From e18a184f05416d0133cf44f468fc35af476d4ffc Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Thu, 31 Oct 2024 09:54:12 -0500 Subject: [PATCH 1/5] modified: README.md modified: group_vars/all/ah_groups.yml modified: group_vars/all/ah_users.yml modified: group_vars/all/applications.yml modified: group_vars/all/auth.yml modified: group_vars/all/credential_types.yml modified: group_vars/all/credentials.yml modified: group_vars/all/eda_credentials.yml modified: group_vars/all/eda_decision_environments.yml modified: group_vars/all/execution_environments.yml modified: group_vars/all/organizations.yml modified: group_vars/all/teams.yml modified: group_vars/all/users.yml modified: group_vars/dev/applications.yml modified: group_vars/dev/main.yml modified: group_vars/dev/organizations.yml modified: group_vars/dev/teams.yml modified: group_vars/dev/users.yml modified: group_vars/prod/applications.yml modified: group_vars/prod/main.yml modified: group_vars/prod/organizations.yml modified: group_vars/prod/teams.yml modified: group_vars/prod/users.yml modified: group_vars/test/applications.yml modified: group_vars/test/main.yml modified: group_vars/test/organizations.yml modified: group_vars/test/teams.yml modified: group_vars/test/users.yml modified: playbooks/controller_config.yml modified: playbooks/hub_config.yml modified: playbooks/install_configure.yml --- README.md | 2 +- group_vars/all/ah_groups.yml | 2 +- group_vars/all/ah_users.yml | 2 +- group_vars/all/applications.yml | 2 +- group_vars/all/auth.yml | 24 +++---------- group_vars/all/credential_types.yml | 16 ++++----- group_vars/all/credentials.yml | 38 ++++++++++---------- group_vars/all/eda_credentials.yml | 4 +-- group_vars/all/eda_decision_environments.yml | 2 +- group_vars/all/execution_environments.yml | 6 ++-- group_vars/all/organizations.yml | 2 +- group_vars/all/teams.yml | 2 +- group_vars/all/users.yml | 2 +- group_vars/dev/applications.yml | 2 +- group_vars/dev/main.yml | 8 ++--- group_vars/dev/organizations.yml | 2 +- group_vars/dev/teams.yml | 2 +- group_vars/dev/users.yml | 2 +- group_vars/prod/applications.yml | 2 +- group_vars/prod/main.yml | 8 ++--- group_vars/prod/organizations.yml | 2 +- group_vars/prod/teams.yml | 2 +- group_vars/prod/users.yml | 2 +- group_vars/test/applications.yml | 2 +- group_vars/test/main.yml | 8 ++--- group_vars/test/organizations.yml | 2 +- group_vars/test/teams.yml | 2 +- group_vars/test/users.yml | 2 +- playbooks/controller_config.yml | 6 ++-- playbooks/hub_config.yml | 4 +-- playbooks/install_configure.yml | 26 +++++++------- 31 files changed, 86 insertions(+), 102 deletions(-) diff --git a/README.md b/README.md index 1f6fcce..f2f1e9f 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The awx.awx or ansible.controller collections MUST be installed in order for thi hosts: localhost connection: local vars: - controller_validate_certs: false + aap_validate_certs: false collections: - awx.awx ``` diff --git a/group_vars/all/ah_groups.yml b/group_vars/all/ah_groups.yml index 7f6d33f..24c096d 100644 --- a/group_vars/all/ah_groups.yml +++ b/group_vars/all/ah_groups.yml @@ -2,7 +2,7 @@ # Role permissions using the 'perms' option is deprecated and will be removed # in galaxy_collection 3.0.0.Instead, set the group's roles in # groups_vars/all/ah_group_roles.yml -ah_groups: +aap_teams: - name: admin state: present ... diff --git a/group_vars/all/ah_users.yml b/group_vars/all/ah_users.yml index 5c7290d..1421226 100644 --- a/group_vars/all/ah_users.yml +++ b/group_vars/all/ah_users.yml @@ -1,6 +1,6 @@ --- ah_token_username: token_user -ah_users: +aap_user_accounts: - username: token_user # Currently not working # groups: diff --git a/group_vars/all/applications.yml b/group_vars/all/applications.yml index 716dbb3..21e2e8c 100644 --- a/group_vars/all/applications.yml +++ b/group_vars/all/applications.yml @@ -1,5 +1,5 @@ --- -controller_applications_all: +aap_applications_all: - name: config_as_code_api description: launch controller config job template organization: config_as_code diff --git a/group_vars/all/auth.yml b/group_vars/all/auth.yml index 6c8c3bf..49d986b 100644 --- a/group_vars/all/auth.yml +++ b/group_vars/all/auth.yml @@ -1,23 +1,7 @@ # User may add controller auth creds to this file and encrypt it using `ansible-vault` --- -controller_hostname: "{{ controller_host | default(groups['automationcontroller'][0]) }}:{{ controller_port | default(443) }}" -controller_username: "{{ controller_user | default('admin') }}" -controller_password: "{{ controller_pass }}" -controller_validate_certs: false - -ah_host: "{{ ah_hostname | default(groups['automationhub'][0]) }}:{{ ah_port | default(443) }}" -ah_username: "{{ ah_user | default('admin') }}" -ah_password: "{{ ah_pass }}" -ah_path_prefix: 'galaxy' # this is for private automation hub -ah_verify_ssl: false -ah_validate_certs: false - -ee_registry_username: "{{ ah_username }}" -ee_registry_password: "{{ ah_password }}" -ee_registry_dest: "{{ ah_host }}" - -eda_hostname: "{{ eda_host | default(groups['automationedacontroller'][0]) | default(groups['automationeda'][0]) }}:{{ eda_port | default(443) }}" -eda_username: "{{ eda_user | default('admin') }}" -eda_password: "{{ eda_pass }}" -eda_validate_certs: false +aap_hostname: "{{ aap_host | default(groups['automationcontroller'][0]) }}:{{ controller_port | default(443) }}" +aap_username: "{{ aap_user | default('admin') }}" +aap_password: "{{ aap_pass }}" +aap_validate_certs: false ... diff --git a/group_vars/all/credential_types.yml