job_launch_item.name | mandatory }}" + job_type: "{{ __job_launch_item.job_type | default(omit, true) }}" + inventory: "{{ __job_launch_item.inventory | default(omit, true) }}" + organization: "{{ __job_launch_item.organization.name | default(__job_launch_item.organization | default(omit, true)) }}" + credentials: "{{ __job_launch_item.credentials | default(omit, true) }}" + extra_vars: "{{ __job_launch_item.extra_vars | default(omit, true) }}" + limit: "{{ __job_launch_item.limit | default(omit, true) }}" + tags: "{{ __job_launch_item.tags | default(omit, true) }}" + scm_branch: "{{ __job_launch_item.scm_branch | default(omit, true) }}" + skip_tags: "{{ __job_launch_item.skip_tags | default(omit, true) }}" + verbosity: "{{ __job_launch_item.verbosity | default(omit, true) }}" + diff_mode: "{{ __job_launch_item.diff_mode | default(omit) }}" + credential_passwords: "{{ __job_launch_item.credential_passwords | default(omit, true) }}" + execution_environment: "{{ __job_launch_item.execution_environment.name | default(__job_launch_item.execution_environment | default(omit, true)) }}" + forks: "{{ __job_launch_item.forks | default(omit, true) }}" + instance_groups: "{{ __job_launch_item.instance_groups | default(omit, true) }}" + job_slice_count: "{{ __job_launch_item.job_slice_count | default(omit, true) }}" + labels: "{{ __job_launch_item.labels | default(__job_launch_item.related.labels | default([]) | map(attribute='name') | list) | default(omit, true) }}" + job_timeout: "{{ __job_launch_item.job_timeout | default(omit, true) }}" + wait: "{{ __job_launch_item.wait | default(omit) }}" + interval: "{{ __job_launch_item.interval | default(omit) }}" + timeout: "{{ __job_launch_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_launch_jobs }}" loop_control: - loop_var: "__job_launch_item" + loop_var: __job_launch_item label: "{{ (__job_launch_item.organization | default('')) }}/{{ __job_launch_item.name }}" no_log: "{{ controller_configuration_job_launch_secure_logging }}" register: launched_controller_jobs diff --git a/roles/controller_job_launch/tests/test.yml b/roles/controller_job_launch/tests/test.yml index 7d1f699e3..24caaec83 100644 --- a/roles/controller_job_launch/tests/test.yml +++ b/roles/controller_job_launch/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_launch_jobs is defined} + - { role: ../.., when: controller_launch_jobs is defined } ... diff --git a/roles/controller_job_templates/README.md b/roles/controller_job_templates/README.md index 131d21769..7f8d49d73 100644 --- a/roles/controller_job_templates/README.md +++ b/roles/controller_job_templates/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_job_templates_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_job_templates_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add job_template task does not include sensitive information. +The role defaults to false as normally the add job_template task does not include sensitive information. controller_configuration_job_templates_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_job_templates_secure_logging`|`False`|no|Whether or not to include the sensitive Job Template role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_job_templates_secure_logging`|`false`|no|Whether or not to include the sensitive Job Template role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -79,7 +79,7 @@ This also speeds up the overall role. |`name`|""|yes|str|Name of Job Template| |`new_name`|""|str|no|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|str|Name or id to copy the job template from. This will copy an existing credential and change any parameters supplied.| -|`description`|`False`|no|str|Description to use for the job template.| +|`description`|`false`|no|str|Description to use for the job template.| |`execution_environment`|""|no|str|Execution Environment to use for the job template.| |`job_type`|`run`|no|str|The job type to use for the job template(run, check).| |`inventory`|""|no|str|Name of the inventory to use for the job template.| diff --git a/roles/controller_job_templates/defaults/main.yml b/roles/controller_job_templates/defaults/main.yml index 7ca24fccd..25740f619 100644 --- a/roles/controller_job_templates/defaults/main.yml +++ b/roles/controller_job_templates/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_job_templates_secure_logging: "{{ aap_configuration_sec controller_configuration_job_templates_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_job_templates_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_job_templates_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_job_templates_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_job_templates/meta/argument_specs.yml b/roles/controller_job_templates/meta/argument_specs.yml index a19fca63a..f10b0f8a6 100644 --- a/roles/controller_job_templates/meta/argument_specs.yml +++ b/roles/controller_job_templates/meta/argument_specs.yml @@ -266,11 +266,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_job_templates_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_job_templates/meta/main.yml b/roles/controller_job_templates/meta/main.yml index a2fa68f81..20a439e9d 100644 --- a/roles/controller_job_templates/meta/main.yml +++ b/roles/controller_job_templates/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "job_templates" - author: "Sean Sulivan" - description: "An Ansible Role to create Job Templates in Ansible Controller." - company: "Red Hat" + role_name: job_templates + author: Sean Sulivan + description: An Ansible Role to create Job Templates in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,16 +24,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "jobtemplates" + - controller + - aap + - awx + - configuration + - jobtemplates collections: - ansible.controller diff --git a/roles/controller_job_templates/tasks/async.yml b/roles/controller_job_templates/tasks/async.yml index 6ef4e50e9..41e500f84 100644 --- a/roles/controller_job_templates/tasks/async.yml +++ b/roles/controller_job_templates/tasks/async.yml @@ -1,7 +1,7 @@ --- -- name: Async block +- name: async | Async block block: - - name: "Managing Controller Job Templates | Wait for finish the Job Templates management" + - name: async | Managing Controller Job Templates | Wait for finish the Job Templates management ansible.builtin.async_status: jid: "{{ __job_templates_job_async_result_item.ansible_job_id }}" register: __job_templates_job_async_result @@ -10,27 +10,18 @@ delay: "{{ controller_configuration_job_templates_async_delay }}" rescue: - - name: Removing variables existance from result_file + - name: async | Removing variables existance from result_file ansible.builtin.replace: path: "{{ __job_templates_job_async_result.results_file }}" - regexp: '\{\{.*?\}\}' - replace: '' + regexp: \{\{.*?\}\} + replace: "" - - name: "Load error details" + - name: async | Load error details ansible.builtin.include_vars: file: "{{ __job_templates_job_async_result.results_file }}" name: __error_data - - name: "Building list of not processed templates" + - name: async | Building list of not processed templates ansible.builtin.set_fact: - __templates_error_list: "{{ __templates_error_list | default([]) + [ { - 'name': __error_data['invocation']['module_args']['name'], - 'project_name': __error_data['invocation']['module_args']['project'], - 'playbook': __error_data['invocation']['module_args']['playbook'], - 'inventory': __error_data['invocation']['module_args']['inventory'], - 'credentials': __error_data['invocation']['module_args']['credentials'], - 'error': __error_data['msg'] - } - ] - }}" + __templates_error_list: "{{ __templates_error_list | default([]) + [ { 'name': __error_data['invocation']['module_args']['name'], 'project_name': __error_data['invocation']['module_args']['project'], 'playbook': __error_data['invocation']['module_args']['playbook'], 'inventory': __error_data['invocation']['module_args']['inventory'], 'credentials': __error_data['invocation']['module_args']['credentials'], 'error': __error_data['msg'] } ] }}" ... diff --git a/roles/controller_job_templates/tasks/main.yml b/roles/controller_job_templates/tasks/main.yml index d0be80d6a..3e2768017 100644 --- a/roles/controller_job_templates/tasks/main.yml +++ b/roles/controller_job_templates/tasks/main.yml @@ -1,69 +1,69 @@ --- -- name: "Managing Controller Job Templates" +- name: Managing Controller Job Templates job_template: - name: "{{ __controller_template_item.name | mandatory }}" - new_name: "{{ __controller_template_item.new_name | default(omit, true) }}" - copy_from: "{{ __controller_template_item.copy_from | default(omit, true) }}" - description: "{{ __controller_template_item.description | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - execution_environment: "{{ __controller_template_item.execution_environment.name | default(__controller_template_item.execution_environment | default(omit, true)) }}" - custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - job_type: "{{ __controller_template_item.job_type | default('run') }}" - inventory: "{{ __controller_template_item.inventory.name | default(__controller_template_item.inventory | default(omit, true)) }}" - organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true)) }}" - project: "{{ __controller_template_item.project.name | default(__controller_template_item.project | default(omit, true)) }}" - playbook: "{{ __controller_template_item.playbook | default(omit, true) }}" - credentials: "{{ __controller_template_item.credentials | default(__controller_template_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" - forks: "{{ __controller_template_item.forks | default(0, true) if __controller_template_item.forks is defined or controller_configuration_job_templates_enforce_defaults else omit }}" - limit: "{{ __controller_template_item.limit | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - verbosity: "{{ __controller_template_item.verbosity | default(0, true) if __controller_template_item.verbosity is defined or controller_configuration_job_templates_enforce_defaults else omit }}" - extra_vars: "{{ __controller_template_item.extra_vars | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - job_tags: "{{ __controller_template_item.job_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - force_handlers: "{{ __controller_template_item.force_handlers | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - skip_tags: "{{ __controller_template_item.skip_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - start_at_task: "{{ __controller_template_item.start_at_task | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - diff_mode: "{{ __controller_template_item.diff_mode | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - use_fact_cache: "{{ __controller_template_item.use_fact_cache | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - host_config_key: "{{ __controller_template_item.host_config_key | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" - ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" - ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - survey_enabled: "{{ __controller_template_item.survey_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true))) }}" - become_enabled: "{{ __controller_template_item.become_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" - timeout: "{{ __controller_template_item.timeout | default(0, true) if __controller_template_item.timeout is defined or controller_configuration_job_templates_enforce_defaults else omit }}" - instance_groups: "{{ __controller_template_item.instance_groups | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - job_slice_count: "{{ __controller_template_item.job_slice_count | default((1 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - webhook_service: "{{ __controller_template_item.webhook_service | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" - scm_branch: "{{ __controller_template_item.scm_branch | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - state: "{{ __controller_template_item.state | default(platform_state | default('present')) }}" - notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + name: "{{ __controller_template_item.name | mandatory }}" + new_name: "{{ __controller_template_item.new_name | default(omit, true) }}" + copy_from: "{{ __controller_template_item.copy_from | default(omit, true) }}" + description: "{{ __controller_template_item.description | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + execution_environment: "{{ __controller_template_item.execution_environment.name | default(__controller_template_item.execution_environment | default(omit, true)) }}" + custom_virtualenv: "{{ __controller_template_item.custom_virtualenv | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_type: "{{ __controller_template_item.job_type | default('run') }}" + inventory: "{{ __controller_template_item.inventory.name | default(__controller_template_item.inventory | default(omit, true)) }}" + organization: "{{ __controller_template_item.organization.name | default(__controller_template_item.organization | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true)) }}" + project: "{{ __controller_template_item.project.name | default(__controller_template_item.project | default(omit, true)) }}" + playbook: "{{ __controller_template_item.playbook | default(omit, true) }}" + credentials: "{{ __controller_template_item.credentials | default(__controller_template_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" + forks: "{{ __controller_template_item.forks | default(0, true) if __controller_template_item.forks is defined or controller_configuration_job_templates_enforce_defaults else omit }}" + limit: "{{ __controller_template_item.limit | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + verbosity: "{{ __controller_template_item.verbosity | default(0, true) if __controller_template_item.verbosity is defined or controller_configuration_job_templates_enforce_defaults else omit }}" + extra_vars: "{{ __controller_template_item.extra_vars | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_tags: "{{ __controller_template_item.job_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + force_handlers: "{{ __controller_template_item.force_handlers | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + skip_tags: "{{ __controller_template_item.skip_tags | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + start_at_task: "{{ __controller_template_item.start_at_task | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + diff_mode: "{{ __controller_template_item.diff_mode | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + use_fact_cache: "{{ __controller_template_item.use_fact_cache | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + host_config_key: "{{ __controller_template_item.host_config_key | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + ask_scm_branch_on_launch: "{{ __controller_template_item.ask_scm_branch_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_diff_mode_on_launch: "{{ __controller_template_item.ask_diff_mode_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_variables_on_launch: "{{ __controller_template_item.ask_variables_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __controller_template_item.ask_limit_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_tags_on_launch: "{{ __controller_template_item.ask_tags | default(__controller_template_item.ask_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_skip_tags_on_launch: "{{ __controller_template_item.ask_skip_tags | default(__controller_template_item.ask_skip_tags_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit))) }}" + ask_job_type_on_launch: "{{ __controller_template_item.ask_job_type_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_verbosity_on_launch: "{{ __controller_template_item.ask_verbosity_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_inventory_on_launch: "{{ __controller_template_item.ask_inventory_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_credential_on_launch: "{{ __controller_template_item.ask_credential_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_execution_environment_on_launch: "{{ __controller_template_item.ask_execution_environment_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_forks_on_launch: "{{ __controller_template_item.ask_forks_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_instance_groups_on_launch: "{{ __controller_template_item.ask_instance_groups_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_job_slice_count_on_launch: "{{ __controller_template_item.ask_job_slice_count_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_labels_on_launch: "{{ __controller_template_item.ask_labels_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + ask_timeout_on_launch: "{{ __controller_template_item.ask_timeout_on_launch | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + prevent_instance_group_fallback: "{{ __controller_template_item.prevent_instance_group_fallback | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_enabled: "{{ __controller_template_item.survey_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + survey_spec: "{{ __controller_template_item.related.survey_spec | default(__controller_template_item.survey_spec | default(__controller_template_item.survey | default(({} if controller_configuration_job_templates_enforce_defaults else omit), true))) }}" + become_enabled: "{{ __controller_template_item.become_enabled | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + allow_simultaneous: "{{ __controller_template_item.allow_simultaneous | default((false if controller_configuration_job_templates_enforce_defaults else omit)) }}" + timeout: "{{ __controller_template_item.timeout | default(0, true) if __controller_template_item.timeout is defined or controller_configuration_job_templates_enforce_defaults else omit }}" + instance_groups: "{{ __controller_template_item.instance_groups | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + job_slice_count: "{{ __controller_template_item.job_slice_count | default((1 if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + webhook_service: "{{ __controller_template_item.webhook_service | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + webhook_credential: "{{ __controller_template_item.webhook_credential | default(omit, true) }}" + scm_branch: "{{ __controller_template_item.scm_branch | default(('' if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_template_item.related.labels | map(attribute='name') | list if __controller_template_item.related.labels is defined) | default(__controller_template_item.labels) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + state: "{{ __controller_template_item.state | default(platform_state | default('present')) }}" + notification_templates_started: "{{ (__controller_template_item.related.notification_templates_started | map(attribute='name') | list if __controller_template_item.related.notification_templates_started is defined) | default(__controller_template_item.notification_templates_started) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_template_item.related.notification_templates_success | map(attribute='name') | list if __controller_template_item.related.notification_templates_success is defined) | default(__controller_template_item.notification_templates_success) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_template_item.related.notification_templates_error | map(attribute='name') | list if __controller_template_item.related.notification_templates_error is defined) | default(__controller_template_item.notification_templates_error) | default(([] if controller_configuration_job_templates_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ job_templates if job_templates is defined else controller_templates }}" loop_control: loop_var: __controller_template_item @@ -73,17 +73,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __job_templates_job_async - changed_when: "(__job_templates_job_async.changed if ansible_check_mode else false)" + changed_when: (__job_templates_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_template_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __job_templates_job_async.failed is defined and __job_templates_job_async.failed -- name: "Managing Job Templates | Wait for finish the Job Templates management" +- name: Managing Job Templates | Wait for finish the Job Templates management ansible.builtin.async_status: jid: "{{ __job_templates_job_async_result_item.ansible_job_id }}" register: __job_templates_job_async_result @@ -98,5 +98,5 @@ no_log: "{{ controller_configuration_job_templates_secure_logging }}" vars: __operation: "{{ operation_translate[__job_templates_job_async_result_item.__controller_template_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_job_templates/tests/test.yml b/roles/controller_job_templates/tests/test.yml index 3f76fbdf6..5f56e0ba5 100644 --- a/roles/controller_job_templates/tests/test.yml +++ b/roles/controller_job_templates/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_templates is defined} + - { role: ../.., when: controller_templates is defined } ... diff --git a/roles/controller_jobs_cancel/README.md b/roles/controller_jobs_cancel/README.md index b09e0f8ef..619c9186b 100644 --- a/roles/controller_jobs_cancel/README.md +++ b/roles/controller_jobs_cancel/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the task to cancel jobs does not include sensitive information. +The role defaults to false as normally the task to cancel jobs does not include sensitive information. controller_configuration_jobs_cancel_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_jobs_cancel_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_jobs_cancel_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -44,7 +44,7 @@ controller_configuration_jobs_cancel_secure_logging defaults to the value of aap |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| |`id`|""|yes|int|ID of the job to cancel.| -|`fail_if_not_running`|`False`|no|bool|Fail loudly if the job can not be canceled.| +|`fail_if_not_running`|`false`|no|bool|Fail loudly if the job can not be canceled.| ### Standard Cancel Jobs Data Structure diff --git a/roles/controller_jobs_cancel/meta/main.yml b/roles/controller_jobs_cancel/meta/main.yml index 6324d35e9..10ea80b8c 100644 --- a/roles/controller_jobs_cancel/meta/main.yml +++ b/roles/controller_jobs_cancel/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "jobs_cancel" - author: "Sean Sullivan" - description: "An Ansible Role to cancel jobs in Ansible Controller." - company: "Red Hat" + role_name: jobs_cancel + author: Sean Sullivan + description: An Ansible Role to cancel jobs in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "workflow" - - "workflows" + - controller + - aap + - awx + - workflow + - workflows collections: - ansible.controller diff --git a/roles/controller_jobs_cancel/tasks/main.yml b/roles/controller_jobs_cancel/tasks/main.yml index 9445fd22d..7849e67c5 100644 --- a/roles/controller_jobs_cancel/tasks/main.yml +++ b/roles/controller_jobs_cancel/tasks/main.yml @@ -2,19 +2,19 @@ # Cancel a Controller Job - name: Cancel a Controller Job job_cancel: - job_id: "{{ __controller_jobs_cancel_item.id | mandatory }}" - fail_if_not_running: "{{ __controller_jobs_cancel_item.fail_if_not_running | default(omit) }}" + job_id: "{{ __controller_jobs_cancel_item.id | mandatory }}" + fail_if_not_running: "{{ __controller_jobs_cancel_item.fail_if_not_running | default(omit) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_cancel_jobs }}" loop_control: - loop_var: "__controller_jobs_cancel_item" + loop_var: __controller_jobs_cancel_item no_log: "{{ controller_configuration_jobs_cancel_secure_logging }}" when: controller_cancel_jobs is defined ... diff --git a/roles/controller_jobs_cancel/tests/test.yml b/roles/controller_jobs_cancel/tests/test.yml index 5a4cdc862..1be19448e 100644 --- a/roles/controller_jobs_cancel/tests/test.yml +++ b/roles/controller_jobs_cancel/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_cancel_jobs is defined} + - { role: ../.., when: controller_cancel_jobs is defined } ... diff --git a/roles/controller_labels/README.md b/roles/controller_labels/README.md index ba0dcc1eb..5d2f14938 100644 --- a/roles/controller_labels/README.md +++ b/roles/controller_labels/README.md @@ -16,7 +16,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -27,13 +27,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add labels task does not include sensitive information. +The role defaults to false as normally the add labels task does not include sensitive information. controller_configuration_labels_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_labels_secure_logging`|`False`|no|Whether or not to include the sensitive Label role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_labels_secure_logging`|`false`|no|Whether or not to include the sensitive Label role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -60,7 +60,7 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of this label.| |`new_name`|""|no|str|Setting this option will change the existing name (looked up via the name field).| -|`organization`|`False`|no|str|Organization this label belongs to.| +|`organization`|`false`|no|str|Organization this label belongs to.| |`state`|`present`|no|str|Desired state of the resource.| ### Standard Label Data Structure diff --git a/roles/controller_labels/defaults/main.yml b/roles/controller_labels/defaults/main.yml index 722d0ab43..5b0c0ed07 100644 --- a/roles/controller_labels/defaults/main.yml +++ b/roles/controller_labels/defaults/main.yml @@ -4,5 +4,5 @@ controller_configuration_labels_secure_logging: "{{ aap_configuration_secure_log controller_configuration_labels_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_labels_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_labels_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/controller_labels/meta/argument_specs.yml b/roles/controller_labels/meta/argument_specs.yml index a2e2353ce..3ed2f62df 100644 --- a/roles/controller_labels/meta/argument_specs.yml +++ b/roles/controller_labels/meta/argument_specs.yml @@ -44,11 +44,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_labels_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_labels/meta/main.yml b/roles/controller_labels/meta/main.yml index ae3fa16c5..717efa72c 100644 --- a/roles/controller_labels/meta/main.yml +++ b/roles/controller_labels/meta/main.yml @@ -1,26 +1,26 @@ --- galaxy_info: - role_name: "labels" - author: "Andrew J. Huffman, Kedar Kulkarni" - description: "An Ansible role to create labels in Ansible Controller.." - company: "Red Hat" + role_name: labels + author: Andrew J. Huffman, Kedar Kulkarni + description: An Ansible role to create labels in Ansible Controller.. + company: Red Hat license: GPL-3.0-or-later min_ansible_version: 2.16.0 platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "label" - - "labels" + - controller + - aap + - awx + - configuration + - label + - labels collections: - ansible.controller diff --git a/roles/controller_labels/tasks/main.yml b/roles/controller_labels/tasks/main.yml index 515f06e6c..b7fe90072 100644 --- a/roles/controller_labels/tasks/main.yml +++ b/roles/controller_labels/tasks/main.yml @@ -1,18 +1,18 @@ --- -- name: "Managing Labels" +- name: Managing Labels label: - name: "{{ __controller_label_item.name | mandatory }}" - new_name: "{{ __controller_label_item.new_name | default(omit, true) }}" - organization: "{{ __controller_label_item.organization | mandatory }}" - state: "{{ __controller_label_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_label_item.name | mandatory }}" + new_name: "{{ __controller_label_item.new_name | default(omit, true) }}" + organization: "{{ __controller_label_item.organization | mandatory }}" + state: "{{ __controller_label_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_labels }}" loop_control: loop_var: __controller_label_item @@ -22,17 +22,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_label_job_async - changed_when: "(__controller_label_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_label_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_label_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_label_job_async.failed is defined and __controller_label_job_async.failed -- name: "Managing Labels | Wait for finish the Labels management" +- name: Managing Labels | Wait for finish the Labels management ansible.builtin.async_status: jid: "{{ __controller_label_job_async_results_item.ansible_job_id }}" register: __controller_label_job_async_result @@ -47,5 +47,5 @@ no_log: "{{ controller_configuration_labels_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_label_job_async_results_item.__controller_label_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_labels/tests/test.yml b/roles/controller_labels/tests/test.yml index e5e506ed8..c5a18edc4 100644 --- a/roles/controller_labels/tests/test.yml +++ b/roles/controller_labels/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_labels is defined} + - { role: ../.., when: controller_labels is defined } ... diff --git a/roles/controller_license/README.md b/roles/controller_license/README.md index 07dd9224d..36f78b831 100644 --- a/roles/controller_license/README.md +++ b/roles/controller_license/README.md @@ -20,7 +20,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -33,13 +33,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add license task does not include sensitive information. +The role defaults to false as normally the add license task does not include sensitive information. controller_configuration_license_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_license_secure_logging`|`False`|no|Whether or not to include the sensitive license role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_license_secure_logging`|`false`|no|Whether or not to include the sensitive license role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -59,7 +59,7 @@ The module and this role can use either a manifest file, or lookup the subscript |`manifest_password`|""|no|obj|Optional password for access to `manifest_url`| |`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to| |`eula_accepted`|""|yes|bool|DEPRECATED since Tower 3.8 - Whether to accept the End User License Agreement for Ansible controller| -|`force`|`False`|no|bool|By default, the license manifest will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| +|`force`|`false`|no|bool|By default, the license manifest will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| |`state`|`present`|no|str|Desired state of the resource.| ### License Variables for using Red Hat Subscription @@ -70,8 +70,8 @@ The module and this role can use either a manifest file, or lookup the subscript |`support_level`|"Self-Support"|no|str|DEPRECATED - changed to `manifest_file` (still works as an alias)| |`list_num`|0|no|int|List index of the subscription to use, if you want to overide the default, it is recomended to use the filters to limit the pools found.| |`pool_id`|""|no|str|Red Hat or Red Hat Satellite pool_id to attach to.| -|`force`|`False`|no|bool|By default, the license will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| -|`use_lookup`|`False`|no|bool|Whether or not to lookup subscriptions.| +|`force`|`false`|no|bool|By default, the license will only be applied if controller is currently unlicensed or trial licensed. When force=true, the license is always applied.| +|`use_lookup`|`false`|no|bool|Whether or not to lookup subscriptions.| |`state`|`present`|no|str|Desired state of the resource.| ### Standard License Data Structure diff --git a/roles/controller_license/meta/argument_specs.yml b/roles/controller_license/meta/argument_specs.yml index c0b9ae8e5..2edd28709 100644 --- a/roles/controller_license/meta/argument_specs.yml +++ b/roles/controller_license/meta/argument_specs.yml @@ -68,7 +68,8 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values + from elsewhere. aap_configuration_secure_logging: default: false required: false diff --git a/roles/controller_license/meta/main.yml b/roles/controller_license/meta/main.yml index 8ef2fd0f4..9d0f5597b 100644 --- a/roles/controller_license/meta/main.yml +++ b/roles/controller_license/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "license" + role_name: license author: Red Hat CoP description: A role to set the Ansible Controller License company: Red Hat @@ -30,16 +30,16 @@ galaxy_info: # https://galaxy.ansible.com/api/v1/platforms/ # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "license" + - controller + - aap + - awx + - configuration + - license collections: - ansible.controller diff --git a/roles/controller_license/tasks/main.yml b/roles/controller_license/tasks/main.yml index 66fa17fe9..83737248c 100644 --- a/roles/controller_license/tasks/main.yml +++ b/roles/controller_license/tasks/main.yml @@ -2,12 +2,12 @@ # tasks file for license role - name: Use manifest file - ansible.builtin.include_tasks: "manifest.yml" + ansible.builtin.include_tasks: manifest.yml when: - controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_content is defined or controller_license.manifest_url is defined - name: Use subscription pool id or subscription lookup - ansible.builtin.include_tasks: "subscription.yml" + ansible.builtin.include_tasks: subscription.yml when: - (redhat_subscription_username is defined and redhat_subscription_password is defined) or controller_license.pool_id is defined ... diff --git a/roles/controller_license/tasks/manifest.yml b/roles/controller_license/tasks/manifest.yml index ced743d81..4e2fbde0d 100644 --- a/roles/controller_license/tasks/manifest.yml +++ b/roles/controller_license/tasks/manifest.yml @@ -1,12 +1,12 @@ --- # tasks file for license role - manifest -- name: Ensure manifest is set +- name: manifest | Ensure manifest is set ansible.builtin.assert: that: controller_license.manifest_file is defined or controller_license.manifest is defined or controller_license.manifest_url is defined or controller_license.manifest_content is defined or controller_license.pool_id is defined - fail_msg: "Must set a source for the manifest or pool. Please set 'manifest_file', 'manifest_url', 'manifest_content', or 'pool_id'" + fail_msg: Must set a source for the manifest or pool. Please set 'manifest_file', 'manifest_url', 'manifest_content', or 'pool_id' -- name: Move manifest file to temporary location +- name: manifest | Move manifest file to temporary location ansible.builtin.copy: src: "{{ controller_license.manifest_file | default(controller_license.manifest) }}" dest: "{{ __controller_manifest_path }}" @@ -14,7 +14,7 @@ when: - controller_license.manifest_file is defined or controller_license.manifest is defined -- name: Fetch manifest from URL +- name: manifest | Fetch manifest from URL ansible.builtin.get_url: url: "{{ controller_license.manifest_url }}" dest: "{{ __controller_manifest_path }}" @@ -26,7 +26,7 @@ - not controller_license.manifest_file is defined - not controller_license.manifest is defined -- name: Create manifest file from base64 encoded content +- name: manifest | Create manifest file from base64 encoded content ansible.builtin.template: src: controller_manifest.j2 dest: "{{ __controller_manifest_path }}" @@ -37,13 +37,13 @@ - not controller_license.manifest_file is defined - not controller_license.manifest is defined -- name: Install the Controller license +- name: manifest | Install the Controller license license: - manifest: "{{ __controller_manifest_path | default(omit) }}" - eula_accepted: "{{ controller_license.eula_accepted | default(omit) }}" # Depreciated only for Tower 3.8.x or lower - pool_id: "{{ controller_license.pool_id | default(omit) }}" - force: "{{ controller_license.force | default(omit) }}" - state: "{{ controller_license.state | default(omit) }}" + manifest: "{{ __controller_manifest_path | default(omit) }}" + eula_accepted: "{{ controller_license.eula_accepted | default(omit) }}" # Depreciated only for Tower 3.8.x or lower + pool_id: "{{ controller_license.pool_id | default(omit) }}" + force: "{{ controller_license.force | default(omit) }}" + state: "{{ controller_license.state | default(omit) }}" # Role Standard Options controller_host: "{{ aap_hostname | default(omit, true) }}" diff --git a/roles/controller_license/tasks/subscription.yml b/roles/controller_license/tasks/subscription.yml index f48137c8e..185273e6a 100644 --- a/roles/controller_license/tasks/subscription.yml +++ b/roles/controller_license/tasks/subscription.yml @@ -1,7 +1,7 @@ --- # tasks file for license role - Subscription -- name: Get subscriptions with a filter +- name: subscription | Get subscriptions with a filter subscriptions: username: "{{ redhat_subscription_username }}" password: "{{ redhat_subscription_password }}" @@ -18,11 +18,11 @@ - "'use_lookup' in controller_license" - controller_license.use_lookup -- name: Install the Controller license +- name: subscription | Install the Controller license license: - pool_id: "{{ controller_license.pool_id | default(subscription.subscriptions[(controller_license.list_num | default(0))].pool_id) }}" - force: "{{ controller_license.force | default(omit) }}" - state: "{{ controller_license.state | default(omit) }}" + pool_id: "{{ controller_license.pool_id | default(subscription.subscriptions[(controller_license.list_num | default(0))].pool_id) }}" + force: "{{ controller_license.force | default(omit) }}" + state: "{{ controller_license.state | default(omit) }}" # Role Standard Options controller_host: "{{ aap_hostname | default(omit, true) }}" diff --git a/roles/controller_license/tests/config/license.yml b/roles/controller_license/tests/config/license.yml index 6dcca8391..d39cad6a6 100644 --- a/roles/controller_license/tests/config/license.yml +++ b/roles/controller_license/tests/config/license.yml @@ -1,6 +1,6 @@ --- controller_license: - manifest_file: "/tmp/my_tower.zip" + manifest_file: /tmp/my_tower.zip # manifest_url: https://www.ansible.com/hubfs/Logo-Red_Hat-Ansible-A-Reverse-SVG.svg # manifest_content: "aGVsbG8gd29ybGQ=" ... diff --git a/roles/controller_license/tests/test.yml b/roles/controller_license/tests/test.yml index 746262890..18b4db309 100644 --- a/roles/controller_license/tests/test.yml +++ b/roles/controller_license/tests/test.yml @@ -18,8 +18,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./config - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_license is defined} + - { role: ../.., when: controller_license is defined } ... diff --git a/roles/controller_notification_templates/README.md b/roles/controller_notification_templates/README.md index a19a18437..15620e494 100644 --- a/roles/controller_notification_templates/README.md +++ b/roles/controller_notification_templates/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_notifications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_notifications_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add notification task does not include sensitive information. +The role defaults to false as normally the add notification task does not include sensitive information. `controller_configuration_notification_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_notification_secure_logging`|`False`|no|Whether or not to include the sensitive notification role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_notification_secure_logging`|`false`|no|Whether or not to include the sensitive notification role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_notification_templates/defaults/main.yml b/roles/controller_notification_templates/defaults/main.yml index f3722dc28..f57cc40f5 100644 --- a/roles/controller_notification_templates/defaults/main.yml +++ b/roles/controller_notification_templates/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_notifications_secure_logging: "{{ aap_configuration_sec controller_configuration_notifications_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_notifications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_notifications_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_notifications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_notification_templates/meta/argument_specs.yml b/roles/controller_notification_templates/meta/argument_specs.yml index 4d3020d86..c5aa6cdc3 100644 --- a/roles/controller_notification_templates/meta/argument_specs.yml +++ b/roles/controller_notification_templates/meta/argument_specs.yml @@ -65,7 +65,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -74,7 +74,8 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values + from elsewhere. aap_configuration_secure_logging: default: false required: false diff --git a/roles/controller_notification_templates/meta/main.yml b/roles/controller_notification_templates/meta/main.yml index 50a0e7a58..0b031ad90 100644 --- a/roles/controller_notification_templates/meta/main.yml +++ b/roles/controller_notification_templates/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "notifications" - author: "Tom Page" - description: "An Ansible Role to create notifications in Ansible Controller." - company: "Red Hat" + role_name: notifications + author: Tom Page + description: An Ansible Role to create notifications in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "notification" - - "notifications" + - controller + - aap + - awx + - notification + - notifications collections: - ansible.controller diff --git a/roles/controller_notification_templates/tasks/main.yml b/roles/controller_notification_templates/tasks/main.yml index 6e403d89b..47f93be0e 100644 --- a/roles/controller_notification_templates/tasks/main.yml +++ b/roles/controller_notification_templates/tasks/main.yml @@ -1,23 +1,23 @@ --- -- name: "Managing Controller Notifications" +- name: Managing Controller Notifications notification_template: - name: "{{ __controller_notification_item.name | mandatory }}" - new_name: "{{ __controller_notification_item.new_name | default(omit, true) }}" - copy_from: "{{ __controller_notification_item.copy_from | default(omit, true) }}" - description: "{{ __controller_notification_item.description | default(('' if controller_configuration_notifications_enforce_defaults else omit), true) }}" - organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) | mandatory }}" - notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory }}" - notification_configuration: "{{ __controller_notification_item.notification_configuration | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) }}" - messages: "{{ __controller_notification_item.messages | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" - state: "{{ __controller_notification_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_notification_item.name | mandatory }}" + new_name: "{{ __controller_notification_item.new_name | default(omit, true) }}" + copy_from: "{{ __controller_notification_item.copy_from | default(omit, true) }}" + description: "{{ __controller_notification_item.description | default(('' if controller_configuration_notifications_enforce_defaults else omit), true) }}" + organization: "{{ __controller_notification_item.organization.name | default(__controller_notification_item.organization) | mandatory }}" + notification_type: "{{ __controller_notification_item.notification_type | default(omit, true) | mandatory }}" + notification_configuration: "{{ __controller_notification_item.notification_configuration | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) }}" + messages: "{{ __controller_notification_item.messages | default(({} if controller_configuration_notifications_enforce_defaults else omit), true) | regex_replace('{ {', '{_~~remove~~_{') | regex_replace('_~~remove~~_', '') }}" + state: "{{ __controller_notification_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ notification_templates if notification_templates is defined else controller_notifications }}" loop_control: loop_var: __controller_notification_item @@ -27,17 +27,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_notification_job_async - changed_when: "(__controller_notification_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_notification_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_notification_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_notification_job_async.failed is defined and __controller_notification_job_async.failed -- name: "Managing Notifications | Wait for finish the Notifications management" +- name: Managing Notifications | Wait for finish the Notifications management ansible.builtin.async_status: jid: "{{ __controller_notification_job_async_results_item.ansible_job_id }}" register: __controller_notification_job_async_result @@ -47,10 +47,11 @@ loop: "{{ __controller_notification_job_async.results }}" loop_control: loop_var: __controller_notification_job_async_results_item - label: "{{ __operation.verb }} notification {{ __controller_notification_job_async_results_item.__controller_notification_item.name }} | Wait for finish the notifications {{ __operation.action }}" + label: "{{ __operation.verb }} notification {{ __controller_notification_job_async_results_item.__controller_notification_item.name }} | Wait for finish the notifications + {{ __operation.action }}" when: not ansible_check_mode and __controller_notification_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_notifications_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_notification_job_async_results_item.__controller_notification_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_notification_templates/tests/configs/notifications.yml b/roles/controller_notification_templates/tests/configs/notifications.yml index 00ae4d5dc..0a1e0a327 100644 --- a/roles/controller_notification_templates/tests/configs/notifications.yml +++ b/roles/controller_notification_templates/tests/configs/notifications.yml @@ -10,8 +10,8 @@ controller_notifications: - admin@example.com sender: tower0@example.com port: 25 - username: '' - password: '' + username: "" + password: "" use_tls: false use_ssl: false ... diff --git a/roles/controller_notification_templates/tests/test.yml b/roles/controller_notification_templates/tests/test.yml index d91fe908d..974c7d0f9 100644 --- a/roles/controller_notification_templates/tests/test.yml +++ b/roles/controller_notification_templates/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_notifications is defined} + - { role: ../.., when: controller_notifications is defined } ... diff --git a/roles/controller_organizations/README.md b/roles/controller_organizations/README.md index 608eb1182..8034ce9c5 100644 --- a/roles/controller_organizations/README.md +++ b/roles/controller_organizations/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -42,20 +42,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_organizations_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_organizations_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add organization task does not include sensitive information. +The role defaults to false as normally the add organization task does not include sensitive information. controller_configuration_organizations_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_organizations_secure_logging`|`False`|no|Whether or not to include the sensitive Organization role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_organizations_secure_logging`|`false`|no|Whether or not to include the sensitive Organization role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -84,7 +84,7 @@ This role accepts two data models. A simple straightforward easy to maintain mod |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of Organization| |`new_name`|""|no|str|New name of Organization| -|`description`|`False`|no|str|Description of of Organization.