b/group_vars/all/credential_types.yml index 4c7aaf3..60f464e 100644 --- a/group_vars/all/credential_types.yml +++ b/group_vars/all/credential_types.yml @@ -26,17 +26,17 @@ controller_credential_types_all: - hostname injectors: env: - AH_PASSWORD: !unsafe "{{ password }}" - AH_USERNAME: !unsafe "{{ username }}" - AH_HOST: !unsafe "{{ hostname }}" + aap_password: !unsafe "{{ password }}" + aap_username: !unsafe "{{ username }}" + aap_hostname: !unsafe "{{ hostname }}" AH_API_TOKEN: !unsafe "{{ token }}" AH_VERIFY_SSL: !unsafe "{{ verify_ssl }}" extra_vars: - ah_password: !unsafe "{{ password }}" - ah_username: !unsafe "{{ username }}" - ah_host: !unsafe "{{ hostname }}" - ah_token: !unsafe "{{ token }}" - ah_validate_certs: !unsafe "{{ verify_ssl }}" + aap_password: !unsafe "{{ password }}" + aap_username: !unsafe "{{ username }}" + aap_hostname: !unsafe "{{ hostname }}" + aap_token: !unsafe "{{ token }}" + aap_validate_certs: !unsafe "{{ verify_ssl }}" - name: ssh_priv_file kind: cloud diff --git a/group_vars/all/credentials.yml b/group_vars/all/credentials.yml index fb101d8..6434a10 100644 --- a/group_vars/all/credentials.yml +++ b/group_vars/all/credentials.yml @@ -5,9 +5,9 @@ controller_credentials_all: organization: config_as_code description: aap admin account inputs: - host: "{{ controller_hostname }}" - username: "{{ controller_username }}" - password: "{{ controller_password }}" + host: "{{ aap_hostname }}" + username: "{{ aap_username }}" + password: "{{ aap_password }}" verify_ssl: false - name: ah_admin_user_pass @@ -15,9 +15,9 @@ controller_credentials_all: organization: config_as_code description: automation hub admin account inputs: - hostname: "{{ ah_host }}" - username: "{{ ah_username }}" - password: "{{ ah_password }}" + hostname: "{{ aap_hostname }}" + username: "{{ aap_username }}" + password: "{{ aap_password }}" verify_ssl: false - name: ah_token_user @@ -25,46 +25,46 @@ controller_credentials_all: organization: config_as_code description: automation hub api account inputs: - hostname: "{{ ah_host }}" + hostname: "{{ aap_hostname }}" username: "{{ ah_token_username }}" - token: "{{ ah_token }}" + token: "{{ aap_token }}" verify_ssl: false - name: ah_certified credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ ah_host }}/api/galaxy/content/rh-certified/ - token: "{{ ah_token }}" + url: https://{{ aap_hostname }}/api/galaxy/content/rh-certified/ + token: "{{ aap_token }}" - name: ah_published credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ ah_host }}/api/galaxy/content/published/ - token: "{{ ah_token }}" + url: https://{{ aap_hostname }}/api/galaxy/content/published/ + token: "{{ aap_token }}" - name: ah_validated credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ ah_host }}/api/galaxy/content/validated/ - token: "{{ ah_token }}" + url: https://{{ aap_hostname }}/api/galaxy/content/validated/ + token: "{{ aap_token }}" - name: ah_community credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ ah_host }}/api/galaxy/content/community/ - token: "{{ ah_token }}" + url: https://{{ aap_hostname }}/api/galaxy/content/community/ + token: "{{ aap_token }}" - name: cr_ah credential_type: Container Registry organization: config_as_code inputs: - host: "{{ ah_host }}" - username: "{{ ah_username }}" - password: "{{ ah_password }}" + host: "{{ aap_hostname }}" + username: "{{ aap_username }}" + password: "{{ aap_password }}" verify_ssl: false - name: root diff --git a/group_vars/all/eda_credentials.yml b/group_vars/all/eda_credentials.yml index 2e80b61..562f135 100644 --- a/group_vars/all/eda_credentials.yml +++ b/group_vars/all/eda_credentials.yml @@ -3,6 +3,6 @@ eda_credentials: - name: hub description: private automation hub credential_type: 'Container Registry' - username: "{{ ah_username }}" - secret: "{{ ah_password }}" + username: "{{ aap_username }}" + secret: "{{ aap_password }}" ... diff --git a/group_vars/all/eda_decision_environments.yml b/group_vars/all/eda_decision_environments.yml index 7190093..d23555b 100644 --- a/group_vars/all/eda_decision_environments.yml +++ b/group_vars/all/eda_decision_environments.yml @@ -2,6 +2,6 @@ eda_decision_environments: - name: minimal description: my default decision environment - image_url: "{{ ah_host }}/de-minimal-rhel8" + image_url: "{{ aap_hostname }}/de-minimal-rhel8" credential: hub ... diff --git a/group_vars/all/execution_environments.yml b/group_vars/all/execution_environments.yml index b3d7c55..3a7cbbd 100644 --- a/group_vars/all/execution_environments.yml +++ b/group_vars/all/execution_environments.yml @@ -1,17 +1,17 @@ --- controller_execution_environments_all: - name: supported - image: "{{ ah_host }}/ee-supported-rhel8" + image: "{{ aap_hostname }}/ee-supported-rhel8" pull: always credential: cr_ah - name: minimal - image: "{{ ah_host }}/ee-minimal-rhel8" + image: "{{ aap_hostname }}/ee-minimal-rhel8" pull: always credential: cr_ah - name: old_29_ee - image: "{{ ah_host }}/ee-29-rhel8" + image: "{{ aap_hostname }}/ee-29-rhel8" pull: always credential: cr_ah ... diff --git a/group_vars/all/organizations.yml b/group_vars/all/organizations.yml index c3dedb0..5509729 100644 --- a/group_vars/all/organizations.yml +++ b/group_vars/all/organizations.yml @@ -1,5 +1,5 @@ --- -controller_organizations_all: +aap_organizations_all: - name: config_as_code galaxy_credentials: - ah_published diff --git a/group_vars/all/teams.yml b/group_vars/all/teams.yml index f060aa9..227f583 100644 --- a/group_vars/all/teams.yml +++ b/group_vars/all/teams.yml @@ -1,5 +1,5 @@ --- -controller_teams_all: +aap_teams_all: - name: config_as_code_admin organization: config_as_code ... diff --git a/group_vars/all/users.yml b/group_vars/all/users.yml index 0e76bdd..16a2ae3 100644 --- a/group_vars/all/users.yml +++ b/group_vars/all/users.yml @@ -1,5 +1,5 @@ --- -controller_user_accounts_all: +aap_user_accounts_all: - user: api_user is_superuser: false password: "{{ controller_api_user_pass }}" diff --git a/group_vars/dev/applications.yml b/group_vars/dev/applications.yml index 48c78e4..874dc9d 100644 --- a/group_vars/dev/applications.yml +++ b/group_vars/dev/applications.yml @@ -1,3 +1,3 @@ --- -controller_applications_dev: [] +aap_applications_dev: [] ... diff --git a/group_vars/dev/main.yml b/group_vars/dev/main.yml index be17c09..43247bd 100644 --- a/group_vars/dev/main.yml +++ b/group_vars/dev/main.yml @@ -1,5 +1,5 @@ --- -controller_applications: "{{ controller_applications_all + controller_applications_dev }}" +aap_applications: "{{ aap_applications_all + aap_applications_dev }}" controller_credential_input_sources: "{{ controller_credential_input_sources_all + controller_credential_input_sources_dev }}" controller_credential_types: "{{ controller_credential_types_all + controller_credential_types_dev }}" controller_credentials: "{{ controller_credentials_all + controller_credentials_dev }}" @@ -12,13 +12,13 @@ controller_inventory_sources: "{{ controller_inventory_sources_all + controller_ controller_templates: "{{ controller_templates_all + controller_templates_dev }}" controller_labels: "{{ controller_labels_all + controller_labels_dev }}" controller_notifications: "{{ controller_notifications_all + controller_notifications_dev }}" -controller_organizations: "{{ controller_organizations_all + controller_organizations_dev }}" +aap_organizations: "{{ aap_organizations_all + aap_organizations_dev }}" controller_projects: "{{ controller_projects_all + controller_projects_dev }}" controller_roles: "{{ controller_roles_all + controller_roles_dev }}" controller_schedules: "{{ controller_schedules_all + controller_schedules_dev }}" controller_settings: "{{ controller_settings_all | combine(controller_settings_dev, list_merge='append', recursive=true) }}" -controller_teams: "{{ controller_teams_all + controller_teams_dev }}" -controller_user_accounts: "{{ controller_user_accounts_all + controller_user_accounts_dev }}" +aap_teams: "{{ aap_teams_all + aap_teams_dev }}" +aap_user_accounts: "{{ aap_user_accounts_all + aap_user_accounts_dev }}" controller_workflows: "{{ controller_workflows_all + controller_workflows_dev }}" env: dev scm_branch: "" # when you want it to be default branch just set to "" diff --git a/group_vars/dev/organizations.yml b/group_vars/dev/organizations.yml index 0bce7e1..2b48657 100644 --- a/group_vars/dev/organizations.yml +++ b/group_vars/dev/organizations.yml @@ -1,3 +1,3 @@ --- -controller_organizations_dev: [] +aap_organizations_dev: [] ... diff --git a/group_vars/dev/teams.yml b/group_vars/dev/teams.yml index 20e2327..63ef3e6 100644 --- a/group_vars/dev/teams.yml +++ b/group_vars/dev/teams.yml @@ -1,3 +1,3 @@ --- -controller_teams_dev: [] +aap_teams_dev: [] ... diff --git a/group_vars/dev/users.yml b/group_vars/dev/users.yml index 6d55238..40cf025 100644 --- a/group_vars/dev/users.yml +++ b/group_vars/dev/users.yml @@ -1,3 +1,3 @@ --- -controller_user_accounts_dev: [] +aap_user_accounts_dev: [] ... diff --git a/group_vars/prod/applications.yml b/group_vars/prod/applications.yml index ca670f1..b8b4835 100644 --- a/group_vars/prod/applications.yml +++ b/group_vars/prod/applications.yml @@ -1,3 +1,3 @@ --- -controller_applications_prod: [] +aap_applications_prod: [] ... diff --git a/group_vars/prod/main.yml b/group_vars/prod/main.yml index a95e139..b5a4ab5 100644 --- a/group_vars/prod/main.yml +++ b/group_vars/prod/main.yml @@ -1,5 +1,5 @@ --- -controller_applications: "{{ controller_applications_all + controller_applications_prod }}" +aap_applications: "{{ aap_applications_all + aap_applications_prod }}" controller_credential_input_sources: "{{ controller_credential_input_sources_all + controller_credential_input_sources_prod }}" controller_credential_types: "{{ controller_credential_types_all + controller_credential_types_prod }}" controller_credentials: "{{ controller_credentials_all + controller_credentials_prod }}" @@ -12,13 +12,13 @@ controller_inventory_sources: "{{ controller_inventory_sources_all + controller_ controller_templates: "{{ controller_templates_all + controller_templates_prod }}" controller_labels: "{{ controller_labels_all + controller_labels_prod }}" controller_notifications: "{{ controller_notifications_all + controller_notifications_prod }}" -controller_organizations: "{{ controller_organizations_all + controller_organizations_prod }}" +aap_organizations: "{{ aap_organizations_all + aap_organizations_prod }}" controller_projects: "{{ controller_projects_all + controller_projects_prod }}" controller_roles: "{{ controller_roles_all + controller_roles_prod }}" controller_schedules: "{{ controller_schedules_all + controller_schedules_prod }}" controller_settings: "{{ controller_settings_all | combine(controller_settings_prod, list_merge='append', recursive=true) }}" -controller_teams: "{{ controller_teams_all + controller_teams_prod }}" -controller_user_accounts: "{{ controller_user_accounts_all + controller_user_accounts_prod }}" +aap_teams: "{{ aap_teams_all + aap_teams_prod }}" +aap_user_accounts: "{{ aap_user_accounts_all + aap_user_accounts_prod }}" controller_workflows: "{{ controller_workflows_all + controller_workflows_prod }}" env: prod scm_branch: "" # when you want it to be default branch just set to "" diff --git a/group_vars/prod/organizations.yml b/group_vars/prod/organizations.yml index ad51eec..fb63334 100644 --- a/group_vars/prod/organizations.yml +++ b/group_vars/prod/organizations.yml @@ -1,3 +1,3 @@ --- -controller_organizations_prod: [] +aap_organizations_prod: [] ... diff --git a/group_vars/prod/teams.yml b/group_vars/prod/teams.yml index 771e69a..839d713 100644 --- a/group_vars/prod/teams.yml +++ b/group_vars/prod/teams.yml @@ -1,3 +1,3 @@ --- -controller_teams_prod: [] +aap_teams_prod: [] ... diff --git a/group_vars/prod/users.yml b/group_vars/prod/users.yml index a2dacee..7b5e327 100644 --- a/group_vars/prod/users.yml +++ b/group_vars/prod/users.yml @@ -1,3 +1,3 @@ --- -controller_user_accounts_prod: [] +aap_user_accounts_prod: [] ... diff --git a/group_vars/test/applications.yml b/group_vars/test/applications.yml index 8a3efc0..1d28503 100644 --- a/group_vars/test/applications.yml +++ b/group_vars/test/applications.yml @@ -1,3 +1,3 @@ --- -controller_applications_test: [] +aap_applications_test: [] ... diff --git a/group_vars/test/main.yml b/group_vars/test/main.yml index 808c39a..1f49ad1 100644 --- a/group_vars/test/main.yml +++ b/group_vars/test/main.yml @@ -1,5 +1,5 @@ --- -controller_applications: "{{ controller_applications_all + controller_applications_test }}" +aap_applications: "{{ aap_applications_all + aap_applications_test }}" controller_credential_input_sources: "{{ controller_credential_input_sources_all + controller_credential_input_sources_test }}" controller_credential_types: "{{ controller_credential_types_all + controller_credential_types_test }}" controller_credentials: "{{ controller_credentials_all + controller_credentials_test }}" @@ -12,13 +12,13 @@ controller_inventory_sources: "{{ controller_inventory_sources_all + controller_ controller_templates: "{{ controller_templates_all + controller_templates_test }}" controller_labels: "{{ controller_labels_all + controller_labels_test }}" controller_notifications: "{{ controller_notifications_all + controller_notifications_test }}" -controller_organizations: "{{ controller_organizations_all + controller_organizations_test }}" +aap_organizations: "{{ aap_organizations_all + aap_organizations_test }}" controller_projects: "{{ controller_projects_all + controller_projects_test }}" controller_roles: "{{ controller_roles_all + controller_roles_test }}" controller_schedules: "{{ controller_schedules_all + controller_schedules_test }}" controller_settings: "{{ controller_settings_all | combine(controller_settings_test, list_merge='append', recursive=true) }}" -controller_teams: "{{ controller_teams_all + controller_teams_test }}" -controller_user_accounts: "{{ controller_user_accounts_all + controller_user_accounts_test }}" +aap_teams: "{{ aap_teams_all + aap_teams_test }}" +aap_user_accounts: "{{ aap_user_accounts_all + aap_user_accounts_test }}" controller_workflows: "{{ controller_workflows_all + controller_workflows_test }}" env: test scm_branch: "" # when you want it to be default branch just set to "" diff --git a/group_vars/test/organizations.yml b/group_vars/test/organizations.yml index 3a325ac..0bd0340 100644 --- a/group_vars/test/organizations.yml +++ b/group_vars/test/organizations.yml @@ -1,3 +1,3 @@ --- -controller_organizations_test: [] +aap_organizations_test: [] ... diff --git a/group_vars/test/teams.yml b/group_vars/test/teams.yml index 093d08f..2b4e221 100644 --- a/group_vars/test/teams.yml +++ b/group_vars/test/teams.yml @@ -1,3 +1,3 @@ --- -controller_teams_test: [] +aap_teams_test: [] ... diff --git a/group_vars/test/users.yml b/group_vars/test/users.yml index 9895b8e..56addcf 100644 --- a/group_vars/test/users.yml +++ b/group_vars/test/users.yml @@ -1,3 +1,3 @@ --- -controller_user_accounts_test: [] +aap_user_accounts_test: [] ... diff --git a/playbooks/controller_config.yml b/playbooks/controller_config.yml index 18b34eb..098faf5 100644 --- a/playbooks/controller_config.yml +++ b/playbooks/controller_config.yml @@ -12,9 +12,9 @@ block: - name: Authenticate and get an API token from Automation Hub infra.ah_configuration.ah_token: - ah_host: "{{ ah_host | default(groups['automationhub'][0]) }}" - ah_username: "{{ ah_token_username | default('admin') }}" - ah_password: "{{ ah_token_password }}" + aap_hostname: "{{ aap_hostname | default(groups['automationhub'][0]) }}" + aap_username: "{{ ah_token_username | default('admin') }}" + aap_password: "{{ ah_token_password }}" ah_path_prefix: galaxy # this is for private automation hub validate_certs: false register: r_ah_token diff --git a/playbooks/hub_config.yml b/playbooks/hub_config.yml index cca67db..8f3170d 100644 --- a/playbooks/hub_config.yml +++ b/playbooks/hub_config.yml @@ -67,7 +67,7 @@ - name: Include group role ansible.builtin.include_role: name: infra.ah_configuration.group - when: ah_groups | length is not match('0') + when: aap_teams | length is not match('0') - name: Include group_roles role ansible.builtin.include_role: @@ -77,5 +77,5 @@ - name: Include user role ansible.builtin.include_role: name: infra.ah_configuration.user - when: ah_users | length is not match('0') + when: aap_user_accounts | length is not match('0') ... diff --git a/playbooks/install_configure.yml b/playbooks/install_configure.yml index 4e0fec7..11466af 100644 --- a/playbooks/install_configure.yml +++ b/playbooks/install_configure.yml @@ -41,18 +41,18 @@ filters: product_name: Red Hat Ansible Automation Platform support_level: Self-Support - controller_host: "{{ controller_hostname }}" - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" + controller_host: "{{ aap_hostname }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" validate_certs: false register: subscription - name: Attach to a pool awx.awx.license: pool_id: "{{ subscription.subscriptions[0].pool_id }}" - controller_host: "{{ controller_hostname }}" - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" + controller_host: "{{ aap_hostname }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" validate_certs: false - name: Figuring out AH token @@ -60,9 +60,9 @@ block: - name: Authenticate and get an API token from Automation Hub infra.ah_configuration.ah_token: - ah_host: "{{ ah_host | default(groups['automationhub'][0]) }}" - ah_username: "{{ ah_token_username | default('admin') }}" - ah_password: "{{ ah_token_password }}" + aap_hostname: "{{ aap_hostname | default(groups['automationhub'][0]) }}" + aap_username: "{{ ah_token_username | default('admin') }}" + aap_password: "{{ ah_token_password }}" ah_path_prefix: galaxy # this is for private automation hub validate_certs: false register: r_ah_token @@ -79,9 +79,9 @@ - name: Launch build execution environment job template awx.awx.job_launch: name: build_execution_environments - controller_host: "{{ controller_hostname }}" - controller_username: "{{ controller_username }}" - controller_password: "{{ controller_password }}" - validate_certs: "{{ controller_validate_certs }}" + controller_host: "{{ aap_hostname }}" + aap_username: "{{ aap_username }}" + aap_password: "{{ aap_password }}" + validate_certs: "{{ aap_validate_certs }}" ... From 4b228ef023dd1ec6fa6b207588e1133840623c45 Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Mon, 11 Nov 2024 15:27:11 -0600 Subject: [PATCH 2/5] deleted: group_vars/all/ah_ee_main.yml deleted: group_vars/all/ah_ee_namespaces.yml deleted: group_vars/all/ah_users.yml renamed: group_vars/all/ah_ee_list.yml -> group_vars/all/ee_list.yml renamed: group_vars/all/ah_collection_namespaces.yml -> group_vars/all/hub_collection_namespaces.yml renamed: group_vars/all/ah_collection_publish.yml -> group_vars/all/hub_collection_publish.yml renamed: group_vars/all/ah_ee_images.yml -> group_vars/all/hub_ee_images.yml renamed: group_vars/all/ah_ee_registries.yml -> group_vars/all/hub_ee_registries.yml renamed: group_vars/all/ah_ee_repositories.yml -> group_vars/all/hub_ee_repositories.yml renamed: group_vars/all/ah_group_roles.yml -> group_vars/all/hub_group_roles.yml renamed: group_vars/all/ah_groups.yml -> group_vars/all/hub_groups.yml renamed: group_vars/all/ah_repositories.yml -> group_vars/all/hub_repositories.yml modified: group_vars/all/users.yml modified: playbooks/hub_config.yml --- group_vars/all/ah_ee_main.yml | 11 ----------- group_vars/all/ah_ee_namespaces.yml | 9 --------- group_vars/all/ah_users.yml | 12 ------------ group_vars/all/{ah_ee_list.yml => ee_list.yml} | 10 ++++++++++ ...amespaces.yml => hub_collection_namespaces.yml} | 2 +- ...tion_publish.yml => hub_collection_publish.yml} | 2 +- .../all/{ah_ee_images.yml => hub_ee_images.yml} | 2 +- ...{ah_ee_registries.yml => hub_ee_registries.yml} | 2 +- ...ee_repositories.yml => hub_ee_repositories.yml} | 2 +- .../{ah_group_roles.yml => hub_group_roles.yml} | 2 +- group_vars/all/{ah_groups.yml => hub_groups.yml} | 2 +- .../{ah_repositories.yml => hub_repositories.yml} | 4 ++-- group_vars/all/users.yml | 11 ++++++++++- playbooks/hub_config.yml | 14 +++++++------- 14 files changed, 36 insertions(+), 49 deletions(-) delete mode 100644 group_vars/all/ah_ee_main.yml delete mode 100644 group_vars/all/ah_ee_namespaces.yml delete mode 100644 group_vars/all/ah_users.yml rename group_vars/all/{ah_ee_list.yml => ee_list.yml} (57%) rename group_vars/all/{ah_collection_namespaces.yml => hub_collection_namespaces.yml} (96%) rename group_vars/all/{ah_collection_publish.yml => hub_collection_publish.yml} (92%) rename group_vars/all/{ah_ee_images.yml => hub_ee_images.yml} (92%) rename group_vars/all/{ah_ee_registries.yml => hub_ee_registries.yml} (96%) rename group_vars/all/{ah_ee_repositories.yml => hub_ee_repositories.yml} (96%) rename group_vars/all/{ah_group_roles.yml => hub_group_roles.yml} (94%) rename group_vars/all/{ah_groups.yml => hub_groups.yml} (83%) rename group_vars/all/{ah_repositories.yml => hub_repositories.yml} (94%) diff --git a/group_vars/all/ah_ee_main.yml b/group_vars/all/ah_ee_main.yml deleted file mode 100644 index 3c57ae2..0000000 --- a/group_vars/all/ah_ee_main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# ee_base_image: registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8 -# ee_builder_image: registry.redhat.io/ansible-automation-platform-22/ansible-builder-rhel8 -ee_image_push: true -ee_validate_certs: false -ee_create_ansible_config: false -# ee_auth_file: -# ee_executable: -# ee_ca_cert_dir: -# ee_sign_by: -... diff --git a/group_vars/all/ah_ee_namespaces.yml b/group_vars/all/ah_ee_namespaces.yml deleted file mode 100644 index 410d3e6..0000000 --- a/group_vars/all/ah_ee_namespaces.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ah_ee_namespaces: [] -# - name: -# append: -# groups: -# - -# - -# state: "{{ target_state }}" -... diff --git a/group_vars/all/ah_users.yml b/group_vars/all/ah_users.yml deleted file mode 100644 index 1421226..0000000 --- a/group_vars/all/ah_users.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -ah_token_username: token_user -aap_user_accounts: - - username: token_user - # Currently not working - # groups: - # - "admin" - append: true - is_superuser: true - password: "{{ ah_token_password }}" - state: present -... diff --git a/group_vars/all/ah_ee_list.yml b/group_vars/all/ee_list.yml similarity index 57% rename from group_vars/all/ah_ee_list.yml rename to group_vars/all/ee_list.yml index d8c6ba1..2a2119b 100644 --- a/group_vars/all/ah_ee_list.yml +++ b/group_vars/all/ee_list.yml @@ -1,4 +1,14 @@ --- +# ee_base_image: registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8 +# ee_builder_image: registry.redhat.io/ansible-automation-platform-22/ansible-builder-rhel8 +ee_image_push: true +ee_validate_certs: false +ee_create_ansible_config: false +# ee_auth_file: +# ee_executable: +# ee_ca_cert_dir: +# ee_sign_by: + ee_list: - name: config_as_code_ee dependencies: diff --git a/group_vars/all/ah_collection_namespaces.yml b/group_vars/all/hub_collection_namespaces.yml similarity index 96% rename from group_vars/all/ah_collection_namespaces.yml rename to group_vars/all/hub_collection_namespaces.yml index b84e646..2f82e96 100644 --- a/group_vars/all/ah_collection_namespaces.yml +++ b/group_vars/all/hub_collection_namespaces.yml @@ -1,5 +1,5 @@ --- -ah_namespaces: +hub_namespaces: - name: community_test company: Ansible by Red Hat email: ddaniels@redhat.com diff --git a/group_vars/all/ah_collection_publish.yml b/group_vars/all/hub_collection_publish.yml similarity index 92% rename from group_vars/all/ah_collection_publish.yml rename to group_vars/all/hub_collection_publish.yml index 8255e30..47eff9a 100644 --- a/group_vars/all/ah_collection_publish.yml +++ b/group_vars/all/hub_collection_publish.yml @@ -1,6 +1,6 @@ --- ah_auto_approve: true -ah_collections: +hub_collections: - collection_name: test git_url: https://github.com/sean-m-sullivan/collection_test.git # key_path: "{{ lookup('env', 'MY_CERT_FILE') }}" diff --git a/group_vars/all/ah_ee_images.yml b/group_vars/all/hub_ee_images.yml similarity index 92% rename from group_vars/all/ah_ee_images.yml rename to group_vars/all/hub_ee_images.yml index 6d43304..41ddc1a 100644 --- a/group_vars/all/ah_ee_images.yml +++ b/group_vars/all/hub_ee_images.yml @@ -1,7 +1,7 @@ --- # Documentation: # https://github.com/ansible/galaxy_collection/blob/devel/roles/ee_image/README.md -ah_ee_images: [] +hub_ee_images: [] # - name: # state: "{{ target_state }}" # append: false diff --git a/group_vars/all/ah_ee_registries.yml b/group_vars/all/hub_ee_registries.yml similarity index 96% rename from group_vars/all/ah_ee_registries.yml rename to group_vars/all/hub_ee_registries.yml index 7053ca2..c4b17d8 100644 --- a/group_vars/all/ah_ee_registries.yml +++ b/group_vars/all/hub_ee_registries.yml @@ -3,7 +3,7 @@ # - https://github.com/ansible/galaxy_collection/blob/devel/roles/ee_registry/README.md # - https://github.com/ansible/galaxy_collection/blob/devel/roles/ee_registry_index/README.md # - https://github.com/ansible/galaxy_collection/blob/devel/roles/ee_registry_sync/README.md -ah_ee_registries: [] +hub_ee_registries: [] # - name: registry_redhat_io # url: https://registry.redhat.io # username: "{{ rh_username }}" diff --git a/group_vars/all/ah_ee_repositories.yml b/group_vars/all/hub_ee_repositories.yml similarity index 96% rename from group_vars/all/ah_ee_repositories.yml rename to group_vars/all/hub_ee_repositories.yml index be18cad..18d6257 100644 --- a/group_vars/all/ah_ee_repositories.yml +++ b/group_vars/all/hub_ee_repositories.yml @@ -1,7 +1,7 @@ --- # Documentation: # https://github.com/ansible/galaxy_collection/tree/devel/roles/ee_repository -ah_ee_repositories: [] +hub_ee_repositories: [] # - name: ansible-automation-platform/ee-minimal-rhel8 # readme: "" # mutex with readme_file # readme_file: "" # mutex with readme diff --git a/group_vars/all/ah_group_roles.yml b/group_vars/all/hub_group_roles.yml similarity index 94% rename from group_vars/all/ah_group_roles.yml rename to group_vars/all/hub_group_roles.yml index da9d9ca..8df4b06 100644 --- a/group_vars/all/ah_group_roles.yml +++ b/group_vars/all/hub_group_roles.yml @@ -1,6 +1,6 @@ --- # Documentation: https://github.com/ansible/galaxy_collection/blob/devel/roles/group_roles/README.md -ah_group_roles: [] +hub_group_roles: [] # - state: present # groups: # - foo diff --git a/group_vars/all/ah_groups.yml b/group_vars/all/hub_groups.yml similarity index 83% rename from group_vars/all/ah_groups.yml rename to group_vars/all/hub_groups.yml index 24c096d..64ee467 100644 --- a/group_vars/all/ah_groups.yml +++ b/group_vars/all/hub_groups.yml @@ -1,7 +1,7 @@ --- # Role permissions using the 'perms' option is deprecated and will be removed # in galaxy_collection 3.0.0.Instead, set the group's roles in -# groups_vars/all/ah_group_roles.yml +# groups_vars/all/hub_group_roles.yml aap_teams: - name: admin state: present diff --git a/group_vars/all/ah_repositories.yml b/group_vars/all/hub_repositories.yml similarity index 94% rename from group_vars/all/ah_repositories.yml rename to group_vars/all/hub_repositories.yml index ce48a68..f8adf67 100644 --- a/group_vars/all/ah_repositories.yml +++ b/group_vars/all/hub_repositories.yml @@ -1,5 +1,5 @@ --- -ah_collection_remotes: +hub_collection_remotes: - name: rh-certified token: "{{ cloud_token }}" url: https://console.redhat.com/api/automation-hub/content/published/ @@ -23,7 +23,7 @@ ah_collection_remotes: - community.crypto - cloud.terraform -ah_collection_repositories: +hub_collection_repositories: - name: rh-certified remote: rh-certified - name: validated