| +|`description`|`false`|no|str|Description of of Organization.| |`custom_virtualenv`|""|no|str|Local absolute file path containing a custom Python virtualenv to use.| |`max_hosts`|""|no|int|The max hosts allowed in this organization.| |`instance_groups`|""|no|list|list of Instance Groups for this Organization to run on.| diff --git a/roles/controller_organizations/defaults/main.yml b/roles/controller_organizations/defaults/main.yml index af1985192..e8dee3d4e 100644 --- a/roles/controller_organizations/defaults/main.yml +++ b/roles/controller_organizations/defaults/main.yml @@ -4,7 +4,7 @@ controller_configuration_organizations_secure_logging: "{{ aap_configuration_sec controller_configuration_organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_organizations_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_organizations_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" assign_galaxy_credentials_to_org: true assign_default_ee_to_org: true diff --git a/roles/controller_organizations/meta/argument_specs.yml b/roles/controller_organizations/meta/argument_specs.yml index 47d61f400..c6a5abd98 100644 --- a/roles/controller_organizations/meta/argument_specs.yml +++ b/roles/controller_organizations/meta/argument_specs.yml @@ -98,11 +98,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_organizations_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_organizations/meta/main.yml b/roles/controller_organizations/meta/main.yml index e7631144f..811240779 100644 --- a/roles/controller_organizations/meta/main.yml +++ b/roles/controller_organizations/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "organizations" - author: "Sean Sulivan" - description: "An Ansible Role to create Organizations in Ansible Controller." - company: "Red Hat" + role_name: organizations + author: Sean Sulivan + description: An Ansible Role to create Organizations in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,17 +24,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "organization" - - "organizations" + - controller + - aap + - awx + - configuration + - organization + - organizations collections: - ansible.controller diff --git a/roles/controller_organizations/tasks/main.yml b/roles/controller_organizations/tasks/main.yml index 9642f615d..757cc0a31 100644 --- a/roles/controller_organizations/tasks/main.yml +++ b/roles/controller_organizations/tasks/main.yml @@ -1,27 +1,27 @@ --- -- name: "Managing Organizations" +- name: Managing Organizations organization: - name: "{{ __controller_organizations_item.name | mandatory }}" - new_name: "{{ __controller_organizations_item.new_name | default(omit) }}" - description: "{{ __controller_organizations_item.description | default(('' if controller_configuration_organizations_enforce_defaults else omit), true) }}" - custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" - max_hosts: "{{ __controller_organizations_item.max_hosts | default((0 if controller_configuration_organizations_enforce_defaults else omit), true) }}" - instance_groups: "{{ (__controller_organizations_item.instance_groups | default(([] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_instance_groups_to_org is defined and assign_instance_groups_to_org) else omit }}" - default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.default_environment | default(__controller_organizations_item.execution_environment | default(omit)))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" - galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(([] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" - notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" - notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" - notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" - notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" - state: "{{ __controller_organizations_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_organizations_item.name | mandatory }}" + new_name: "{{ __controller_organizations_item.new_name | default(omit) }}" + description: "{{ __controller_organizations_item.description | default(('' if controller_configuration_organizations_enforce_defaults else omit), true) }}" + custom_virtualenv: "{{ __controller_organizations_item.custom_virtualenv | default(omit, true) }}" + max_hosts: "{{ __controller_organizations_item.max_hosts | default((0 if controller_configuration_organizations_enforce_defaults else omit), true) }}" + instance_groups: "{{ (__controller_organizations_item.instance_groups | default(([] if controller_configuration_organizations_enforce_defaults else omit), true))if (assign_instance_groups_to_org is defined and assign_instance_groups_to_org) else omit }}" + default_environment: "{{ (__controller_organizations_item.default_environment.name | default(__controller_organizations_item.default_environment | default(__controller_organizations_item.execution_environment | default(omit)))) if (assign_default_ee_to_org is defined and assign_default_ee_to_org) else omit }}" + galaxy_credentials: "{{ (__controller_organizations_item.galaxy_credentials | default(([] if controller_configuration_organizations_enforce_defaults else omit), true)) if (assign_galaxy_credentials_to_org is defined and assign_galaxy_credentials_to_org) else omit }}" + notification_templates_approvals: "{{ (__controller_organizations_item.related.notification_templates_approvals | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_approvals is defined) | default(__controller_organizations_item.notification_templates_approvals) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" + notification_templates_started: "{{ (__controller_organizations_item.related.notification_templates_started | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_started is defined) | default(__controller_organizations_item.notification_templates_started) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" + notification_templates_success: "{{ (__controller_organizations_item.related.notification_templates_success | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_success is defined) | default(__controller_organizations_item.notification_templates_success) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" + notification_templates_error: "{{ (__controller_organizations_item.related.notification_templates_error | map(attribute='name') | list if __controller_organizations_item.related.notification_templates_error is defined) | default(__controller_organizations_item.notification_templates_error) | default(([] if controller_configuration_organizations_enforce_defaults else omit), true) if (assign_notification_templates_to_org is defined and assign_notification_templates_to_org) else omit }}" + state: "{{ __controller_organizations_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ aap_organizations }}" loop_control: loop_var: __controller_organizations_item @@ -31,17 +31,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __organizations_job_async - changed_when: "(__organizations_job_async.changed if ansible_check_mode else false)" + changed_when: (__organizations_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_organizations_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __organizations_job_async.failed is defined and __organizations_job_async.failed -- name: "Managing Controller Organizations | Wait for finish the Organizations management" +- name: Managing Controller Organizations | Wait for finish the Organizations management ansible.builtin.async_status: jid: "{{ __organizations_job_async_results_item.ansible_job_id }}" register: __organizations_job_async_result @@ -51,10 +51,11 @@ loop: "{{ __organizations_job_async.results }}" loop_control: loop_var: __organizations_job_async_results_item - label: "{{ __operation.verb }} Controller Organization {{ __organizations_job_async_results_item.__controller_organizations_item.name }} | Wait for finish the organization {{ __operation.action }}" + label: "{{ __operation.verb }} Controller Organization {{ __organizations_job_async_results_item.__controller_organizations_item.name }} | Wait for finish the + organization {{ __operation.action }}" when: not ansible_check_mode and __organizations_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_organizations_secure_logging }}" vars: __operation: "{{ operation_translate[__organizations_job_async_results_item.__controller_organizations_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_organizations/tests/test.yml b/roles/controller_organizations/tests/test.yml index 84a25b395..1074df789 100644 --- a/roles/controller_organizations/tests/test.yml +++ b/roles/controller_organizations/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_organizations is defined} + - { role: ../.., when: controller_organizations is defined } ... diff --git a/roles/controller_project_update/README.md b/roles/controller_project_update/README.md index 04bb5b7d8..aaa8a36cf 100644 --- a/roles/controller_project_update/README.md +++ b/roles/controller_project_update/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the project update task does not include sensitive information. +The role defaults to false as normally the project update task does not include sensitive information. controller_configuration_project_update_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_project_update_secure_logging`|`False`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_project_update_secure_logging`|`false`|no|Whether or not to include the sensitive Project role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -65,7 +65,7 @@ This also speeds up the overall role. |`wait`|""|no|str|Wait for the project to complete.| |`interval`|`controller_configuration_project_update_async_delay`|no|str|The interval to request an update from controller.| |`timeout`|""|no|str|If waiting for the job to complete this will abort after this amount of seconds.| -|`update_project`|`False`|no|bool|If defined and true, the project update will be executed, otherwise it won't.| +|`update_project`|`false`|no|bool|If defined and true, the project update will be executed, otherwise it won't.| ### Standard Project Update Data Structure diff --git a/roles/controller_project_update/defaults/main.yml b/roles/controller_project_update/defaults/main.yml index 03a0643cc..4bf47dbaa 100644 --- a/roles/controller_project_update/defaults/main.yml +++ b/roles/controller_project_update/defaults/main.yml @@ -3,5 +3,5 @@ controller_configuration_project_update_secure_logging: "{{ aap_configuration_se controller_configuration_project_update_async_retries: "{{ aap_configuration_async_retries | default(60) }}" controller_configuration_project_update_async_delay: "{{ aap_configuration_async_delay | default(10) }}" controller_configuration_project_update_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/controller_project_update/meta/argument_specs.yml b/roles/controller_project_update/meta/argument_specs.yml index f28395eb3..c9ebfdf70 100644 --- a/roles/controller_project_update/meta/argument_specs.yml +++ b/roles/controller_project_update/meta/argument_specs.yml @@ -140,7 +140,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/controller_project_update/meta/main.yml b/roles/controller_project_update/meta/main.yml index 0d39811b2..69c1767d6 100644 --- a/roles/controller_project_update/meta/main.yml +++ b/roles/controller_project_update/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "project_update" - author: "Sean Sullivan" - description: "An Ansible Role to update projects in Ansible Controller." - company: "Red Hat" + role_name: project_update + author: Sean Sullivan + description: An Ansible Role to update projects in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "project" - - "projects" + - controller + - aap + - awx + - project + - projects collections: - ansible.controller diff --git a/roles/controller_project_update/tasks/main.yml b/roles/controller_project_update/tasks/main.yml index 7a97a0f3f..cab4f0228 100644 --- a/roles/controller_project_update/tasks/main.yml +++ b/roles/controller_project_update/tasks/main.yml @@ -2,22 +2,22 @@ # Update Controller Projects - name: Run Controller project update project_update: - name: "{{ __project_update_update_item.name }}" - organization: "{{ __project_update_update_item.organization.name | default(__project_update_update_item.organization | default(omit, true)) }}" - wait: "{{ __project_update_update_item.wait | default(omit) }}" - interval: "{{ __project_update_update_item.interval | default(controller_configuration_project_update_async_delay) }}" - timeout: "{{ __project_update_update_item.timeout | default(omit, true) }}" + name: "{{ __project_update_update_item.name }}" + organization: "{{ __project_update_update_item.organization.name | default(__project_update_update_item.organization | default(omit, true)) }}" + wait: "{{ __project_update_update_item.wait | default(omit) }}" + interval: "{{ __project_update_update_item.interval | default(controller_configuration_project_update_async_delay) }}" + timeout: "{{ __project_update_update_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ projects if projects is defined else controller_projects }}" loop_control: - loop_var: "__project_update_update_item" + loop_var: __project_update_update_item label: "{{ (__project_update_update_item.organization | default('')) }}/{{ __project_update_update_item.name }}" pause: "{{ controller_configuration_project_update_loop_delay }}" no_log: "{{ controller_configuration_project_update_secure_logging }}" @@ -28,16 +28,16 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __project_update_job_async - changed_when: "(__project_update_job_async.changed if ansible_check_mode else false)" + changed_when: (__project_update_job_async.changed if ansible_check_mode else false) vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __project_update_job_async.failed is defined and __project_update_job_async.failed -- name: "Configure Controller Projects | Wait for finish the projects update" +- name: Configure Controller Projects | Wait for finish the projects update ansible.builtin.async_status: jid: "{{ __project_update_job_async_results_item.ansible_job_id }}" register: __project_update_job_async_result @@ -50,5 +50,5 @@ when: not ansible_check_mode and __project_update_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_project_update_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_project_update/tests/test.yml b/roles/controller_project_update/tests/test.yml index f314622c9..99ddd233a 100644 --- a/roles/controller_project_update/tests/test.yml +++ b/roles/controller_project_update/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_projects is defined} + - { role: ../.., when: controller_projects is defined } ... diff --git a/roles/controller_projects/README.md b/roles/controller_projects/README.md index 81a2c686d..3165eecfa 100644 --- a/roles/controller_projects/README.md +++ b/roles/controller_projects/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---|:---| |`controller_state`|"present"|no|str|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|str|URL to the Ansible Controller Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|str|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|str|Whether or not to validate the Ansible Controller Server's SSL certificate.|| |`aap_username`|""|no|str|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|str|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|str|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_projects_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_projects_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add projects task does not include sensitive information. +The role defaults to false as normally the add projects task does not include sensitive information. controller_configuration_projects_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---| -|`controller_configuration_projects_secure_logging`|`False`|no|str|Whether or not to include the sensitive Project role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|str|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_projects_secure_logging`|`false`|no|str|Whether or not to include the sensitive Project role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|str|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -79,8 +79,8 @@ This also speeds up the overall role. |`name`|""|yes|str|Name of Project| |`new_name`|""|no|str|Setting this option will change the existing name (looked up via the name field).| |`copy_from`|""|no|str|Name or id to copy the project from. This will copy an existing project and change any parameters supplied.| -|`description`|`False`|no|str|Description of the Project.| -|`organization`|`False`|yes|str|Name of organization for project.| +|`description`|`false`|no|str|Description of the Project.| +|`organization`|`false`|yes|str|Name of organization for project.| |`scm_type`|""|no|str|Type of SCM resource.| |`scm_url`|""|no|str|URL of SCM resource.| |`default_environment`|""|no|str|Default Execution Environment to use for jobs relating to the project.| @@ -93,7 +93,7 @@ This also speeds up the overall role. |`scm_delete_on_update`|""|no|bool|Remove the repository completely before updating.| |`scm_track_submodules`|""|no|bool|Track submodules latest commit on specified branch.| |`scm_update_on_launch`|""|no|bool|Before an update to the local repository before launching a job with this project.| -|`scm_update_cache_timeout`|""|no|str|Cache Timeout to cache prior project syncs for a certain number of seconds. Only valid if scm_update_on_launch is to True, otherwise ignored.| +|`scm_update_cache_timeout`|""|no|str|Cache Timeout to cache prior project syncs for a certain number of seconds. Only valid if scm_update_on_launch is to true, otherwise ignored.| |`allow_override`|""|no|str|Allow changing the SCM branch or revision in a job template that uses this project.| |`timeout`|""|no|int|The amount of time (in seconds) to run before the SCM Update is canceled. A value of 0 means no timeout.| |`custom_virtualenv`|""|no|str|Local absolute file path containing a custom Python virtualenv to use.| @@ -102,7 +102,7 @@ This also speeds up the overall role. |`notification_templates_error`|""|no|list|The notifications on error to use for this organization in a list.| |`state`|`present`|no|str|Desired state of the resource.| |`wait`|""|no|bool|Provides option to wait for completed project sync before returning.| -|`update_project`|`False`|no|bool|Force project to update after changes.Used in conjunction with wait, interval, and timeout.| +|`update_project`|`false`|no|bool|Force project to update after changes.Used in conjunction with wait, interval, and timeout.| |`interval`|`controller_configuration_projects_async_delay`|no|float|The interval to request an update from controller. Requires wait.| ### Standard Project Data Structure diff --git a/roles/controller_projects/defaults/main.yml b/roles/controller_projects/defaults/main.yml index a23d94fb5..17a4aa757 100644 --- a/roles/controller_projects/defaults/main.yml +++ b/roles/controller_projects/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_projects_secure_logging: "{{ aap_configuration_secure_l controller_configuration_projects_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_projects_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_projects_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_projects_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_projects/meta/argument_specs.yml b/roles/controller_projects/meta/argument_specs.yml index 642a918b6..70f1de38f 100644 --- a/roles/controller_projects/meta/argument_specs.yml +++ b/roles/controller_projects/meta/argument_specs.yml @@ -81,7 +81,7 @@ argument_specs: # scm_update_cache_timeout: # required: false # type: int - # description: Cache Timeout to cache prior project syncs for a certain number of seconds. Only valid if scm_update_on_launch is to True, otherwise ignored. + # description: Cache Timeout to cache prior project syncs for a certain number of seconds. Only valid if scm_update_on_launch is to true, otherwise ignored. # allow_override: # required: false # type: bool @@ -148,11 +148,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_projects_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_projects/meta/main.yml b/roles/controller_projects/meta/main.yml index 9f18e2b7e..9796a6c2a 100644 --- a/roles/controller_projects/meta/main.yml +++ b/roles/controller_projects/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "projects" - author: "Sean Sulivan" - description: "An Ansible Role to create Organizations in Ansible Controller." - company: "Red Hat" + role_name: projects + author: Sean Sulivan + description: An Ansible Role to create Organizations in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,17 +24,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "project" - - "projects" + - controller + - aap + - awx + - configuration + - project + - projects collections: - ansible.controller diff --git a/roles/controller_projects/tasks/main.yml b/roles/controller_projects/tasks/main.yml index 3a7dd9a2e..d056f00ea 100644 --- a/roles/controller_projects/tasks/main.yml +++ b/roles/controller_projects/tasks/main.yml @@ -1,42 +1,42 @@ --- -- name: "Managing Projects" +- name: Managing Projects project: - name: "{{ __controller_project_item.name | mandatory }}" - new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" - copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" - description: "{{ __controller_project_item.description | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" - scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" - scm_url: "{{ __controller_project_item.scm_url | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" - default_environment: "{{ __controller_project_item.default_environment | default(omit, true) }}" - local_path: "{{ __controller_project_item.local_path | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" - scm_branch: "{{ __controller_project_item.scm_branch | default(('' if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_refspec: "{{ __controller_project_item.scm_refspec | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" - credential: "{{ __controller_project_item.credential.name | default(__controller_project_item.credential | default(__controller_project_item.scm_credential | default(omit, true))) }}" - signature_validation_credential: "{{ __controller_project_item.signature_validation_credential.name | default(__controller_project_item.signature_validation_credential | default(omit, true)) }}" - scm_clean: "{{ __controller_project_item.scm_clean | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(0, true) if __controller_project_item.scm_update_cache_timeout is defined or controller_configuration_projects_enforce_defaults else omit }}" - allow_override: "{{ __controller_project_item.allow_override | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(0, true) if __controller_project_item.timeout is defined or __controller_project_item.job_timeout is defined or controller_configuration_projects_enforce_defaults else omit) }}" - custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" - organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(('' if controller_configuration_projects_enforce_defaults else omit))) }}" - state: "{{ __controller_project_item.state | default(platform_state | default('present')) }}" - wait: "{{ __controller_project_item.wait | default((true if controller_configuration_projects_enforce_defaults else omit)) }}" - update_project: "{{ __controller_project_item.update_project | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" - interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" - notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined) | default(__controller_project_item.notification_templates_started) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined) | default(__controller_project_item.notification_templates_success) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" + name: "{{ __controller_project_item.name | mandatory }}" + new_name: "{{ __controller_project_item.new_name | default(omit, true) }}" + copy_from: "{{ __controller_project_item.copy_from | default(omit, true) }}" + description: "{{ __controller_project_item.description | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + scm_type: "{{ __controller_project_item.scm_type | default('manual') }}" + scm_url: "{{ __controller_project_item.scm_url | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + default_environment: "{{ __controller_project_item.default_environment | default(omit, true) }}" + local_path: "{{ __controller_project_item.local_path | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + scm_branch: "{{ __controller_project_item.scm_branch | default(('' if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_refspec: "{{ __controller_project_item.scm_refspec | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + credential: "{{ __controller_project_item.credential.name | default(__controller_project_item.credential | default(__controller_project_item.scm_credential | default(omit, true))) }}" + signature_validation_credential: "{{ __controller_project_item.signature_validation_credential.name | default(__controller_project_item.signature_validation_credential | default(omit, true)) }}" + scm_clean: "{{ __controller_project_item.scm_clean | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_delete_on_update: "{{ __controller_project_item.scm_delete_on_update | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_track_submodules: "{{ __controller_project_item.scm_track_submodules | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_on_launch: "{{ __controller_project_item.scm_update_on_launch | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + scm_update_cache_timeout: "{{ __controller_project_item.scm_update_cache_timeout | default(0, true) if __controller_project_item.scm_update_cache_timeout is defined or controller_configuration_projects_enforce_defaults else omit }}" + allow_override: "{{ __controller_project_item.allow_override | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + timeout: "{{ __controller_project_item.job_timeout | default(__controller_project_item.timeout | default(0, true) if __controller_project_item.timeout is defined or __controller_project_item.job_timeout is defined or controller_configuration_projects_enforce_defaults else omit) }}" + custom_virtualenv: "{{ __controller_project_item.custom_virtualenv | default(('' if controller_configuration_projects_enforce_defaults else omit), true) }}" + organization: "{{ __controller_project_item.organization.name | default(__controller_project_item.organization | default(('' if controller_configuration_projects_enforce_defaults else omit))) }}" + state: "{{ __controller_project_item.state | default(platform_state | default('present')) }}" + wait: "{{ __controller_project_item.wait | default((true if controller_configuration_projects_enforce_defaults else omit)) }}" + update_project: "{{ __controller_project_item.update_project | default((false if controller_configuration_projects_enforce_defaults else omit)) }}" + interval: "{{ __controller_project_item.interval | default(controller_configuration_projects_async_delay) }}" + notification_templates_started: "{{ (__controller_project_item.related.notification_templates_started | map(attribute='name') | list if __controller_project_item.related.notification_templates_started is defined) | default(__controller_project_item.notification_templates_started) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__controller_project_item.related.notification_templates_success | map(attribute='name') | list if __controller_project_item.related.notification_templates_success is defined) | default(__controller_project_item.notification_templates_success) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__controller_project_item.related.notification_templates_error | map(attribute='name') | list if __controller_project_item.related.notification_templates_error is defined) | default(__controller_project_item.notification_templates_error) | default(([] if controller_configuration_projects_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ projects if projects is defined else controller_projects }}" loop_control: loop_var: __controller_project_item @@ -46,17 +46,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __projects_job_async - changed_when: "(__projects_job_async.changed if ansible_check_mode else false)" + changed_when: (__projects_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_project_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __projects_job_async.failed is defined and __projects_job_async.failed -- name: "Managing Projects | Wait for finish the projects management" +- name: Managing Projects | Wait for finish the projects management ansible.builtin.async_status: jid: "{{ __projects_job_async_results_item.ansible_job_id }}" register: __projects_job_async_result @@ -71,5 +71,5 @@ no_log: "{{ controller_configuration_projects_secure_logging }}" vars: __operation: "{{ operation_translate[__projects_job_async_results_item.__controller_project_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_projects/tests/test.yml b/roles/controller_projects/tests/test.yml index fffe87045..bb97a88eb 100644 --- a/roles/controller_projects/tests/test.yml +++ b/roles/controller_projects/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_projects is defined} + - { role: ../.., when: controller_projects is defined } ... diff --git a/roles/controller_roles/README.md b/roles/controller_roles/README.md index 168e92657..b503b45f7 100644 --- a/roles/controller_roles/README.md +++ b/roles/controller_roles/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_role_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_role_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add rbac task does not include sensitive information. +The role defaults to false as normally the add rbac task does not include sensitive information. `controller_configuration_role_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_role_secure_logging`|`False`|no|Whether or not to include the sensitive rbac role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_role_secure_logging`|`false`|no|Whether or not to include the sensitive rbac role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_roles/defaults/main.yml b/roles/controller_roles/defaults/main.yml index 710d2f0db..485b30bb2 100644 --- a/roles/controller_roles/defaults/main.yml +++ b/roles/controller_roles/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_role_secure_logging: "{{ aap_configuration_secure_loggi controller_configuration_role_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_role_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_role_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_roles/meta/argument_specs.yml b/roles/controller_roles/meta/argument_specs.yml index 4d9a30fce..a4fbbe76c 100644 --- a/roles/controller_roles/meta/argument_specs.yml +++ b/roles/controller_roles/meta/argument_specs.yml @@ -111,11 +111,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_role_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_roles/meta/main.yml b/roles/controller_roles/meta/main.yml index 6414e9e1e..479476773 100644 --- a/roles/controller_roles/meta/main.yml +++ b/roles/controller_roles/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "roles" - author: "Tom Page" - description: "An Ansible role to assign role based access controls on Ansible Controller objects to a given team." - company: "Red Hat" + role_name: roles + author: Tom Page + description: An Ansible role to assign role based access controls on Ansible Controller objects to a given team. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -35,8 +35,8 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" - version: "all" + - name: EL + version: all # platforms: # - name: Fedora # versions: @@ -50,11 +50,11 @@ galaxy_info: # - 99.99 galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "rbac" + - controller + - aap + - awx + - configuration + - rbac # List tags for your role here, one per line. A tag is a keyword that describes # and categorizes the role. Users find roles by searching for tags. Be sure to # remove the '[]' above, if you add tags to this list. diff --git a/roles/controller_roles/tasks/main.yml b/roles/controller_roles/tasks/main.yml index 5bf818248..86c9ec90f 100644 --- a/roles/controller_roles/tasks/main.yml +++ b/roles/controller_roles/tasks/main.yml @@ -1,36 +1,36 @@ --- -- name: "Managing Role Based Access Entries on Controller" +- name: Managing Role Based Access Entries on Controller role: - user: "{{ __controller_role_item.0.user | default(__controller_role_item.user) | default(omit, true) }}" - users: "{{ __controller_role_item.0.users | default(__controller_role_item.users) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - team: "{{ __controller_role_item.0.team | default(__controller_role_item.team) | default(omit, true) }}" - teams: "{{ __controller_role_item.0.teams | default(__controller_role_item.teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - role: "{{ __controller_role_item.1 | default(__controller_role_item.role) | mandatory }}" - target_team: "{{ __controller_role_item.0.target_team | default(__controller_role_item.target_team) | default(omit, true) }}" - target_teams: "{{ __controller_role_item.0.target_teams | default(__controller_role_item.target_teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_role_item.0.inventory | default(__controller_role_item.inventory) | default(omit, true) }}" - inventories: "{{ __controller_role_item.0.inventories | default(__controller_role_item.inventories) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - job_template: "{{ __controller_role_item.0.job_template | default(__controller_role_item.job_template) | default(omit, true) }}" - job_templates: "{{ __controller_role_item.0.job_templates | default(__controller_role_item.job_templates) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - workflow: "{{ __controller_role_item.0.workflow | default(__controller_role_item.workflow) | default(omit, true) }}" - workflows: "{{ __controller_role_item.0.workflows | default(__controller_role_item.workflows) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - credential: "{{ __controller_role_item.0.credential | default(__controller_role_item.credential) | default(omit, true) }}" - credentials: "{{ __controller_role_item.0.credentials | default(__controller_role_item.credentials) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - organization: "{{ __controller_role_item.0.organization | default(__controller_role_item.organization) | default(omit, true) }}" - organizations: "{{ __controller_role_item.0.organizations | default(__controller_role_item.organizations) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(__controller_role_item.lookup_organization) | default(omit, true) }}" - project: "{{ __controller_role_item.0.project | default(__controller_role_item.project) | default(omit, true) }}" - projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" - state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(platform_state | default('present')) }}" + user: "{{ __controller_role_item.0.user | default(__controller_role_item.user) | default(omit, true) }}" + users: "{{ __controller_role_item.0.users | default(__controller_role_item.users) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + team: "{{ __controller_role_item.0.team | default(__controller_role_item.team) | default(omit, true) }}" + teams: "{{ __controller_role_item.0.teams | default(__controller_role_item.teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + role: "{{ __controller_role_item.1 | default(__controller_role_item.role) | mandatory }}" + target_team: "{{ __controller_role_item.0.target_team | default(__controller_role_item.target_team) | default(omit, true) }}" + target_teams: "{{ __controller_role_item.0.target_teams | default(__controller_role_item.target_teams) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_role_item.0.inventory | default(__controller_role_item.inventory) | default(omit, true) }}" + inventories: "{{ __controller_role_item.0.inventories | default(__controller_role_item.inventories) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + job_template: "{{ __controller_role_item.0.job_template | default(__controller_role_item.job_template) | default(omit, true) }}" + job_templates: "{{ __controller_role_item.0.job_templates | default(__controller_role_item.job_templates) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + workflow: "{{ __controller_role_item.0.workflow | default(__controller_role_item.workflow) | default(omit, true) }}" + workflows: "{{ __controller_role_item.0.workflows | default(__controller_role_item.workflows) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + credential: "{{ __controller_role_item.0.credential | default(__controller_role_item.credential) | default(omit, true) }}" + credentials: "{{ __controller_role_item.0.credentials | default(__controller_role_item.credentials) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + organization: "{{ __controller_role_item.0.organization | default(__controller_role_item.organization) | default(omit, true) }}" + organizations: "{{ __controller_role_item.0.organizations | default(__controller_role_item.organizations) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + lookup_organization: "{{ __controller_role_item.0.lookup_organization | default(__controller_role_item.lookup_organization) | default(omit, true) }}" + project: "{{ __controller_role_item.0.project | default(__controller_role_item.project) | default(omit, true) }}" + projects: "{{ __controller_role_item.0.projects | default(__controller_role_item.projects) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + instance_groups: "{{ __controller_role_item.0.instance_groups | default(__controller_role_item.instance_groups) | default(([] if controller_configuration_role_enforce_defaults else omit), true) }}" + state: "{{ __controller_role_item.0.state | default(__controller_role_item.state) | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ (controller_roles | subelements(['roles'], skip_missing=true)) + controller_roles | selectattr('roles', 'undefined') }}" loop_control: loop_var: __controller_role_item @@ -40,17 +40,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_role_job_async - changed_when: "(__controller_role_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_role_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_role_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_role_job_async.failed is defined and __controller_role_job_async.failed -- name: "Managing Roles | Wait for finish the Roles management" +- name: Managing Roles | Wait for finish the Roles management ansible.builtin.async_status: jid: "{{ __controller_role_job_async_results_item.ansible_job_id }}" register: __controller_role_job_async_result @@ -65,5 +65,5 @@ no_log: "{{ controller_configuration_role_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_role_job_async_results_item.__controller_role_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_roles/tests/test.yml b/roles/controller_roles/tests/test.yml index f5b7d727c..ee9aec49b 100644 --- a/roles/controller_roles/tests/test.yml +++ b/roles/controller_roles/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_roles is defined} + - { role: ../.., when: controller_roles is defined } ... diff --git a/roles/controller_schedules/README.md b/roles/controller_schedules/README.md index 3d95a3162..77e4d14e0 100644 --- a/roles/controller_schedules/README.md +++ b/roles/controller_schedules/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_schedules_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_schedules_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add schedules task does not include sensitive information. +The role defaults to false as normally the add schedules task does not include sensitive information. controller_configuration_schedules_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_schedules_secure_logging`|`False`|no|Whether or not to include the sensitive Schedules role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_schedules_secure_logging`|`false`|no|Whether or not to include the sensitive Schedules role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -78,7 +78,7 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of Job Template| |`new_name`|""|str|no|Setting this option will change the existing name (looked up via the name field).| -|`description`|`False`|no|str|Description to use for the job template.| +|`description`|`false`|no|str|Description to use for the job template.| |`rrule`|""|yes|str|A value representing the schedules iCal recurrence rule. See the awx.awx.schedule plugin for help constructing this value| |`extra_data`|`{}`|no|dict|Extra vars for the job template. Only allowed if prompt on launch| |`inventory`|""|no|str|Inventory applied to job template, assuming the job template prompts for an inventory.| diff --git a/roles/controller_schedules/defaults/main.yml b/roles/controller_schedules/defaults/main.yml index b3887bc17..edf2926f7 100644 --- a/roles/controller_schedules/defaults/main.yml +++ b/roles/controller_schedules/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_schedules_secure_logging: "{{ aap_configuration_secure_ controller_configuration_schedules_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_schedules_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_schedules_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_schedules_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_schedules/meta/argument_specs.yml b/roles/controller_schedules/meta/argument_specs.yml index 05f5e3528..a03360a6b 100644 --- a/roles/controller_schedules/meta/argument_specs.yml +++ b/roles/controller_schedules/meta/argument_specs.yml @@ -133,11 +133,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_schedules_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_schedules/meta/main.yml b/roles/controller_schedules/meta/main.yml index 05abaef1f..2e0085765 100644 --- a/roles/controller_schedules/meta/main.yml +++ b/roles/controller_schedules/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "schedules" - author: "Tom Page" - description: "An Ansible Role to create Schedules in Ansible Controller." - company: "Red Hat" + role_name: schedules + author: Tom Page + description: An Ansible Role to create Schedules in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "schedule" - - "schedules" + - controller + - aap + - awx + - schedule + - schedules collections: - ansible.controller diff --git a/roles/controller_schedules/tasks/main.yml b/roles/controller_schedules/tasks/main.yml index 5442eb24d..c66e4d367 100644 --- a/roles/controller_schedules/tasks/main.yml +++ b/roles/controller_schedules/tasks/main.yml @@ -1,58 +1,58 @@ --- -- name: "Managing Controller Schedules" +- name: Managing Controller Schedules schedule: - name: "{{ __controller_schedule_item.name | mandatory }}" - new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" - description: "{{ __controller_schedule_item.description | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - rrule: "{{ __controller_schedule_item.rrule | default(omit, true) }}" - extra_data: "{{ __controller_schedule_item.extra_data | default(({} if controller_configuration_schedules_enforce_defaults else omit), true) }}" - inventory: "{{ __controller_schedule_item.inventory | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" - scm_branch: "{{ __controller_schedule_item.scm_branch | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(('' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" - forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" - instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __controller_schedule_item.job_slice_count | default((1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" - labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined) | default(__controller_schedule_item.labels) | default(([] if controller_configuration_schedules_enforce_defaults else omit), true) }}" - timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" - job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" - job_tags: "{{ __controller_schedule_item.job_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - skip_tags: "{{ __controller_schedule_item.skip_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - limit: "{{ __controller_schedule_item.limit | default(omit, true) }}" - diff_mode: "{{ __controller_schedule_item.diff_mode | default((false if controller_configuration_schedules_enforce_defaults else omit)) }}" - verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" - organization: "{{ __controller_schedule_item.organization | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" - unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" - enabled: "{{ __controller_schedule_item.enabled | default((true if controller_configuration_schedules_enforce_defaults else omit)) }}" - state: "{{ __controller_schedule_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_schedule_item.name | mandatory }}" + new_name: "{{ __controller_schedule_item.new_name | default(omit, true) }}" + description: "{{ __controller_schedule_item.description | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + rrule: "{{ __controller_schedule_item.rrule | default(omit, true) }}" + extra_data: "{{ __controller_schedule_item.extra_data | default(({} if controller_configuration_schedules_enforce_defaults else omit), true) }}" + inventory: "{{ __controller_schedule_item.inventory | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + credentials: "{{ __controller_schedule_item.credentials | default(omit, true) }}" + scm_branch: "{{ __controller_schedule_item.scm_branch | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + execution_environment: "{{ __controller_schedule_item.execution_environment.name | default(__controller_schedule_item.execution_environment | default(('' if controller_configuration_schedules_enforce_defaults else omit), true)) }}" + forks: "{{ __controller_schedule_item.forks | default(omit, true) }}" + instance_groups: "{{ __controller_schedule_item.instance_groups | default(omit, true) }}" + job_slice_count: "{{ __controller_schedule_item.job_slice_count | default((1 if controller_configuration_schedules_enforce_defaults else omit), true) }}" + labels: "{{ (__controller_schedule_item.related.labels | map(attribute='name') | list if __controller_schedule_item.related.labels is defined) | default(__controller_schedule_item.labels) | default(([] if controller_configuration_schedules_enforce_defaults else omit), true) }}" + timeout: "{{ __controller_schedule_item.timeout | default(omit, true) }}" + job_type: "{{ __controller_schedule_item.job_type | default(omit, true) }}" + job_tags: "{{ __controller_schedule_item.job_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + skip_tags: "{{ __controller_schedule_item.skip_tags | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + limit: "{{ __controller_schedule_item.limit | default(omit, true) }}" + diff_mode: "{{ __controller_schedule_item.diff_mode | default((false if controller_configuration_schedules_enforce_defaults else omit)) }}" + verbosity: "{{ __controller_schedule_item.verbosity | default(omit, true) }}" + organization: "{{ __controller_schedule_item.organization | default(('' if controller_configuration_schedules_enforce_defaults else omit), true) }}" + unified_job_template: "{{ __controller_schedule_item.unified_job_template | default(omit, true) }}" + enabled: "{{ __controller_schedule_item.enabled | default((true if controller_configuration_schedules_enforce_defaults else omit)) }}" + state: "{{ __controller_schedule_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ schedules if schedules is defined else controller_schedules }}" loop_control: - loop_var: "__controller_schedule_item" + loop_var: __controller_schedule_item label: "{{ __operation.verb }} Controller Schedule {{ __controller_schedule_item.name }}" pause: "{{ controller_configuration_schedules_loop_delay }}" no_log: "{{ controller_configuration_schedules_secure_logging }}" async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_schedule_job_async - changed_when: "(__controller_schedule_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_schedule_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_schedule_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_schedule_job_async.failed is defined and __controller_schedule_job_async.failed -- name: "Managing Schedules | Wait for finish the Schedules management" +- name: Managing Schedules | Wait for finish the Schedules management ansible.builtin.async_status: jid: "{{ __controller_schedule_job_async_results_item.ansible_job_id }}" register: __controller_schedule_job_async_result @@ -62,10 +62,11 @@ loop: "{{ __controller_schedule_job_async.results }}" loop_control: loop_var: __controller_schedule_job_async_results_item - label: "{{ __operation.verb }} Schedule {{ __controller_schedule_job_async_results_item.__controller_schedule_item.name }} | Wait for finish the Schedules {{ __operation.action }}" + label: "{{ __operation.verb }} Schedule {{ __controller_schedule_job_async_results_item.__controller_schedule_item.name }} | Wait for finish the Schedules {{ + __operation.action }}" when: not ansible_check_mode and __controller_schedule_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_schedules_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_schedule_job_async_results_item.__controller_schedule_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_schedules/tests/test.yml b/roles/controller_schedules/tests/test.yml index b82fdb948..634487c2e 100644 --- a/roles/controller_schedules/tests/test.yml +++ b/roles/controller_schedules/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_schedules is defined} + - { role: ../.., when: controller_schedules is defined } ... diff --git a/roles/controller_settings/README.md b/roles/controller_settings/README.md index 0ac6bee95..ed0ac5da6 100644 --- a/roles/controller_settings/README.md +++ b/roles/controller_settings/README.md @@ -16,7 +16,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -27,13 +27,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add settings task does not include sensitive information. +The role defaults to false as normally the add settings task does not include sensitive information. controller_configuration_settings_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_settings_secure_logging`|`False`|no|Whether or not to include the sensitive Settings role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_settings_secure_logging`|`false`|no|Whether or not to include the sensitive Settings role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_settings/defaults/main.yml b/roles/controller_settings/defaults/main.yml index 98a0cc2d1..85e7971a0 100644 --- a/roles/controller_settings/defaults/main.yml +++ b/roles/controller_settings/defaults/main.yml @@ -5,5 +5,5 @@ controller_configuration_settings_secure_logging: "{{ aap_configuration_secure_l controller_configuration_settings_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_settings_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_settings_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/controller_settings/meta/argument_specs.yml b/roles/controller_settings/meta/argument_specs.yml index a82407028..992e99381 100644 --- a/roles/controller_settings/meta/argument_specs.yml +++ b/roles/controller_settings/meta/argument_specs.yml @@ -20,7 +20,6 @@ argument_specs: # type: str # description: Value of the setting - # Async variables controller_configuration_settings_async_retries: default: "{{ aap_configuration_async_retries | default(30) }}" @@ -39,11 +38,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_settings_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_settings/meta/main.yml b/roles/controller_settings/meta/main.yml index 4bd8a58a7..0231f9919 100644 --- a/roles/controller_settings/meta/main.yml +++ b/roles/controller_settings/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - role_name: "settings" + role_name: settings author: Red Hat CoP description: A role to set some Ansible Controller settings company: Red Hat @@ -30,9 +30,9 @@ galaxy_info: # https://galaxy.ansible.com/api/v1/platforms/ # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all # List tags for your role here, one per line. A tag is a keyword that describes # and categorizes the role. Users find roles by searching for tags. Be sure to @@ -41,12 +41,12 @@ galaxy_info: # NOTE: A tag is limited to a single word comprised of alphanumeric characters. # Maximum 20 tags per role. galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "setting" - - "settings" + - controller + - aap + - awx + - configuration + - setting + - settings collections: - ansible.controller diff --git a/roles/controller_settings/tasks/main.yml b/roles/controller_settings/tasks/main.yml index e6ddeb57a..6ba0fb861 100644 --- a/roles/controller_settings/tasks/main.yml +++ b/roles/controller_settings/tasks/main.yml @@ -2,17 +2,17 @@ # tasks file for controller_settings - name: Update Ansible Controller Settings from dictionary or list of dictionaries settings: - settings: "{{ __controller_setting_item.settings | default(omit, true) }}" - name: "{{ __controller_setting_item.name | default(omit, true) }}" - value: "{{ __controller_setting_item.value | default(omit) }}" + settings: "{{ __controller_setting_item.settings | default(omit, true) }}" + name: "{{ __controller_setting_item.name | default(omit, true) }}" + value: "{{ __controller_setting_item.value | default(omit) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" # controller_settings must be either a dictionary/mapping or a list of dictionaries loop: "{{ controller_settings is mapping | ternary([controller_settings], controller_settings) }}" loop_control: @@ -23,16 +23,16 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_setting_job_async - changed_when: "(__controller_setting_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_setting_job_async.changed if ansible_check_mode else false) vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_setting_job_async.failed is defined and __controller_setting_job_async.failed -- name: "Configure Settings | Wait for finish the Settings creation" +- name: Configure Settings | Wait for finish the Settings creation ansible.builtin.async_status: jid: "{{ __controller_setting_job_async_results_item.ansible_job_id }}" register: __controller_setting_job_async_result @@ -45,5 +45,5 @@ when: not ansible_check_mode and __controller_setting_job_async_results_item.ansible_job_id is defined no_log: "{{ controller_configuration_settings_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_settings/tests/configs/settings.yml b/roles/controller_settings/tests/configs/settings.yml index e88537e28..38a6f14cf 100644 --- a/roles/controller_settings/tests/configs/settings.yml +++ b/roles/controller_settings/tests/configs/settings.yml @@ -1,9 +1,9 @@ --- controller_settings: - name: TOWER_URL_BASE - value: "https://localhost" + value: https://localhost - name: AWX_TASK_ENV - value: {'GIT_SSL_NO_VERIFY': 'false'} + value: { GIT_SSL_NO_VERIFY: "false" } - name: AUTH_LDAP_SERVER_URI - value: "ldap://ldap.example.com" + value: ldap://ldap.example.com ... diff --git a/roles/controller_settings/tests/test.yml b/roles/controller_settings/tests/test.yml index 7d1d0330a..d9cd34073 100644 --- a/roles/controller_settings/tests/test.yml +++ b/roles/controller_settings/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_settings is defined} + - { role: ../.., when: controller_settings is defined } ... diff --git a/roles/controller_teams/README.md b/roles/controller_teams/README.md index e2645dd8b..3d2613f1c 100644 --- a/roles/controller_teams/README.md +++ b/roles/controller_teams/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_platform_teams_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_platform_teams_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add teams task does not include sensitive information. +The role defaults to false as normally the add teams task does not include sensitive information. `controller_configuration_platform_teams_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_platform_teams_secure_logging`|`False`|no|Whether or not to include the sensitive teams role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_platform_teams_secure_logging`|`false`|no|Whether or not to include the sensitive teams role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_teams/defaults/main.yml b/roles/controller_teams/defaults/main.yml index 6561dd83f..a50146da3 100644 --- a/roles/controller_teams/defaults/main.yml +++ b/roles/controller_teams/defaults/main.yml @@ -5,6 +5,6 @@ controller_configuration_platform_teams_secure_logging: "{{ aap_configuration_se controller_configuration_platform_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_platform_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_teams_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_platform_teams_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_teams/meta/argument_specs.yml b/roles/controller_teams/meta/argument_specs.yml index 4953515dd..d842c1956 100644 --- a/roles/controller_teams/meta/argument_specs.yml +++ b/roles/controller_teams/meta/argument_specs.yml @@ -48,11 +48,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_platform_teams_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_teams/meta/main.yml b/roles/controller_teams/meta/main.yml index 7da8d5488..4bdfb20a6 100644 --- a/roles/controller_teams/meta/main.yml +++ b/roles/controller_teams/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "teams" - author: "Andrew J. Huffman" - description: "An Ansible Role to create Teams in Ansible Controller." - company: "Red Hat" + role_name: teams + author: Andrew J. Huffman + description: An Ansible Role to create Teams in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -35,9 +35,9 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all # platforms: # - name: Fedora # versions: @@ -51,12 +51,12 @@ galaxy_info: # - 99.99 galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "team" - - "teams" + - controller + - aap + - awx + - configuration + - team + - teams # List tags for your role here, one per line. A tag is a keyword that describes # and categorizes the role. Users find roles by searching for tags. Be sure to # remove the '[]' above, if you add tags to this list. diff --git a/roles/controller_teams/tasks/main.yml b/roles/controller_teams/tasks/main.yml index b78bdc0e8..7c6bee6f9 100644 --- a/roles/controller_teams/tasks/main.yml +++ b/roles/controller_teams/tasks/main.yml @@ -1,19 +1,19 @@ --- -- name: "Managing Ansible Controller Teams" +- name: Managing Ansible Controller Teams team: - name: "{{ __controller_team_item.name | mandatory }}" - new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" - description: "{{ __controller_team_item.description | default(('' if controller_configuration_platform_teams_enforce_defaults else omit), true) }}" - organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" - state: "{{ __controller_team_item.state | default(platform_state | default('present')) }}" + name: "{{ __controller_team_item.name | mandatory }}" + new_name: "{{ __controller_team_item.new_name | default(omit, true) }}" + description: "{{ __controller_team_item.description | default(('' if controller_configuration_platform_teams_enforce_defaults else omit), true) }}" + organization: "{{ __controller_team_item.organization.name | default(__controller_team_item.organization) | mandatory }}" + state: "{{ __controller_team_item.state | default(platform_state | default('present')) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ aap_teams }}" loop_control: loop_var: __controller_team_item @@ -23,17 +23,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_team_job_async - changed_when: "(__controller_team_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_team_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_team_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_team_job_async.failed is defined and __controller_team_job_async.failed -- name: "Managing Teams | Wait for finish the Teams management" +- name: Managing Teams | Wait for finish the Teams management ansible.builtin.async_status: jid: "{{ __controller_team_job_async_results_item.ansible_job_id }}" register: __controller_team_job_async_result @@ -48,5 +48,5 @@ no_log: "{{ controller_configuration_platform_teams_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_team_job_asycn_results_item.__controller_team_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_teams/tests/configs/teams.yml b/roles/controller_teams/tests/configs/teams.yml index 2441977c5..c36bb9950 100644 --- a/roles/controller_teams/tests/configs/teams.yml +++ b/roles/controller_teams/tests/configs/teams.yml @@ -1,12 +1,12 @@ --- aap_teams: - - name: "team1" - description: "My first team" - organization: "Default" - - name: "team2" - description: "My second team" - organization: "Default" - - name: "team3" - description: "My third team" - organization: "Default" + - name: team1 + description: My first team + organization: Default + - name: team2 + description: My second team + organization: Default + - name: team3 + description: My third team + organization: Default ... diff --git a/roles/controller_teams/tests/test.yml b/roles/controller_teams/tests/test.yml index 052cbae16..caf22817e 100644 --- a/roles/controller_teams/tests/test.yml +++ b/roles/controller_teams/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: aap_teams is defined} + - { role: ../.., when: aap_teams is defined } ... diff --git a/roles/controller_users/README.md b/roles/controller_users/README.md index 70bc8389d..067fa0946 100644 --- a/roles/controller_users/README.md +++ b/roles/controller_users/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -39,20 +39,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_users_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_users_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add user task does not include sensitive information. +The role defaults to false as normally the add user task does not include sensitive information. `controller_configuration_user_secure_logging` defaults to the value of `aap_configuration_secure_logging` if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_user_secure_logging`|`False`|no|Whether or not to include the sensitive user role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_user_secure_logging`|`false`|no|Whether or not to include the sensitive user role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -87,7 +87,7 @@ This also speeds up the overall role. |`is_system_auditor`|false|no|bool|Whether the user is an auditor| |`organization`|""|no|str|The name of the organization the user belongs to.
Added in awx.awx >= 20.0.0 DOES NOT exist in ansible.controller yet.| |`state`|`present`|no|str|Desired state of the resource.| -|`update_secrets`|true|no|bool| True will always change password if user specifies password, even if API gives $encrypted$ for password. False will only set the password if other values change too.| +|`update_secrets`|true|no|bool| true will always change password if user specifies password, even if API gives $encrypted$ for password. false will only set the password if other values change too.| ### Standard User Data Structure diff --git a/roles/controller_users/defaults/main.yml b/roles/controller_users/defaults/main.yml index 720d871c4..73fe58947 100644 --- a/roles/controller_users/defaults/main.yml +++ b/roles/controller_users/defaults/main.yml @@ -3,12 +3,12 @@ aap_user_accounts: [] # if you're too lazy to give your users a password, this is the default they will get # set this variable to something false and there won't be a default password -controller_user_default_password: "change_me" +controller_user_default_password: change_me controller_configuration_users_secure_logging: "{{ aap_configuration_secure_logging | default('true') }}" controller_configuration_users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_users_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_users_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_users/meta/argument_specs.yml b/roles/controller_users/meta/argument_specs.yml index 14520def7..4ff986f97 100644 --- a/roles/controller_users/meta/argument_specs.yml +++ b/roles/controller_users/meta/argument_specs.yml @@ -42,7 +42,7 @@ argument_specs: # default: true # required: false # type: bool - # description: True will always change password if user specifies password, even if API gives $encrypted$ for password. False will only set the password if other values change too. + # description: true will always change password if user specifies password, even if API gives $encrypted$ for password. false will only set the password if other values change too. # organization: # required: false # type: str @@ -77,11 +77,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_users_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" diff --git a/roles/controller_users/meta/main.yml b/roles/controller_users/meta/main.yml index 937eef2f1..86a4b93e8 100644 --- a/roles/controller_users/meta/main.yml +++ b/roles/controller_users/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "users" - author: "Tom Page" - description: "An Ansible Role to create users in Ansible Controller." - company: "Red Hat" + role_name: users + author: Tom Page + description: An Ansible Role to create users in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "user" - - "users" + - controller + - aap + - awx + - user + - users collections: - ansible.controller diff --git a/roles/controller_users/tasks/main.yml b/roles/controller_users/tasks/main.yml index a2a5d34c1..aff3ae854 100644 --- a/roles/controller_users/tasks/main.yml +++ b/roles/controller_users/tasks/main.yml @@ -1,28 +1,28 @@ --- # The user module is also an ansible.builtin module, but due to supporting both the awx.awx and automation.Controller collections # the FQCN cannot be used here. -- name: "Managing Controller Users" # noqa fqcn[action-core] +- name: Managing Controller Users # noqa fqcn[action-core] user: - username: "{{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) | mandatory }}" - new_username: "{{ __controller_user_accounts_item.new_username | default(omit, true) }}" + username: "{{ __controller_user_accounts_item.user | default(__controller_user_accounts_item.username) | mandatory }}" + new_username: "{{ __controller_user_accounts_item.new_username | default(omit, true) }}" # the 'true' in the second default leads to no password being set if the default password is empty - password: "{{ __controller_user_accounts_item.password | default(controller_user_default_password | default(omit, true)) }}" - email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" - first_name: "{{ __controller_user_accounts_item.firstname | default(__controller_user_accounts_item.first_name | default(omit, true)) }}" - last_name: "{{ __controller_user_accounts_item.lastname | default(__controller_user_accounts_item.last_name | default(omit, true)) }}" - is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default((false if controller_configuration_users_enforce_defaults else omit))) }}" - is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default((false if controller_configuration_users_enforce_defaults else omit))) }}" - update_secrets: "{{ __controller_user_accounts_item.update_secrets | default((false if controller_configuration_users_enforce_defaults else omit)) }}" - organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" - state: "{{ __controller_user_accounts_item.state | default(platform_state | default(omit, true)) }}" + password: "{{ __controller_user_accounts_item.password | default(controller_user_default_password | default(omit, true)) }}" + email: "{{ __controller_user_accounts_item.email | default(omit, true) }}" + first_name: "{{ __controller_user_accounts_item.firstname | default(__controller_user_accounts_item.first_name | default(omit, true)) }}" + last_name: "{{ __controller_user_accounts_item.lastname | default(__controller_user_accounts_item.last_name | default(omit, true)) }}" + is_superuser: "{{ __controller_user_accounts_item.is_superuser | default(__controller_user_accounts_item.superuser | default((false if controller_configuration_users_enforce_defaults else omit))) }}" + is_system_auditor: "{{ __controller_user_accounts_item.is_auditor | default(__controller_user_accounts_item.is_system_auditor | default((false if controller_configuration_users_enforce_defaults else omit))) }}" + update_secrets: "{{ __controller_user_accounts_item.update_secrets | default((false if controller_configuration_users_enforce_defaults else omit)) }}" + organization: "{{ __controller_user_accounts_item.organization | default(omit) }}" + state: "{{ __controller_user_accounts_item.state | default(platform_state | default(omit, true)) }}" # Role Standard Options - controller_host: "{{ aap_hostname | default(omit, true) }}" - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ aap_user_accounts }}" loop_control: loop_var: __controller_user_accounts_item @@ -32,17 +32,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __controller_user_accounts_job_async - changed_when: "(__controller_user_accounts_job_async.changed if ansible_check_mode else false)" + changed_when: (__controller_user_accounts_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __controller_user_accounts_job_async.failed is defined and __controller_user_accounts_job_async.failed -- name: "Managing Users | Wait for finish the Users management" +- name: Managing Users | Wait for finish the Users management ansible.builtin.async_status: jid: "{{ __controller_user_accounts_job_async_results_item.ansible_job_id }}" register: __controller_user_accounts_job_async_result @@ -57,5 +57,5 @@ no_log: "{{ controller_configuration_users_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_user_accounts_job_async_results_item.__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_users/tests/test.yml b/roles/controller_users/tests/test.yml index 74f215954..e0bccc402 100644 --- a/roles/controller_users/tests/test.yml +++ b/roles/controller_users/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: aap_user_accounts is defined} + - { role: ../.., when: aap_user_accounts is defined } ... diff --git a/roles/controller_workflow_job_templates/README.md b/roles/controller_workflow_job_templates/README.md index a9735bbe3..6f40a3111 100644 --- a/roles/controller_workflow_job_templates/README.md +++ b/roles/controller_workflow_job_templates/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -38,20 +38,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_workflows_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| +|`controller_configuration_workflows_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared across multiple roles, see above.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add Workflow Job Templates task does not include sensitive information. +The role defaults to false as normally the add Workflow Job Templates task does not include sensitive information. workflow_job_templates_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of genie roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`workflow_job_templates_secure_logging`|`False`|no|Whether or not to include the sensitive Workflow Job Templates role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`workflow_job_templates_secure_logging`|`false`|no|Whether or not to include the sensitive Workflow Job Templates role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/controller_workflow_job_templates/defaults/main.yml b/roles/controller_workflow_job_templates/defaults/main.yml index a75c8eb8f..a9f496967 100644 --- a/roles/controller_workflow_job_templates/defaults/main.yml +++ b/roles/controller_workflow_job_templates/defaults/main.yml @@ -5,6 +5,6 @@ workflow_job_templates_secure_logging: "{{ aap_configuration_secure_logging | de controller_configuration_workflow_async_retries: "{{ aap_configuration_async_retries | default(30) }}" controller_configuration_workflow_async_delay: "{{ aap_configuration_async_delay | default(1) }}" controller_configuration_workflow_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: controller_configuration_workflows_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" ... diff --git a/roles/controller_workflow_job_templates/meta/argument_specs.yml b/roles/controller_workflow_job_templates/meta/argument_specs.yml index aaa527527..e54e04823 100644 --- a/roles/controller_workflow_job_templates/meta/argument_specs.yml +++ b/roles/controller_workflow_job_templates/meta/argument_specs.yml @@ -294,11 +294,10 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. - # No_log variables controller_configuration_workflow_job_templates_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" diff --git a/roles/controller_workflow_job_templates/meta/main.yml b/roles/controller_workflow_job_templates/meta/main.yml index 1d211f709..27e2ee00f 100644 --- a/roles/controller_workflow_job_templates/meta/main.yml +++ b/roles/controller_workflow_job_templates/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "workflow_templates" - author: "Sean Sulivan" - description: "An Ansible Role to create Workflow Templates in Ansible Controller." - company: "Red Hat" + role_name: workflow_templates + author: Sean Sulivan + description: An Ansible Role to create Workflow Templates in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,18 +24,18 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "configuration" - - "organization" - - "workflow" - - "workflows" + - controller + - aap + - awx + - configuration + - organization + - workflow + - workflows collections: - ansible.controller diff --git a/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml b/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml index bc9522737..1fcb309b9 100644 --- a/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml +++ b/roles/controller_workflow_job_templates/tasks/add_workflows_schema.yml @@ -1,40 +1,40 @@ --- # Creating Workflow Node -- name: Create the Workflow Nodes +- name: add_workflows_schema | Create the Workflow Nodes workflow_job_template_node: - identifier: "{{ __workflow_loop_node_item.identifier | mandatory }}" # internal identification ID - extra_data: "{{ __workflow_loop_node_item.extra_data | default(omit, true) }}" - inventory: "{{ __workflow_loop_node_item.inventory | default(omit, true) }}" - scm_branch: "{{ __workflow_loop_node_item.scm_branch | default(omit, true) }}" - job_type: "{{ __workflow_loop_node_item.job_type | default(omit, true) }}" - job_tags: "{{ __workflow_loop_node_item.job_tags | default(omit, true) }}" - skip_tags: "{{ __workflow_loop_node_item.skip_tags | default(omit, true) }}" - limit: "{{ __workflow_loop_node_item.limit | default(omit, true) }}" - diff_mode: "{{ __workflow_loop_node_item.diff_mode | default(omit) }}" - verbosity: "{{ __workflow_loop_node_item.verbosity | default(omit, true) }}" - credentials: "{{ __workflow_loop_node_item.credentials | default(__workflow_loop_node_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" - workflow_job_template: "{{ __workflow_loop_node_item.workflow_job_template.name | default(__workflow_loop_node_item.workflow_job_template | default(omit, true)) }}" - unified_job_template: "{{ __workflow_loop_node_item.unified_job_template.name | default(__workflow_loop_node_item.unified_job_template | default(omit, true)) }}" # Run Job template - lookup_organization: "{{ __workflow_loop_node_item.lookup_organization | default(omit, true) }}" - execution_environment: "{{ __workflow_loop_node_item.execution_environment.name | default(__workflow_loop_node_item.execution_environment | default(omit, true)) }}" - forks: "{{ __workflow_loop_node_item.forks | default(omit, true) }}" - instance_groups: "{{ __workflow_loop_node_item.instance_groups | default(omit, true) }}" - job_slice_count: "{{ __workflow_loop_node_item.job_slice_count | default(omit, true) }}" - labels: "{{ __workflow_loop_node_item.labels | default(__workflow_loop_node_item.related.labels | default([]) | map(attribute='name') | list if __workflow_loop_node_item.related.labels is defined else omit) }}" - timeout: "{{ __workflow_loop_node_item.timeout | default(omit, true) }}" - approval_node: "{{ __workflow_loop_node_item.approval_node | default(omit, true) }}" - workflow: "{{ __workflow_loop_item.name | mandatory }}" # Workflow job template name to associate with - state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" - all_parents_must_converge: "{{ __workflow_loop_node_item.all_parents_must_converge | default('false') }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization + identifier: "{{ __workflow_loop_node_item.identifier | mandatory }}" # internal identification ID + extra_data: "{{ __workflow_loop_node_item.extra_data | default(omit, true) }}" + inventory: "{{ __workflow_loop_node_item.inventory | default(omit, true) }}" + scm_branch: "{{ __workflow_loop_node_item.scm_branch | default(omit, true) }}" + job_type: "{{ __workflow_loop_node_item.job_type | default(omit, true) }}" + job_tags: "{{ __workflow_loop_node_item.job_tags | default(omit, true) }}" + skip_tags: "{{ __workflow_loop_node_item.skip_tags | default(omit, true) }}" + limit: "{{ __workflow_loop_node_item.limit | default(omit, true) }}" + diff_mode: "{{ __workflow_loop_node_item.diff_mode | default(omit) }}" + verbosity: "{{ __workflow_loop_node_item.verbosity | default(omit, true) }}" + credentials: "{{ __workflow_loop_node_item.credentials | default(__workflow_loop_node_item.related.credentials | default([]) | map(attribute='name') | list) | default(omit, true) }}" + workflow_job_template: "{{ __workflow_loop_node_item.workflow_job_template.name | default(__workflow_loop_node_item.workflow_job_template | default(omit, true)) }}" + unified_job_template: "{{ __workflow_loop_node_item.unified_job_template.name | default(__workflow_loop_node_item.unified_job_template | default(omit, true)) }}" # Run Job template + lookup_organization: "{{ __workflow_loop_node_item.lookup_organization | default(omit, true) }}" + execution_environment: "{{ __workflow_loop_node_item.execution_environment.name | default(__workflow_loop_node_item.execution_environment | default(omit, true)) }}" + forks: "{{ __workflow_loop_node_item.forks | default(omit, true) }}" + instance_groups: "{{ __workflow_loop_node_item.instance_groups | default(omit, true) }}" + job_slice_count: "{{ __workflow_loop_node_item.job_slice_count | default(omit, true) }}" + labels: "{{ __workflow_loop_node_item.labels | default(__workflow_loop_node_item.related.labels | default([]) | map(attribute='name') | list if __workflow_loop_node_item.related.labels is defined else omit) }}" + timeout: "{{ __workflow_loop_node_item.timeout | default(omit, true) }}" + approval_node: "{{ __workflow_loop_node_item.approval_node | default(omit, true) }}" + workflow: "{{ __workflow_loop_item.name | mandatory }}" # Workflow job template name to associate with + state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" + all_parents_must_converge: "{{ __workflow_loop_node_item.all_parents_must_converge | default('false') }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item @@ -46,14 +46,14 @@ register: __workflows_node_async changed_when: not __workflows_node_async.changed vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: add_workflows_schema | Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __workflows_node_async.failed is defined and __workflows_node_async.failed -- name: "Manage Workflows | Wait for finish the workflow creation" +- name: add_workflows_schema | Manage Workflows | Wait for finish the workflow creation ansible.builtin.async_status: jid: "{{ __workflows_node_async_results_item.ansible_job_id }}" register: __workflows_node_async_result @@ -65,45 +65,48 @@ when: not ansible_check_mode and __workflows_node_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" # Create links between workflow node -- name: Create links between Workflow Nodes +- name: add_workflows_schema | Create links between Workflow Nodes workflow_job_template_node: - identifier: "{{ __workflow_loop_node_item.identifier | mandatory }}" - workflow: "{{ __workflow_loop_item.name | mandatory }}" - always_nodes: "{{ __workflow_loop_node_item.always_nodes | default(__workflow_loop_node_item.related.always_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on always (blue links) - success_nodes: "{{ __workflow_loop_node_item.success_nodes | default(__workflow_loop_node_item.related.success_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on success (green links) - failure_nodes: "{{ __workflow_loop_node_item.failure_nodes | default(__workflow_loop_node_item.related.failure_nodes | default([], true) | selectattr('identifier', 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on failure (red links) - state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + identifier: "{{ __workflow_loop_node_item.identifier | mandatory }}" + workflow: "{{ __workflow_loop_item.name | mandatory }}" + always_nodes: "{{ __workflow_loop_node_item.always_nodes | default(__workflow_loop_node_item.related.always_nodes | default([], true) | selectattr('identifier', + 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on always (blue links) + success_nodes: "{{ __workflow_loop_node_item.success_nodes | default(__workflow_loop_node_item.related.success_nodes | default([], true) | selectattr('identifier', + 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on success (green links) + failure_nodes: "{{ __workflow_loop_node_item.failure_nodes | default(__workflow_loop_node_item.related.failure_nodes | default([], true) | selectattr('identifier', + 'defined') | map(attribute='identifier')) | list }}" # Nodes to advance on failure (red links) + state: "{{ __workflow_loop_node_item.state | default(platform_state | default('present')) }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization) }}" # Workflow job template organization + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ __workflow_loop_item.simplified_workflow_nodes }}" loop_control: loop_var: __workflow_loop_node_item label: "{{ __workflow_loop_node_item.identifier }}" no_log: "{{ workflow_job_templates_secure_logging }}" # Execute only the nodes that define links to the following - when: ((__workflow_loop_node_item.always_nodes is defined and __workflow_loop_node_item.always_nodes | length > 0) or - (__workflow_loop_node_item.success_nodes is defined and __workflow_loop_node_item.success_nodes | length > 0) or - (__workflow_loop_node_item.failure_nodes is defined and __workflow_loop_node_item.failure_nodes | length > 0)) + when: ((__workflow_loop_node_item.always_nodes is defined and __workflow_loop_node_item.always_nodes | length > 0) or (__workflow_loop_node_item.success_nodes is + defined and __workflow_loop_node_item.success_nodes | length > 0) or (__workflow_loop_node_item.failure_nodes is defined and __workflow_loop_node_item.failure_nodes + | length > 0)) async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __workflows_link_async vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: add_workflows_schema | Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __workflows_link_async.failed is defined and __workflows_link_async.failed -- name: "Manage Workflows | Wait for finish the workflow creation" +- name: add_workflows_schema | Manage Workflows | Wait for finish the workflow creation ansible.builtin.async_status: jid: "{{ __workflows_link_async_results_item.ansible_job_id }}" register: __workflows_link_async_result @@ -116,5 +119,5 @@ when: not ansible_check_mode and __workflows_link_async_results_item.ansible_job_id is defined no_log: "{{ workflow_job_templates_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/controller_workflow_job_templates/tasks/main.yml b/roles/controller_workflow_job_templates/tasks/main.yml index 01a93cadc..5c9e14569 100644 --- a/roles/controller_workflow_job_templates/tasks/main.yml +++ b/roles/controller_workflow_job_templates/tasks/main.yml @@ -1,45 +1,45 @@ --- -- name: "Managing Workflows" +- name: Managing Workflows workflow_job_template: - name: "{{ __workflow_loop_item.name | mandatory }}" - new_name: "{{ __workflow_loop_item.new_name | default(omit, true) }}" - copy_from: "{{ __workflow_loop_item.copy_from | default(omit, true) }}" - description: "{{ __workflow_loop_item.description | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - extra_vars: "{{ __workflow_loop_item.extra_vars | default(({} if controller_configuration_workflows_enforce_defaults else omit), true) }}" - allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - limit: "{{ __workflow_loop_item.limit | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined) | default(__workflow_loop_item.labels) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - scm_branch: "{{ __workflow_loop_item.scm_branch | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - webhook_service: "{{ __workflow_loop_item.webhook_service | default(omit, true) }}" - webhook_credential: "{{ __workflow_loop_item.webhook_credential.name | default(__workflow_loop_item.webhook_credential | default(omit, true)) }}" - survey_enabled: "{{ __workflow_loop_item.survey_enabled | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(({} if controller_configuration_workflows_enforce_defaults else omit), true))) }}" - job_tags: "{{ __workflow_loop_item.job_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - skip_tags: "{{ __workflow_loop_item.skip_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" - ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" - ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" - ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" - workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(([] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" - destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" - state: "{{ __workflow_loop_item.state | default(platform_state | default('present')) }}" - notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" - notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + name: "{{ __workflow_loop_item.name | mandatory }}" + new_name: "{{ __workflow_loop_item.new_name | default(omit, true) }}" + copy_from: "{{ __workflow_loop_item.copy_from | default(omit, true) }}" + description: "{{ __workflow_loop_item.description | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + extra_vars: "{{ __workflow_loop_item.extra_vars | default(({} if controller_configuration_workflows_enforce_defaults else omit), true) }}" + allow_simultaneous: "{{ __workflow_loop_item.allow_simultaneous | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + organization: "{{ __workflow_loop_item.organization.name | default(__workflow_loop_item.organization | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + ask_variables_on_launch: "{{ __workflow_loop_item.ask_variables_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + inventory: "{{ __workflow_loop_item.inventory.name | default(__workflow_loop_item.inventory | default(('' if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + limit: "{{ __workflow_loop_item.limit | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + labels: "{{ (__workflow_loop_item.related.labels | map(attribute='name') | list if __workflow_loop_item.related.labels is defined) | default(__workflow_loop_item.labels) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + scm_branch: "{{ __workflow_loop_item.scm_branch | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_inventory_on_launch: "{{ __workflow_loop_item.ask_inventory_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_scm_branch_on_launch: "{{ __workflow_loop_item.ask_scm_branch_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_limit_on_launch: "{{ __workflow_loop_item.ask_limit_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + webhook_service: "{{ __workflow_loop_item.webhook_service | default(omit, true) }}" + webhook_credential: "{{ __workflow_loop_item.webhook_credential.name | default(__workflow_loop_item.webhook_credential | default(omit, true)) }}" + survey_enabled: "{{ __workflow_loop_item.survey_enabled | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + survey_spec: "{{ __workflow_loop_item.related.survey_spec | default(__workflow_loop_item.survey_spec | default(__workflow_loop_item.survey | default(({} if controller_configuration_workflows_enforce_defaults else omit), true))) }}" + job_tags: "{{ __workflow_loop_item.job_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + skip_tags: "{{ __workflow_loop_item.skip_tags | default(('' if controller_configuration_workflows_enforce_defaults else omit), true) }}" + ask_tags_on_launch: "{{ __workflow_loop_item.ask_tags | default(__workflow_loop_item.ask_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" + ask_labels_on_launch: "{{ __workflow_loop_item.ask_labels_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit)) }}" + ask_skip_tags_on_launch: "{{ __workflow_loop_item.ask_skip_tags | default(__workflow_loop_item.ask_skip_tags_on_launch | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" + workflow_nodes: "{{ __workflow_loop_item.related.workflow_nodes | default(__workflow_loop_item.workflow_nodes | default(([] if controller_configuration_workflows_enforce_defaults else omit), true)) }}" + destroy_current_nodes: "{{ __workflow_loop_item.destroy_current_nodes | default(__workflow_loop_item.destroy_current_schema | default((false if controller_configuration_workflows_enforce_defaults else omit))) }}" + state: "{{ __workflow_loop_item.state | default(platform_state | default('present')) }}" + notification_templates_started: "{{ (__workflow_loop_item.related.notification_templates_started | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_started is defined) | default(__workflow_loop_item.notification_templates_started) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_success: "{{ (__workflow_loop_item.related.notification_templates_success | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_success is defined) | default(__workflow_loop_item.notification_templates_success) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_error: "{{ (__workflow_loop_item.related.notification_templates_error | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_error is defined) | default(__workflow_loop_item.notification_templates_error) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" + notification_templates_approvals: "{{ (__workflow_loop_item.related.notification_templates_approvals | map(attribute='name') | list if __workflow_loop_item.related.notification_templates_approvals is defined) | default(__workflow_loop_item.notification_templates_approvals) | default(([] if controller_configuration_workflows_enforce_defaults else omit), true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ workflow_job_templates if workflow_job_templates is defined else controller_workflows }}" loop_control: loop_var: __workflow_loop_item @@ -48,17 +48,17 @@ async: "{{ ansible_check_mode | ternary(0, 1000) }}" poll: 0 register: __workflows_job_async - changed_when: "(__workflows_job_async.changed if ansible_check_mode else false)" + changed_when: (__workflows_job_async.changed if ansible_check_mode else false) vars: __operation: "{{ operation_translate[__workflow_loop_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Flag for errors (check mode only)" +- name: Flag for errors (check mode only) ansible.builtin.set_fact: error_flag: true when: ansible_check_mode and __workflows_job_async.failed is defined and __workflows_job_async.failed -- name: "Managing Workflows | Wait for finish the workflow management" +- name: Managing Workflows | Wait for finish the workflow management ansible.builtin.async_status: jid: "{{ __workflows_job_async_results_item.ansible_job_id }}" register: __workflows_job_async_result @@ -73,11 +73,11 @@ no_log: "{{ workflow_job_templates_secure_logging }}" vars: __operation: "{{ operation_translate[__workflows_job_async_results_item.