diff --git a/group_vars/all/users.yml b/group_vars/all/users.yml index 16a2ae3..edaef0e 100644 --- a/group_vars/all/users.yml +++ b/group_vars/all/users.yml @@ -1,6 +1,15 @@ --- +ah_token_username: token_user aap_user_accounts_all: - - user: api_user + - username: api_user is_superuser: false password: "{{ controller_api_user_pass }}" + - username: token_user + # Currently not working + # groups: + # - "admin" + append: true + is_superuser: true + password: "{{ ah_token_password }}" + state: present ... diff --git a/playbooks/hub_config.yml b/playbooks/hub_config.yml index 8f3170d..18c8bae 100644 --- a/playbooks/hub_config.yml +++ b/playbooks/hub_config.yml @@ -37,32 +37,32 @@ - name: Include ee_registry role ansible.builtin.include_role: name: infra.ah_configuration.ee_registry - when: ah_ee_registries | length is not match('0') + when: hub_ee_registries | length is not match('0') - name: Include ee_registry_index role ansible.builtin.include_role: name: infra.ah_configuration.ee_registry_index - when: ah_ee_registries | length is not match('0') + when: hub_ee_registries | length is not match('0') - name: Include ee_registry_sync role ansible.builtin.include_role: name: infra.ah_configuration.ee_registry_sync - when: ah_ee_registries | length is not match('0') + when: hub_ee_registries | length is not match('0') - name: Include ee_repository role ansible.builtin.include_role: name: infra.ah_configuration.ee_repository - when: ah_ee_repositories | length is not match('0') + when: hub_ee_repositories | length is not match('0') - name: Include ee_repository_sync role ansible.builtin.include_role: name: infra.ah_configuration.ee_repository_sync - when: ah_ee_repositories | length is not match('0') + when: hub_ee_repositories | length is not match('0') - name: Include ee_image role ansible.builtin.include_role: name: infra.ah_configuration.ee_image - when: ah_ee_images | length is not match('0') + when: hub_ee_images | length is not match('0') - name: Include group role ansible.builtin.include_role: @@ -72,7 +72,7 @@ - name: Include group_roles role ansible.builtin.include_role: name: infra.ah_configuration.group_roles - when: ah_group_roles | length is not match('0') + when: hub_group_roles | length is not match('0') - name: Include user role ansible.builtin.include_role: From 9e2c9f22e8f237f096f5318a0e7d3e9af6465d89 Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Mon, 11 Nov 2024 15:29:18 -0600 Subject: [PATCH 3/5] modified: group_vars/all/credentials.yml --- group_vars/all/credentials.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/group_vars/all/credentials.yml b/group_vars/all/credentials.yml index 6434a10..00c2ba0 100644 --- a/group_vars/all/credentials.yml +++ b/group_vars/all/credentials.yml @@ -34,28 +34,28 @@ controller_credentials_all: credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ aap_hostname }}/api/galaxy/content/rh-certified/ + url: https://{{ aap_hostname }}/pulp_ansible/galaxy/rh-certified/ token: "{{ aap_token }}" - name: ah_published credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ aap_hostname }}/api/galaxy/content/published/ + url: https://{{ aap_hostname }}/pulp_ansible/galaxy/published/ token: "{{ aap_token }}" - name: ah_validated credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ aap_hostname }}/api/galaxy/content/validated/ + url: https://{{ aap_hostname }}/pulp_ansible/galaxy/validated/ token: "{{ aap_token }}" - name: ah_community credential_type: Ansible Galaxy/Automation Hub API Token organization: config_as_code inputs: - url: https://{{ aap_hostname }}/api/galaxy/content/community/ + url: https://{{ aap_hostname }}/pulp_ansible/galaxy/community/ token: "{{ aap_token }}" - name: cr_ah From a7d0574e7dcf249432ad1382589d4ad236f857cc Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Mon, 11 Nov 2024 15:32:56 -0600 Subject: [PATCH 4/5] deleted: group_vars/all/hub_groups.yml modified: group_vars/all/teams.yml --- group_vars/all/hub_groups.yml | 8 -------- group_vars/all/teams.yml | 2 ++ 2 files changed, 2 insertions(+), 8 deletions(-) delete mode 100644 group_vars/all/hub_groups.yml diff --git a/group_vars/all/hub_groups.yml b/group_vars/all/hub_groups.yml deleted file mode 100644 index 64ee467..0000000 --- a/group_vars/all/hub_groups.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# Role permissions using the 'perms' option is deprecated and will be removed -# in galaxy_collection 3.0.0.Instead, set the group's roles in -# groups_vars/all/hub_group_roles.yml -aap_teams: - - name: admin - state: present -... diff --git a/group_vars/all/teams.yml b/group_vars/all/teams.yml index 227f583..3b49492 100644 --- a/group_vars/all/teams.yml +++ b/group_vars/all/teams.yml @@ -2,4 +2,6 @@ aap_teams_all: - name: config_as_code_admin organization: config_as_code + - name: admin + state: present ... From 2a57c0d251fb33ef8d794b954d5cc9a90fa56d70 Mon Sep 17 00:00:00 2001 From: David Danielsson Date: Mon, 11 Nov 2024 15:44:22 -0600 Subject: [PATCH 5/5] renamed: playbooks/controller_config.yml -> playbooks/aap_config.yml modified: playbooks/custom_collection.yml deleted: playbooks/eda_config.yml deleted: playbooks/hub_config.yml modified: playbooks/install_configure.yml modified: playbooks/sync_collections.yml --- .../{controller_config.yml => aap_config.yml} | 2 +- playbooks/custom_collection.yml | 4 +- playbooks/eda_config.yml | 12 --- playbooks/hub_config.yml | 81 ------------------- playbooks/install_configure.yml | 13 +-- playbooks/sync_collections.yml | 2 +- 6 files changed, 5 