__workflow_loop_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" # Create links between workflow node - name: Loop over nodes in schema to add to workflow templates - ansible.builtin.include_tasks: "add_workflows_schema.yml" + ansible.builtin.include_tasks: add_workflows_schema.yml loop: "{{ controller_workflows | default(workflow_job_templates) }}" loop_control: loop_var: __workflow_loop_item diff --git a/roles/controller_workflow_job_templates/tests/configs/controller_workflows.yml b/roles/controller_workflow_job_templates/tests/configs/controller_workflows.yml index c78e1a59e..086c770a2 100644 --- a/roles/controller_workflow_job_templates/tests/configs/controller_workflows.yml +++ b/roles/controller_workflow_job_templates/tests/configs/controller_workflows.yml @@ -2,7 +2,7 @@ controller_workflows: - name: Complicated workflow schema description: a complicated workflow - extra_vars: '' + extra_vars: "" survey_enabled: true allow_simultaneous: false ask_variables_on_launch: false @@ -12,7 +12,7 @@ controller_workflows: ask_inventory_on_launch: false ask_scm_branch_on_launch: false ask_limit_on_launch: false - webhook_service: '' + webhook_service: "" webhook_credential: organization: name: Default @@ -129,7 +129,7 @@ controller_workflows: type: workflow_job_template_node - extra_data: basic_name: test - option_true_false: 'yes' + option_true_false: true target_groups: - group1 scm_branch: @@ -252,8 +252,8 @@ controller_workflows: notification_templates_error: [] notification_templates_approvals: [] survey_spec: - name: '' - description: '' + name: "" + description: "" spec: - question_name: Basic Name question_description: Name @@ -262,8 +262,8 @@ controller_workflows: variable: basic_name min: 0 max: 1024 - default: '' - choices: '' + default: "" + choices: "" new_question: true - question_name: Choose yes or no? question_description: Choosing yes or no. @@ -272,19 +272,19 @@ controller_workflows: variable: option_true_false min: max: - default: 'yes' + default: true choices: |- - yes - no + true + false new_question: true - - question_name: 'Select Group:' - question_description: '' + - question_name: "Select Group:" + question_description: "" required: true type: multiplechoice variable: target_groups min: max: - default: '' + default: "" choices: |- group1 group2 @@ -298,7 +298,7 @@ controller_workflows: type: workflow_job_template - name: Simple workflow schema description: a basic workflow - extra_vars: '' + extra_vars: "" survey_enabled: false allow_simultaneous: false ask_variables_on_launch: false @@ -308,7 +308,7 @@ controller_workflows: ask_inventory_on_launch: false ask_scm_branch_on_launch: false ask_limit_on_launch: false - webhook_service: '' + webhook_service: "" webhook_credential: organization: name: Default diff --git a/roles/controller_workflow_job_templates/tests/test.yaml b/roles/controller_workflow_job_templates/tests/test.yaml index f812173ed..1072a09bb 100644 --- a/roles/controller_workflow_job_templates/tests/test.yaml +++ b/roles/controller_workflow_job_templates/tests/test.yaml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_workflows is defined} + - { role: ../.., when: controller_workflows is defined } ... diff --git a/roles/controller_workflow_launch/README.md b/roles/controller_workflow_launch/README.md index 5b7b3ba7a..1300f058a 100644 --- a/roles/controller_workflow_launch/README.md +++ b/roles/controller_workflow_launch/README.md @@ -18,7 +18,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -29,13 +29,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the workflow launch task does not include sensitive information. +The role defaults to false as normally the workflow launch task does not include sensitive information. controller_configuration_workflow_launch_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_workflow_launch_secure_logging`|`False`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_workflow_launch_secure_logging`|`false`|no|Whether or not to include the sensitive ad_hoc_command role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure @@ -48,7 +48,7 @@ controller_configuration_workflow_launch_secure_logging defaults to the value of |`inventory`|""|no|str|Inventory to use for the job ran with this workflow, only used if prompt for inventory is set.| |`limit`|""|no|str|Limit to use for the job_template.| |`scm_branch`|""|no|str|A specific of the SCM project to run the template on.| -|`extra_vars`|""|no|str|Any extra vars required to launch the job. ask_extra_vars needs to be set to True via controller_job_template module.| +|`extra_vars`|""|no|str|Any extra vars required to launch the job. ask_extra_vars needs to be set to true via controller_job_template module.| |`wait`|""|no|bool|Wait for the job to complete.| |`interval`|2|no|int|The interval to request an update from controller.| |`timeout`|""|no|int|If waiting for the job to complete this will abort after this amount of seconds.| diff --git a/roles/controller_workflow_launch/meta/argument_specs.yml b/roles/controller_workflow_launch/meta/argument_specs.yml index 529a17490..ae861d867 100644 --- a/roles/controller_workflow_launch/meta/argument_specs.yml +++ b/roles/controller_workflow_launch/meta/argument_specs.yml @@ -31,7 +31,7 @@ argument_specs: # extra_vars: # required: false # type: dict - # description: Any extra vars required to launch the job. ask_extra_vars needs to be set to True via controller_job_template module. + # description: Any extra vars required to launch the job. ask_extra_vars needs to be set to true via controller_job_template module. # wait: # required: false # type: bool diff --git a/roles/controller_workflow_launch/meta/main.yml b/roles/controller_workflow_launch/meta/main.yml index bce3bf056..31bb363a3 100644 --- a/roles/controller_workflow_launch/meta/main.yml +++ b/roles/controller_workflow_launch/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "controller_configuration_workflow_launch" - author: "Sean Sullivan" - description: "An Ansible Role to launch workflows in Ansible Controller." - company: "Red Hat" + role_name: controller_configuration_workflow_launch + author: Sean Sullivan + description: An Ansible Role to launch workflows in Ansible Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "aap" - - "awx" - - "workflow" - - "workflows" + - controller + - aap + - awx + - workflow + - workflows collections: - ansible.controller diff --git a/roles/controller_workflow_launch/tasks/main.yml b/roles/controller_workflow_launch/tasks/main.yml index becdf8142..70f7088ed 100644 --- a/roles/controller_workflow_launch/tasks/main.yml +++ b/roles/controller_workflow_launch/tasks/main.yml @@ -2,26 +2,26 @@ # Launch Controller Workflow - name: Launch a Controller Workflow workflow_launch: - name: "{{ __workflow_launch_item.name | mandatory }}" - organization: "{{ __workflow_launch_item.organization | default(omit, true) }}" - inventory: "{{ __workflow_launch_item.inventory | default(omit, true) }}" - limit: "{{ __workflow_launch_item.limit | default(omit, true) }}" - scm_branch: "{{ __workflow_launch_item.scm_branch | default(omit, true) }}" - extra_vars: "{{ __workflow_launch_item.extra_vars | default(omit, true) }}" - wait: "{{ __workflow_launch_item.wait | default(omit) }}" - interval: "{{ __workflow_launch_item.interval | default(omit) }}" - timeout: "{{ __workflow_launch_item.timeout | default(omit, true) }}" + name: "{{ __workflow_launch_item.name | mandatory }}" + organization: "{{ __workflow_launch_item.organization | default(omit, true) }}" + inventory: "{{ __workflow_launch_item.inventory | default(omit, true) }}" + limit: "{{ __workflow_launch_item.limit | default(omit, true) }}" + scm_branch: "{{ __workflow_launch_item.scm_branch | default(omit, true) }}" + extra_vars: "{{ __workflow_launch_item.extra_vars | default(omit, true) }}" + wait: "{{ __workflow_launch_item.wait | default(omit) }}" + interval: "{{ __workflow_launch_item.interval | default(omit) }}" + timeout: "{{ __workflow_launch_item.timeout | default(omit, true) }}" # Role Standard Options - controller_username: "{{ aap_username | default(omit, true) }}" - controller_password: "{{ aap_password | default(omit, true) }}" - controller_oauthtoken: "{{ aap_token | default(omit, true) }}" - request_timeout: "{{ aap_request_timeout | default(omit, true) }}" - controller_host: "{{ aap_hostname | default(omit, true) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" + controller_username: "{{ aap_username | default(omit, true) }}" + controller_password: "{{ aap_password | default(omit, true) }}" + controller_oauthtoken: "{{ aap_token | default(omit, true) }}" + request_timeout: "{{ aap_request_timeout | default(omit, true) }}" + controller_host: "{{ aap_hostname | default(omit, true) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ controller_workflow_launch_jobs }}" loop_control: - loop_var: "__workflow_launch_item" + loop_var: __workflow_launch_item label: "{{ (__workflow_launch_item.organization | default('')) }}/{{ __workflow_launch_item.name }}" no_log: "{{ controller_configuration_workflow_launch_secure_logging }}" register: launched_controller_workflows diff --git a/roles/controller_workflow_launch/tests/test.yml b/roles/controller_workflow_launch/tests/test.yml index 9b15f3f1f..57054ec78 100644 --- a/roles/controller_workflow_launch/tests/test.yml +++ b/roles/controller_workflow_launch/tests/test.yml @@ -16,8 +16,8 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: ../.., when: controller_workflow_launch_jobs is defined} + - { role: ../.., when: controller_workflow_launch_jobs is defined } ... diff --git a/roles/dispatch/defaults/main.yml b/roles/dispatch/defaults/main.yml index 61748ffde..9a64ac943 100644 --- a/roles/dispatch/defaults/main.yml +++ b/roles/dispatch/defaults/main.yml @@ -193,7 +193,6 @@ aap_configuration_dispatcher_roles: > {{ gateway_configuration_dispatcher_roles + hub_configuration_dispatcher_roles + controller_configuration_dispatcher_roles - + eda_configuration_dispatcher_roles - }} + + eda_configuration_dispatcher_roles }} ... diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index fe2679cdb..f6b731f1b 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -190,7 +190,6 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. - # No_log variables aap_configuration_secure_logging: default: false diff --git a/roles/dispatch/meta/main.yml b/roles/dispatch/meta/main.yml index fd10c867e..ea1e4860c 100644 --- a/roles/dispatch/meta/main.yml +++ b/roles/dispatch/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "dispatch" + role_name: dispatch author: Tom Pag, Alan Wong, and Sean Sullivan - description: "An Ansible Role which launches all of the roles within the aap_configuration Collection." - company: "Red Hat" + description: An Ansible Role which launches all of the roles within the aap_configuration Collection. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -24,19 +24,19 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "controller" - - "ah" - - "aap" - - "eda" - - "gateway" - - "awx" - - "configuration" - - "dispatch" + - controller + - ah + - aap + - eda + - gateway + - awx + - configuration + - dispatch collections: - ansible.platform diff --git a/roles/dispatch/tasks/main.yml b/roles/dispatch/tasks/main.yml index 75e08bd3b..1c721e967 100644 --- a/roles/dispatch/tasks/main.yml +++ b/roles/dispatch/tasks/main.yml @@ -14,8 +14,8 @@ assign_default_ee_to_org: "{{ __role.assign_default_ee_to_org | default(false) }}" assign_notification_templates_to_org: "{{ __role.assign_notification_templates_to_org | default(false) }}" -- name: "Fail the playbook if there were errors (check mode only)" +- name: Fail the playbook if there were errors (check mode only) ansible.builtin.fail: - msg: "The execution has failed because of errors (probably due to missing dependencies caused by check mode)." + msg: The execution has failed because of errors (probably due to missing dependencies caused by check mode). when: ansible_check_mode and error_flag is defined and error_flag ... diff --git a/roles/dispatch/tests/configs/credentials.yml b/roles/dispatch/tests/configs/credentials.yml index f8e23e353..4ba58a7b2 100644 --- a/roles/dispatch/tests/configs/credentials.yml +++ b/roles/dispatch/tests/configs/credentials.yml @@ -2,12 +2,12 @@ eda_credentials: - name: my_github_user description: my GitHub Credential - credential_type: 'GitHub Personal Access Token' + credential_type: GitHub Personal Access Token username: githubuser secret: my_github_token - name: my_gitlab_user description: my GitLab Credential - credential_type: 'GitLab Personal Access Token' + credential_type: GitLab Personal Access Token username: gitlabuser secret: my_gitlab_token ... diff --git a/roles/dispatch/tests/configs/inventories.yml b/roles/dispatch/tests/configs/inventories.yml index bca330803..e8263930a 100644 --- a/roles/dispatch/tests/configs/inventories.yml +++ b/roles/dispatch/tests/configs/inventories.yml @@ -6,6 +6,6 @@ controller_inventories: - name: test2 organization: Default kind: smart - host_filter: "name__icontains=test" + host_filter: name__icontains=test variables: '{"key1":"val1", "key2":"val2"}' ... diff --git a/roles/dispatch/tests/test.yml b/roles/dispatch/tests/test.yml index 2c013c99c..8006efc68 100644 --- a/roles/dispatch/tests/test.yml +++ b/roles/dispatch/tests/test.yml @@ -16,10 +16,9 @@ - name: Include vars from platform_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] tags: always roles: - ../../dispatch - ... diff --git a/roles/eda_controller_tokens/README.md b/roles/eda_controller_tokens/README.md index 5b2fdbc70..df5e8b098 100644 --- a/roles/eda_controller_tokens/README.md +++ b/roles/eda_controller_tokens/README.md @@ -11,7 +11,7 @@ Note that tokens cannot be updated, only created. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -22,13 +22,13 @@ Note that tokens cannot be updated, only created. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_users_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_users_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_users_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_controller_tokens/defaults/main.yml b/roles/eda_controller_tokens/defaults/main.yml index 0ee074440..38a82ff45 100644 --- a/roles/eda_controller_tokens/defaults/main.yml +++ b/roles/eda_controller_tokens/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_controller_tokens: [] - eda_configuration_users_token_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" eda_configuration_users_token_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_users_token_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_controller_tokens/meta/argument_specs.yml b/roles/eda_controller_tokens/meta/argument_specs.yml index 0e3ad47c2..cf74aa938 100644 --- a/roles/eda_controller_tokens/meta/argument_specs.yml +++ b/roles/eda_controller_tokens/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_controller_tokens/meta/main.yml b/roles/eda_controller_tokens/meta/main.yml index 6212b62f7..bf28971d1 100644 --- a/roles/eda_controller_tokens/meta/main.yml +++ b/roles/eda_controller_tokens/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: role_name: eda_controller_tokens - author: "Derek Waters" - description: "An Ansible Role to create a user token in EDA Controller." - company: "Red Hat" + author: Derek Waters + description: An Ansible Role to create a user token in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,14 +25,14 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" + - edacontroller + - eda + - configuration dependencies: - role: global_vars diff --git a/roles/eda_controller_tokens/tasks/main.yml b/roles/eda_controller_tokens/tasks/main.yml index 840dad49d..2cfa1a23e 100644 --- a/roles/eda_controller_tokens/tasks/main.yml +++ b/roles/eda_controller_tokens/tasks/main.yml @@ -1,11 +1,10 @@ --- - # Create EDA Controller Tokens - name: Add EDA Controller token ansible.eda.controller_token: - name: "{{ __token_item.name }}" - description: "{{ __token_item.description | default(omit) }}" - token: "{{ __token_item.token | default(omit) }}" + name: "{{ __token_item.name }}" + description: "{{ __token_item.description | default(omit) }}" + token: "{{ __token_item.token | default(omit) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -13,7 +12,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_controller_tokens }}" loop_control: - loop_var: "__token_item" + loop_var: __token_item label: "{{ __operation.verb }} the Controller token {{ __token_item.name }} to EDA" pause: "{{ eda_configuration_users_token_async_delay }}" no_log: "{{ eda_configuration_users_token_secure_logging }}" @@ -24,9 +23,9 @@ vars: __operation: "{{ operation_translate[__controller_tokens_job_async.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create controller_token | Wait for finish the controller_token creation" +- name: Create controller_token | Wait for finish the controller_token creation ansible.builtin.async_status: jid: "{{ __controller_tokens_job_async_result_item.ansible_job_id }}" register: __controller_tokens_job_async_result @@ -41,5 +40,5 @@ no_log: "{{ eda_configuration_users_token_secure_logging }}" vars: __operation: "{{ operation_translate[__controller_tokens_job_async_result_item.__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_controller_tokens/tests/test.yml b/roles/eda_controller_tokens/tests/test.yml index 669c5d038..925d41add 100644 --- a/roles/eda_controller_tokens/tests/test.yml +++ b/roles/eda_controller_tokens/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_credential_types/README.md b/roles/eda_credential_types/README.md index a98c818b8..31fefd222 100644 --- a/roles/eda_credential_types/README.md +++ b/roles/eda_credential_types/README.md @@ -10,7 +10,7 @@ An Ansible Role to create Credentials in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create Credentials in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_credential_types_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_credential_types_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_credential_types_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_credential_types/defaults/main.yml b/roles/eda_credential_types/defaults/main.yml index 285115a98..15b5292de 100644 --- a/roles/eda_credential_types/defaults/main.yml +++ b/roles/eda_credential_types/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_credential_types: [] - eda_configuration_credential_types_secure_logging: "{{ aap_configuration_secure_logging | default(true) }}" eda_configuration_credential_types_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_credential_types_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_credential_types/meta/argument_specs.yml b/roles/eda_credential_types/meta/argument_specs.yml index e77eab0e5..c1b1632cc 100644 --- a/roles/eda_credential_types/meta/argument_specs.yml +++ b/roles/eda_credential_types/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_credential_types/meta/main.yml b/roles/eda_credential_types/meta/main.yml index ee5a459fd..12542c65b 100644 --- a/roles/eda_credential_types/meta/main.yml +++ b/roles/eda_credential_types/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_credential_types" - author: "Sean Sullivan" - description: "An Ansible Role to create a credential type in EDA Controller." - company: "Red Hat" + role_name: eda_credential_types + author: Sean Sullivan + description: An Ansible Role to create a credential type in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,18 +25,18 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "credential" - - "credentialtype" - - "credentials" - - "credentialtypes" + - edacontroller + - eda + - configuration + - credential + - credentialtype + - credentials + - credentialtypes dependencies: - role: global_vars diff --git a/roles/eda_credential_types/tasks/main.yml b/roles/eda_credential_types/tasks/main.yml index be1a8d664..2d10df0a8 100644 --- a/roles/eda_credential_types/tasks/main.yml +++ b/roles/eda_credential_types/tasks/main.yml @@ -1,5 +1,4 @@ --- - # Create EDA Controller Credential - name: Add EDA Controller credential ansible.eda.credential_type: @@ -16,7 +15,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_credential_types }}" loop_control: - loop_var: "__credential_type_item" + loop_var: __credential_type_item label: "{{ __operation.verb }} the credential {{ __credential_type_item.name }} to EDA" pause: "{{ eda_configuration_credential_types_async_delay }}" no_log: "{{ eda_configuration_credential_types_secure_logging }}" @@ -26,9 +25,9 @@ changed_when: not __credential_types_job_async.changed vars: __operation: "{{ operation_translate[__credential_type_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create credential | Wait for finish the credential creation" +- name: Create credential | Wait for finish the credential creation ansible.builtin.async_status: jid: "{{ __credential_types_job_async_result_item.ansible_job_id }}" register: __credential_types_job_async_result @@ -43,5 +42,5 @@ no_log: "{{ eda_configuration_credential_types_secure_logging }}" vars: __operation: "{{ operation_translate[__credential_types_job_async_result_item.__credential_type_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_credential_types/tests/test.yml b/roles/eda_credential_types/tests/test.yml index 0e64e4a30..fddff8a82 100644 --- a/roles/eda_credential_types/tests/test.yml +++ b/roles/eda_credential_types/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_credentials/README.md b/roles/eda_credentials/README.md index 600187fcb..0eaf37428 100644 --- a/roles/eda_credentials/README.md +++ b/roles/eda_credentials/README.md @@ -10,7 +10,7 @@ An Ansible Role to create Credentials in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create Credentials in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_credentials_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_credentials_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_credentials_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_credentials/defaults/main.yml b/roles/eda_credentials/defaults/main.yml index ef1d734eb..110e457aa 100644 --- a/roles/eda_credentials/defaults/main.yml +++ b/roles/eda_credentials/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_credentials: [] - eda_configuration_credentials_secure_logging: "{{ aap_configuration_secure_logging | default(true) }}" eda_configuration_credentials_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_credentials_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_credentials/meta/argument_specs.yml b/roles/eda_credentials/meta/argument_specs.yml index bf362a35b..19d722237 100644 --- a/roles/eda_credentials/meta/argument_specs.yml +++ b/roles/eda_credentials/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_credentials/meta/main.yml b/roles/eda_credentials/meta/main.yml index 2200a2e60..528a0cedf 100644 --- a/roles/eda_credentials/meta/main.yml +++ b/roles/eda_credentials/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_credentials" - author: "Derek Waters" - description: "An Ansible Role to create a credential in EDA Controller." - company: "Red Hat" + role_name: eda_credentials + author: Derek Waters + description: An Ansible Role to create a credential in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "credential" - - "credentials" + - edacontroller + - eda + - configuration + - credential + - credentials dependencies: - role: global_vars diff --git a/roles/eda_credentials/tasks/main.yml b/roles/eda_credentials/tasks/main.yml index af5803dc3..54368d5b6 100644 --- a/roles/eda_credentials/tasks/main.yml +++ b/roles/eda_credentials/tasks/main.yml @@ -1,15 +1,14 @@ --- - # Create EDA Controller Credential - name: Add EDA Controller credential ansible.eda.credential: - name: "{{ __credential_item.name }}" - new_name: "{{ __credential_item.new_name | default(omit) }}" - description: "{{ __credential_item.description | default(omit) }}" - organization_name: "{{ __credential_item.organization | default(omit) }}" + name: "{{ __credential_item.name }}" + new_name: "{{ __credential_item.new_name | default(omit) }}" + description: "{{ __credential_item.description | default(omit) }}" + organization_name: "{{ __credential_item.organization | default(omit) }}" credential_type_name: "{{ __credential_item.credential_type | mandatory }}" - inputs: "{{ __credential_item.inputs | default(omit) }}" - state: "{{ __credential_item.state | default(eda_state | default('present')) }}" + inputs: "{{ __credential_item.inputs | default(omit) }}" + state: "{{ __credential_item.state | default(eda_state | default('present')) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -17,7 +16,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_credentials }}" loop_control: - loop_var: "__credential_item" + loop_var: __credential_item label: "{{ __operation.verb }} the credential {{ __credential_item.name }} to EDA" pause: "{{ eda_configuration_credentials_async_delay }}" no_log: "{{ eda_configuration_credentials_secure_logging }}" @@ -27,9 +26,9 @@ changed_when: not __credentials_job_async.changed vars: __operation: "{{ operation_translate[__credentials_job_async.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create credential | Wait for finish the credential creation" +- name: Create credential | Wait for finish the credential creation ansible.builtin.async_status: jid: "{{ __credentials_job_async_result_item.ansible_job_id }}" register: __credentials_job_async_result @@ -44,5 +43,5 @@ no_log: "{{ eda_configuration_credentials_secure_logging }}" vars: __operation: "{{ operation_translate[__credentials_job_async_result_item.__controller_user_accounts_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_credentials/tests/test.yml b/roles/eda_credentials/tests/test.yml index 0f6db68ea..7cb40a80d 100644 --- a/roles/eda_credentials/tests/test.yml +++ b/roles/eda_credentials/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_credentials/tests/vars/credentials.yml b/roles/eda_credentials/tests/vars/credentials.yml index f8e23e353..4ba58a7b2 100644 --- a/roles/eda_credentials/tests/vars/credentials.yml +++ b/roles/eda_credentials/tests/vars/credentials.yml @@ -2,12 +2,12 @@ eda_credentials: - name: my_github_user description: my GitHub Credential - credential_type: 'GitHub Personal Access Token' + credential_type: GitHub Personal Access Token username: githubuser secret: my_github_token - name: my_gitlab_user description: my GitLab Credential - credential_type: 'GitLab Personal Access Token' + credential_type: GitLab Personal Access Token username: gitlabuser secret: my_gitlab_token ... diff --git a/roles/eda_decision_environments/README.md b/roles/eda_decision_environments/README.md index 372b70ca0..b351aaa9c 100644 --- a/roles/eda_decision_environments/README.md +++ b/roles/eda_decision_environments/README.md @@ -10,7 +10,7 @@ An Ansible Role to create Decision Environments in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create Decision Environments in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_decision_environments_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_decision_environments_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_decision_environments_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_decision_environments/defaults/main.yml b/roles/eda_decision_environments/defaults/main.yml index 893045c6c..84c5db1e1 100644 --- a/roles/eda_decision_environments/defaults/main.yml +++ b/roles/eda_decision_environments/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_decision_environments: [] - eda_configuration_decision_environments_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" eda_configuration_decision_environments_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_decision_environments_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_decision_environments/meta/argument_specs.yml b/roles/eda_decision_environments/meta/argument_specs.yml index f4ef32d20..24cd254b8 100644 --- a/roles/eda_decision_environments/meta/argument_specs.yml +++ b/roles/eda_decision_environments/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_decision_environments/meta/main.yml b/roles/eda_decision_environments/meta/main.yml index 063e562e9..397c89212 100644 --- a/roles/eda_decision_environments/meta/main.yml +++ b/roles/eda_decision_environments/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_decision_environments" - author: "Derek Waters" - description: "An Ansible Role to create a decision environment in EDA Controller." - company: "Red Hat" + role_name: eda_decision_environments + author: Derek Waters + description: An Ansible Role to create a decision environment in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "decisionenvironment" - - "decisionenvironments" + - edacontroller + - eda + - configuration + - decisionenvironment + - decisionenvironments dependencies: - role: global_vars diff --git a/roles/eda_decision_environments/tasks/main.yml b/roles/eda_decision_environments/tasks/main.yml index f755edec6..22f43e4d0 100644 --- a/roles/eda_decision_environments/tasks/main.yml +++ b/roles/eda_decision_environments/tasks/main.yml @@ -1,15 +1,14 @@ --- - # Create EDA Controller Decision Environment - name: Add EDA Controller decision environment ansible.eda.decision_environment: - name: "{{ __de_item.name }}" - new_name: "{{ __de_item.new_name | default(omit) }}" - description: "{{ __de_item.description | default(omit) }}" - image_url: "{{ __de_item.image_url | default(omit) }}" - credential: "{{ __de_item.credential | default(omit) }}" - organization_name: "{{ __de_item.organization | default(omit) }}" - state: "{{ __de_item.state | default(eda_state | default('present')) }}" + name: "{{ __de_item.name }}" + new_name: "{{ __de_item.new_name | default(omit) }}" + description: "{{ __de_item.description | default(omit) }}" + image_url: "{{ __de_item.image_url | default(omit) }}" + credential: "{{ __de_item.credential | default(omit) }}" + organization_name: "{{ __de_item.organization | default(omit) }}" + state: "{{ __de_item.state | default(eda_state | default('present')) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -17,7 +16,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_decision_environments }}" loop_control: - loop_var: "__de_item" + loop_var: __de_item label: "{{ __operation.verb }} the decisiion environment {{ __de_item.name }} to EDA" pause: "{{ eda_configuration_decision_environments_async_delay }}" no_log: "{{ eda_configuration_decision_environments_secure_logging }}" @@ -27,9 +26,9 @@ changed_when: not __decision_environments_job_async.changed vars: __operation: "{{ operation_translate[__de_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create decision_environment | Wait for finish the decision_environment creation" +- name: Create decision_environment | Wait for finish the decision_environment creation ansible.builtin.async_status: jid: "{{ __decision_environments_job_async_result_item.ansible_job_id }}" register: __decision_environments_job_async_result @@ -39,10 +38,11 @@ loop: "{{ __decision_environments_job_async.results }}" loop_control: loop_var: __decision_environments_job_async_result_item - label: "{{ __operation.verb }} decisiion environment {{ __decision_environments_job_async_result_item.__de_item.name }} | Wait for finish the decisiion environment {{ __operation.action }}" - when: __decision_environments_job_async_result_item.ansible_job_id is defined + label: "{{ __operation.verb }} decisiion environment {{ __decision_environments_job_async_result_item.__de_item.name }} | Wait for finish the decisiion environment + {{ __operation.action }}" + when: __decision_environments_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_decision_environments_secure_logging }}" vars: __operation: "{{ operation_translate[__decision_environments_job_async_result_item.__de_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_decision_environments/tests/test.yml b/roles/eda_decision_environments/tests/test.yml index f4295a4ee..ab61ed064 100644 --- a/roles/eda_decision_environments/tests/test.yml +++ b/roles/eda_decision_environments/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_event_streams/README.md b/roles/eda_event_streams/README.md index 35c2ea204..c9e776647 100644 --- a/roles/eda_event_streams/README.md +++ b/roles/eda_event_streams/README.md @@ -10,7 +10,7 @@ An Ansible Role to create Event Streams in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create Event Streams in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_event_streams_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_event_streams_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_event_streams_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_event_streams/defaults/main.yml b/roles/eda_event_streams/defaults/main.yml index e9f758df3..748de1f94 100644 --- a/roles/eda_event_streams/defaults/main.yml +++ b/roles/eda_event_streams/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_event_streams: [] - eda_configuration_event_streams_secure_logging: "{{ aap_configuration_secure_logging | default(true) }}" eda_configuration_event_streams_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_event_streams_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_event_streams/meta/argument_specs.yml b/roles/eda_event_streams/meta/argument_specs.yml index 668e6b25a..40251940a 100644 --- a/roles/eda_event_streams/meta/argument_specs.yml +++ b/roles/eda_event_streams/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_event_streams/meta/main.yml b/roles/eda_event_streams/meta/main.yml index f325fc197..a384a9efd 100644 --- a/roles/eda_event_streams/meta/main.yml +++ b/roles/eda_event_streams/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_event_streams" - author: "Sean Sullivan" - description: "An Ansible Role to create an event stream in EDA Controller." - company: "Red Hat" + role_name: eda_event_streams + author: Sean Sullivan + description: An Ansible Role to create an event stream in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,18 +25,18 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "event" - - "events" - - "eventstream" - - "eventstreams" + - edacontroller + - eda + - configuration + - event + - events + - eventstream + - eventstreams dependencies: - role: global_vars diff --git a/roles/eda_event_streams/tasks/main.yml b/roles/eda_event_streams/tasks/main.yml index 150b33f9e..ac43816bd 100644 --- a/roles/eda_event_streams/tasks/main.yml +++ b/roles/eda_event_streams/tasks/main.yml @@ -1,5 +1,4 @@ --- - # Create EDA Controller Event stream - name: Add EDA Controller Event Stream ansible.eda.event_stream: @@ -17,7 +16,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_event_streams }}" loop_control: - loop_var: "__event_stream_item" + loop_var: __event_stream_item label: "{{ __operation.verb }} the Event stream {{ __event_stream_item.name }} to EDA" pause: "{{ eda_configuration_event_streams_async_delay }}" no_log: "{{ eda_configuration_event_streams_secure_logging }}" @@ -27,9 +26,9 @@ changed_when: not __event_streams_job_async.changed vars: __operation: "{{ operation_translate[__event_stream_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Event stream | Wait for finish the Event stream creation" +- name: Create Event stream | Wait for finish the Event stream creation ansible.builtin.async_status: jid: "{{ __event_streams_job_async_result_item.ansible_job_id }}" register: __event_streams_job_async_result @@ -44,5 +43,5 @@ no_log: "{{ eda_configuration_event_streams_secure_logging }}" vars: __operation: "{{ operation_translate[__event_streams_job_async_result_item.__event_stream_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_event_streams/tests/test.yml b/roles/eda_event_streams/tests/test.yml index 97d639aa5..6abcfe369 100644 --- a/roles/eda_event_streams/tests/test.yml +++ b/roles/eda_event_streams/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_event_streams/tests/vars/event_streams.yml b/roles/eda_event_streams/tests/vars/event_streams.yml index a3107eded..0e0b1cd4b 100644 --- a/roles/eda_event_streams/tests/vars/event_streams.yml +++ b/roles/eda_event_streams/tests/vars/event_streams.yml @@ -2,12 +2,12 @@ eda_event_streams: - name: my_github_user description: my GitHub Credential - credential_type: 'GitHub Personal Access Token' + credential_type: GitHub Personal Access Token username: githubuser secret: my_github_token - name: my_gitlab_user description: my GitLab Credential - credential_type: 'GitLab Personal Access Token' + credential_type: GitLab Personal Access Token username: gitlabuser secret: my_gitlab_token ... diff --git a/roles/eda_projects/README.md b/roles/eda_projects/README.md index e57792f81..cdd580c77 100644 --- a/roles/eda_projects/README.md +++ b/roles/eda_projects/README.md @@ -10,7 +10,7 @@ An Ansible Role to create Projects in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create Projects in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_projects_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_projects_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_projects_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_projects/defaults/main.yml b/roles/eda_projects/defaults/main.yml index 0b8385085..bfa9bcb49 100644 --- a/roles/eda_projects/defaults/main.yml +++ b/roles/eda_projects/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_projects: [] - eda_configuration_projects_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" eda_configuration_projects_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_projects_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_projects/meta/argument_specs.yml b/roles/eda_projects/meta/argument_specs.yml index 8737a2f98..7f9f3b19f 100644 --- a/roles/eda_projects/meta/argument_specs.yml +++ b/roles/eda_projects/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_projects/meta/main.yml b/roles/eda_projects/meta/main.yml index 524fcaa34..1991125df 100644 --- a/roles/eda_projects/meta/main.yml +++ b/roles/eda_projects/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_projects" - author: "Chris Renwick" - description: "An Ansible Role to create a project in EDA Controller." - company: "Red Hat" + role_name: eda_projects + author: Chris Renwick + description: An Ansible Role to create a project in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "project" - - "projects" + - edacontroller + - eda + - configuration + - project + - projects dependencies: - role: global_vars diff --git a/roles/eda_projects/tasks/main.yml b/roles/eda_projects/tasks/main.yml index 3c5da85d3..ec117f950 100644 --- a/roles/eda_projects/tasks/main.yml +++ b/roles/eda_projects/tasks/main.yml @@ -1,15 +1,14 @@ --- - # Create EDA Controller Project - name: Add EDA Controller project ansible.eda.project: - name: "{{ __project_item.name }}" - new_name: "{{ __project_item.new_name | default(omit) }}" - description: "{{ __project_item.description | default(omit) }}" - url: "{{ __project_item.url | default(__project_item.scm_url | default(omit)) }}" - credential: "{{ __project_item.credential | default(omit) }}" - organization_name: "{{ __project_item.organization | default(omit) }}" - state: "{{ __project_item.state | default(eda_state | default('present')) }}" + name: "{{ __project_item.name }}" + new_name: "{{ __project_item.new_name | default(omit) }}" + description: "{{ __project_item.description | default(omit) }}" + url: "{{ __project_item.url | default(__project_item.scm_url | default(omit)) }}" + credential: "{{ __project_item.credential | default(omit) }}" + organization_name: "{{ __project_item.organization | default(omit) }}" + state: "{{ __project_item.state | default(eda_state | default('present')) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -17,7 +16,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_projects }}" loop_control: - loop_var: "__project_item" + loop_var: __project_item label: "{{ __operation.verb }} the project {{ __project_item.name }} to EDA" pause: "{{ eda_configuration_projects_async_delay }}" no_log: "{{ eda_configuration_projects_secure_logging }}" @@ -27,9 +26,9 @@ changed_when: not __projects_job_async.changed vars: __operation: "{{ operation_translate[__project_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create project | Wait for finish the project creation" +- name: Create project | Wait for finish the project creation ansible.builtin.async_status: jid: "{{ __projects_job_async_result_item.ansible_job_id }}" register: __projects_job_async_result @@ -40,9 +39,9 @@ loop_control: loop_var: __projects_job_async_result_item label: "{{ __operation.verb }} project {{ __projects_job_async_result_item.__project_item.name }} | Wait for finish the project {{ __operation.action }}" - when: __projects_job_async_result_item.ansible_job_id is defined + when: __projects_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_projects_secure_logging }}" vars: __operation: "{{ operation_translate[__projects_job_async_result.__projects_job_async.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_projects/tests/test.yml b/roles/eda_projects/tests/test.yml index ab4a0d083..66365af16 100644 --- a/roles/eda_projects/tests/test.yml +++ b/roles/eda_projects/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_rulebook_activations/README.md b/roles/eda_rulebook_activations/README.md index e344b8bc8..ed77a094e 100644 --- a/roles/eda_rulebook_activations/README.md +++ b/roles/eda_rulebook_activations/README.md @@ -10,7 +10,7 @@ An Ansible Role to create rulebook activations in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create rulebook activations in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_rulebook_activations_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_rulebook_activations_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_rulebook_activations_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_rulebook_activations/defaults/main.yml b/roles/eda_rulebook_activations/defaults/main.yml index 05f19ba45..801f4d365 100644 --- a/roles/eda_rulebook_activations/defaults/main.yml +++ b/roles/eda_rulebook_activations/defaults/main.yml @@ -1,8 +1,7 @@ --- eda_rulebook_activations: [] - eda_configuration_rulebook_activations_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" eda_configuration_rulebook_activations_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_rulebook_activations_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_rulebook_activations/meta/argument_specs.yml b/roles/eda_rulebook_activations/meta/argument_specs.yml index b7c58283a..28eb9a15d 100644 --- a/roles/eda_rulebook_activations/meta/argument_specs.yml +++ b/roles/eda_rulebook_activations/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_rulebook_activations/meta/main.yml b/roles/eda_rulebook_activations/meta/main.yml index df794b218..a1e4809b5 100644 --- a/roles/eda_rulebook_activations/meta/main.yml +++ b/roles/eda_rulebook_activations/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_rulebook_activations" - author: "Tom Page" - description: "An Ansible Role to create a rulebook activation in EDA Controller." - company: "Red Hat" + role_name: eda_rulebook_activations + author: Tom Page + description: An Ansible Role to create a rulebook activation in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,18 +25,18 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "rulebookactivation" - - "rulebookactivations" - - "activation" - - "activations" + - edacontroller + - eda + - configuration + - rulebookactivation + - rulebookactivations + - activation + - activations dependencies: - role: global_vars diff --git a/roles/eda_rulebook_activations/tasks/main.yml b/roles/eda_rulebook_activations/tasks/main.yml index bf3010bb6..a76087675 100644 --- a/roles/eda_rulebook_activations/tasks/main.yml +++ b/roles/eda_rulebook_activations/tasks/main.yml @@ -1,24 +1,23 @@ --- - # Create EDA Controller Rulebook Activation - name: Add EDA Controller rulebook activation ansible.eda.rulebook_activation: - name: "{{ __ra_item.name }}" - description: "{{ __ra_item.description | default(omit) }}" - project: "{{ __ra_item.project | default(omit) }}" - rulebook: "{{ __ra_item.rulebook | default(omit) }}" + name: "{{ __ra_item.name }}" + description: "{{ __ra_item.description | default(omit) }}" + project: "{{ __ra_item.project | default(omit) }}" + rulebook: "{{ __ra_item.rulebook | default(omit) }}" decision_environment: "{{ __ra_item.decision_environment | default(omit) }}" - awx_token: "{{ __ra_item.awx_token | default(omit) }}" - restart_policy: "{{ __ra_item.restart_policy | default(omit) }}" - extra_vars: "{{ __ra_item.extra_vars | default(omit) }}" - enabled: "{{ __ra_item.enabled | default(omit) }}" - organization: "{{ __ra_item.organization | default(omit) }}" - eda_credentials: "{{ __ra_item.eda_credentials | default(omit) }}" - k8s_service_name: "{{ __ra_item.k8s_service_name | default(omit) }}" - swap_single_source: "{{ __ra_item.swap_single_source | default(omit) }}" - event_streams: "{{ __ra_item.event_streams | default(omit) }}" - log_level: "{{ __ra_item.log_level | default(omit) }}" - state: "{{ __ra_item.state | default(eda_state | default('present')) }}" + awx_token: "{{ __ra_item.awx_token | default(omit) }}" + restart_policy: "{{ __ra_item.restart_policy | default(omit) }}" + extra_vars: "{{ __ra_item.extra_vars | default(omit) }}" + enabled: "{{ __ra_item.enabled | default(omit) }}" + organization: "{{ __ra_item.organization | default(omit) }}" + eda_credentials: "{{ __ra_item.eda_credentials | default(omit) }}" + k8s_service_name: "{{ __ra_item.k8s_service_name | default(omit) }}" + swap_single_source: "{{ __ra_item.swap_single_source | default(omit) }}" + event_streams: "{{ __ra_item.event_streams | default(omit) }}" + log_level: "{{ __ra_item.log_level | default(omit) }}" + state: "{{ __ra_item.state | default(eda_state | default('present')) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -26,7 +25,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ eda_rulebook_activations }}" loop_control: - loop_var: "__ra_item" + loop_var: __ra_item label: "{{ __operation.verb }} the rulebook activation {{ __ra_item.name }} to EDA" pause: "{{ eda_configuration_rulebook_activations_async_delay }}" no_log: "{{ eda_configuration_rulebook_activations_secure_logging }}" @@ -36,9 +35,9 @@ changed_when: not __rulebook_activations_job_async.changed vars: __operation: "{{ operation_translate[__ra_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create rulebook_activation | Wait for finish the rulebook_activation creation" +- name: Create rulebook_activation | Wait for finish the rulebook_activation creation ansible.builtin.async_status: jid: "{{ __rulebook_activations_job_async_result_item.ansible_job_id }}" register: __rulebook_activations_job_async_result @@ -48,10 +47,11 @@ loop: "{{ __rulebook_activations_job_async.results }}" loop_control: loop_var: __rulebook_activations_job_async_result_item - label: "{{ __operation.verb }} rulebook activation {{ __rulebook_activations_job_async_result_item.__ra_item.name }} | Wait for finish the rulebook activation {{ __operation.action }}" + label: "{{ __operation.verb }} rulebook activation {{ __rulebook_activations_job_async_result_item.__ra_item.name }} | Wait for finish the rulebook activation + {{ __operation.action }}" when: __rulebook_activations_job_async_result_item.ansible_job_id is defined no_log: "{{ eda_configuration_rulebook_activations_secure_logging }}" vars: __operation: "{{ operation_translate[__rulebook_activations_job_async_result.__ra_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_rulebook_activations/tests/test.yml b/roles/eda_rulebook_activations/tests/test.yml index 4727e966b..382641a25 100644 --- a/roles/eda_rulebook_activations/tests/test.yml +++ b/roles/eda_rulebook_activations/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/eda_users/README.md b/roles/eda_users/README.md index f6471a6eb..bcb1e5942 100644 --- a/roles/eda_users/README.md +++ b/roles/eda_users/README.md @@ -10,7 +10,7 @@ An Ansible Role to create users in EDA Controller. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to create users in EDA Controller. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group_roles task does not include sensitive information. +The role defaults to false as normally the add group_roles task does not include sensitive information. eda_configuration_users_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`eda_configuration_users_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| +|`eda_configuration_users_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| ### Asynchronous Retry Variables diff --git a/roles/eda_users/defaults/main.yml b/roles/eda_users/defaults/main.yml index c7fc5e223..46277d5f1 100644 --- a/roles/eda_users/defaults/main.yml +++ b/roles/eda_users/defaults/main.yml @@ -1,8 +1,7 @@ --- aap_user_accounts: [] - eda_configuration_users_secure_logging: "{{ aap_configuration_secure_logging | default(false) }}" eda_configuration_users_async_retries: "{{ aap_configuration_async_retries | default(50) }}" eda_configuration_users_async_delay: "{{ aap_configuration_async_delay| default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/eda_users/meta/argument_specs.yml b/roles/eda_users/meta/argument_specs.yml index bed3c33dc..1a4a1403b 100644 --- a/roles/eda_users/meta/argument_specs.yml +++ b/roles/eda_users/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/eda_users/meta/main.yml b/roles/eda_users/meta/main.yml index bf0f47126..cf82f8759 100644 --- a/roles/eda_users/meta/main.yml +++ b/roles/eda_users/meta/main.yml @@ -1,14 +1,14 @@ --- galaxy_info: - role_name: "eda_users" - author: "Tom Page" - description: "An Ansible Role to create a user in EDA Controller." - company: "Red Hat" + role_name: eda_users + author: Tom Page + description: An Ansible Role to create a user in EDA Controller. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - license: "GPLv3+" + license: GPLv3+ min_ansible_version: 2.16.0 @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "edacontroller" - - "eda" - - "configuration" - - "user" - - "users" + - edacontroller + - eda + - configuration + - user + - users dependencies: - role: global_vars diff --git a/roles/eda_users/tasks/main.yml b/roles/eda_users/tasks/main.yml index 3bcd8b375..9b8bc5a3d 100644 --- a/roles/eda_users/tasks/main.yml +++ b/roles/eda_users/tasks/main.yml @@ -1,18 +1,17 @@ --- - # Create EDA Controller user - name: Add EDA Controller user ansible.eda.user: - username: "{{ __user_item.username }}" - new_username: "{{ __user_item.new_username | default(omit) }}" - first_name: "{{ __user_item.first_name | default(omit) }}" - last_name: "{{ __user_item.last_name | default(omit) }}" - email: "{{ __user_item.email | default(omit) }}" - password: "{{ __user_item.password | default(omit) }}" - update_secrets: "{{ __user_item.update_secrets | default(omit) }}" - is_superuser: "{{ __user_item.is_superuser | default(omit) }}" - roles: "{{ __user_item.roles | default(omit) }}" - state: "{{ __user_item.state | default(eda_state | default('present')) }}" + username: "{{ __user_item.username }}" + new_username: "{{ __user_item.new_username | default(omit) }}" + first_name: "{{ __user_item.first_name | default(omit) }}" + last_name: "{{ __user_item.last_name | default(omit) }}" + email: "{{ __user_item.email | default(omit) }}" + password: "{{ __user_item.password | default(omit) }}" + update_secrets: "{{ __user_item.update_secrets | default(omit) }}" + is_superuser: "{{ __user_item.is_superuser | default(omit) }}" + roles: "{{ __user_item.roles | default(omit) }}" + state: "{{ __user_item.state | default(eda_state | default('present')) }}" controller_host: "{{ aap_hostname | default(omit, true) }}" controller_username: "{{ aap_username | default(omit, true) }}" controller_password: "{{ aap_password | default(omit, true) }}" @@ -20,7 +19,7 @@ validate_certs: "{{ aap_validate_certs | default(omit) }}" loop: "{{ aap_user_accounts }}" loop_control: - loop_var: "__user_item" + loop_var: __user_item label: "{{ __operation.verb }} the user {{ __user_item.username }} to EDA" pause: "{{ eda_configuration_users_async_delay }}" no_log: "{{ eda_configuration_users_secure_logging }}" @@ -30,9 +29,9 @@ changed_when: not __users_job_async.changed vars: __operation: "{{ operation_translate[__user_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create user | Wait for finish the user creation" +- name: Create user | Wait for finish the user creation ansible.builtin.async_status: jid: "{{ __users_job_async_result_item.ansible_job_id }}" register: __users_job_async_result @@ -47,5 +46,5 @@ no_log: "{{ eda_configuration_users_secure_logging }}" vars: __operation: "{{ operation_translate[__users_job_async_result.__user_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/eda_users/tests/test.yml b/roles/eda_users/tests/test.yml index 95e45edd5..8b83d3652 100644 --- a/roles/eda_users/tests/test.yml +++ b/roles/eda_users/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from eda_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/gateway_applications/README.md b/roles/gateway_applications/README.md index 5c0247f3c..d01e0f07d 100644 --- a/roles/gateway_applications/README.md +++ b/roles/gateway_applications/README.md @@ -10,7 +10,7 @@ An Ansible Role to create/update/remove Applications on Ansible gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -30,20 +30,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`aap_applications_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared globally.| +|`aap_applications_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared globally.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. aap_applications_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`aap_applications_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_applications_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -79,7 +79,7 @@ Options for the `aap_applications` variable: | `authorization_grant_type` | N/A | yes | str | Grant type for tokens in this application, Choices: ["password", "authorization-code"] | | `client_type` | N/A | yes | str | Application client type. Choices: ["confidential", "public"] | | `redirect_uris` | "" | no | str | Allowed urls list, space separated. Required with "authorization-code" grant type | -| `skip_authorization` | N/A(`false` by API) | yes | bool | Set True to skip authorization step for completely trusted applications. | +| `skip_authorization` | N/A(`false` by API) | yes | bool | Set true to skip authorization step for completely trusted applications. | | `post_logout_redirect_uris` | "" | no | str | Allowed Post Logout URIs list, space separated. | | `user` | "" | no | str | The user who owns this application. | | `state` | `present` | no | str | Desired state of the application. | diff --git a/roles/gateway_applications/defaults/main.yml b/roles/gateway_applications/defaults/main.yml index 6e3605480..be2ba4fab 100644 --- a/roles/gateway_applications/defaults/main.yml +++ b/roles/gateway_applications/defaults/main.yml @@ -6,5 +6,5 @@ gateway_applications_async_retries: "{{ aap_configuration_async_retries | defaul gateway_applications_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_applications_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" aap_applications_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_applications/meta/argument_specs.yml b/roles/gateway_applications/meta/argument_specs.yml index f4e64e581..648295c3c 100644 --- a/roles/gateway_applications/meta/argument_specs.yml +++ b/roles/gateway_applications/meta/argument_specs.yml @@ -42,7 +42,7 @@ argument_specs: skip_authorization: required: false type: bool - description: Set True to skip authorization step for completely trusted applications. + description: Set true to skip authorization step for completely trusted applications. algorithm: required: false type: str @@ -79,20 +79,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. # No_log variables gateway_applications_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: false required: false @@ -123,17 +119,11 @@ argument_specs: aap_password: default: None required: false - description: > - Gateway Admin User's password on the Ansible gateway Server. - This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Gateway Admin User's password on the Ansible gateway Server. This should be stored in an Ansible Vault at vars/gateway-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str aap_token: default: None required: false - description: > - Gateway Admin User's token on the Ansible gateway Server. - This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. - Either username / password or oauthtoken need to be specified. + description: Gateway Admin User's token on the Ansible gateway Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified. type: str ... diff --git a/roles/gateway_applications/tasks/main.yml b/roles/gateway_applications/tasks/main.yml index 9009de03b..0f9d9c3e9 100644 --- a/roles/gateway_applications/tasks/main.yml +++ b/roles/gateway_applications/tasks/main.yml @@ -47,7 +47,8 @@ loop: "{{ __gateway_applications_job_async.results }}" loop_control: loop_var: __gateway_applications_job_async_results_item - label: "{{ __operation.verb }} AAP Platform Applications {{ __gateway_applications_job_async_results_item.__gateway_application_item.name }} | Wait for finish the Applications {{ __operation.action }}" + label: "{{ __operation.verb }} AAP Platform Applications {{ __gateway_applications_job_async_results_item.__gateway_application_item.name }} | Wait for finish + the Applications {{ __operation.action }}" when: __gateway_applications_job_async_results_item.ansible_job_id is defined no_log: "{{ gateway_applications_secure_logging }}" vars: diff --git a/roles/gateway_applications/tests/test.yml b/roles/gateway_applications/tests/test.yml index a5ea5f4b6..fdcba1789 100644 --- a/roles/gateway_applications/tests/test.yml +++ b/roles/gateway_applications/tests/test.yml @@ -13,8 +13,8 @@ - name: Include vars from gateway_configs directory ansible.builtin.include_vars: dir: ./configs - extensions: ["yml"] + extensions: [yml] roles: - - {role: gateway_applications, when: gateway_applications is defined} + - { role: gateway_applications, when: gateway_applications is defined } ... diff --git a/roles/gateway_authenticator_maps/README.md b/roles/gateway_authenticator_maps/README.md index 5eed05ed6..ac34a5a9a 100644 --- a/roles/gateway_authenticator_maps/README.md +++ b/roles/gateway_authenticator_maps/README.md @@ -10,7 +10,7 @@ An Ansible Role to add Authenticator Maps on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to add Authenticator Maps on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_authenticator_maps_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_authenticator_maps_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_authenticator_maps_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_authenticator_maps/defaults/main.yml b/roles/gateway_authenticator_maps/defaults/main.yml index 535080129..5e311741d 100644 --- a/roles/gateway_authenticator_maps/defaults/main.yml +++ b/roles/gateway_authenticator_maps/defaults/main.yml @@ -14,5 +14,5 @@ gateway_authenticator_maps_secure_logging: "{{ aap_configuration_secure_logging gateway_authenticator_maps_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_authenticator_maps_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_authenticator_maps_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_authenticator_maps/meta/argument_specs.yml b/roles/gateway_authenticator_maps/meta/argument_specs.yml index f09d286dc..cdbe3b639 100644 --- a/roles/gateway_authenticator_maps/meta/argument_specs.yml +++ b/roles/gateway_authenticator_maps/meta/argument_specs.yml @@ -28,22 +28,14 @@ argument_specs: description: If a user does not meet this rule should we revoke the permission map_type: type: str - description: | - What does the map work on, a team, a user flag or is this an allow rule - Defaults to "team" (by API) + description: What does the map work on, a team, a user flag or is this an allow rule. Defaults to "team" (by API) choices: [allow, is_superuser, team, organization, role] team: type: str - description: | - A team name this rule works on - required if map_type is a 'team' - required if role's content type is a 'team' + description: A team name this rule works on required if map_type is a 'team' required if role's content type is a 'team' organization: type: str - description: | - An organization name this rule works on - required if map_type is either 'organization' or 'team' - required if role's content type is either 'organization' or 'team' + description: An organization name this rule works on required if map_type is either 'organization' or 'team' required if role's content type is either 'organization' or 'team' role: type: str description: The name of the RBAC Role Definition to be used for this map @@ -52,10 +44,7 @@ argument_specs: description: Trigger information for this rule order: type: int - description: | - The order in which this rule should be processed, smaller numbers are of higher precedence - Items with the same order will be executed in random order - Value must be greater or equal to 0 + description: The order in which this rule should be processed, smaller numbers are of higher precedence Items with the same order will be executed in random order Value must be greater or equal to 0 state: default: "{{ platform_state | default('present') }}" required: false @@ -80,11 +69,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables @@ -92,9 +79,7 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_authenticator_maps/tasks/main.yml b/roles/gateway_authenticator_maps/tasks/main.yml index ee4859322..27d089ab7 100644 --- a/roles/gateway_authenticator_maps/tasks/main.yml +++ b/roles/gateway_authenticator_maps/tasks/main.yml @@ -45,7 +45,8 @@ loop: "{{ __gateway_authenticator_maps_job_async.results }}" loop_control: loop_var: __gateway_authenticator_maps_job_async_results_item - label: "{{ __operation.verb }} AAP Platform Authenticator Maps {{ __gateway_authenticator_maps_job_async_results_item.__gateway_authenticator_maps_item.name }} | Wait for finish the Authenticator Map {{ __operation.action }}" + label: "{{ __operation.verb }} AAP Platform Authenticator Maps {{ __gateway_authenticator_maps_job_async_results_item.__gateway_authenticator_maps_item.name }} + | Wait for finish the Authenticator Map {{ __operation.action }}" when: __gateway_authenticator_maps_job_async_results_item.ansible_job_id is defined no_log: "{{ gateway_authenticator_maps_secure_logging }}" vars: diff --git a/roles/gateway_authenticators/README.md b/roles/gateway_authenticators/README.md index e096aac43..c99d4c61f 100644 --- a/roles/gateway_authenticators/README.md +++ b/roles/gateway_authenticators/README.md @@ -10,7 +10,7 @@ An Ansible Role to add Authenticators on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to add Authenticators on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_authenticators_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_authenticators_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_authenticators_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_authenticators/defaults/main.yml b/roles/gateway_authenticators/defaults/main.yml index 5e610ef32..d562428d3 100644 --- a/roles/gateway_authenticators/defaults/main.yml +++ b/roles/gateway_authenticators/defaults/main.yml @@ -14,5 +14,5 @@ gateway_authenticators_secure_logging: "{{ aap_configuration_secure_logging | de gateway_authenticators_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_authenticators_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_authenticators_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_authenticators/meta/argument_specs.yml b/roles/gateway_authenticators/meta/argument_specs.yml index 37f20fd04..b46bf4d1f 100644 --- a/roles/gateway_authenticators/meta/argument_specs.yml +++ b/roles/gateway_authenticators/meta/argument_specs.yml @@ -18,9 +18,7 @@ argument_specs: description: Setting this option will change the existing name (looked up via the name field) slug: type: str - description: | - An immutable identifier for the authenticator - Must be unique + description: An immutable identifier for the authenticator Must be unique enabled: type: bool default: false @@ -67,11 +65,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables @@ -79,9 +75,7 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_authenticators/tasks/main.yml b/roles/gateway_authenticators/tasks/main.yml index 169d71f90..6784f22d5 100644 --- a/roles/gateway_authenticators/tasks/main.yml +++ b/roles/gateway_authenticators/tasks/main.yml @@ -43,7 +43,8 @@ loop: "{{ __gateway_authenticators_job_async.results }}" loop_control: loop_var: __gateway_authenticators_job_async_results_item - label: "{{ __operation.verb }} AAP Platform Authenticators {{ __gateway_authenticators_job_async_results_item.__gateway_authenticators_item.name }} | Wait for finish the Authenticators {{ __operation.action }}" + label: "{{ __operation.verb }} AAP Platform Authenticators {{ __gateway_authenticators_job_async_results_item.__gateway_authenticators_item.name }} | Wait for + finish the Authenticators {{ __operation.action }}" when: __gateway_authenticators_job_async_results_item.ansible_job_id is defined no_log: "{{gateway_authenticators_secure_logging }}" vars: diff --git a/roles/gateway_http_ports/README.md b/roles/gateway_http_ports/README.md index f1aaf8f4d..379314b82 100644 --- a/roles/gateway_http_ports/README.md +++ b/roles/gateway_http_ports/README.md @@ -10,7 +10,7 @@ An Ansible Role to add proxy Http Ports on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to add proxy Http Ports on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_http_ports_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_http_ports_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_http_ports_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -58,7 +58,7 @@ Options for the `http_ports_list` variable: | `new_name` | N/A | no | str | Setting this option will change the existing name (looked up via the name field) | | `number` | N/A | no | int | Port number, must be unique | | `use_https` | `false` | no | bool | Secure this port with HTTPS | -| `is_api_port` | `false` | no | bool | If true, port is used for serving remote AAP APIs. Only one can be set to True | +| `is_api_port` | `false` | no | bool | If true, port is used for serving remote AAP APIs. Only one can be set to true | | `state` | `present` | no | str | Desired state of the resource. | **Unique value:** diff --git a/roles/gateway_http_ports/defaults/main.yml b/roles/gateway_http_ports/defaults/main.yml index 9df4a4b40..0e52963ad 100644 --- a/roles/gateway_http_ports/defaults/main.yml +++ b/roles/gateway_http_ports/defaults/main.yml @@ -19,5 +19,5 @@ gateway_http_ports_secure_logging: "{{ aap_configuration_secure_logging | defaul gateway_http_ports_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_http_ports_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_http_ports_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_http_ports/meta/argument_specs.yml b/roles/gateway_http_ports/meta/argument_specs.yml index 0220be1dd..e80f896e8 100644 --- a/roles/gateway_http_ports/meta/argument_specs.yml +++ b/roles/gateway_http_ports/meta/argument_specs.yml @@ -18,9 +18,7 @@ argument_specs: description: Setting this option will change the existing name (looked up via the name field) number: type: int - description: | - Port number, must be unique - Required when creating new Http Port + description: Port number, must be unique Required when creating new Http Port use_https: default: false type: bool @@ -28,7 +26,7 @@ argument_specs: is_api_port: default: false type: bool - description: If true, port is used for serving remote AAP APIs. Only one can be set to True + description: If true, port is used for serving remote AAP APIs. Only one can be set to true state: default: "{{ platform_state | default('present') }}" required: false @@ -53,11 +51,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables @@ -65,9 +61,7 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_http_ports/tasks/main.yml b/roles/gateway_http_ports/tasks/main.yml index 0dc557e4b..e2c7a8a4a 100644 --- a/roles/gateway_http_ports/tasks/main.yml +++ b/roles/gateway_http_ports/tasks/main.yml @@ -39,7 +39,8 @@ loop: "{{ __gateway_http_ports_job_async.results }}" loop_control: loop_var: __gateway_http_ports_job_async_results_item - label: "{{ __operation.verb }} AAP Platform Http Ports {{ __gateway_http_ports_job_async_results_item.__gateway_http_ports_item.name }} | Wait for finish the Http Ports {{ __operation.action }}" + label: "{{ __operation.verb }} AAP Platform Http Ports {{ __gateway_http_ports_job_async_results_item.__gateway_http_ports_item.name }} | Wait for finish the + Http Ports {{ __operation.action }}" when: __gateway_http_ports_job_async_results_item.ansible_job_id is defined no_log: "{{ gateway_http_ports_secure_logging }}" vars: diff --git a/roles/gateway_organizations/README.md b/roles/gateway_organizations/README.md index d3d0a6db9..ada615e32 100644 --- a/roles/gateway_organizations/README.md +++ b/roles/gateway_organizations/README.md @@ -10,7 +10,7 @@ An Ansible Role to add Organizations on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to add Organizations on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. aap_organizations_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`aap_organizations_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`aap_organizations_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_organizations/defaults/main.yml b/roles/gateway_organizations/defaults/main.yml index 45d844ebb..d9afa8a05 100644 --- a/roles/gateway_organizations/defaults/main.yml +++ b/roles/gateway_organizations/defaults/main.yml @@ -14,5 +14,5 @@ gateway_organizations_secure_logging: "{{ aap_configuration_secure_logging | def gateway_organizations_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_organizations_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_organizations_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_organizations/meta/argument_specs.yml b/roles/gateway_organizations/meta/argument_specs.yml index 97921f29c..070c72da3 100644 --- a/roles/gateway_organizations/meta/argument_specs.yml +++ b/roles/gateway_organizations/meta/argument_specs.yml @@ -43,21 +43,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_organizations_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_role_user_assignments/README.md b/roles/gateway_role_user_assignments/README.md index 42b101930..3dc2c5744 100644 --- a/roles/gateway_role_user_assignments/README.md +++ b/roles/gateway_role_user_assignments/README.md @@ -10,7 +10,7 @@ An Ansible Role to give a user permission to a resource like an organization. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to give a user permission to a resource like an organization. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_role_user_assignments_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_role_user_assignments_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_role_user_assignments_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_role_user_assignments/defaults/main.yml b/roles/gateway_role_user_assignments/defaults/main.yml index add6389fe..493f24155 100644 --- a/roles/gateway_role_user_assignments/defaults/main.yml +++ b/roles/gateway_role_user_assignments/defaults/main.yml @@ -14,5 +14,5 @@ gateway_role_user_assignments_secure_logging: "{{ aap_configuration_secure_loggi gateway_role_user_assignments_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_role_user_assignments_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_role_user_assignments_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_role_user_assignments/meta/argument_specs.yml b/roles/gateway_role_user_assignments/meta/argument_specs.yml index db06bf68e..79cf4ae5c 100644 --- a/roles/gateway_role_user_assignments/meta/argument_specs.yml +++ b/roles/gateway_role_user_assignments/meta/argument_specs.yml @@ -58,11 +58,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables @@ -70,9 +68,7 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_routes/README.md b/roles/gateway_routes/README.md index f0ae9a783..bca0db611 100644 --- a/roles/gateway_routes/README.md +++ b/roles/gateway_routes/README.md @@ -12,7 +12,7 @@ http port and path in the destination service (gateway, controller, hub, eda). |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -23,13 +23,13 @@ http port and path in the destination service (gateway, controller, hub, eda). The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_routes_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_routes_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_routes_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_routes/defaults/main.yml b/roles/gateway_routes/defaults/main.yml index e1d8507fa..972937559 100644 --- a/roles/gateway_routes/defaults/main.yml +++ b/roles/gateway_routes/defaults/main.yml @@ -15,5 +15,5 @@ gateway_routes_async_retries: "{{ aap_configuration_async_retries | default(30) gateway_routes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_routes_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" gateway_routes_enforce_defaults: "{{ aap_configuration_enforce_defaults | default(false) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_routes/meta/argument_specs.yml b/roles/gateway_routes/meta/argument_specs.yml index 4135cfc16..5d5b6a220 100644 --- a/roles/gateway_routes/meta/argument_specs.yml +++ b/roles/gateway_routes/meta/argument_specs.yml @@ -21,18 +21,12 @@ argument_specs: description: Description of the service gateway_path: type: str - description: | - Path on the AAP gateway to listen to traffic on - Required when creating a new Route + description: Path on the AAP gateway to listen to traffic on Required when creating a new Route http_port: - description: | - Name or ID referencing the Http Port - Required when creating a new Route + description: Name or ID referencing the Http Port Required when creating a new Route type: str service_cluster: - description: | - Name or ID referencing the Service Cluster - Required when creating a new Route + description: Name or ID referencing the Service Cluster Required when creating a new Route type: str is_service_https: type: bool @@ -43,19 +37,13 @@ argument_specs: description: If false, the AAP gateway will not insert a gateway token into the proxied request service_path: type: str - description: | - URL path on the AAP Service cluster to route traffic to - Required when creating a new Route + description: URL path on the AAP Service cluster to route traffic to Required when creating a new Route service_port: type: int - description: | - Port on the service to route traffic to - Required when creating a new Route + description: Port on the service to route traffic to Required when creating a new Route node_tags: type: str - description: | - Comma separated string - Selects which (tagged) nodes receive traffic from this route + description: Comma separated string Selects which (tagged) nodes receive traffic from this route state: default: "{{ platform_state | default('present') }}" required: false @@ -80,11 +68,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables @@ -92,9 +78,7 @@ argument_specs: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_service_clusters/README.md b/roles/gateway_service_clusters/README.md index 316d84bc7..e6310204d 100644 --- a/roles/gateway_service_clusters/README.md +++ b/roles/gateway_service_clusters/README.md @@ -10,7 +10,7 @@ An Ansible Role to configure Service Clusters on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to configure Service Clusters on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_service_clusters_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_service_clusters_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_service_clusters_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_service_clusters/defaults/main.yml b/roles/gateway_service_clusters/defaults/main.yml index 97def311d..4995fb66e 100644 --- a/roles/gateway_service_clusters/defaults/main.yml +++ b/roles/gateway_service_clusters/defaults/main.yml @@ -14,5 +14,5 @@ gateway_service_clusters_secure_logging: "{{ aap_configuration_secure_logging | gateway_service_clusters_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_service_clusters_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_service_clusters_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_service_clusters/meta/argument_specs.yml b/roles/gateway_service_clusters/meta/argument_specs.yml index 6f140f839..2f3813cc8 100644 --- a/roles/gateway_service_clusters/meta/argument_specs.yml +++ b/roles/gateway_service_clusters/meta/argument_specs.yml @@ -18,9 +18,7 @@ argument_specs: description: Setting this option will change the existing name (looked up via the name field) service_type: type: str - description: | - Type of service ["hub", "controller", "eda", "gateway"] - Required when creating new Service Cluster + description: Type of service ["hub", "controller", "eda", "gateway"] Required when creating new Service Cluster state: default: "{{ platform_state | default('present') }}" required: false @@ -75,21 +73,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_service_clusters_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_service_clusters/tasks/main.yml b/roles/gateway_service_clusters/tasks/main.yml index 1b80e22a5..cac1bf81f 100644 --- a/roles/gateway_service_clusters/tasks/main.yml +++ b/roles/gateway_service_clusters/tasks/main.yml @@ -47,7 +47,8 @@ loop: "{{ __gateway_service_clusters_job_async.results }}" loop_control: loop_var: __gateway_service_clusters_job_async_results_item - label: "{{ __operation.verb }} Label {{ __gateway_service_clusters_job_async_results_item.__gateway_service_clusters_item.name }} | Wait for finish the Label {{ __operation.action }}" + label: "{{ __operation.verb }} Label {{ __gateway_service_clusters_job_async_results_item.__gateway_service_clusters_item.name }} | Wait for finish the Label + {{ __operation.action }}" when: __gateway_service_clusters_job_async_results_item.ansible_job_id is defined no_log: "{{ gateway_service_clusters_secure_logging }}" vars: diff --git a/roles/gateway_service_keys/README.md b/roles/gateway_service_keys/README.md index 040652cf2..8a2323e07 100644 --- a/roles/gateway_service_keys/README.md +++ b/roles/gateway_service_keys/README.md @@ -10,7 +10,7 @@ An Ansible Role to configure Service Keys on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to configure Service Keys on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_service_keys_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_service_keys_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_service_keys_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_service_keys/defaults/main.yml b/roles/gateway_service_keys/defaults/main.yml index d01b9b1c5..49f7fe16e 100644 --- a/roles/gateway_service_keys/defaults/main.yml +++ b/roles/gateway_service_keys/defaults/main.yml @@ -14,5 +14,5 @@ gateway_service_keys_secure_logging: "{{ aap_configuration_secure_logging | defa gateway_service_keys_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_service_keys_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_service_keys_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_service_keys/meta/argument_specs.yml b/roles/gateway_service_keys/meta/argument_specs.yml index e3199450f..9decaf524 100644 --- a/roles/gateway_service_keys/meta/argument_specs.yml +++ b/roles/gateway_service_keys/meta/argument_specs.yml @@ -23,22 +23,17 @@ argument_specs: description: Type of service ("hub", "controller", "eda", "gateway") type: str algorithm: - description: | - algorithm to use for this Service Key + description: algorithm to use for this Service Key choices: [HS256, HS384, HS512] secret: type: str - description: | - secret to use for this Service Key - required when creating new Service Key, non-editable + description: secret to use for this Service Key required when creating new Service Key, non-editable secret_length: type: int - description: | - Number of random bytes in the secret + description: Number of random bytes in the secret mark_previous_inactive: type: str - description: | - If true any other secret keys for this service will become inactive + description: If true any other secret keys for this service will become inactive state: default: "{{ platform_state | default('present') }}" required: false @@ -63,12 +58,9 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_service_keys_secure_logging: diff --git a/roles/gateway_service_nodes/README.md b/roles/gateway_service_nodes/README.md index fa5647b58..d6dab2537 100644 --- a/roles/gateway_service_nodes/README.md +++ b/roles/gateway_service_nodes/README.md @@ -10,7 +10,7 @@ An Ansible Role to configure Service Nodes on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -30,20 +30,20 @@ Enabling this will enforce configurtion without specifying every option in the c |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_service_nodes_enforce_defaults`|`False`|no|Whether or not to enforce default option values on only the applications role| -|`aap_configuration_enforce_defaults`|`False`|no|This variable enables enforced default values as well, but is shared globally.| +|`gateway_service_nodes_enforce_defaults`|`false`|no|Whether or not to enforce default option values on only the applications role| +|`aap_configuration_enforce_defaults`|`false`|no|This variable enables enforced default values as well, but is shared globally.| ### Secure Logging Variables The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_service_nodes_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_service_nodes_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_service_nodes_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_service_nodes/defaults/main.yml b/roles/gateway_service_nodes/defaults/main.yml index 8a4694edd..b96da954f 100644 --- a/roles/gateway_service_nodes/defaults/main.yml +++ b/roles/gateway_service_nodes/defaults/main.yml @@ -14,5 +14,5 @@ gateway_service_nodes_secure_logging: "{{ aap_configuration_secure_logging | def gateway_service_nodes_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_service_nodes_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_service_nodes_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_service_nodes/meta/argument_specs.yml b/roles/gateway_service_nodes/meta/argument_specs.yml index c278a2068..3bcefa15d 100644 --- a/roles/gateway_service_nodes/meta/argument_specs.yml +++ b/roles/gateway_service_nodes/meta/argument_specs.yml @@ -51,21 +51,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_service_nodes_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_services/README.md b/roles/gateway_services/README.md index 0c7b37230..53a6a258b 100644 --- a/roles/gateway_services/README.md +++ b/roles/gateway_services/README.md @@ -12,7 +12,7 @@ http port and path in the destination service (gateway, controller, hub, eda). |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -23,13 +23,13 @@ http port and path in the destination service (gateway, controller, hub, eda). The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_services_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_services_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_services_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_services/defaults/main.yml b/roles/gateway_services/defaults/main.yml index f63eb9f96..999e74d94 100644 --- a/roles/gateway_services/defaults/main.yml +++ b/roles/gateway_services/defaults/main.yml @@ -14,5 +14,5 @@ gateway_services_secure_logging: "{{ aap_configuration_secure_logging | default( gateway_services_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_services_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_services_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_services/meta/argument_specs.yml b/roles/gateway_services/meta/argument_specs.yml index 62b2095af..1948a8f4c 100644 --- a/roles/gateway_services/meta/argument_specs.yml +++ b/roles/gateway_services/meta/argument_specs.yml @@ -21,18 +21,12 @@ argument_specs: description: Description of the service api_slug: type: str - description: | - URL slug for the gateway API path for the Controller, Hub and EDA services - Gateway API route requires value "gateway", but the slug is not used + description: URL slug for the gateway API path for the Controller, Hub and EDA services Gateway API route requires value "gateway", but the slug is not used http_port: - description: | - Name or ID referencing the Http Port - Required when creating a new Service + description: Name or ID referencing the Http Port Required when creating a new Service type: str service_cluster: - description: | - Name or ID referencing the Service Cluster - Required when creating a new Service + description: Name or ID referencing the Service Cluster Required when creating a new Service type: str is_service_https: type: bool @@ -43,19 +37,13 @@ argument_specs: description: If false, the AAP gateway will not insert a gateway token into the proxied request service_path: type: str - description: | - URL path on the AAP Service cluster to route traffic to - Required when creating a new Service + description: URL path on the AAP Service cluster to route traffic to Required when creating a new Service service_port: type: int - description: | - Port on the service to route traffic to - Required when creating a new Service + description: Port on the service to route traffic to Required when creating a new Service node_tags: type: str - description: | - Comma separated string - Selects which (tagged) nodes receive traffic from this route + description: Comma separated string Selects which (tagged) nodes receive traffic from this route order: type: int description: The order to apply the routes in lower numbers are first. Items with the same value have no guaranteed order @@ -83,21 +71,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_services_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_settings/README.md b/roles/gateway_settings/README.md index 6874a3743..02c992f9d 100644 --- a/roles/gateway_settings/README.md +++ b/roles/gateway_settings/README.md @@ -8,7 +8,7 @@ An Ansible role to alter Settings on Ansible Automation Gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -19,13 +19,13 @@ An Ansible role to alter Settings on Ansible Automation Gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_services_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_services_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_services_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure diff --git a/roles/gateway_settings/meta/argument_specs.yml b/roles/gateway_settings/meta/argument_specs.yml index 3c202a8b1..e7b199cc0 100644 --- a/roles/gateway_settings/meta/argument_specs.yml +++ b/roles/gateway_settings/meta/argument_specs.yml @@ -4,9 +4,7 @@ argument_specs: short_description: An Ansible Role to create settings on automation platform gateway. options: gateway_settings: - description: >- - Data structure describing your settings. Type is list if providing - name/value and type dict if providing settings. + description: Data structure describing your settings. Type is list if providing name/value and type dict if providing settings. required: true type: raw # Async variables @@ -27,21 +25,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_services_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_teams/README.md b/roles/gateway_teams/README.md index 205d1a1e3..ca380ec8b 100644 --- a/roles/gateway_teams/README.md +++ b/roles/gateway_teams/README.md @@ -10,7 +10,7 @@ An Ansible Role to add Teams on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to add Teams on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_teams_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_teams_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_teams_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/gateway_teams/defaults/main.yml b/roles/gateway_teams/defaults/main.yml index e2131b7bf..2ea9dda43 100644 --- a/roles/gateway_teams/defaults/main.yml +++ b/roles/gateway_teams/defaults/main.yml @@ -14,5 +14,5 @@ gateway_teams_secure_logging: "{{ aap_configuration_secure_logging | default('fa gateway_teams_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_teams_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_teams_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_teams/meta/argument_specs.yml b/roles/gateway_teams/meta/argument_specs.yml index 69b572e04..77775f5c2 100644 --- a/roles/gateway_teams/meta/argument_specs.yml +++ b/roles/gateway_teams/meta/argument_specs.yml @@ -50,21 +50,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_teams_secure_logging: default: "{{ aap_configuration_secure_logging | default(false) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/gateway_users/README.md b/roles/gateway_users/README.md index f14ab6312..71aa052ba 100644 --- a/roles/gateway_users/README.md +++ b/roles/gateway_users/README.md @@ -10,7 +10,7 @@ An Ansible Role to configure users on Ansible Automation gateway. |:---|:---:|:---:|:---|:---| |`platform_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`aap_token`|""|no|Controller Admin User's token on the Ansible Automation Platform Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -21,13 +21,13 @@ An Ansible Role to configure users on Ansible Automation gateway. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. gateway_users_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`gateway_users_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`gateway_users_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -63,7 +63,7 @@ Options for the `aap_user_accounts` variable: | `authenticators` | N/A | no | list | List of authenticators this user is associated with | | `authenticator_uid` | N/A | no | bool | UID coming from the authenticators the user is associated with | | `state` | `present` | no | str | Desired state of the resource. | -| `update_secrets` | 'true' | no | bool | True will always change password if user specifies password, even if API gives $encrypted$ for password. False will only set the password if other values change too. | +| `update_secrets` | 'true' | no | bool | true will always change password if user specifies password, even if API gives $encrypted$ for password. false will only set the password if other values change too. | **Unique value:** diff --git a/roles/gateway_users/defaults/main.yml b/roles/gateway_users/defaults/main.yml index 0541602a3..614f71c38 100644 --- a/roles/gateway_users/defaults/main.yml +++ b/roles/gateway_users/defaults/main.yml @@ -29,5 +29,5 @@ gateway_users_secure_logging: "{{ aap_configuration_secure_logging | default('fa gateway_users_async_retries: "{{ aap_configuration_async_retries | default(30) }}" gateway_users_async_delay: "{{ aap_configuration_async_delay | default(1) }}" gateway_users_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/gateway_users/meta/argument_specs.yml b/roles/gateway_users/meta/argument_specs.yml index c7f71efa1..1a566d387 100644 --- a/roles/gateway_users/meta/argument_specs.yml +++ b/roles/gateway_users/meta/argument_specs.yml @@ -39,8 +39,8 @@ argument_specs: # required: false # type: bool # description: > - # True will always change password if user specifies password, even if API gives $encrypted$ for password. - # False will only set the password if other values change too. + # true will always change password if user specifies password, even if API gives $encrypted$ for password. + # false will only set the password if other values change too. # organization: # required: false # type: str @@ -83,21 +83,16 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false - description: > - Sets the directory to write the results file for async tasks. - The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. - + description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `~/.ansible_async`. # No_log variables gateway_users_secure_logging: default: "{{ aap_configuration_secure_logging | default(true) }}" required: false type: bool - description: > - Whether or not to include the sensitive tasks from this role in the log. - Set this value to `true` if you will be providing your sensitive values from elsewhere. + description: Whether or not to include the sensitive tasks from this role in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere. aap_configuration_secure_logging: default: true required: false diff --git a/roles/global_vars/defaults/main.yml b/roles/global_vars/defaults/main.yml index 35e450d5f..f929c4b36 100644 --- a/roles/global_vars/defaults/main.yml +++ b/roles/global_vars/defaults/main.yml @@ -2,12 +2,12 @@ # defaults file for global_vars operation_translate: present: - verb: "Create/Update" - action: "creation" + verb: Create/Update + action: creation absent: - verb: "Remove" - action: "deletion" + verb: Remove + action: deletion exists: - verb: "Already Exists" - action: "exists" + verb: Already Exists + action: exists ... diff --git a/roles/global_vars/meta/main.yml b/roles/global_vars/meta/main.yml index c8a431681..c299c9357 100644 --- a/roles/global_vars/meta/main.yml +++ b/roles/global_vars/meta/main.yml @@ -1,8 +1,8 @@ --- galaxy_info: - author: "Ivan Aragonés" - description: "Global variables to be consumed by any other role in the collection" - company: "Red Hat" + author: Ivan Aragonés + description: Global variables to be consumed by any other role in the collection + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -49,6 +49,4 @@ galaxy_info: # Maximum 20 tags per role. dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. ... diff --git a/roles/hub_collection/README.md b/roles/hub_collection/README.md index 83dbea563..3719e2503 100644 --- a/roles/hub_collection/README.md +++ b/roles/hub_collection/README.md @@ -11,7 +11,7 @@ An Ansible Role to update, or destroy Automation Hub Collections. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -57,13 +57,13 @@ This also speeds up the overall role. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add repository task does not include sensitive information. +The role defaults to false as normally the add repository task does not include sensitive information. hub_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_collection_secure_logging`|`False`|no|Whether or not to include the sensitive collection role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_collection_secure_logging`|`false`|no|Whether or not to include the sensitive collection role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ## Data Structure diff --git a/roles/hub_collection/defaults/main.yml b/roles/hub_collection/defaults/main.yml index 78627a97f..7db803eb8 100644 --- a/roles/hub_collection/defaults/main.yml +++ b/roles/hub_collection/defaults/main.yml @@ -23,5 +23,5 @@ hub_configuration_collection_async_timeout: "{{ aap_configuration_async_timeout hub_configuration_collection_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_collection_async_delay: "{{ aap_configuration_async_delay | default(1) }}" hub_configuration_collection_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_collection/meta/argument_specs.yml b/roles/hub_collection/meta/argument_specs.yml index e90bc692e..61b43e2ba 100644 --- a/roles/hub_collection/meta/argument_specs.yml +++ b/roles/hub_collection/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_collection/meta/main.yml b/roles/hub_collection/meta/main.yml index 64a7a62fe..b88ce42b0 100644 --- a/roles/hub_collection/meta/main.yml +++ b/roles/hub_collection/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_collection" - author: "Inderpal Tiwana" - description: "An Ansible Role to update, or destroy Automation Hub Collections." - company: "Red Hat" + role_name: hub_collection + author: Inderpal Tiwana + description: An Ansible Role to update, or destroy Automation Hub Collections. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "collection" - - "sync" + - automationhub + - galaxy + - configuration + - collection + - sync dependencies: - role: global_vars diff --git a/roles/hub_collection/tasks/main.yml b/roles/hub_collection/tasks/main.yml index 9767dff52..81a49d317 100644 --- a/roles/hub_collection/tasks/main.yml +++ b/roles/hub_collection/tasks/main.yml @@ -16,24 +16,24 @@ - name: Update or destroy Automation Hub Collection ansible.hub.ah_collection: - namespace: "{{ __hub_collection_item.namespace }}" - name: "{{ __hub_collection_item.name }}" - version: "{{ __hub_collection_item.version | default(omit) }}" - path: "{{ __hub_collection_item.path | default(omit) }}" - repository: "{{ __hub_collection_item.repository | default(omit) }}" - wait: "{{ __hub_collection_item.wait | default(omit) }}" - auto_approve: "{{ __hub_collection_item.auto_approve | default(omit) }}" - timeout: "{{ __hub_collection_item.timeout | default(omit) }}" - interval: "{{ __hub_collection_item.interval | default(omit) }}" - overwrite_existing: "{{ __hub_collection_item.overwrite_existing | default(omit) }}" - state: "{{ __hub_collection_item.state | default('present') }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_token: "{{ aap_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + namespace: "{{ __hub_collection_item.namespace }}" + name: "{{ __hub_collection_item.name }}" + version: "{{ __hub_collection_item.version | default(omit) }}" + path: "{{ __hub_collection_item.path | default(omit) }}" + repository: "{{ __hub_collection_item.repository | default(omit) }}" + wait: "{{ __hub_collection_item.wait | default(omit) }}" + auto_approve: "{{ __hub_collection_item.auto_approve | default(omit) }}" + timeout: "{{ __hub_collection_item.timeout | default(omit) }}" + interval: "{{ __hub_collection_item.interval | default(omit) }}" + overwrite_existing: "{{ __hub_collection_item.overwrite_existing | default(omit) }}" + state: "{{ __hub_collection_item.state | default('present') }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_collections }}" loop_control: loop_var: __hub_collection_item @@ -46,13 +46,13 @@ changed_when: not __collections_job_async.changed vars: __operation: "{{ operation_translate[__hub_collection_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" - name: Sleep for 10 seconds and continue with play ansible.builtin.wait_for: timeout: 10 -- name: "Update/Destroy collection | Wait for finish the update/destruction of collection" +- name: Update/Destroy collection | Wait for finish the update/destruction of collection ansible.builtin.async_status: jid: "{{ __collections_job_async_result_item.ansible_job_id }}" register: __collections_job_async_result @@ -67,5 +67,5 @@ no_log: "{{ hub_configuration_collection_secure_logging }}" vars: __operation: "{{ operation_translate[__collections_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_collection/tests/test.yml b/roles/hub_collection/tests/test.yml index 5739e1a9c..0bb618811 100644 --- a/roles/hub_collection/tests/test.yml +++ b/roles/hub_collection/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_collection_remote/README.md b/roles/hub_collection_remote/README.md index a69d0ad05..0b9862150 100644 --- a/roles/hub_collection_remote/README.md +++ b/roles/hub_collection_remote/README.md @@ -11,7 +11,7 @@ An Ansible Role to create a Collection Remote Repository. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -24,13 +24,13 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add repository task does not include sensitive information. +The role defaults to false as normally the add repository task does not include sensitive information. hub_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_collection_remote_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_collection_remote_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -66,7 +66,7 @@ This also speeds up the overall role. |`requirements_file`|``|no|A yaml requirements file to download from remote. In requirements file format. Exclusive with `requirements` || |`username`|``|no|Username to authenticate to the remote repository.|| |`password`|``|no|Password to authenticate to the remote repository.|| -|`tls_validation`|`True`|no|Whether to use TLS validation against the remote repository|True| +|`tls_validation`|`true`|no|Whether to use TLS validation against the remote repository|true| |`client_key`|``|no|A PEM encoded private key file used for authentication|| |`client_cert`|``|no|A PEM encoded client certificate used for authentication|| |`ca_cert`|``|no|A PEM encoded CA certificate used for authentication|| @@ -76,8 +76,8 @@ This also speeds up the overall role. |`download_concurrency`|`10`|no| Number of concurrent collections to download.|| |`max_retries`|`0`|no|Retries to use when running sync. Default is 0 which does not limit.|| |`rate_limit`|`8`|no|Limits total download rate in requests per second.|| -|`signed_only`|`False`|no|Only download signed collections|False| -|`sync_dependencies`|`True`|no|Whether to download dependencies when syncing collections.|False| +|`signed_only`|`false`|no|Only download signed collections|false| +|`sync_dependencies`|`true`|no|Whether to download dependencies when syncing collections.|false| |`proxy_url`|``|no|The URL for the proxy. Defaults to global `proxy_url` variable.|| |`proxy_username`|``|no|The username for the proxy authentication. Defaults to global `proxy_username` variable.|| |`proxy_password`|``|no|The password for the proxy authentication. Defaults to global `proxy_password` variable.|| diff --git a/roles/hub_collection_remote/defaults/main.yml b/roles/hub_collection_remote/defaults/main.yml index 6d28b5716..4c989123a 100644 --- a/roles/hub_collection_remote/defaults/main.yml +++ b/roles/hub_collection_remote/defaults/main.yml @@ -12,5 +12,5 @@ hub_configuration_collection_remote_async_timeout: "{{ aap_configuration_async_t hub_configuration_collection_remote_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_collection_remote_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_collection_remote_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_collection_remote/meta/argument_specs.yml b/roles/hub_collection_remote/meta/argument_specs.yml index 365cebe79..3e8747d95 100644 --- a/roles/hub_collection_remote/meta/argument_specs.yml +++ b/roles/hub_collection_remote/meta/argument_specs.yml @@ -24,7 +24,7 @@ argument_specs: # Async variables aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_collection_remote/meta/main.yml b/roles/hub_collection_remote/meta/main.yml index 247ce0c6a..3d21db6b2 100644 --- a/roles/hub_collection_remote/meta/main.yml +++ b/roles/hub_collection_remote/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_collection_remote" - author: "Sean Sullivan" - description: "An Ansible Role to create collection remotes in Automation Hub." - company: "Red Hat" + role_name: hub_collection_remote + author: Sean Sullivan + description: An Ansible Role to create collection remotes in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,15 +25,15 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "remote" + - automationhub + - galaxy + - configuration + - remote dependencies: - role: global_vars diff --git a/roles/hub_collection_remote/tasks/main.yml b/roles/hub_collection_remote/tasks/main.yml index 524485341..adfbb508a 100644 --- a/roles/hub_collection_remote/tasks/main.yml +++ b/roles/hub_collection_remote/tasks/main.yml @@ -2,40 +2,40 @@ # Create AH repository - name: Add Automation Hub Collection Remote repository ansible.hub.collection_remote: - name: "{{ __hub_collection_remote_item.name }}" - url: "{{ __hub_collection_remote_item.url }}" - auth_url: "{{ __hub_collection_remote_item.auth_url | default(omit) }}" - token: "{{ __hub_collection_remote_item.token | default(omit) }}" - policy: "{{ __hub_collection_remote_item.policy | default(omit) }}" - requirements: "{{ __hub_collection_remote_item.requirements | default(omit) }}" - requirements_file: "{{ __hub_collection_remote_item.requirements_file | default(omit) }}" - username: "{{ __hub_collection_remote_item.username | default(omit) }}" - password: "{{ __hub_collection_remote_item.password | default(omit) }}" - tls_validation: "{{ __hub_collection_remote_item.tls_validation | default(true) }}" - client_key: "{{ __hub_collection_remote_item.client_key | default(omit) }}" - client_cert: "{{ __hub_collection_remote_item.client_cert | default(omit) }}" - ca_cert: "{{ __hub_collection_remote_item.ca_cert | default(omit) }}" - client_key_path: "{{ __hub_collection_remote_item.client_key_path | default(omit) }}" - client_cert_path: "{{ __hub_collection_remote_item.client_cert_path | default(omit) }}" - ca_cert_path: "{{ __hub_collection_remote_item.ca_cert_path | default(omit) }}" - download_concurrency: "{{ __hub_collection_remote_item.download_concurrency | default(10) }}" - max_retries: "{{ __hub_collection_remote_item.max_retries | default(0) }}" - rate_limit: "{{ __hub_collection_remote_item.rate_limit | default(8) }}" - signed_only: "{{ __hub_collection_remote_item.signed_only | default(omit) }}" - sync_dependencies: "{{ __hub_collection_remote_item.sync_dependencies | default(omit) }}" - proxy_url: "{{ __hub_collection_remote_item.proxy_url | default(proxy_url | default(omit)) }}" - proxy_username: "{{ __hub_collection_remote_item.proxy_username | default(proxy_username | default(omit)) }}" - proxy_password: "{{ __hub_collection_remote_item.proxy_password | default(proxy_password | default(omit)) }}" - state: "{{ __hub_collection_remote_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_collection_remote_item.name }}" + url: "{{ __hub_collection_remote_item.url }}" + auth_url: "{{ __hub_collection_remote_item.auth_url | default(omit) }}" + token: "{{ __hub_collection_remote_item.token | default(omit) }}" + policy: "{{ __hub_collection_remote_item.policy | default(omit) }}" + requirements: "{{ __hub_collection_remote_item.requirements | default(omit) }}" + requirements_file: "{{ __hub_collection_remote_item.requirements_file | default(omit) }}" + username: "{{ __hub_collection_remote_item.username | default(omit) }}" + password: "{{ __hub_collection_remote_item.password | default(omit) }}" + tls_validation: "{{ __hub_collection_remote_item.tls_validation | default(true) }}" + client_key: "{{ __hub_collection_remote_item.client_key | default(omit) }}" + client_cert: "{{ __hub_collection_remote_item.client_cert | default(omit) }}" + ca_cert: "{{ __hub_collection_remote_item.ca_cert | default(omit) }}" + client_key_path: "{{ __hub_collection_remote_item.client_key_path | default(omit) }}" + client_cert_path: "{{ __hub_collection_remote_item.client_cert_path | default(omit) }}" + ca_cert_path: "{{ __hub_collection_remote_item.ca_cert_path | default(omit) }}" + download_concurrency: "{{ __hub_collection_remote_item.download_concurrency | default(10) }}" + max_retries: "{{ __hub_collection_remote_item.max_retries | default(0) }}" + rate_limit: "{{ __hub_collection_remote_item.rate_limit | default(8) }}" + signed_only: "{{ __hub_collection_remote_item.signed_only | default(omit) }}" + sync_dependencies: "{{ __hub_collection_remote_item.sync_dependencies | default(omit) }}" + proxy_url: "{{ __hub_collection_remote_item.proxy_url | default(proxy_url | default(omit)) }}" + proxy_username: "{{ __hub_collection_remote_item.proxy_username | default(proxy_username | default(omit)) }}" + proxy_password: "{{ __hub_collection_remote_item.proxy_password | default(proxy_password | default(omit)) }}" + state: "{{ __hub_collection_remote_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_collection_remotes }}" loop_control: - loop_var: "__hub_collection_remote_item" + loop_var: __hub_collection_remote_item label: "{{ __operation.verb }} the collection remote {{ __hub_collection_remote_item.name }} in Hub" pause: "{{ hub_configuration_collection_remote_loop_delay }}" no_log: "{{ hub_configuration_collection_remote_secure_logging }}" @@ -45,9 +45,9 @@ changed_when: not __collection_remote_job_async.changed vars: __operation: "{{ operation_translate[__hub_collection_remote_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Repository | Wait for finish the repository creation" +- name: Create Repository | Wait for finish the repository creation ansible.builtin.async_status: jid: "{{ __collection_remote_job_async_result_item.ansible_job_id }}" register: __collection_remote_job_async_result @@ -57,11 +57,12 @@ loop: "{{ __collection_remote_job_async.results }}" loop_control: loop_var: __collection_remote_job_async_result_item - label: "{{ __operation.verb }} Collection remote {{ __collection_remote_job_async_result_item.__hub_collection_remote_item.name }} | Wait for finish the Collection remote {{ __operation.action }}" + label: "{{ __operation.verb }} Collection remote {{ __collection_remote_job_async_result_item.__hub_collection_remote_item.name }} | Wait for finish the Collection + remote {{ __operation.action }}" when: __collection_remote_job_async_result_item.ansible_job_id is defined no_log: "{{ hub_configuration_collection_remote_secure_logging }}" vars: __operation: "{{ operation_translate[__collection_remote_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_collection_remote/tests/test.yml b/roles/hub_collection_remote/tests/test.yml index ac26102ed..bd117dbeb 100644 --- a/roles/hub_collection_remote/tests/test.yml +++ b/roles/hub_collection_remote/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_collection_repository/README.md b/roles/hub_collection_repository/README.md index 92366d5bc..242df86c3 100644 --- a/roles/hub_collection_repository/README.md +++ b/roles/hub_collection_repository/README.md @@ -11,7 +11,7 @@ An Ansible Role to create a Collection Repository. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -24,13 +24,13 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add repository task does not include sensitive information. +The role defaults to false as normally the add repository task does not include sensitive information. hub_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_collection_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_collection_repository_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_collection_repository/defaults/main.yml b/roles/hub_collection_repository/defaults/main.yml index 567b98714..582e501fd 100644 --- a/roles/hub_collection_repository/defaults/main.yml +++ b/roles/hub_collection_repository/defaults/main.yml @@ -12,5 +12,5 @@ hub_configuration_collection_repository_async_timeout: "{{ aap_configuration_asy hub_configuration_collection_repository_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_collection_repository_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_collection_repository_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_collection_repository/meta/argument_specs.yml b/roles/hub_collection_repository/meta/argument_specs.yml index 4e1ff673d..517c76acf 100644 --- a/roles/hub_collection_repository/meta/argument_specs.yml +++ b/roles/hub_collection_repository/meta/argument_specs.yml @@ -12,7 +12,7 @@ argument_specs: # Async variables aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_collection_repository/meta/main.yml b/roles/hub_collection_repository/meta/main.yml index 67010afb3..d349bf450 100644 --- a/roles/hub_collection_repository/meta/main.yml +++ b/roles/hub_collection_repository/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_collection_repository" - author: "Sean Sullivan" - description: "An Ansible Role to create collection remote in Automation Hub." - company: "Red Hat" + role_name: hub_collection_repository + author: Sean Sullivan + description: An Ansible Role to create collection remote in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,15 +25,15 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "repository" + - automationhub + - galaxy + - configuration + - repository dependencies: - role: global_vars diff --git a/roles/hub_collection_repository/tasks/main.yml b/roles/hub_collection_repository/tasks/main.yml index 155f0cd2c..0f754a41e 100644 --- a/roles/hub_collection_repository/tasks/main.yml +++ b/roles/hub_collection_repository/tasks/main.yml @@ -2,24 +2,24 @@ # Create AH repository - name: Add Automation Hub Collection Remote repository ansible.hub.collection_repository: - name: "{{ __hub_collection_repository_item.name }}" - description: "{{ __hub_collection_repository_item.description | default(omit) }}" - retain_repo_versions: "{{ __hub_collection_repository_item.retain_repo_versions | default(omit) }}" - pulp_labels: "{{ __hub_collection_repository_item.pulp_labels | default(omit) }}" - distribution: "{{ __hub_collection_repository_item.distribution | default(omit) }}" - private: "{{ __hub_collection_repository_item.private | default(omit) }}" - remote: "{{ __hub_collection_repository_item.remote | default(omit) }}" - update_repo: "{{ __hub_collection_repository_item.update_repo | default(omit) }}" - wait: "{{ __hub_collection_repository_item.wait | default(omit) }}" - interval: "{{ __hub_collection_repository_item.interval | default(1) }}" - timeout: "{{ __hub_collection_repository_item.timeout | default(omit) }}" - state: "{{ __hub_collection_repository_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_collection_repository_item.name }}" + description: "{{ __hub_collection_repository_item.description | default(omit) }}" + retain_repo_versions: "{{ __hub_collection_repository_item.retain_repo_versions | default(omit) }}" + pulp_labels: "{{ __hub_collection_repository_item.pulp_labels | default(omit) }}" + distribution: "{{ __hub_collection_repository_item.distribution | default(omit) }}" + private: "{{ __hub_collection_repository_item.private | default(omit) }}" + remote: "{{ __hub_collection_repository_item.remote | default(omit) }}" + update_repo: "{{ __hub_collection_repository_item.update_repo | default(omit) }}" + wait: "{{ __hub_collection_repository_item.wait | default(omit) }}" + interval: "{{ __hub_collection_repository_item.interval | default(1) }}" + timeout: "{{ __hub_collection_repository_item.timeout | default(omit) }}" + state: "{{ __hub_collection_repository_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_collection_repositories }}" loop_control: loop_var: __hub_collection_repository_item @@ -32,9 +32,9 @@ changed_when: not __collection_repository_job_async.changed vars: __operation: "{{ operation_translate[__hub_collection_repository_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Repository | Wait for finish the repository creation" +- name: Create Repository | Wait for finish the repository creation ansible.builtin.async_status: jid: "{{ __collection_repository_job_async_result_item.ansible_job_id }}" register: __collection_repository_job_async_result @@ -44,11 +44,12 @@ loop: "{{ __collection_repository_job_async.results }}" loop_control: loop_var: __collection_repository_job_async_result_item - label: "{{ __operation.verb }} Collection repository {{ __collection_repository_job_async_result_item.__hub_collection_repository_item.name }} | Wait for finish the Collection repository {{ __operation.action }}" + label: "{{ __operation.verb }} Collection repository {{ __collection_repository_job_async_result_item.__hub_collection_repository_item.name }} | Wait for finish + the Collection repository {{ __operation.action }}" when: __collection_repository_job_async_result_item.ansible_job_id is defined no_log: "{{ hub_configuration_collection_repository_secure_logging }}" vars: __operation: "{{ operation_translate[__collection_repository_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_collection_repository/tests/test.yml b/roles/hub_collection_repository/tests/test.yml index f39a3b52d..9e80fdc2f 100644 --- a/roles/hub_collection_repository/tests/test.yml +++ b/roles/hub_collection_repository/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_collection_repository/tests/vars/repositories.yml b/roles/hub_collection_repository/tests/vars/repositories.yml index a7a4992e2..48d8a927a 100644 --- a/roles/hub_collection_repository/tests/vars/repositories.yml +++ b/roles/hub_collection_repository/tests/vars/repositories.yml @@ -1,11 +1,11 @@ --- hub_collection_repositories: - - name: "foobar" - description: "description of foobar repository" + - name: foobar + description: description of foobar repository pulp_labels: - pipeline: "approved" + pipeline: approved distribution: - name: "foobar" + name: foobar state: present remote: community ... diff --git a/roles/hub_collection_repository_sync/README.md b/roles/hub_collection_repository_sync/README.md index 53fde4a8b..5a5ffebff 100644 --- a/roles/hub_collection_repository_sync/README.md +++ b/roles/hub_collection_repository_sync/README.md @@ -11,7 +11,7 @@ An Ansible Role to sync a Collection Repository. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -24,13 +24,13 @@ The default value is set to `null` which uses the Ansible Default of `/root/.an The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add repository task does not include sensitive information. +The role defaults to false as normally the add repository task does not include sensitive information. hub_configuration_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_collection_repository_sync_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_collection_repository_sync_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_collection_repository_sync/defaults/main.yml b/roles/hub_collection_repository_sync/defaults/main.yml index 2462a3232..268c32f60 100644 --- a/roles/hub_collection_repository_sync/defaults/main.yml +++ b/roles/hub_collection_repository_sync/defaults/main.yml @@ -12,5 +12,5 @@ hub_configuration_collection_repository_sync_async_timeout: "{{ aap_configuratio hub_configuration_collection_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_collection_repository_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_collection_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_collection_repository_sync/meta/argument_specs.yml b/roles/hub_collection_repository_sync/meta/argument_specs.yml index 4e1ff673d..517c76acf 100644 --- a/roles/hub_collection_repository_sync/meta/argument_specs.yml +++ b/roles/hub_collection_repository_sync/meta/argument_specs.yml @@ -12,7 +12,7 @@ argument_specs: # Async variables aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_collection_repository_sync/meta/main.yml b/roles/hub_collection_repository_sync/meta/main.yml index 7cde4abd1..82d5972b2 100644 --- a/roles/hub_collection_repository_sync/meta/main.yml +++ b/roles/hub_collection_repository_sync/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_collection_repository_sync" - author: "Sean Sullivan" - description: "An Ansible Role to create collection remote in Automation Hub." - company: "Red Hat" + role_name: hub_collection_repository_sync + author: Sean Sullivan + description: An Ansible Role to create collection remote in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,15 +25,15 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "repository" + - automationhub + - galaxy + - configuration + - repository dependencies: - role: global_vars diff --git a/roles/hub_collection_repository_sync/tasks/main.yml b/roles/hub_collection_repository_sync/tasks/main.yml index da2773783..d8c14083e 100644 --- a/roles/hub_collection_repository_sync/tasks/main.yml +++ b/roles/hub_collection_repository_sync/tasks/main.yml @@ -2,16 +2,16 @@ # Sync AH repository - name: Sync Automation Hub Collection Remote repository ansible.hub.collection_repository_sync: - name: "{{ __hub_collection_repository_sync_item.name }}" - wait: "{{ __hub_collection_repository_sync_item.wait | default(omit) }}" - interval: "{{ __hub_collection_repository_sync_item.interval | default(1) }}" - timeout: "{{ __hub_collection_repository_sync_item.timeout | default(omit) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_collection_repository_sync_item.name }}" + wait: "{{ __hub_collection_repository_sync_item.wait | default(omit) }}" + interval: "{{ __hub_collection_repository_sync_item.interval | default(1) }}" + timeout: "{{ __hub_collection_repository_sync_item.timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_collection_repositories }}" loop_control: loop_var: __hub_collection_repository_sync_item @@ -24,9 +24,9 @@ changed_when: not __collection_repository_sync_job_async.changed vars: __operation: "{{ operation_translate[__hub_collection_repository_sync_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Sync Repository | Wait for finish the repository sync" +- name: Sync Repository | Wait for finish the repository sync ansible.builtin.async_status: jid: "{{ __collection_repository_sync_job_async_result_item.ansible_job_id }}" register: __collection_repository_sync_job_async_result @@ -36,11 +36,12 @@ loop: "{{ __collection_repository_sync_job_async.results }}" loop_control: loop_var: __collection_repository_sync_job_async_result_item - label: "{{ __operation.verb }} Collection repository sync {{ __collection_repository_sync_job_async_result_item.__hub_collection_repository_sync_item.name }} | Wait for finish the Label {{ __operation.action }}" + label: "{{ __operation.verb }} Collection repository sync {{ __collection_repository_sync_job_async_result_item.__hub_collection_repository_sync_item.name }} + | Wait for finish the Label {{ __operation.action }}" when: __collection_repository_sync_job_async_result_item.ansible_job_id is defined no_log: "{{ hub_configuration_collection_repository_sync_secure_logging }}" vars: __operation: "{{ operation_translate[__collection_repository_sync_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_collection_repository_sync/tests/test.yml b/roles/hub_collection_repository_sync/tests/test.yml index f39a3b52d..9e80fdc2f 100644 --- a/roles/hub_collection_repository_sync/tests/test.yml +++ b/roles/hub_collection_repository_sync/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_collection_repository_sync/tests/vars/repositories.yml b/roles/hub_collection_repository_sync/tests/vars/repositories.yml index a7a4992e2..48d8a927a 100644 --- a/roles/hub_collection_repository_sync/tests/vars/repositories.yml +++ b/roles/hub_collection_repository_sync/tests/vars/repositories.yml @@ -1,11 +1,11 @@ --- hub_collection_repositories: - - name: "foobar" - description: "description of foobar repository" + - name: foobar + description: description of foobar repository pulp_labels: - pipeline: "approved" + pipeline: approved distribution: - name: "foobar" + name: foobar state: present remote: community ... diff --git a/roles/hub_ee_image/README.md b/roles/hub_ee_image/README.md index dcc813cb8..db499e6ca 100644 --- a/roles/hub_ee_image/README.md +++ b/roles/hub_ee_image/README.md @@ -11,7 +11,7 @@ An Ansible Role to create execution environment images in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to create execution environment images in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_image task does not include sensitive information. +The role defaults to false as normally the add ee_image task does not include sensitive information. hub_configuration_ee_image_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_image_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_image_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_image/defaults/main.yml b/roles/hub_ee_image/defaults/main.yml index d5c304802..d6eb53102 100644 --- a/roles/hub_ee_image/defaults/main.yml +++ b/roles/hub_ee_image/defaults/main.yml @@ -24,5 +24,5 @@ hub_configuration_ee_image_async_timeout: "{{ aap_configuration_async_timeout | hub_configuration_ee_image_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_image_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_image_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_image/meta/argument_specs.yml b/roles/hub_ee_image/meta/argument_specs.yml index 02b4f74ae..68fdfa795 100644 --- a/roles/hub_ee_image/meta/argument_specs.yml +++ b/roles/hub_ee_image/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_image/meta/main.yml b/roles/hub_ee_image/meta/main.yml index fed9d7b5b..7906c4ce1 100644 --- a/roles/hub_ee_image/meta/main.yml +++ b/roles/hub_ee_image/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_image" - author: "Tom Page" - description: "An Ansible Role to manage an execution environment image in Automation Hub." - company: "Red Hat" + role_name: hub_ee_image + author: Tom Page + description: An Ansible Role to manage an execution environment image in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "image" + - automationhub + - galaxy + - configuration + - ee + - image dependencies: - role: global_vars diff --git a/roles/hub_ee_image/tasks/main.yml b/roles/hub_ee_image/tasks/main.yml index 6a475adfc..f6324f49f 100644 --- a/roles/hub_ee_image/tasks/main.yml +++ b/roles/hub_ee_image/tasks/main.yml @@ -1,19 +1,18 @@ --- - # Create AH EE Image - name: Add Automation Hub EE Image ansible.hub.ah_ee_image: - name: "{{ __ee_image_item.name }}" + name: "{{ __ee_image_item.name }}" # new_name: "{{ __ee_image_item.new_name | default(omit) }}" <-- Needs adding once new_name option added to module append: "{{ __ee_image_item.append | default(omit) }}" tags: "{{ __ee_image_item.tags | default(omit) }}" - state: "{{ __ee_image_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + state: "{{ __ee_image_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_ee_images }}" loop_control: loop_var: __ee_image_item @@ -26,9 +25,9 @@ changed_when: not __ee_images_job_async.changed vars: __operation: "{{ operation_translate[__ee_image_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create EE Image | Wait for finish the ee_image creation" +- name: Create EE Image | Wait for finish the ee_image creation ansible.builtin.async_status: jid: "{{ __ee_images_job_async_result_item.ansible_job_id }}" register: __ee_images_job_async_result @@ -43,5 +42,5 @@ no_log: "{{ hub_configuration_ee_image_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_images_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_image/tests/test.yml b/roles/hub_ee_image/tests/test.yml index 30ce7754c..270f22ba9 100644 --- a/roles/hub_ee_image/tests/test.yml +++ b/roles/hub_ee_image/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_ee_registry/README.md b/roles/hub_ee_registry/README.md index e67d2f95c..d024f5464 100644 --- a/roles/hub_ee_registry/README.md +++ b/roles/hub_ee_registry/README.md @@ -11,7 +11,7 @@ An Ansible Role to create EE Registries in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -24,13 +24,13 @@ An Ansible Role to create EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. hub_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_registry_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_registry/defaults/main.yml b/roles/hub_ee_registry/defaults/main.yml index b6e47d23c..aa5727333 100644 --- a/roles/hub_ee_registry/defaults/main.yml +++ b/roles/hub_ee_registry/defaults/main.yml @@ -28,5 +28,5 @@ hub_configuration_ee_registry_async_timeout: "{{ aap_configuration_async_timeout hub_configuration_ee_registry_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_registry_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_registry_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_registry/meta/argument_specs.yml b/roles/hub_ee_registry/meta/argument_specs.yml index 8e2eb1d74..944152f60 100644 --- a/roles/hub_ee_registry/meta/argument_specs.yml +++ b/roles/hub_ee_registry/meta/argument_specs.yml @@ -40,7 +40,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_registry/meta/main.yml b/roles/hub_ee_registry/meta/main.yml index b1c5c5c62..50f3bdf04 100644 --- a/roles/hub_ee_registry/meta/main.yml +++ b/roles/hub_ee_registry/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_registry" - author: "Tom Page" - description: "An Ansible Role to create ee_registry in Automation Hub." - company: "Red Hat" + role_name: hub_ee_registry + author: Tom Page + description: An Ansible Role to create ee_registry in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "registry" + - automationhub + - galaxy + - configuration + - ee + - registry dependencies: - role: global_vars diff --git a/roles/hub_ee_registry/tasks/main.yml b/roles/hub_ee_registry/tasks/main.yml index 7ba15e813..269b0a54c 100644 --- a/roles/hub_ee_registry/tasks/main.yml +++ b/roles/hub_ee_registry/tasks/main.yml @@ -1,25 +1,24 @@ --- - # Create AH EE registry - name: Add Automation Hub EE Registry ansible.hub.ah_ee_registry: - name: "{{ __hub_ee_registry_item.name }}" - url: "{{ __hub_ee_registry_item.url }}" - username: "{{ __hub_ee_registry_item.username | default(omit) }}" - password: "{{ __hub_ee_registry_item.password | default(omit) }}" - tls_validation: "{{ __hub_ee_registry_item.tls_validation | default(omit) }}" - download_concurrency: "{{ __hub_ee_registry_item.download_concurrency | default(omit) }}" - rate_limit: "{{ __hub_ee_registry_item.rate_limit | default(omit) }}" - state: "{{ __hub_ee_registry_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" - proxy_url: "{{ __hub_ee_registry_item.proxy_url | default(proxy_url | default(omit)) }}" - proxy_username: "{{ __hub_ee_registry_item.proxy_username | default(proxy_username | default(omit)) }}" - proxy_password: "{{ __hub_ee_registry_item.proxy_password | default(proxy_password | default(omit)) }}" + name: "{{ __hub_ee_registry_item.name }}" + url: "{{ __hub_ee_registry_item.url }}" + username: "{{ __hub_ee_registry_item.username | default(omit) }}" + password: "{{ __hub_ee_registry_item.password | default(omit) }}" + tls_validation: "{{ __hub_ee_registry_item.tls_validation | default(omit) }}" + download_concurrency: "{{ __hub_ee_registry_item.download_concurrency | default(omit) }}" + rate_limit: "{{ __hub_ee_registry_item.rate_limit | default(omit) }}" + state: "{{ __hub_ee_registry_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" + proxy_url: "{{ __hub_ee_registry_item.proxy_url | default(proxy_url | default(omit)) }}" + proxy_username: "{{ __hub_ee_registry_item.proxy_username | default(proxy_username | default(omit)) }}" + proxy_password: "{{ __hub_ee_registry_item.proxy_password | default(proxy_password | default(omit)) }}" loop: "{{ hub_ee_registries }}" loop_control: loop_var: __hub_ee_registry_item @@ -32,9 +31,9 @@ changed_when: not __ee_registries_job_async.changed vars: __operation: "{{ operation_translate[__hub_ee_registry_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create EE Registry | Wait for finish the ee_registry creation" +- name: Create EE Registry | Wait for finish the ee_registry creation ansible.builtin.async_status: jid: "{{ __ee_registries_job_async_result_item.ansible_job_id }}" register: __ee_registries_job_async_result @@ -49,5 +48,5 @@ no_log: "{{ hub_configuration_ee_registry_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_registries_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_registry/tests/test.yml b/roles/hub_ee_registry/tests/test.yml index 16bdaa0ba..42d507d0b 100644 --- a/roles/hub_ee_registry/tests/test.yml +++ b/roles/hub_ee_registry/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_ee_registry_index/README.md b/roles/hub_ee_registry_index/README.md index f823b408a..9d7aea8e6 100644 --- a/roles/hub_ee_registry_index/README.md +++ b/roles/hub_ee_registry_index/README.md @@ -11,7 +11,7 @@ An Ansible Role to index EE Registries in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to index EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. hub_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_registry_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_registry_index/defaults/main.yml b/roles/hub_ee_registry_index/defaults/main.yml index 78edd96c8..834b33a09 100644 --- a/roles/hub_ee_registry_index/defaults/main.yml +++ b/roles/hub_ee_registry_index/defaults/main.yml @@ -21,5 +21,5 @@ hub_configuration_ee_registry_index_async_timeout: "{{ aap_configuration_async_t hub_configuration_ee_registry_index_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_registry_index_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_registry_index_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_registry_index/meta/argument_specs.yml b/roles/hub_ee_registry_index/meta/argument_specs.yml index 2755c2d2f..77f9e66cb 100644 --- a/roles/hub_ee_registry_index/meta/argument_specs.yml +++ b/roles/hub_ee_registry_index/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_registry_index/meta/main.yml b/roles/hub_ee_registry_index/meta/main.yml index 74b51657b..1ab4e9ade 100644 --- a/roles/hub_ee_registry_index/meta/main.yml +++ b/roles/hub_ee_registry_index/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_registry_index" - author: "Tom Page" - description: "An Ansible Role to index ee_registry in Automation Hub." - company: "Red Hat" + role_name: hub_ee_registry_index + author: Tom Page + description: An Ansible Role to index ee_registry in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "registry" - - "index" + - automationhub + - galaxy + - configuration + - ee + - registry + - index dependencies: - role: global_vars diff --git a/roles/hub_ee_registry_index/tasks/main.yml b/roles/hub_ee_registry_index/tasks/main.yml index aa6e5bc02..f4f7f1034 100644 --- a/roles/hub_ee_registry_index/tasks/main.yml +++ b/roles/hub_ee_registry_index/tasks/main.yml @@ -1,18 +1,17 @@ --- - # Create AH EE registry - name: Index Automation Hub EE Registry ansible.hub.ah_ee_registry_index: - name: "{{ __hub_ee_registry_index_item.name }}" - wait: "{{ __hub_ee_registry_index_item.wait | default(omit) }}" - interval: "{{ __hub_ee_registry_index_item.interval | default(hub_configuration_ee_registry_index_async_delay) }}" - timeout: "{{ __hub_ee_registry_index_item.timeout | default(omit) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_ee_registry_index_item.name }}" + wait: "{{ __hub_ee_registry_index_item.wait | default(omit) }}" + interval: "{{ __hub_ee_registry_index_item.interval | default(hub_configuration_ee_registry_index_async_delay) }}" + timeout: "{{ __hub_ee_registry_index_item.timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_ee_registries }}" loop_control: loop_var: __hub_ee_registry_index_item @@ -26,9 +25,9 @@ changed_when: not __ee_registry_indexes_job_async.changed vars: __operation: "{{ operation_translate[__hub_ee_registry_index_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Index EE Registry | Wait for finish the ee_registry_index creation" +- name: Index EE Registry | Wait for finish the ee_registry_index creation ansible.builtin.async_status: jid: "{{ __ee_registry_indexes_job_async_result_item.ansible_job_id }}" register: __ee_registry_indexes_job_async_result @@ -43,5 +42,5 @@ no_log: "{{ hub_configuration_ee_registry_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_registry_indexes_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_registry_index/tests/test.yml b/roles/hub_ee_registry_index/tests/test.yml index a58b64c05..f17b3cb61 100644 --- a/roles/hub_ee_registry_index/tests/test.yml +++ b/roles/hub_ee_registry_index/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_ee_registry_sync/README.md b/roles/hub_ee_registry_sync/README.md index 834ac8a07..0da43d1a6 100644 --- a/roles/hub_ee_registry_sync/README.md +++ b/roles/hub_ee_registry_sync/README.md @@ -11,7 +11,7 @@ An Ansible Role to sync EE Registries in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to sync EE Registries in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_registry task does not include sensitive information. +The role defaults to false as normally the add ee_registry task does not include sensitive information. hub_configuration_ee_registry_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_registry_secure_logging`|`False`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_registry_secure_logging`|`false`|no|Whether or not to include the sensitive Registry role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_registry_sync/defaults/main.yml b/roles/hub_ee_registry_sync/defaults/main.yml index dce0c4d01..4df332d5f 100644 --- a/roles/hub_ee_registry_sync/defaults/main.yml +++ b/roles/hub_ee_registry_sync/defaults/main.yml @@ -21,5 +21,5 @@ hub_configuration_ee_registry_secure_logging: "{{ aap_configuration_secure_loggi hub_configuration_ee_registry_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_registry_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_registry_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_registry_sync/meta/argument_specs.yml b/roles/hub_ee_registry_sync/meta/argument_specs.yml index 97ff8c32c..4b56a31dd 100644 --- a/roles/hub_ee_registry_sync/meta/argument_specs.yml +++ b/roles/hub_ee_registry_sync/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_registry_sync/meta/main.yml b/roles/hub_ee_registry_sync/meta/main.yml index 5be6c8ead..44b4adcd8 100644 --- a/roles/hub_ee_registry_sync/meta/main.yml +++ b/roles/hub_ee_registry_sync/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_registry_sync" - author: "Tom Page" - description: "An Ansible Role to sync ee_registry in Automation Hub." - company: "Red Hat" + role_name: hub_ee_registry_sync + author: Tom Page + description: An Ansible Role to sync ee_registry in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "registry" - - "sync" + - automationhub + - galaxy + - configuration + - ee + - registry + - sync dependencies: - role: global_vars diff --git a/roles/hub_ee_registry_sync/tasks/main.yml b/roles/hub_ee_registry_sync/tasks/main.yml index 4585f7457..b3b06bd21 100644 --- a/roles/hub_ee_registry_sync/tasks/main.yml +++ b/roles/hub_ee_registry_sync/tasks/main.yml @@ -1,18 +1,17 @@ --- - # Create AH EE registry - name: Sync Automation Hub EE Registry ansible.hub.ah_ee_registry_sync: - name: "{{ __hub_ee_registry_sync_item.name }}" - wait: "{{ __hub_ee_registry_sync_item.wait | default(omit) }}" - interval: "{{ __hub_ee_registry_sync_item.interval | default(hub_configuration_ee_registry_sync_async_delay) }}" - timeout: "{{ __hub_ee_registry_sync_item.timeout | default(omit) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_ee_registry_sync_item.name }}" + wait: "{{ __hub_ee_registry_sync_item.wait | default(omit) }}" + interval: "{{ __hub_ee_registry_sync_item.interval | default(hub_configuration_ee_registry_sync_async_delay) }}" + timeout: "{{ __hub_ee_registry_sync_item.timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_ee_registries }}" loop_control: loop_var: __hub_ee_registry_sync_item @@ -26,9 +25,9 @@ changed_when: not __ee_registry_syncs_job_async.changed vars: __operation: "{{ operation_translate[__ee_registry_syncs_job_async.