insertions(+), 109 deletions(-) rename playbooks/{controller_config.yml => aap_config.yml} (95%) delete mode 100644 playbooks/eda_config.yml delete mode 100644 playbooks/hub_config.yml diff --git a/playbooks/controller_config.yml b/playbooks/aap_config.yml similarity index 95% rename from playbooks/controller_config.yml rename to playbooks/aap_config.yml index 098faf5..d4ea398 100644 --- a/playbooks/controller_config.yml +++ b/playbooks/aap_config.yml @@ -26,5 +26,5 @@ - name: Call dispatch role ansible.builtin.include_role: - name: infra.controller_configuration.dispatch + name: infra.aap_configuration.dispatch ... diff --git a/playbooks/custom_collection.yml b/playbooks/custom_collection.yml index 6f4c52d..217cbcf 100644 --- a/playbooks/custom_collection.yml +++ b/playbooks/custom_collection.yml @@ -8,9 +8,9 @@ tasks: - name: Include namespace role ansible.builtin.include_role: - name: infra.ah_configuration.namespace + name: infra.aap_configuration.hub_namespace - name: Include publish role ansible.builtin.include_role: - name: infra.ah_configuration.publish + name: infra.aap_configuration.hub_publish ... diff --git a/playbooks/eda_config.yml b/playbooks/eda_config.yml deleted file mode 100644 index bd35602..0000000 --- a/playbooks/eda_config.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Playbook to configure event driven ansible controller post installation - hosts: all - vars_files: - - "../vaults/{{ env }}.yml" - connection: local - tasks: - - name: Call dispatch role - ansible.builtin.include_role: - name: infra.eda_configuration.dispatch - -... diff --git a/playbooks/hub_config.yml b/playbooks/hub_config.yml deleted file mode 100644 index 18c8bae..0000000 --- a/playbooks/hub_config.yml +++ /dev/null @@ -1,81 +0,0 @@ ---- -- name: Configure private automation hub after installation - hosts: all - gather_facts: false - connection: local - vars_files: - - ../vaults/{{ env }}.yml - tasks: - # Pending a bug fix - # - name: Include dispatch role - # ansible.builtin.include_role: - # name: infra.ah_configuration.dispatch - - - name: Include collection_remote role - ansible.builtin.include_role: - name: infra.ah_configuration.collection_remote - - - name: Include collection_repository role - ansible.builtin.include_role: - name: infra.ah_configuration.collection_repository - - - name: Include collection_repository_sync role - ansible.builtin.include_role: - name: infra.ah_configuration.collection_repository_sync - - - name: Publish custom collections - when: publish | default(false) - block: - - name: Include namespace role - ansible.builtin.include_role: - name: infra.ah_configuration.namespace - - - name: Include publish role - ansible.builtin.include_role: - name: infra.ah_configuration.publish - - - name: Include ee_registry role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_registry - when: hub_ee_registries | length is not match('0') - - - name: Include ee_registry_index role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_registry_index - when: hub_ee_registries | length is not match('0') - - - name: Include ee_registry_sync role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_registry_sync - when: hub_ee_registries | length is not match('0') - - - name: Include ee_repository role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_repository - when: hub_ee_repositories | length is not match('0') - - - name: Include ee_repository_sync role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_repository_sync - when: hub_ee_repositories | length is not match('0') - - - name: Include ee_image role - ansible.builtin.include_role: - name: infra.ah_configuration.ee_image - when: hub_ee_images | length is not match('0') - - - name: Include group role - ansible.builtin.include_role: - name: infra.ah_configuration.group - when: aap_teams | length is not match('0') - - - name: Include group_roles role - ansible.builtin.include_role: - name: infra.ah_configuration.group_roles - when: hub_group_roles | length is not match('0') - - - name: Include user role - ansible.builtin.include_role: - name: infra.ah_configuration.user - when: aap_user_accounts | length is not match('0') -... diff --git a/playbooks/install_configure.yml b/playbooks/install_configure.yml index 11466af..ab251ee 100644 --- a/playbooks/install_configure.yml +++ b/playbooks/install_configure.yml @@ -17,17 +17,6 @@ ansible.builtin.include_role: name: infra.aap_utilities.aap_setup_install -- name: Configure private automation hub after installation - hosts: "{{ env | default('dev') }}" # noqa: syntax-check - gather_facts: false - connection: local - vars_files: - - "../vaults/{{ env }}.yml" - tasks: - - name: Call dispatch role - ansible.builtin.include_role: - name: infra.ah_configuration.dispatch - - name: Configure ansible controller post installation hosts: "{{ env | default('dev') }}" # noqa: syntax-check vars_files: @@ -74,7 +63,7 @@ - name: Call dispatch role ansible.builtin.include_role: - name: infra.controller_configuration.dispatch + name: infra.aap_configuration.dispatch - name: Launch build execution environment job template awx.awx.job_launch: diff --git a/playbooks/sync_collections.yml b/playbooks/sync_collections.yml index 24a135b..98b828b 100644 --- a/playbooks/sync_collections.yml +++ b/playbooks/sync_collections.yml @@ -8,5 +8,5 @@ tasks: - name: Include collection_repository_sync role ansible.builtin.include_role: - name: infra.ah_configuration.collection_repository_sync + name: infra.aap_configuration.hub_collection_repository_sync ...