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "EE Registry Sync | Wait for finish the ee_registry_sync to complete" +- name: EE Registry Sync | Wait for finish the ee_registry_sync to complete ansible.builtin.async_status: jid: "{{ __ee_registry_syncs_job_async_result_item.ansible_job_id }}" register: __ee_registry_syncs_job_async_result @@ -43,5 +42,5 @@ no_log: "{{ hub_configuration_ee_registry_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_registry_syncs_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_registry_sync/tests/test.yml b/roles/hub_ee_registry_sync/tests/test.yml index 80e7fca3d..946830b88 100644 --- a/roles/hub_ee_registry_sync/tests/test.yml +++ b/roles/hub_ee_registry_sync/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_ee_repository/README.md b/roles/hub_ee_repository/README.md index c78a1164c..5135aae3d 100644 --- a/roles/hub_ee_repository/README.md +++ b/roles/hub_ee_repository/README.md @@ -11,7 +11,7 @@ An Ansible Role to create Repositories in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to create Repositories in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_repository task does not include sensitive information. +The role defaults to false as normally the add ee_repository task does not include sensitive information. hub_configuration_ee_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_repository_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_repository/defaults/main.yml b/roles/hub_ee_repository/defaults/main.yml index f77cd3b20..3dce11bb3 100644 --- a/roles/hub_ee_repository/defaults/main.yml +++ b/roles/hub_ee_repository/defaults/main.yml @@ -21,5 +21,5 @@ hub_configuration_ee_repository_async_timeout: "{{ aap_configuration_async_timeo hub_configuration_ee_repository_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_repository_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_repository_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_repository/meta/argument_specs.yml b/roles/hub_ee_repository/meta/argument_specs.yml index 5335e397f..b04b7d0ee 100644 --- a/roles/hub_ee_repository/meta/argument_specs.yml +++ b/roles/hub_ee_repository/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_repository/meta/main.yml b/roles/hub_ee_repository/meta/main.yml index eecfd46d4..ceb3c4329 100644 --- a/roles/hub_ee_repository/meta/main.yml +++ b/roles/hub_ee_repository/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_repository" - author: "Tom Page" - description: "An Ansible Role to create ee_repository in Automation Hub." - company: "Red Hat" + role_name: hub_ee_repository + author: Tom Page + description: An Ansible Role to create ee_repository in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "repository" + - automationhub + - galaxy + - configuration + - ee + - repository dependencies: - role: global_vars diff --git a/roles/hub_ee_repository/tasks/main.yml b/roles/hub_ee_repository/tasks/main.yml index 3fe4d3cbe..646c057f7 100644 --- a/roles/hub_ee_repository/tasks/main.yml +++ b/roles/hub_ee_repository/tasks/main.yml @@ -1,23 +1,22 @@ --- - # Create AH EE repository - name: Add Automation Hub EE repository ansible.hub.ah_ee_repository: - name: "{{ __hub_ee_repository_sync_item.name }}" - description: "{{ __hub_ee_repository_sync_item.description | default(omit) }}" - readme: "{{ __hub_ee_repository_sync_item.readme | default(omit) }}" - readme_file: "{{ __hub_ee_repository_sync_item.readme_file | default(omit) }}" - registry: "{{ __hub_ee_repository_sync_item.registry | default(omit) }}" - upstream_name: "{{ __hub_ee_repository_sync_item.upstream_name | default(omit) }}" - include_tags: "{{ __hub_ee_repository_sync_item.include_tags | default(omit) }}" - exclude_tags: "{{ __hub_ee_repository_sync_item.exclude_tags | default(omit) }}" - state: "{{ __hub_ee_repository_sync_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_ee_repository_sync_item.name }}" + description: "{{ __hub_ee_repository_sync_item.description | default(omit) }}" + readme: "{{ __hub_ee_repository_sync_item.readme | default(omit) }}" + readme_file: "{{ __hub_ee_repository_sync_item.readme_file | default(omit) }}" + registry: "{{ __hub_ee_repository_sync_item.registry | default(omit) }}" + upstream_name: "{{ __hub_ee_repository_sync_item.upstream_name | default(omit) }}" + include_tags: "{{ __hub_ee_repository_sync_item.include_tags | default(omit) }}" + exclude_tags: "{{ __hub_ee_repository_sync_item.exclude_tags | default(omit) }}" + state: "{{ __hub_ee_repository_sync_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_ee_repositories }}" loop_control: loop_var: __hub_ee_repository_sync_item @@ -30,9 +29,9 @@ changed_when: not __ee_repositories_job_async.changed vars: __operation: "{{ operation_translate[__hub_ee_repository_sync_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create EE Repository | Wait for finish the ee_repository creation" +- name: Create EE Repository | Wait for finish the ee_repository creation ansible.builtin.async_status: jid: "{{ __ee_repositories_job_async_result_item.ansible_job_id }}" register: __ee_repositories_job_async_result @@ -47,5 +46,5 @@ no_log: "{{ hub_configuration_ee_repository_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_repositories_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_repository/tests/test.yml b/roles/hub_ee_repository/tests/test.yml index 4da9ad187..5f0d35c08 100644 --- a/roles/hub_ee_repository/tests/test.yml +++ b/roles/hub_ee_repository/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_ee_repository_sync/README.md b/roles/hub_ee_repository_sync/README.md index a6b496871..ab29d2fc5 100644 --- a/roles/hub_ee_repository_sync/README.md +++ b/roles/hub_ee_repository_sync/README.md @@ -11,7 +11,7 @@ An Ansible Role to sync EE Repositories in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to sync EE Repositories in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ee_repository task does not include sensitive information. +The role defaults to false as normally the add ee_repository task does not include sensitive information. hub_configuration_ee_repository_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_ee_repository_secure_logging`|`False`|no|Whether or not to include the sensitive Repository role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_ee_repository_secure_logging`|`false`|no|Whether or not to include the sensitive Repository role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_ee_repository_sync/defaults/main.yml b/roles/hub_ee_repository_sync/defaults/main.yml index 5fd884bdd..3dad2ba13 100644 --- a/roles/hub_ee_repository_sync/defaults/main.yml +++ b/roles/hub_ee_repository_sync/defaults/main.yml @@ -21,5 +21,5 @@ hub_configuration_ee_repository_sync_async_timeout: "{{ aap_configuration_async_ hub_configuration_ee_repository_sync_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_ee_repository_sync_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_ee_repository_sync_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_ee_repository_sync/meta/argument_specs.yml b/roles/hub_ee_repository_sync/meta/argument_specs.yml index afe587650..36b8d698c 100644 --- a/roles/hub_ee_repository_sync/meta/argument_specs.yml +++ b/roles/hub_ee_repository_sync/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_ee_repository_sync/meta/main.yml b/roles/hub_ee_repository_sync/meta/main.yml index 098fe9fcc..7dc666223 100644 --- a/roles/hub_ee_repository_sync/meta/main.yml +++ b/roles/hub_ee_repository_sync/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_ee_repository_sync" - author: "Tom Page" - description: "An Ansible Role to sync ee_repository in Automation Hub." - company: "Red Hat" + role_name: hub_ee_repository_sync + author: Tom Page + description: An Ansible Role to sync ee_repository in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "ee" - - "repository" - - "sync" + - automationhub + - galaxy + - configuration + - ee + - repository + - sync dependencies: - role: global_vars diff --git a/roles/hub_ee_repository_sync/tasks/main.yml b/roles/hub_ee_repository_sync/tasks/main.yml index ff59149ea..cf8d97852 100644 --- a/roles/hub_ee_repository_sync/tasks/main.yml +++ b/roles/hub_ee_repository_sync/tasks/main.yml @@ -1,18 +1,17 @@ --- - # Create AH EE repository - name: Sync Automation Hub EE Repository ansible.hub.ah_ee_repository_sync: - name: "{{ __hub_ee_repository_sync_item.name }}" - wait: "{{ __hub_ee_repository_sync_item.wait | default(omit) }}" - interval: "{{ __hub_ee_repository_sync_item.interval | default(hub_configuration_ee_repository_sync_async_delay) }}" - timeout: "{{ __hub_ee_repository_sync_item.timeout | default(omit) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_ee_repository_sync_item.name }}" + wait: "{{ __hub_ee_repository_sync_item.wait | default(omit) }}" + interval: "{{ __hub_ee_repository_sync_item.interval | default(hub_configuration_ee_repository_sync_async_delay) }}" + timeout: "{{ __hub_ee_repository_sync_item.timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_ee_repositories }}" loop_control: loop_var: __hub_ee_repository_sync_item @@ -26,9 +25,9 @@ changed_when: not __ee_repository_syncs_job_async.changed vars: __operation: "{{ operation_translate[__hub_ee_repository_sync_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "EE Repository Sync | Wait for finish the ee_repository_sync to finish" +- name: EE Repository Sync | Wait for finish the ee_repository_sync to finish ansible.builtin.async_status: jid: "{{ __ee_repository_syncs_job_async_result_item.ansible_job_id }}" register: __ee_repository_syncs_job_async_result @@ -43,5 +42,5 @@ no_log: "{{ hub_configuration_ee_repository_secure_logging }}" vars: __operation: "{{ operation_translate[__ee_repository_syncs_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_ee_repository_sync/tests/test.yml b/roles/hub_ee_repository_sync/tests/test.yml index c367c6bf7..dd034f17b 100644 --- a/roles/hub_ee_repository_sync/tests/test.yml +++ b/roles/hub_ee_repository_sync/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_group/README.md b/roles/hub_group/README.md index b6fe86349..69ff1a488 100644 --- a/roles/hub_group/README.md +++ b/roles/hub_group/README.md @@ -11,7 +11,7 @@ An Ansible Role to create groups in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to create groups in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group task does not include sensitive information. +The role defaults to false as normally the add group task does not include sensitive information. hub_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_group_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_group_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_group/defaults/main.yml b/roles/hub_group/defaults/main.yml index 800f223bf..7878ebcf0 100644 --- a/roles/hub_group/defaults/main.yml +++ b/roles/hub_group/defaults/main.yml @@ -19,5 +19,5 @@ hub_configuration_group_secure_logging: "{{ aap_configuration_secure_logging | d hub_configuration_group_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_group_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_group_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_group/meta/argument_specs.yml b/roles/hub_group/meta/argument_specs.yml index e43c9b3e7..34f1b1912 100644 --- a/roles/hub_group/meta/argument_specs.yml +++ b/roles/hub_group/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_group/meta/main.yml b/roles/hub_group/meta/main.yml index 6d2d36ca1..f58aa8bb9 100644 --- a/roles/hub_group/meta/main.yml +++ b/roles/hub_group/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_group" - author: "Tom Page" - description: "An Ansible Role to manage groups in Automation Hub." - company: "Red Hat" + role_name: hub_group + author: Tom Page + description: An Ansible Role to manage groups in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "group" - - "groups" + - automationhub + - galaxy + - configuration + - group + - groups dependencies: - role: global_vars diff --git a/roles/hub_group/tasks/main.yml b/roles/hub_group/tasks/main.yml index 21d09d84b..e34cd4a5a 100644 --- a/roles/hub_group/tasks/main.yml +++ b/roles/hub_group/tasks/main.yml @@ -1,17 +1,16 @@ --- - # Create AH Group - name: Add Automation Hub group ansible.hub.ah_group: - name: "{{ __hub_group_item.name | default(omit) }}" + name: "{{ __hub_group_item.name | default(omit) }}" # new_name: "{{ __group.new_name | default(omit) }}" <-- Needs adding once new_name option added to module - state: "{{ __hub_group_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + state: "{{ __hub_group_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ aap_teams }}" loop_control: loop_var: __hub_group_item @@ -24,9 +23,9 @@ changed_when: not __groups_job_async.changed vars: __operation: "{{ operation_translate[__hub_group_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Group | Wait for finish the group creation" +- name: Create Group | Wait for finish the group creation ansible.builtin.async_status: jid: "{{ __groups_job_async_result_item.ansible_job_id }}" register: __groups_job_async_result @@ -41,5 +40,5 @@ no_log: "{{ hub_configuration_group_secure_logging }}" vars: __operation: "{{ operation_translate[__groups_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_group/tests/test.yml b/roles/hub_group/tests/test.yml index f7a16c71f..bb1ecbecc 100644 --- a/roles/hub_group/tests/test.yml +++ b/roles/hub_group/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_group_roles/README.md b/roles/hub_group_roles/README.md index 9a1fd7913..d3bf300be 100644 --- a/roles/hub_group_roles/README.md +++ b/roles/hub_group_roles/README.md @@ -11,7 +11,7 @@ An Ansible Role to add roles to groups in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to add roles to groups in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group task does not include sensitive information. +The role defaults to false as normally the add group task does not include sensitive information. hub_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_group_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_group_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_group_roles/defaults/main.yml b/roles/hub_group_roles/defaults/main.yml index 0bf1d4b0c..488db41a4 100644 --- a/roles/hub_group_roles/defaults/main.yml +++ b/roles/hub_group_roles/defaults/main.yml @@ -18,5 +18,5 @@ hub_configuration_group_roles_secure_logging: "{{ aap_configuration_secure_loggi hub_configuration_group_roles_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_group_roles_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_group_roles_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_group_roles/meta/argument_specs.yml b/roles/hub_group_roles/meta/argument_specs.yml index d9f6d53b3..59d47bbb5 100644 --- a/roles/hub_group_roles/meta/argument_specs.yml +++ b/roles/hub_group_roles/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_group_roles/meta/main.yml b/roles/hub_group_roles/meta/main.yml index 4f7c272ed..5b89b8ac8 100644 --- a/roles/hub_group_roles/meta/main.yml +++ b/roles/hub_group_roles/meta/main.yml @@ -2,8 +2,8 @@ galaxy_info: role_name: hub_group_roles author: Sean Sullivan - description: "An Ansible Role to manage groups roles in Automation Hub." - company: "Red Hat" + description: An Ansible Role to manage groups roles in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,18 +25,18 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "group" - - "groups" - - "role" - - "roles" + - automationhub + - galaxy + - configuration + - group + - groups + - role + - roles dependencies: - role: global_vars diff --git a/roles/hub_group_roles/tasks/main.yml b/roles/hub_group_roles/tasks/main.yml index e8a68871e..c9bf58b5b 100644 --- a/roles/hub_group_roles/tasks/main.yml +++ b/roles/hub_group_roles/tasks/main.yml @@ -2,15 +2,15 @@ # Add Group Roles - name: Add Roles to Groups in Automation Hubs ansible.hub.group_roles: - groups: "{{ __hub_group_roles_item.groups | default(omit) }}" - role_list: "{{ __hub_group_roles_item.role_list | default(omit) }}" - state: "{{ __hub_group_roles_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + groups: "{{ __hub_group_roles_item.groups | default(omit) }}" + role_list: "{{ __hub_group_roles_item.role_list | default(omit) }}" + state: "{{ __hub_group_roles_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_group_roles }}" loop_control: loop_var: __hub_group_roles_item @@ -23,9 +23,9 @@ changed_when: not __group_roles_job_async.changed vars: __operation: "{{ operation_translate[__hub_group_roles_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Add Roles to Groups | Wait for finish the group creation" +- name: Add Roles to Groups | Wait for finish the group creation ansible.builtin.async_status: jid: "{{ __group_roles_job_async_result_item.ansible_job_id }}" register: __group_roles_job_async_result @@ -40,5 +40,5 @@ no_log: "{{ hub_configuration_group_roles_secure_logging }}" vars: __operation: "{{ operation_translate[__group_roles_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_group_roles/tests/test.yml b/roles/hub_group_roles/tests/test.yml index 2e1597c17..ce733d7a4 100644 --- a/roles/hub_group_roles/tests/test.yml +++ b/roles/hub_group_roles/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_namespace/README.md b/roles/hub_namespace/README.md index 7529bf8b9..89b370a93 100644 --- a/roles/hub_namespace/README.md +++ b/roles/hub_namespace/README.md @@ -12,7 +12,7 @@ An Ansible Role to create Namespaces in Automation Hub. |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -22,13 +22,13 @@ An Ansible Role to create Namespaces in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add namespace task does not include sensitive information. +The role defaults to false as normally the add namespace task does not include sensitive information. hub_configuration_namespace_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_namespace_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_namespace_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_namespace/defaults/main.yml b/roles/hub_namespace/defaults/main.yml index ab287504f..22a851ab3 100644 --- a/roles/hub_namespace/defaults/main.yml +++ b/roles/hub_namespace/defaults/main.yml @@ -30,5 +30,5 @@ hub_configuration_namespace_async_timeout: "{{ aap_configuration_async_timeout | hub_configuration_namespace_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_namespace_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_namespace_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_namespace/meta/argument_specs.yml b/roles/hub_namespace/meta/argument_specs.yml index c676f4d50..5fe2d84c4 100644 --- a/roles/hub_namespace/meta/argument_specs.yml +++ b/roles/hub_namespace/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_namespace/meta/main.yml b/roles/hub_namespace/meta/main.yml index 00b9a58c9..ac5f5108d 100644 --- a/roles/hub_namespace/meta/main.yml +++ b/roles/hub_namespace/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_namespace" - author: "Sean Sullivan" - description: "An Ansible Role to create namespace in Automation Hub." - company: "Red Hat" + role_name: hub_namespace + author: Sean Sullivan + description: An Ansible Role to create namespace in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "namespace" - - "namespaces" + - automationhub + - galaxy + - configuration + - namespace + - namespaces dependencies: - role: global_vars diff --git a/roles/hub_namespace/tasks/main.yml b/roles/hub_namespace/tasks/main.yml index edb46e45f..f82c22ffa 100644 --- a/roles/hub_namespace/tasks/main.yml +++ b/roles/hub_namespace/tasks/main.yml @@ -15,23 +15,23 @@ - name: Add Automation Hub Namespace ansible.hub.ah_namespace: - name: "{{ __hub_namespace_item.name }}" - new_name: "{{ __hub_namespace_item.new_name | default('') }}" - description: "{{ __hub_namespace_item.description | default('') }}" - company: "{{ __hub_namespace_item.company | default('') }}" - email: "{{ __hub_namespace_item.email | default(omit) }}" - avatar_url: "{{ __hub_namespace_item.avatar_url | default('') }}" - resources: "{{ __hub_namespace_item.resources | default('') }}" - links: "{{ __hub_namespace_item.links | default([]) }}" - groups: "{{ __hub_namespace_item.groups | default([]) }}" - state: "{{ __hub_namespace_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_token: "{{ aap_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_namespace_item.name }}" + new_name: "{{ __hub_namespace_item.new_name | default('') }}" + description: "{{ __hub_namespace_item.description | default('') }}" + company: "{{ __hub_namespace_item.company | default('') }}" + email: "{{ __hub_namespace_item.email | default(omit) }}" + avatar_url: "{{ __hub_namespace_item.avatar_url | default('') }}" + resources: "{{ __hub_namespace_item.resources | default('') }}" + links: "{{ __hub_namespace_item.links | default([]) }}" + groups: "{{ __hub_namespace_item.groups | default([]) }}" + state: "{{ __hub_namespace_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_namespaces }}" loop_control: loop_var: __hub_namespace_item @@ -44,9 +44,9 @@ changed_when: not __namespaces_job_async.changed vars: __operation: "{{ operation_translate[__hub_namespace_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Namespace | Wait for finish the namespace creation" +- name: Create Namespace | Wait for finish the namespace creation ansible.builtin.async_status: jid: "{{ __namespaces_job_async_result_item.ansible_job_id }}" register: __namespaces_job_async_result @@ -61,5 +61,5 @@ no_log: "{{ hub_configuration_namespace_secure_logging }}" vars: __operation: "{{ operation_translate[__namespaces_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_namespace/tests/test.yml b/roles/hub_namespace/tests/test.yml index f2a31056a..ae9013128 100644 --- a/roles/hub_namespace/tests/test.yml +++ b/roles/hub_namespace/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_namespace/tests/vars/namespaces.yml b/roles/hub_namespace/tests/vars/namespaces.yml index 1d20d8d08..a9465da2f 100644 --- a/roles/hub_namespace/tests/vars/namespaces.yml +++ b/roles/hub_namespace/tests/vars/namespaces.yml @@ -7,8 +7,8 @@ hub_namespaces: description: string resources: "# Redhat\nA Namespace test with changes" links: - - name: "New_Google" - url: "http://www.google.com" + - name: New_Google + url: http://www.google.com groups: - system:partner-engineers ... diff --git a/roles/hub_publish/README.md b/roles/hub_publish/README.md index 5a01d3c69..1edfc2894 100644 --- a/roles/hub_publish/README.md +++ b/roles/hub_publish/README.md @@ -12,13 +12,13 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|no|Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`aap_configuration_working_dir`|`/var/tmp`|no|The working directory where the built artifacts live, or where the artifacts will be built.|| -|`ah_auto_approve`|`False`|no|Whether the collection will be automatically approved in Automation Hub. This will only work if the account being used has correct privileges.|| -|`ah_overwrite_existing`|`False`|no|Whether the collection will be automatically overwrite an existing collection in Automation Hub. This will only work if the account being used has correct privileges.|| +|`ah_auto_approve`|`false`|no|Whether the collection will be automatically approved in Automation Hub. This will only work if the account being used has correct privileges.|| +|`ah_overwrite_existing`|`false`|no|Whether the collection will be automatically overwrite an existing collection in Automation Hub. This will only work if the account being used has correct privileges.|| |`hub_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| |`ah_collection_list`|`list`|no|Data structure file paths to pre built collections, mutually exclusive with hub_collections.|| @@ -26,13 +26,13 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add publish collections task does not include sensitive information. +The role defaults to false as normally the add publish collections task does not include sensitive information. hub_configuration_publish_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_publish_secure_logging`|`False`|no|Whether or not to include the sensitive publish collections role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_publish_secure_logging`|`false`|no|Whether or not to include the sensitive publish collections role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_publish/defaults/main.yml b/roles/hub_publish/defaults/main.yml index 83b34ceb8..3fcc974df 100644 --- a/roles/hub_publish/defaults/main.yml +++ b/roles/hub_publish/defaults/main.yml @@ -17,7 +17,7 @@ # - collection_name: "name of collection, normally the last part before the / in a git url" # mandatory # git_url: "url to git repo." # mandatory when type=git -aap_configuration_working_dir: "/var/tmp" +aap_configuration_working_dir: /var/tmp ah_auto_approve: false ah_overwrite_existing: false @@ -27,5 +27,5 @@ hub_configuration_publish_async_timeout: "{{ aap_configuration_async_timeout | d hub_configuration_publish_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_publish_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_publish_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_publish/meta/argument_specs.yml b/roles/hub_publish/meta/argument_specs.yml index 0714cc3ce..c7fb381b5 100644 --- a/roles/hub_publish/meta/argument_specs.yml +++ b/roles/hub_publish/meta/argument_specs.yml @@ -49,7 +49,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_publish/meta/main.yml b/roles/hub_publish/meta/main.yml index db83a0f69..3907b4ad3 100644 --- a/roles/hub_publish/meta/main.yml +++ b/roles/hub_publish/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_publish" - author: "Sean Sullivan" - description: "An Ansible Role to publish collections to Automation Hub or Galaxies." - company: "Red Hat" + role_name: hub_publish + author: Sean Sullivan + description: An Ansible Role to publish collections to Automation Hub or Galaxies. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,17 +25,17 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "collection" - - "collections" - - "publish" + - automationhub + - galaxy + - configuration + - collection + - collections + - publish dependencies: - role: global_vars diff --git a/roles/hub_publish/tasks/main.yml b/roles/hub_publish/tasks/main.yml index a777d8ce6..371f4c1d7 100644 --- a/roles/hub_publish/tasks/main.yml +++ b/roles/hub_publish/tasks/main.yml @@ -1,9 +1,9 @@ --- - name: Git checkout ansible.builtin.git: - repo: "{{ __ah_collection_item.git_url }}" - dest: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}/" - version: "{{ __ah_collection_item.version | default(omit) }}" + repo: "{{ __ah_collection_item.git_url }}" + dest: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}/" + version: "{{ __ah_collection_item.version | default(omit) }}" key_file: "{{ __ah_collection_item.key_path | default(omit) }}" ssh_opts: "{{ __ah_collection_item.ssh_opts | default(omit) }}" loop: "{{ hub_collections }}" @@ -17,7 +17,7 @@ - name: Copy local collection to working dir ansible.builtin.copy: - src: "{{ __ah_collection_item.collection_local_path }}/" + src: "{{ __ah_collection_item.collection_local_path }}/" dest: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" remote_src: true mode: "0755" @@ -31,7 +31,7 @@ - name: Build Collections ansible.hub.ah_build: - path: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" + path: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" output_path: "{{ aap_configuration_working_dir }}/{{ __ah_collection_item.collection_name }}" force: true register: ah_build_results @@ -54,13 +54,13 @@ # __ah_build_result_item.results.path will be the output_path in ansible<2.10 but the actual built path in ansible>=2.10 - name: Find all relevant built collection files ansible.builtin.find: - paths: "{{ (__ah_build_result_item.stat.isdir) | ternary(__ah_build_result_item.stat.path, (__ah_build_result_item.stat.path | dirname)) }}" + paths: "{{ (__ah_build_result_item.stat.isdir) | ternary(__ah_build_result_item.stat.path, (__ah_build_result_item.stat.path | dirname)) }}" patterns: "{{ (__ah_build_result_item.stat.isdir) | ternary('*.tar.gz', (__ah_build_result_item.stat.path | basename)) }}" register: __hub_collections_find_results no_log: "{{ hub_configuration_publish_secure_logging }}" loop: "{{ ah_build_stat_results.results }}" loop_control: - loop_var: "__ah_build_result_item" + loop_var: __ah_build_result_item when: ah_collection_list is not defined - name: Set path for all collections found @@ -71,12 +71,12 @@ - name: Get token ansible.hub.ah_token: - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" when: - ah_token is not defined - lookup("ansible.builtin.env", "AH_API_TOKEN") == "" @@ -84,31 +84,31 @@ - name: Publish Collections ansible.hub.ah_collection: - namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" - name: "{{ (__ah_collection_file | basename).split('-')[1] }}" - version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" - path: "{{ __ah_collection_file }}" - auto_approve: "{{ ah_auto_approve }}" + namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" + name: "{{ (__ah_collection_file | basename).split('-')[1] }}" + version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" + path: "{{ __ah_collection_file }}" + auto_approve: "{{ ah_auto_approve }}" overwrite_existing: "{{ ah_overwrite_existing }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_token: "{{ aap_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: - loop_var: "__ah_collection_file" + loop_var: __ah_collection_file no_log: "{{ hub_configuration_publish_secure_logging }}" async: "{{ hub_configuration_publish_async_timeout }}" poll: 0 register: __publish_job_async changed_when: not __publish_job_async.changed vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Publish Collection | Wait for finish the publish creation" +- name: Publish Collection | Wait for finish the publish creation ansible.builtin.async_status: jid: "{{ __publish_job_async_result_item.ansible_job_id }}" register: __publish_job_async_result @@ -121,23 +121,23 @@ when: __publish_job_async_result_item.ansible_job_id is defined no_log: "{{ hub_configuration_publish_secure_logging }}" vars: - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" - name: Approve Collections ansible.hub.ah_approval: - namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" - name: "{{ (__ah_collection_file | basename).split('-')[1] }}" - version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_token: "{{ aap_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" + name: "{{ (__ah_collection_file | basename).split('-')[1] }}" + version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_token: "{{ aap_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: - loop_var: "__ah_collection_file" + loop_var: __ah_collection_file no_log: "{{ hub_configuration_publish_secure_logging }}" when: not ah_auto_approve register: approval diff --git a/roles/hub_publish/tests/test.yml b/roles/hub_publish/tests/test.yml index b75ba8ea4..1b809b826 100644 --- a/roles/hub_publish/tests/test.yml +++ b/roles/hub_publish/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_role/README.md b/roles/hub_role/README.md index 64daf0a26..614d22e86 100644 --- a/roles/hub_role/README.md +++ b/roles/hub_role/README.md @@ -11,7 +11,7 @@ An Ansible Role to create role permissions in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to create role permissions in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add group task does not include sensitive information. +The role defaults to false as normally the add group task does not include sensitive information. hub_configuration_group_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_role_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_role_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_role/defaults/main.yml b/roles/hub_role/defaults/main.yml index edc729f7f..fa94795c4 100644 --- a/roles/hub_role/defaults/main.yml +++ b/roles/hub_role/defaults/main.yml @@ -20,5 +20,5 @@ hub_configuration_role_secure_logging: "{{ aap_configuration_secure_logging | de hub_configuration_role_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_role_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_role_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_role/meta/argument_specs.yml b/roles/hub_role/meta/argument_specs.yml index 24c639499..cc96071d6 100644 --- a/roles/hub_role/meta/argument_specs.yml +++ b/roles/hub_role/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_role/meta/main.yml b/roles/hub_role/meta/main.yml index 66e758adc..5b8b7491b 100644 --- a/roles/hub_role/meta/main.yml +++ b/roles/hub_role/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_role" + role_name: hub_role author: Sean Sullivan - description: "An Ansible Role to manage roles in Automation Hub." - company: "Red Hat" + description: An Ansible Role to manage roles in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "role" - - "roles" + - automationhub + - galaxy + - configuration + - role + - roles dependencies: - role: global_vars diff --git a/roles/hub_role/tasks/main.yml b/roles/hub_role/tasks/main.yml index 0f9d2342f..49dbebe8f 100644 --- a/roles/hub_role/tasks/main.yml +++ b/roles/hub_role/tasks/main.yml @@ -1,18 +1,17 @@ --- - # Create AH Role - name: Add Automation Hub role ansible.hub.ah_role: - name: "{{ __hub_role_item.name }}" - description: "{{ __hub_role_item.description | default(omit) }}" - perms: "{{ __hub_role_item.perms | default(omit) }}" - state: "{{ __hub_role_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + name: "{{ __hub_role_item.name }}" + description: "{{ __hub_role_item.description | default(omit) }}" + perms: "{{ __hub_role_item.perms | default(omit) }}" + state: "{{ __hub_role_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ hub_roles }}" loop_control: loop_var: __hub_role_item @@ -25,9 +24,9 @@ changed_when: not __roles_job_async.changed vars: __operation: "{{ operation_translate[__hub_role_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create Role | Wait for finish the role creation" +- name: Create Role | Wait for finish the role creation ansible.builtin.async_status: jid: "{{ __roles_job_async_result_item.ansible_job_id }}" register: __roles_job_async_result @@ -42,5 +41,5 @@ no_log: "{{ hub_configuration_role_secure_logging }}" vars: __operation: "{{ operation_translate[__roles_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_role/tests/test.yml b/roles/hub_role/tests/test.yml index d5aa5be8e..4d1af79c3 100644 --- a/roles/hub_role/tests/test.yml +++ b/roles/hub_role/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/hub_user/README.md b/roles/hub_user/README.md index 5bbf97564..a46410ab4 100644 --- a/roles/hub_user/README.md +++ b/roles/hub_user/README.md @@ -11,7 +11,7 @@ An Ansible Role to create users in Automation Hub. |`aap_hostname`|""|yes|URL to the Ansible Automation Platform Server.|127.0.0.1| |`aap_username`|""|no|Admin User on the Ansible Automation Platform Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Platform Admin User's password on the Server. This should be stored in an Ansible Vault at vars/platform-secrets.yml or elsewhere and called from a parent playbook.|| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Automation Platform Server's SSL certificate.|| |`aap_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| |`aap_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| @@ -21,13 +21,13 @@ An Ansible Role to create users in Automation Hub. The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add user task does not include sensitive information. +The role defaults to false as normally the add user task does not include sensitive information. hub_configuration_user_secure_logging defaults to the value of aap_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of automation hub configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`hub_configuration_user_secure_logging`|`False`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`aap_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`hub_configuration_user_secure_logging`|`false`|no|Whether or not to include the sensitive Namespace role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`aap_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables diff --git a/roles/hub_user/defaults/main.yml b/roles/hub_user/defaults/main.yml index 5b6634e2f..5340c38ed 100644 --- a/roles/hub_user/defaults/main.yml +++ b/roles/hub_user/defaults/main.yml @@ -26,5 +26,5 @@ hub_configuration_user_async_timeout: "{{ aap_configuration_async_timeout | defa hub_configuration_user_async_retries: "{{ aap_configuration_async_retries | default(50) }}" hub_configuration_user_accounts_loop_delay: "{{ aap_configuration_loop_delay | default(0) }}" hub_configuration_user_async_delay: "{{ aap_configuration_async_delay | default(1) }}" -aap_configuration_async_dir: null +aap_configuration_async_dir: ... diff --git a/roles/hub_user/meta/argument_specs.yml b/roles/hub_user/meta/argument_specs.yml index 0ce1ff31c..5206b63e4 100644 --- a/roles/hub_user/meta/argument_specs.yml +++ b/roles/hub_user/meta/argument_specs.yml @@ -28,7 +28,7 @@ argument_specs: required: false description: This variable sets delay between retries across all roles as a default. aap_configuration_async_dir: - default: null + default: required: false description: Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. diff --git a/roles/hub_user/meta/main.yml b/roles/hub_user/meta/main.yml index 087273402..3de552fb1 100644 --- a/roles/hub_user/meta/main.yml +++ b/roles/hub_user/meta/main.yml @@ -1,9 +1,9 @@ --- galaxy_info: - role_name: "hub_user" - author: "Tom Page" - description: "An Ansible Role to manage users in Automation Hub." - company: "Red Hat" + role_name: hub_user + author: Tom Page + description: An Ansible Role to manage users in Automation Hub. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -25,16 +25,16 @@ galaxy_info: # platforms is a list of platforms, and each platform has a name and a list of versions. # platforms: - - name: "EL" + - name: EL versions: - - "all" + - all galaxy_tags: - - "automationhub" - - "galaxy" - - "configuration" - - "user" - - "users" + - automationhub + - galaxy + - configuration + - user + - users dependencies: - role: global_vars diff --git a/roles/hub_user/tasks/main.yml b/roles/hub_user/tasks/main.yml index ee414c5d6..c595f84d9 100644 --- a/roles/hub_user/tasks/main.yml +++ b/roles/hub_user/tasks/main.yml @@ -1,24 +1,23 @@ --- - # Create AH Users - name: Add Automation Hub User ansible.hub.ah_user: - username: "{{ __hub_user_item.username | default(omit) }}" + username: "{{ __hub_user_item.username | default(omit) }}" # new_name: "{{ __user.new_name | default(omit) }}" <-- Needs adding once new_name option added to module - groups: "{{ __hub_user_item.groups | default(omit) }}" - append: "{{ __hub_user_item.append | default(omit) }}" - first_name: "{{ __hub_user_item.first_name | default(omit) }}" - last_name: "{{ __hub_user_item.last_name | default(omit) }}" - email: "{{ __hub_user_item.email | default(omit) }}" - is_superuser: "{{ __hub_user_item.is_superuser | default(omit) }}" - password: "{{ __hub_user_item.password | default(omit) }}" - state: "{{ __hub_user_item.state | default(ah_state | default('present')) }}" - ah_host: "{{ aap_hostname | default(omit) }}" - ah_username: "{{ aap_username | default(omit) }}" - ah_password: "{{ aap_password | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ aap_validate_certs | default(omit) }}" - request_timeout: "{{ aap_request_timeout | default(omit) }}" + groups: "{{ __hub_user_item.groups | default(omit) }}" + append: "{{ __hub_user_item.append | default(omit) }}" + first_name: "{{ __hub_user_item.first_name | default(omit) }}" + last_name: "{{ __hub_user_item.last_name | default(omit) }}" + email: "{{ __hub_user_item.email | default(omit) }}" + is_superuser: "{{ __hub_user_item.is_superuser | default(omit) }}" + password: "{{ __hub_user_item.password | default(omit) }}" + state: "{{ __hub_user_item.state | default(ah_state | default('present')) }}" + ah_host: "{{ aap_hostname | default(omit) }}" + ah_username: "{{ aap_username | default(omit) }}" + ah_password: "{{ aap_password | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ aap_validate_certs | default(omit) }}" + request_timeout: "{{ aap_request_timeout | default(omit) }}" loop: "{{ aap_user_accounts }}" loop_control: loop_var: __hub_user_item @@ -31,9 +30,9 @@ changed_when: not __users_job_async.changed vars: __operation: "{{ operation_translate[__hub_user_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" -- name: "Create User | Wait for finish the user creation" +- name: Create User | Wait for finish the user creation ansible.builtin.async_status: jid: "{{ __users_job_async_result_item.ansible_job_id }}" register: __users_job_async_result @@ -48,5 +47,5 @@ no_log: "{{ hub_configuration_user_secure_logging }}" vars: __operation: "{{ operation_translate[__users_job_async_result_item.state | default(platform_state) | default('present')] }}" - ansible_async_dir: '{{ aap_configuration_async_dir }}' + ansible_async_dir: "{{ aap_configuration_async_dir }}" ... diff --git a/roles/hub_user/tests/test.yml b/roles/hub_user/tests/test.yml index 9a1afa16d..e79c955d6 100644 --- a/roles/hub_user/tests/test.yml +++ b/roles/hub_user/tests/test.yml @@ -12,7 +12,7 @@ - name: Include vars from ah_configs directory ansible.builtin.include_vars: dir: ./vars - extensions: ["yml"] + extensions: [yml] tags: - always roles: diff --git a/roles/meta_dependency_check/meta/main.yml b/roles/meta_dependency_check/meta/main.yml index 088dd5d0c..d98452bcf 100644 --- a/roles/meta_dependency_check/meta/main.yml +++ b/roles/meta_dependency_check/meta/main.yml @@ -2,8 +2,8 @@ galaxy_info: role_name: meta_dependency_check author: Tom page - description: "An Ansible Role to check collection dependencies." - company: "Red Hat" + description: An Ansible Role to check collection dependencies. + company: Red Hat # If the issue tracker for your role is not on github, uncomment the # next line and provide a value @@ -50,6 +50,4 @@ galaxy_info: # Maximum 20 tags per role. dependencies: [] -# List your role dependencies here, one per line. Be sure to remove the '[]' above, -# if you add dependencies to this list. ... diff --git a/roles/meta_dependency_check/tasks/main.yml b/roles/meta_dependency_check/tasks/main.yml index eec538e80..0b4f78dd3 100644 --- a/roles/meta_dependency_check/tasks/main.yml +++ b/roles/meta_dependency_check/tasks/main.yml @@ -5,8 +5,8 @@ ansible.builtin.debug: msg: "{{ controller_dependency_check | bool | ternary(__depdency_check_active_msg, __depdency_check_inactive_msg) }}" vars: - __depdency_check_active_msg: 'Dependency check is active. Required collections presence will be verified.' - __depdency_check_inactive_msg: 'Dependency check is deactivated. Required collections presence will not be verified. This might cause failure in the next tasks.' + __depdency_check_active_msg: Dependency check is active. Required collections presence will be verified. + __depdency_check_inactive_msg: Dependency check is deactivated. Required collections presence will not be verified. This might cause failure in the next tasks. - name: Dependency check block when: controller_dependency_check | bool diff --git a/roles/meta_dependency_check/tests/test.yml b/roles/meta_dependency_check/tests/test.yml index 2def94a86..9116d656a 100644 --- a/roles/meta_dependency_check/tests/test.yml +++ b/roles/meta_dependency_check/tests/test.yml @@ -3,5 +3,4 @@ hosts: localhost roles: - meta_dependency_check - ... diff --git a/tests/configs/controller/credential_input_sources.yml b/tests/configs/controller/credential_input_sources.yml index d10134445..b18408239 100644 --- a/tests/configs/controller/credential_input_sources.yml +++ b/tests/configs/controller/credential_input_sources.yml @@ -5,7 +5,7 @@ controller_credential_input_sources: target_credential: gitlab input_field_name: password metadata: - object_query: "Safe=MY_SAFE;Object=AWX-user" - object_query_format: "Exact" + object_query: Safe=MY_SAFE;Object=AWX-user + object_query_format: Exact description: Fill the gitlab credential from CyberArk ... diff --git a/tests/configs/controller/credentials.yml b/tests/configs/controller/credentials.yml index ef335b993..4ac0b3e38 100644 --- a/tests/configs/controller/credentials.yml +++ b/tests/configs/controller/credentials.yml @@ -5,9 +5,9 @@ controller_credentials: name: admin@internal-RHVM-01 description: infra-rhvm-01 creds for inventory sources. inputs: - host: "https://example.com/ovirt-engine/api" - username: "user" - password: "password" + host: https://example.com/ovirt-engine/api + username: user + password: password organization: Satellite - credential_type: Machine organization: Satellite @@ -30,11 +30,11 @@ controller_credentials: description: satlab-admin-vault password aka vault_secret organization: Satellite - description: CyberArk Lookup Credential - name: "cyberark" + name: cyberark credential_type: CyberArk Central Credential Provider Lookup inputs: - url: "https://cyberark.example.com" - app_id: "My-App-ID" + url: https://cyberark.example.com + app_id: My-App-ID organization: Default - credential_type: Source Control name: gitlab diff --git a/tests/configs/controller/differential_items.yml b/tests/configs/controller/differential_items.yml index 1c0760c09..cc3c134a2 100644 --- a/tests/configs/controller/differential_items.yml +++ b/tests/configs/controller/differential_items.yml @@ -74,12 +74,12 @@ differential_items: - name: credentials with_present: false differential_test_items: - - name: "cyberark" + - name: cyberark credential_type: CyberArk Central Credential Provider Lookup organization: Default - name: Demo Credential organization: Default - credential_type: "Machine" + credential_type: Machine expected_test_result: - name: galaxy-server credential_type: Ansible Galaxy/Automation Hub API Token @@ -87,7 +87,7 @@ differential_items: state: absent - name: gitlab organization: Default - credential_type: "Source Control" + credential_type: Source Control state: absent # - name: inventory_sources # with_present: false @@ -122,11 +122,11 @@ differential_items: - name: localhost inventory: Demo Inventory expected_test_result: - - name: "localhost" - inventory: "RHVM-01" + - name: localhost + inventory: RHVM-01 state: absent - - name: "localhost" - inventory: "localhost" + - name: localhost + inventory: localhost state: absent - name: teams with_present: false diff --git a/tests/configs/controller/execution_environments.yml b/tests/configs/controller/execution_environments.yml index 26751dd2b..0d2170114 100644 --- a/tests/configs/controller/execution_environments.yml +++ b/tests/configs/controller/execution_environments.yml @@ -1,6 +1,6 @@ --- controller_execution_environments: - - name: "My EE" + - name: My EE image: quay.io/ansible/awx-ee pull: always ... diff --git a/tests/configs/controller/inventories.yml b/tests/configs/controller/inventories.yml index 896103673..37b5264ec 100644 --- a/tests/configs/controller/inventories.yml +++ b/tests/configs/controller/inventories.yml @@ -21,7 +21,7 @@ controller_inventories: organization: Default description: created by Ansible Playbook kind: smart - host_filter: "name__icontains=localhost" + host_filter: name__icontains=localhost - name: test_constructed organization: Default kind: constructed diff --git a/tests/configs/controller/notifications.yml b/tests/configs/controller/notifications.yml index 2fad4a240..95ad77a11 100644 --- a/tests/configs/controller/notifications.yml +++ b/tests/configs/controller/notifications.yml @@ -7,7 +7,7 @@ controller_notifications: notification_configuration: use_tls: false use_ssl: false - password: '' # this is required even if there's no password + password: "" # this is required even if there's no password port: 6667 server: irc.freenode.com nickname: Ansible-Tower-Stage-Bot-01 @@ -15,35 +15,34 @@ controller_notifications: - "#my-channel" messages: success: - body: '{"fields": {"project": {"id": "11111"},"summary": "Lab { { job.status - }} Ansible Tower { { job.name }}","description": "{ { job.status }} in { { + body: '{"fields": {"project": {"id": "11111"},"summary": "Lab { { job.status }} Ansible Tower { { job.name }}","description": "{ { job.status }} in { { job.name }} { { job.id }} { {url}}","issuetype": {"id": "1"}}}' - name: Email notification description: Send out emails for tower jobs organization: Default notification_type: email notification_configuration: - username: '' # this is required even if there's no username + username: "" # this is required even if there's no username sender: tower0@example.com recipients: - admin@example.com use_tls: false host: smtp.example.com use_ssl: false - password: '' # this is required even if there's no password + password: "" # this is required even if there's no password port: 25 - name: Email notification differential description: Send out emails for tower jobs organization: Default notification_type: email notification_configuration: - username: '' # this is required even if there's no username + username: "" # this is required even if there's no username sender: tower0@example.com recipients: - admin@example.com use_tls: false host: smtp.example.com use_ssl: false - password: '' # this is required even if there's no password + password: "" # this is required even if there's no password port: 25 ... diff --git a/tests/configs/controller/roles.yml b/tests/configs/controller/roles.yml index 48dd4d14b..ede1740a4 100644 --- a/tests/configs/controller/roles.yml +++ b/tests/configs/controller/roles.yml @@ -1,12 +1,12 @@ --- controller_roles: - - inventory: RHVM-01 + - inventory: RHVM-01 team: satlab-admin role: admin - - inventory: RHVM-02 + - inventory: RHVM-02 team: satellite-qe role: use - - inventory: RHVM-02 + - inventory: RHVM-02 team: satlab-admin roles: - admin diff --git a/tests/configs/controller/schedule.yml b/tests/configs/controller/schedule.yml index c587ec84d..1c5d6f6da 100644 --- a/tests/configs/controller/schedule.yml +++ b/tests/configs/controller/schedule.yml @@ -3,11 +3,11 @@ controller_schedules: - name: Demo Schedule description: A demonstration unified_job_template: test-template-1 - rrule: "DTSTART:20191219T130551Z RRULE:FREQ=DAILY;INTERVAL=1;COUNT=1" + rrule: DTSTART:20191219T130551Z RRULE:FREQ=DAILY;INTERVAL=1;COUNT=1 - name: Demo Schedule 2 description: Another demonstration unified_job_template: Demo Job Template - rrule: "DTSTART:20200101T000000Z RRULE:FREQ=HOURLY;INTERVAL=3" + rrule: DTSTART:20200101T000000Z RRULE:FREQ=HOURLY;INTERVAL=3 execution_environment: My EE forks: 2 limit: all diff --git a/tests/configs/controller/settings.yml b/tests/configs/controller/settings.yml index c2d002575..36a3608ab 100644 --- a/tests/configs/controller/settings.yml +++ b/tests/configs/controller/settings.yml @@ -1,7 +1,7 @@ --- controller_settings: settings: - AWX_TASK_ENV: {'GIT_SSL_NO_VERIFY': 'True'} + AWX_TASK_ENV: { GIT_SSL_NO_VERIFY: "true" } gateway_settings: gateway_token_name: X-DAB-JW-TOKEN gateway_access_token_expiration: 600 diff --git a/tests/configs/controller/settings_individuale.yml b/tests/configs/controller/settings_individuale.yml index 54817eefa..498ffd0ff 100644 --- a/tests/configs/controller/settings_individuale.yml +++ b/tests/configs/controller/settings_individuale.yml @@ -1,5 +1,5 @@ --- controller_settings_individuale: - name: AWX_TASK_ENV - value: {'GIT_SSL_NO_VERIFY': 'True'} + value: { GIT_SSL_NO_VERIFY: "true" } ... diff --git a/tests/configs/controller/teams.yml b/tests/configs/controller/teams.yml index 197f6d5c9..fb9caaf30 100644 --- a/tests/configs/controller/teams.yml +++ b/tests/configs/controller/teams.yml @@ -8,16 +8,16 @@ aap_teams: organization: Default - name: differential-2 organization: Default - - name: "Netops" - description: "Network Ops Team" + - name: Netops + description: Network Ops Team organization: Satellite - - name: "Netadmin" - description: "Network Admin Team" + - name: Netadmin + description: Network Admin Team organization: Satellite - - name: "Compute T1" - description: "Computer T1 Team" + - name: Compute T1 + description: Computer T1 Team organization: Satellite - - name: "Compute T2" - description: "Computer T22 Team" + - name: Compute T2 + description: Computer T22 Team organization: Satellite ... diff --git a/tests/configs/controller/templates.yml b/tests/configs/controller/templates.yml index fe6c127f8..98ae57e3a 100644 --- a/tests/configs/controller/templates.yml +++ b/tests/configs/controller/templates.yml @@ -32,7 +32,7 @@ controller_templates: credentials: Demo Credential verbosity: 0 inventory: localhost - execution_environment: "My EE" + execution_environment: My EE ask_inventory_on_launch: true ask_execution_environment_on_launch: true ask_forks_on_launch: true @@ -43,19 +43,18 @@ controller_templates: ask_limit_on_launch: true prevent_instance_group_fallback: true survey_spec: - name: '' - description: '' + name: "" + description: "" spec: - question_name: Target Host - question_description: target host is required for playbook to work, this host - needs to exist in the inventory + question_description: target host is required for playbook to work, this host needs to exist in the inventory required: true type: text variable: target_hosts min: 0 max: 1024 default: infra-ansible-tower-testing.infra.sat.rdu2.redhat.com - choices: '' + choices: "" new_question: true controller_templates_invalid: diff --git a/tests/configs/gateway/authenticator_maps.yml b/tests/configs/gateway/authenticator_maps.yml index c36221841..7fabbf736 100644 --- a/tests/configs/gateway/authenticator_maps.yml +++ b/tests/configs/gateway/authenticator_maps.yml @@ -1,16 +1,16 @@ --- gateway_authenticators: - - name: 'Test-Authenticator-1' - slug: 'Test-Authenticator-1' + - name: Test-Authenticator-1 + slug: Test-Authenticator-1 type: ansible_base.authentication.authenticator_plugins.local configuration: {} - - name: 'Test-Authenticator-2' - slug: 'Test-Authenticator-2' + - name: Test-Authenticator-2 + slug: Test-Authenticator-2 type: ansible_base.authentication.authenticator_plugins.local configuration: {} gateway_authenticator_maps: - - name: 'Test-AMap-1' - authenticator: 'Test-Authenticator-1' + - name: Test-AMap-1 + authenticator: Test-Authenticator-1 revoke: false map_type: organization role: Organization Member @@ -19,8 +19,8 @@ gateway_authenticator_maps: always: {} never: {} order: 10 - - name: 'Test-AMap-2' - authenticator: 'Test-Authenticator-1' + - name: Test-AMap-2 + authenticator: Test-Authenticator-1 revoke: true map_type: team role: Team Admin @@ -35,8 +35,8 @@ gateway_authenticator_maps: - group3 - group4 order: 2 - - name: 'Test-AMap-3' - authenticator: 'Test-Authenticator-2' + - name: Test-AMap-3 + authenticator: Test-Authenticator-2 map_type: allow triggers: attributes: diff --git a/tests/configs/gateway/service_cluster.yml b/tests/configs/gateway/service_cluster.yml index c23c0771a..2b9c1b8b9 100644 --- a/tests/configs/gateway/service_cluster.yml +++ b/tests/configs/gateway/service_cluster.yml @@ -1,12 +1,12 @@ --- # Cannot add more than one, cannot add existing type. gateway_service_clusters: - - name: "gateway" - service_type: "gateway" - - name: "hub" - service_type: "hub" - - name: "controller" - service_type: "controller" + - name: gateway + service_type: gateway + - name: hub + service_type: hub + - name: controller + service_type: controller gateway_service_keys: - name: Test-Key 1 diff --git a/tests/configs/gateway/services.yml b/tests/configs/gateway/services.yml index fbc2d77e9..4716a5c67 100644 --- a/tests/configs/gateway/services.yml +++ b/tests/configs/gateway/services.yml @@ -1,9 +1,13 @@ --- -https_port_lookup: "{{ lookup('ansible.platform.gateway_api', 'http_ports', query_params={ 'is_api_port': true }, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false, expect_one=true) }}" -gateway_services_lookup: "{{ lookup('ansible.platform.gateway_api', 'services', query_params={ 'name': 'gateway api' }, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false, expect_one=true) }}" -service_node_name: "Node gateway - {{ aap_hostname | urlsplit('hostname') }}" -gateway_service_node_lookup: "{{ lookup('ansible.platform.gateway_api', 'service_nodes', query_params={ 'name': service_node_name }, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false, expect_one=true) }}" -gateway_routes_lookup: "{{ lookup('ansible.platform.gateway_api', 'routes', query_params={ 'name': 'hub container registry' }, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false, expect_one=true) }}" +https_port_lookup: "{{ lookup('ansible.platform.gateway_api', 'http_ports', query_params={ 'is_api_port': true }, host=aap_hostname, username=aap_username, password=aap_password, + verify_ssl=false, expect_one=true) }}" +gateway_services_lookup: "{{ lookup('ansible.platform.gateway_api', 'services', query_params={ 'name': 'gateway api' }, host=aap_hostname, username=aap_username, + password=aap_password, verify_ssl=false, expect_one=true) }}" +service_node_name: Node gateway - {{ aap_hostname | urlsplit('hostname') }} +gateway_service_node_lookup: "{{ lookup('ansible.platform.gateway_api', 'service_nodes', query_params={ 'name': service_node_name }, host=aap_hostname, username=aap_username, + password=aap_password, verify_ssl=false, expect_one=true) }}" +gateway_routes_lookup: "{{ lookup('ansible.platform.gateway_api', 'routes', query_params={ 'name': 'hub container registry' }, host=aap_hostname, username=aap_username, + password=aap_password, verify_ssl=false, expect_one=true) }}" http_ports: - name: "{{ https_port_lookup.name }}" @@ -17,7 +21,7 @@ gateway_services: - name: gateway api http_port: port-443 service_cluster: gateway - service_path: "/" + service_path: / service_port: "{{ gateway_services_lookup.service_port | int }}" gateway_service_nodes: diff --git a/tests/configs/hub/ah_ansible_config.yml b/tests/configs/hub/ah_ansible_config.yml index d62af892a..50dfd9aef 100644 --- a/tests/configs/hub/ah_ansible_config.yml +++ b/tests/configs/hub/ah_ansible_config.yml @@ -2,7 +2,7 @@ automation_hub_list: - name: automation_hub url: "{{ aap_hostname }}" - auth_url: "{{ aap_hostname }}api/galaxy/" # {{aap_hostname}}api/galaxy/ for AH {{aap_hostname}}api/automation-hub/ for Galaxy + auth_url: "{{ aap_hostname }}api/galaxy/" # {{aap_hostname}}api/galaxy/ for AH {{aap_hostname}}api/automation-hub/ for Galaxy ansible_config_list: - header: galaxy @@ -10,7 +10,7 @@ ansible_config_list: - key: ignore_certs value: "{% if validate_certs %}false{% else %}true{% endif %}" - key: server_list - value: "automation_hub" + value: automation_hub -aap_configuration_working_dir: "test" +aap_configuration_working_dir: test ... diff --git a/tests/configs/hub/ah_auth.yml b/tests/configs/hub/ah_auth.yml index 0be29f69e..9cbbf969b 100644 --- a/tests/configs/hub/ah_auth.yml +++ b/tests/configs/hub/ah_auth.yml @@ -8,6 +8,6 @@ # ah_password: "{% if galaxy_ng_version == 'stable-4.4' or galaxy_ng_version == 'stable-4.5' or galaxy_ng_version == 'stable-4.6' %}admin{% else %}redhat{% endif %}" # aap_password: admin aap_validate_certs: false -ah_path_prefix: 'galaxy' # AH: galaxy Galaxy: automation-hub +ah_path_prefix: galaxy # AH: galaxy Galaxy: automation-hub hub_configuration_namespace_secure_logging: false ... diff --git a/tests/configs/hub/ah_collections.yml b/tests/configs/hub/ah_collections.yml index c11f397ac..0f6e7995d 100644 --- a/tests/configs/hub/ah_collections.yml +++ b/tests/configs/hub/ah_collections.yml @@ -2,7 +2,7 @@ hub_collections: - namespace: infra name: galaxy - path: "/home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/infra-aap_configuration-1.0.0.tar.gz" + path: /home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/infra-aap_configuration-1.0.0.tar.gz wait: true interaval: 5 auto_approve: true @@ -18,7 +18,7 @@ hub_collections: hub_collections_overwrite: - namespace: infra name: galaxy - path: "/home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/infra-aap_configuration-1.0.0.tar.gz" + path: /home/runner/work/{{ git_repo_name }}/{{ git_repo_name }}/infra-aap_configuration-1.0.0.tar.gz wait: true interaval: 5 auto_approve: true diff --git a/tests/configs/hub/ah_namespaces.yml b/tests/configs/hub/ah_namespaces.yml index a0f40880a..5d7bc707a 100644 --- a/tests/configs/hub/ah_namespaces.yml +++ b/tests/configs/hub/ah_namespaces.yml @@ -7,8 +7,8 @@ hub_namespaces: description: string resources: "# Community\nA Namespace test with changes" links: - - name: "Nothing" - url: "https://github.com/ansible/awx" + - name: Nothing + url: https://github.com/ansible/awx - name: infra - name: test_namespace - name: galaxy diff --git a/tests/configs/hub/ah_repository.yml b/tests/configs/hub/ah_repository.yml index c5933c4e2..451cf25ed 100644 --- a/tests/configs/hub/ah_repository.yml +++ b/tests/configs/hub/ah_repository.yml @@ -25,23 +25,23 @@ hub_collection_remotes: hub_collection_repositories: - name: community-infra-repo - description: "description of community-infra repository" + description: description of community-infra repository pulp_labels: - pipeline: "approved" + pipeline: approved distribution: state: present remote: community-infra - name: community-infra-repo-nodistro - description: "description of community-infra repository" + description: description of community-infra repository pulp_labels: - pipeline: "approved" + pipeline: approved remote: community-infra - name: community-infra-repo-noremote - description: "description of community-infra repository" + description: description of community-infra repository pulp_labels: - pipeline: "approved" + pipeline: approved distribution: state: present - name: community-infra-repo-nothing - description: "description of community-infra repository" + description: description of community-infra repository ... diff --git a/tests/configs_export_model/credentials_export.yml b/tests/configs_export_model/credentials_export.yml index e62e5ea0a..cb1a399ba 100644 --- a/tests/configs_export_model/credentials_export.yml +++ b/tests/configs_export_model/credentials_export.yml @@ -1,7 +1,7 @@ --- credentials: - name: AWX-Collection-tests-controller_workflow_job_template-scm-cred - description: '' + description: "" inputs: {} organization: name: Default @@ -21,8 +21,8 @@ credentials: type: credential_type type: credential - name: Demo Credential - description: '' - organization: null + description: "" + organization: inputs: username: admin credential_type: @@ -33,7 +33,7 @@ credentials: username: admin type: user natural_key: - organization: null + organization: name: Demo Credential credential_type: name: Machine @@ -43,18 +43,18 @@ credentials: - name: Demo Custom Credential credential_type: kind: cloud - name: 'REST API Credential' + name: REST API Credential type: credential_type - description: '' + description: "" inputs: rest_username: admin - rest_password: '' + rest_password: "" natural_key: credential_type: kind: cloud - name: 'REST API Credential' + name: REST API Credential type: credential_type - name: 'REST API Credential' + name: REST API Credential organization: name: Default type: organization @@ -112,9 +112,7 @@ credentials: kind: scm name: Source Control type: credential_type - description: - General purpose token that can be used by anyone for satlab-admin(or - other private) repo clone + description: General purpose token that can be used by anyone for satlab-admin(or other private) repo clone inputs: password: "" username: gitlab @@ -136,9 +134,7 @@ credentials: kind: ssh name: Machine type: credential_type - description: - This credential can be used with any vm that contains jenkins_public - key in authorized keys + description: This credential can be used with any vm that contains jenkins_public key in authorized keys inputs: ssh_key_data: "" username: root diff --git a/tests/configs_export_model/differential_items.yml b/tests/configs_export_model/differential_items.yml index b75d89775..d15b8470f 100644 --- a/tests/configs_export_model/differential_items.yml +++ b/tests/configs_export_model/differential_items.yml @@ -6,7 +6,7 @@ differential_expected: kind: scm name: Source Control type: credential_type - description: '' + description: "" inputs: username: username name: gitlab-team @@ -27,7 +27,7 @@ differential_expected: kind: scm name: Source Control type: credential_type - description: '' + description: "" inputs: username: username name: gitlab-user @@ -260,9 +260,7 @@ differential_expected: max: 1024 min: 0 new_question: true - question_description: - target host is required for playbook to work, this - host needs to exist in the inventory + question_description: target host is required for playbook to work, this host needs to exist in the inventory question_name: Target Host required: true type: text @@ -442,7 +440,7 @@ differential_expected: natural_key: type: user username: admin - password: '' + password: "" related: roles: - content_object: @@ -489,7 +487,7 @@ differential_expected_gte_awx25: kind: scm name: Source Control type: credential_type - description: '' + description: "" inputs: username: username name: gitlab-team @@ -510,7 +508,7 @@ differential_expected_gte_awx25: kind: scm name: Source Control type: credential_type - description: '' + description: "" inputs: username: username name: gitlab-user @@ -743,9 +741,7 @@ differential_expected_gte_awx25: max: 1024 min: 0 new_question: true - question_description: - target host is required for playbook to work, this - host needs to exist in the inventory + question_description: target host is required for playbook to work, this host needs to exist in the inventory question_name: Target Host required: true type: text @@ -923,6 +919,6 @@ differential_expected_gte_awx25: natural_key: type: user username: admin - password: '' + password: "" ... diff --git a/tests/configs_export_model/inventory_export.yml b/tests/configs_export_model/inventory_export.yml index 529271de9..66eff9571 100644 --- a/tests/configs_export_model/inventory_export.yml +++ b/tests/configs_export_model/inventory_export.yml @@ -1,9 +1,9 @@ --- inventory: - name: 2nd Testing Inventory - description: '' - kind: '' - host_filter: null + description: "" + kind: "" + host_filter: organization: name: Satellite type: organization @@ -14,9 +14,9 @@ inventory: name: 2nd Testing Inventory type: inventory - name: Testing Inventory - description: '' - kind: '' - host_filter: null + description: "" + kind: "" + host_filter: organization: name: Satellite type: organization @@ -28,8 +28,8 @@ inventory: type: inventory - name: satlab-admin-inventory description: Load inventory from satlab-admin hosts file - kind: '' - host_filter: null + kind: "" + host_filter: organization: name: Default type: organization diff --git a/tests/configs_export_model/inventory_sources_export.yml b/tests/configs_export_model/inventory_sources_export.yml index 30d941cb6..8dedd2f72 100644 --- a/tests/configs_export_model/inventory_sources_export.yml +++ b/tests/configs_export_model/inventory_sources_export.yml @@ -1,15 +1,15 @@ --- inventory_sources: - name: test - description: '' + description: "" source: scm source_path: /test.yml - source_regions: '' - instance_filters: '' - group_by: '' + source_regions: "" + instance_filters: "" + group_by: "" overwrite: false overwrite_vars: false - custom_virtualenv: null + custom_virtualenv: timeout: 0 verbosity: 1 update_on_launch: false diff --git a/tests/configs_export_model/job_templates_export.yml b/tests/configs_export_model/job_templates_export.yml index 5e2b6ae5c..44f4b7b7e 100644 --- a/tests/configs_export_model/job_templates_export.yml +++ b/tests/configs_export_model/job_templates_export.yml @@ -1,21 +1,21 @@ --- job_templates: - name: No Survey Template no vars - description: '' + description: "" job_type: run playbook: helloworld.yml - scm_branch: '' + scm_branch: "" forks: 0 - limit: '' + limit: "" verbosity: 0 extra_vars: '{"empty_var": "nothing"}' - job_tags: '' + job_tags: "" force_handlers: false - skip_tags: '' - start_at_task: '' + skip_tags: "" + start_at_task: "" timeout: 0 use_fact_cache: false - host_config_key: '' + host_config_key: "" ask_scm_branch_on_launch: false ask_diff_mode_on_launch: false ask_variables_on_launch: false @@ -30,9 +30,9 @@ job_templates: become_enabled: false diff_mode: false allow_simultaneous: false - custom_virtualenv: null + custom_virtualenv: job_slice_count: 1 - webhook_service: '' + webhook_service: "" inventory: organization: name: Satellite @@ -48,7 +48,7 @@ job_templates: related: labels: [] credentials: - - organization: null + - organization: name: Demo Credential credential_type: name: Machine @@ -72,21 +72,21 @@ job_templates: name: No Survey Template no vars type: job_template - name: Survey Template with vars no org - description: '' + description: "" job_type: run playbook: helloworld.yml - scm_branch: '' + scm_branch: "" forks: 0 - limit: '' + limit: "" verbosity: 0 extra_vars: '{"example_a": "127.0.0.1", "example_b": "text"}' - job_tags: '' + job_tags: "" force_handlers: false - skip_tags: '' - start_at_task: '' + skip_tags: "" + start_at_task: "" timeout: 0 use_fact_cache: false - host_config_key: '' + host_config_key: "" ask_scm_branch_on_launch: false ask_diff_mode_on_launch: false ask_variables_on_launch: false @@ -101,9 +101,9 @@ job_templates: become_enabled: false diff_mode: false allow_simultaneous: false - custom_virtualenv: null + custom_virtualenv: job_slice_count: 1 - webhook_service: '' + webhook_service: "" inventory: organization: name: Satellite @@ -123,7 +123,7 @@ job_templates: name: Default type: organization credentials: - - organization: null + - organization: name: Demo Credential credential_type: name: Machine @@ -145,10 +145,10 @@ job_templates: spec: - question_description: Name min: 0 - default: '' + default: "" max: 128 required: true - choices: '' + choices: "" new_question: true variable: basic_name question_name: Basic Name @@ -165,9 +165,9 @@ job_templates: variable: option_true_false question_name: Choose yes or no? type: multiplechoice - - question_description: '' + - question_description: "" min: 0 - default: '' + default: "" max: 0 required: true choices: |- @@ -176,7 +176,7 @@ job_templates: group3 new_question: true variable: target_groups - question_name: 'Select Group:' + question_name: "Select Group:" type: multiselect natural_key: organization: @@ -185,21 +185,21 @@ job_templates: name: Survey Template with vars no org type: job_template - name: workflow_test_template - description: '' + description: "" job_type: run playbook: helloworld.yml - scm_branch: '' + scm_branch: "" forks: 0 - limit: '' + limit: "" verbosity: 0 extra_vars: '{"empty_var": "nothing"}' - job_tags: '' + job_tags: "" force_handlers: false - skip_tags: '' - start_at_task: '' + skip_tags: "" + start_at_task: "" timeout: 0 use_fact_cache: false - host_config_key: '' + host_config_key: "" ask_scm_branch_on_launch: false ask_diff_mode_on_launch: true ask_variables_on_launch: false @@ -214,9 +214,9 @@ job_templates: become_enabled: false diff_mode: false allow_simultaneous: false - custom_virtualenv: null + custom_virtualenv: job_slice_count: 1 - webhook_service: '' + webhook_service: "" inventory: organization: name: Satellite @@ -232,7 +232,7 @@ job_templates: related: labels: [] credentials: - - organization: null + - organization: name: Demo Credential credential_type: name: Machine diff --git a/tests/configs_export_model/notifications_templates_export.yml b/tests/configs_export_model/notifications_templates_export.yml index fa2db115e..e08f5c3e3 100644 --- a/tests/configs_export_model/notifications_templates_export.yml +++ b/tests/configs_export_model/notifications_templates_export.yml @@ -4,21 +4,21 @@ notification_templates: description: Send out emails for tower jobs notification_type: email notification_configuration: - username: '' + username: "" sender: tower0@example.com recipients: - admin@example.com use_tls: false host: smtp.example.com use_ssl: false - password: '' + password: "" port: 25 timeout: 30 messages: - started: null - success: null - error: null - workflow_approval: null + started: + success: + error: + workflow_approval: organization: name: Satellite type: organization @@ -28,17 +28,17 @@ notification_templates: notification_configuration: use_tls: false use_ssl: false - password: '' + password: "" port: 6667 server: irc.freenode.com nickname: Ansible-Tower-Stage-Bot-01 targets: - - '#my-channel' + - "#my-channel" messages: - started: null - success: null - error: null - workflow_approval: null + started: + success: + error: + workflow_approval: organization: name: Satellite type: organization diff --git a/tests/configs_export_model/organizations_export.yml b/tests/configs_export_model/organizations_export.yml index b04b3b662..4458f23c1 100644 --- a/tests/configs_export_model/organizations_export.yml +++ b/tests/configs_export_model/organizations_export.yml @@ -3,7 +3,7 @@ organizations: - name: Satellite description: Satellite max_hosts: 0 - custom_virtualenv: null + custom_virtualenv: related: notification_templates_started: [] notification_templates_success: [] @@ -16,7 +16,7 @@ organizations: default_environment: name: My EE type: execution_environment - custom_virtualenv: null + custom_virtualenv: related: notification_templates_started: [] notification_templates_success: [] diff --git a/tests/configs_export_model/projects_export.yml b/tests/configs_export_model/projects_export.yml index 4e4bb7c89..43661e148 100644 --- a/tests/configs_export_model/projects_export.yml +++ b/tests/configs_export_model/projects_export.yml @@ -3,12 +3,12 @@ controller_configuration_projects_async_retries: 60 controller_configuration_projects_async_delay: 2 projects: - name: Tower Config Testing - description: '' + description: "" local_path: _48__controller_config_testing scm_type: git scm_url: https://github.com/ansible/tower-example.git scm_branch: master - scm_refspec: '' + scm_refspec: "" scm_clean: false scm_delete_on_update: false timeout: 0 @@ -40,12 +40,12 @@ projects: name: irc-satqe-chat-notification type: notification_template - name: Tower Config - description: '' + description: "" local_path: _52__controller_config scm_type: git scm_url: https://github.com/ansible/tower-example.git scm_branch: master - scm_refspec: '' + scm_refspec: "" scm_clean: false scm_delete_on_update: false timeout: 0 diff --git a/tests/configs_export_model/teams_export.yml b/tests/configs_export_model/teams_export.yml index d27097cd2..0285ff90d 100644 --- a/tests/configs_export_model/teams_export.yml +++ b/tests/configs_export_model/teams_export.yml @@ -1,7 +1,7 @@ --- teams: - name: team1 - description: '' + description: "" organization: name: Satellite type: organization diff --git a/tests/configs_export_model/workflows.yml b/tests/configs_export_model/workflows.yml index d4fb70066..678f4fe70 100644 --- a/tests/configs_export_model/workflows.yml +++ b/tests/configs_export_model/workflows.yml @@ -218,8 +218,8 @@ workflow_job_templates: notification_templates_error: [] notification_templates_approvals: [] survey_spec: - name: '' - description: '' + name: "" + description: "" spec: - question_name: Basic Name question_description: Name @@ -228,8 +228,8 @@ workflow_job_templates: variable: basic_name min: 0 max: 1024 - default: '' - choices: '' + default: "" + choices: "" new_question: true - question_name: Choose yes or no? question_description: Choosing yes or no. @@ -243,14 +243,14 @@ workflow_job_templates: yes no new_question: true - - question_name: 'Select Group:' - question_description: '' + - question_name: "Select Group:" + question_description: "" required: true type: multiplechoice variable: target_groups min: max: - default: '' + default: "" choices: |- group1 group2 diff --git a/tests/configure_controller.yml b/tests/configure_controller.yml index 3c45dc182..e09dd4906 100644 --- a/tests/configure_controller.yml +++ b/tests/configure_controller.yml @@ -14,27 +14,27 @@ - infra.aap_configuration pre_tasks: - - - name: "Determine collection (block)" + - name: Determine collection (block) block: - - name: "Check if the collection ansible.controller is installed" + - name: Check if the collection ansible.controller is installed ansible.builtin.set_fact: ansible_controller_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i ansible.controller || echo NOTINSTALLED') }}" failed_when: ansible_controller_collection_installed is match('NOTINSTALLED') rescue: - - name: "Check if the collection awx.awx is installed" + - name: Check if the collection awx.awx is installed ansible.builtin.set_fact: awx_awx_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i awx.awx || echo NOTINSTALLED') }}" failed_when: awx_awx_collection_installed is match('NOTINSTALLED') always: - - name: "Set the collection providing the controller_api lookup plugin" + - name: Set the collection providing the controller_api lookup plugin ansible.builtin.set_fact: - controller_api_plugin: "{{ ('ansible.controller.controller_api' if ansible_controller_collection_installed is defined) | default('awx.awx.controller_api' if awx_awx_collection_installed is defined) | default('NONE') }}" - - name: "Fail if no collection is detected" + controller_api_plugin: "{{ ('ansible.controller.controller_api' if ansible_controller_collection_installed is defined) | default('awx.awx.controller_api' + if awx_awx_collection_installed is defined) | default('NONE') }}" + - name: Fail if no collection is detected ansible.builtin.fail: msg: "One of the following collections is required to be installed: 'ansible.controller' or 'awx.awx'." when: controller_api_plugin is match('NONE') - - name: "Show the plugin we are using" + - name: Show the plugin we are using ansible.builtin.debug: msg: "Using the 'controller_api' plugin from: {{ controller_api_plugin }}" @@ -42,13 +42,13 @@ ansible.builtin.include_vars: dir: ./configs ignore_files: [controller_config.yml.template] - extensions: ["yml"] + extensions: [yml] tags: - always - name: Wait for Controller to come up ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/ping/" + url: https://{{ aap_hostname }}/api/v2/ping/ status_code: 200 validate_certs: "{{ aap_validate_certs }}" register: result @@ -59,7 +59,7 @@ - name: Wait for the controller node to be up ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/mesh_visualizer/" + url: https://{{ aap_hostname }}/api/v2/mesh_visualizer/ user: "{{ aap_username }}" password: "{{ aap_password }}" method: GET @@ -72,7 +72,7 @@ retries: 80 delay: 5 - - name: "Show result of mesh_visualizer" + - name: Show result of mesh_visualizer ansible.builtin.debug: var: mesh_data @@ -82,10 +82,9 @@ delegate_to: localhost roles: - - dispatch # The dispatch role calls all of the other roles. + - dispatch # The dispatch role calls all of the other roles. tasks: - - name: Validate error handling block: - name: Add Invalid Job Templates to Controller @@ -99,8 +98,8 @@ that: - job_templates_errors is defined - job_templates_errors | length > 0 - fail_msg: "No errors found, validate test example" - success_msg: "Errors found, proceeding" + fail_msg: No errors found, validate test example + success_msg: Errors found, proceeding vars: job_templates_errors: "{{ __job_templates_errors_set_stats.ansible_stats.data.job_templates_errors }}" @@ -116,7 +115,7 @@ when: controller_ad_hoc_commands is defined - name: Cancel Ad hoc commands - ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" + ansible.builtin.include_tasks: ./tasks/ad_hoc_cancel.yml when: controller_ad_hoc_commands is defined - name: Launch Controller Bulk Hosts @@ -182,9 +181,9 @@ job_id: "{{ launched_controller_workflows.results[0].id }}" job_type: workflow_jobs timeout: 180 - aap_username: "{{ aap_username }}" - aap_password: "{{ aap_password }}" - controller_host: "{{ aap_hostname }}" - validate_certs: "{{ aap_validate_certs }}" - ignore_errors: true # noqa ignore-errors + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" + controller_host: "{{ aap_hostname }}" + validate_certs: "{{ aap_validate_certs }}" + ignore_errors: true # noqa ignore-errors ... diff --git a/tests/configure_controller_export_model.yml b/tests/configure_controller_export_model.yml index 18a5bd4c1..9b5c207f7 100644 --- a/tests/configure_controller_export_model.yml +++ b/tests/configure_controller_export_model.yml @@ -13,27 +13,27 @@ # aap_username: admin # aap_password: changeme pre_tasks: - - - name: "Determine collection (block)" + - name: Determine collection (block) block: - - name: "Check if the collection ansible.controller is installed" + - name: Check if the collection ansible.controller is installed ansible.builtin.set_fact: ansible_controller_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i ansible.controller || echo NOTINSTALLED') }}" failed_when: ansible_controller_collection_installed is match('NOTINSTALLED') rescue: - - name: "Check if the collection awx.awx is installed" + - name: Check if the collection awx.awx is installed ansible.builtin.set_fact: awx_awx_collection_installed: "{{ lookup('ansible.builtin.pipe', 'ansible-galaxy collection list | grep -i awx.awx || echo NOTINSTALLED') }}" failed_when: awx_awx_collection_installed is match('NOTINSTALLED') always: - - name: "Set the collection providing the controller_api lookup plugin" + - name: Set the collection providing the controller_api lookup plugin ansible.builtin.set_fact: - controller_api_plugin: "{{ ('ansible.controller.controller_api' if ansible_controller_collection_installed is defined) | default('awx.awx.controller_api' if awx_awx_collection_installed is defined) | default('NONE') }}" - - name: "Fail if no collection is detected" + controller_api_plugin: "{{ ('ansible.controller.controller_api' if ansible_controller_collection_installed is defined) | default('awx.awx.controller_api' + if awx_awx_collection_installed is defined) | default('NONE') }}" + - name: Fail if no collection is detected ansible.builtin.fail: msg: "One of the following collections is required to be installed: 'ansible.controller' or 'awx.awx'." when: controller_api_plugin is match('NONE') - - name: "Show the plugin we are using" + - name: Show the plugin we are using ansible.builtin.debug: msg: "Using the 'controller_api' plugin from: {{ controller_api_plugin }}" @@ -41,11 +41,11 @@ ansible.builtin.include_vars: dir: ./configs_export_model ignore_files: [README.md] - extensions: ["yml"] + extensions: [yml] - name: Wait for the controller to be up ansible.builtin.uri: - url: "https://{{ aap_hostname }}/api/v2/mesh_visualizer/" + url: https://{{ aap_hostname }}/api/v2/mesh_visualizer/ user: "{{ aap_username }}" password: "{{ aap_password }}" method: GET @@ -58,18 +58,17 @@ retries: 120 delay: 5 - roles: - - {role: gateway_organizations, when: organizations is defined, tags: organizations} - - {role: gateway_users, when: users is defined, tags: users} - - {role: gateway_teams, when: teams is defined, tags: teams} - - {role: controller_credential_types, when: credential_types is defined, tags: credential_types} - - {role: controller_credentials, when: credentials is defined, tags: credentials} - - {role: controller_inventories, when: inventory is defined, tags: inventories} - - {role: controller_inventory_sources, when: inventory_sources is defined, tags: inventory_sources} - - {role: controller_projects, when: projects is defined, tags: projects} - - {role: controller_project_update, when: projects is defined, tags: projects} - - {role: controller_job_templates, when: job_templates is defined, tags: job_templates} - - {role: controller_workflow_job_templates, when: workflow_job_templates is defined, tags: workflow_job_templates} - - {role: controller_notification_templates, when: notification_templates is defined, tags: notification_templates} + - { role: gateway_organizations, when: organizations is defined, tags: organizations } + - { role: gateway_users, when: users is defined, tags: users } + - { role: gateway_teams, when: teams is defined, tags: teams } + - { role: controller_credential_types, when: credential_types is defined, tags: credential_types } + - { role: controller_credentials, when: credentials is defined, tags: credentials } + - { role: controller_inventories, when: inventory is defined, tags: inventories } + - { role: controller_inventory_sources, when: inventory_sources is defined, tags: inventory_sources } + - { role: controller_projects, when: projects is defined, tags: projects } + - { role: controller_project_update, when: projects is defined, tags: projects } + - { role: controller_job_templates, when: job_templates is defined, tags: job_templates } + - { role: controller_workflow_job_templates, when: workflow_job_templates is defined, tags: workflow_job_templates } + - { role: controller_notification_templates, when: notification_templates is defined, tags: notification_templates } ... diff --git a/tests/configure_platform.yml b/tests/configure_platform.yml index 4e06d1d14..0d1219d84 100644 --- a/tests/configure_platform.yml +++ b/tests/configure_platform.yml @@ -18,7 +18,7 @@ ansible.builtin.include_vars: dir: ./configs ignore_files: [controller_config.yml.template] - extensions: ["yml"] + extensions: [yml] tags: - always @@ -58,9 +58,8 @@ # delegate_to: localhost roles: - - dispatch # The dispatch role calls all of the other roles. + - dispatch # The dispatch role calls all of the other roles. tasks: - - name: Validate error handling block: - name: Add Invalid Job Templates to Controller @@ -74,8 +73,8 @@ that: - job_templates_errors is defined - job_templates_errors | length > 0 - fail_msg: "No errors found, validate test example" - success_msg: "Errors found, proceeding" + fail_msg: No errors found, validate test example + success_msg: Errors found, proceeding vars: job_templates_errors: __job_templates_errors_set_stats.ansible_stats.data.job_templates_errors @@ -91,7 +90,7 @@ when: controller_ad_hoc_commands is defined - name: Cancel Ad hoc commands - ansible.builtin.include_tasks: "./tasks/ad_hoc_cancel.yml" + ansible.builtin.include_tasks: ./tasks/ad_hoc_cancel.yml when: controller_ad_hoc_commands is defined - name: Launch Controller Bulk Hosts @@ -157,9 +156,9 @@ job_id: "{{ launched_controller_workflows.results[0].id }}" job_type: workflow_jobs timeout: 180 - controller_username: "{{ aap_username }}" - controller_password: "{{ aap_password }}" - controller_host: "{{ aap_hostname }}" - validate_certs: "{{ aap_validate_certs }}" - ignore_errors: true # noqa ignore-errors + controller_username: "{{ aap_username }}" + controller_password: "{{ aap_password }}" + controller_host: "{{ aap_hostname }}" + validate_certs: "{{ aap_validate_certs }}" + ignore_errors: true # noqa ignore-errors ... diff --git a/tests/tasks/ad_hoc_cancel.yml b/tests/tasks/ad_hoc_cancel.yml index 16595bbb8..2e665580f 100644 --- a/tests/tasks/ad_hoc_cancel.yml +++ b/tests/tasks/ad_hoc_cancel.yml @@ -1,15 +1,15 @@ --- -- name: Combine id output with defaults temp +- name: ad_hoc_cancel | Combine id output with defaults temp ansible.builtin.set_fact: tmp_ad_hoc: "{{ {'id': item.id} | combine(controller_ad_hoc_command_defaults) }}" with_items: "{{ controller_ad_hoc_commands_output.results }}" register: tmp_ad_hocs -- name: Combine id output with defaults +- name: ad_hoc_cancel | Combine id output with defaults ansible.builtin.set_fact: controller_ad_hoc_commands_cancel: "{{ tmp_ad_hocs.results | map(attribute='ansible_facts.tmp_ad_hoc') | list }}" -- name: Cancel ad hoc commands +- name: ad_hoc_cancel | Cancel ad hoc commands ansible.builtin.include_role: name: controller_ad_hoc_command_cancel when: controller_ad_hoc_commands is defined diff --git a/tests/tasks/differential.yml b/tests/tasks/differential.yml index 18c63affb..a545fbf7c 100644 --- a/tests/tasks/differential.yml +++ b/tests/tasks/differential.yml @@ -1,92 +1,94 @@ --- -- name: "Get the API list in the Default Organization of all {{ differential_item.name }}" +- name: differential | Get the API list in the Default Organization of all {{ differential_item.name }} ansible.builtin.set_fact: - controller_api_results: "{{ query(controller_api_plugin, differential_item.name, query_params=({'organization': controller_organization_id.id}) if differential_item.name is not match('hosts') else {}, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false) }}" + controller_api_results: "{{ query(controller_api_plugin, differential_item.name, query_params=({'organization': controller_organization_id.id}) if differential_item.name + is not match('hosts') else {}, host=aap_hostname, username=aap_username, password=aap_password, verify_ssl=false) }}" -- name: "Find the difference between what is on the Controller versus curated list of {{ differential_item.name }}" +- name: differential | Find the difference between what is on the Controller versus curated list of {{ differential_item.name }} ansible.builtin.set_fact: - set_absent_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) | flatten }}" + set_absent_diff: "{{ query('controller_object_diff', api_list=controller_api_results, compare_list=differential_item.differential_test_items, with_present=differential_item.with_present) + | flatten }}" -- name: Display set_absent_diff +- name: differential | Display set_absent_diff ansible.builtin.debug: var: set_absent_diff -- name: Display differential_item.expected_test_result +- name: differential | Display differential_item.expected_test_result ansible.builtin.debug: var: differential_item.expected_test_result -- name: "Assert that the expected results match for {{ differential_item.name }}" +- name: differential | Assert that the expected results match for {{ differential_item.name }} ansible.builtin.assert: that: - set_absent_diff == differential_item.expected_test_result -- name: Run differential applications +- name: differential | Run differential applications ansible.builtin.include_role: name: applications vars: controller_applications: "{{ set_absent_diff }}" - when: differential_item.name == 'applications' + when: differential_item.name == 'applications' -- name: Run differential credentials +- name: differential | Run differential credentials ansible.builtin.include_role: name: credentials vars: controller_credentials: "{{ set_absent_diff }}" - when: differential_item.name == 'credentials' + when: differential_item.name == 'credentials' -- name: Run differential projects +- name: differential | Run differential projects ansible.builtin.include_role: name: projects vars: controller_projects: "{{ set_absent_diff }}" - when: differential_item.name == 'projects' + when: differential_item.name == 'projects' -- name: Run differential inventories +- name: differential | Run differential inventories ansible.builtin.include_role: name: inventories vars: controller_inventories: "{{ set_absent_diff }}" - when: differential_item.name == 'inventories' + when: differential_item.name == 'inventories' -- name: Run differential inventory_sources +- name: differential | Run differential inventory_sources ansible.builtin.include_role: name: inventory_sources vars: controller_inventory_sources: "{{ set_absent_diff }}" - when: differential_item.name == 'inventory_sources' + when: differential_item.name == 'inventory_sources' -- name: Run differential labels +- name: differential | Run differential labels ansible.builtin.include_role: name: labels vars: controller_labels: "{{ set_absent_diff }}" - when: differential_item.name == 'labels' + when: differential_item.name == 'labels' -- name: Run differential teams +- name: differential | Run differential teams ansible.builtin.include_role: name: teams vars: controller_teams: "{{ set_absent_diff }}" - when: differential_item.name == 'teams' + when: differential_item.name == 'teams' -- name: Run differential notification_templates +- name: differential | Run differential notification_templates ansible.builtin.include_role: name: notification_templates vars: controller_notifications: "{{ set_absent_diff }}" - when: differential_item.name == 'notification_templates' + when: differential_item.name == 'notification_templates' -- name: Run differential job_templates +- name: differential | Run differential job_templates ansible.builtin.include_role: name: job_templates vars: controller_templates: "{{ set_absent_diff }}" - when: differential_item.name == 'job_templates' + when: differential_item.name == 'job_templates' -- name: Run differential workflow_job_templates +- name: differential | Run differential workflow_job_templates ansible.builtin.include_role: name: workflow_job_templates vars: controller_workflows: "{{ set_absent_diff }}" - when: differential_item.name == 'workflow_job_templates' + when: differential_item.name == 'workflow_job_templates' ... diff --git a/tests/templated_role_example/README.md b/tests/templated_role_example/README.md index 6678cfd11..ee5decb64 100644 --- a/tests/templated_role_example/README.md +++ b/tests/templated_role_example/README.md @@ -20,7 +20,7 @@ Currently: |:---|:---:|:---:|:---|:---| |`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |`aap_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| -|`aap_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| +|`aap_validate_certs`|`true`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| |`aap_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.|| |`aap_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| |`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|| @@ -30,13 +30,13 @@ Currently: The following Variables compliment each other. If Both variables are not set, secure logging defaults to false. -The role defaults to False as normally the add ******* task does not include sensitive information. +The role defaults to false as normally the add ******* task does not include sensitive information. controller_configuration_*******_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it. |Variable Name|Default Value|Required|Description| |:---:|:---:|:---:|:---:| -|`controller_configuration_*******_secure_logging`|`False`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.| -|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| +|`controller_configuration_*******_secure_logging`|`false`|no|Whether or not to include the sensitive ******* role tasks in the log. Set this value to `true` if you will be providing your sensitive values from elsewhere.| +|`controller_configuration_secure_logging`|`false`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| ### Asynchronous Retry Variables @@ -63,7 +63,7 @@ This also speeds up the overall role. |:---:|:---:|:---:|:---:|:---:| |`name`|""|yes|str|Name of Job Template| |`new_name`|""|str|no|Setting this option will change the existing name (looked up via the name field).| -|`description`|`False`|no|str|Description to use for the job template.| +|`description`|`false`|no|str|Description to use for the job template.| |`state`|`present`|no|str|Desired state of the resource.|