From bab927bdab1b0ecdbcfc8b0751d1daf153901db2 Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Tue, 4 Jun 2019 13:12:17 -0500 Subject: [PATCH 1/6] adds support for custom credentials --- tasks/config/organization/job_template.yml | 7 +++++++ templates/job-template-credential-association-cli.j2 | 11 +++++++++++ 2 files changed, 18 insertions(+) create mode 100644 templates/job-template-credential-association-cli.j2 diff --git a/tasks/config/organization/job_template.yml b/tasks/config/organization/job_template.yml index d822ec4..1d7cdaf 100644 --- a/tasks/config/organization/job_template.yml +++ b/tasks/config/organization/job_template.yml @@ -30,3 +30,10 @@ state: "{{ tower_config_organization_job_template.state | default(omit) }}" async: 15 poll: 1 + +- name: "config.organization.job_template.associate_credentials: [ {{ tower_config_organization_job_template.name }} ]" + command: "{{ lookup('template', 'job-template-credential-association-cli.j2') }}" + loop: "{{ tower_config_organization_job_template.associate_credentials | default ([]) }}" + loop_control: + loop_var: tower_config_organization_job_template_credential + label: "{{ tower_config_organization_job_template.name }}" diff --git a/templates/job-template-credential-association-cli.j2 b/templates/job-template-credential-association-cli.j2 new file mode 100644 index 0000000..625a54d --- /dev/null +++ b/templates/job-template-credential-association-cli.j2 @@ -0,0 +1,11 @@ +tower-cli +job_template +{% if tower_config_organization_job_template_credential.state|default('present') == 'present' %} +associate_credential +{% elif tower_config_organization_job_template_credential.state|default('present') == 'absent' %} +disassociate_credential +{% endif %} +{% if tower_config_organization_job_template.name is defined %} +--job-template {{ tower_config_organization_job_template.name | quote }} +{% endif %} +--credential {{ tower_config_organization_job_template_credential.name | quote }} From f1744faf6e5b505836db5f42295aa8960d656741 Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Tue, 4 Jun 2019 13:26:26 -0500 Subject: [PATCH 2/6] adds to readme --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 3eee2e8..d534cd7 100644 --- a/README.md +++ b/README.md @@ -172,6 +172,9 @@ tower_config: forks: 50 limit: "dev" credential: "network-nxos-ssh, network-nxos-net" + associated_credentials: + - name: empty-scm + state: present - name: "Dev: devops:helloworld" description: "Dev: devops:helloworld" project: "Dev: netops:ansible-tower-example" From 90b9416efaf226369e27fc16c8438d3c793b8f38 Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Tue, 4 Jun 2019 13:33:53 -0500 Subject: [PATCH 3/6] adds associated_credentials to test --- molecule/default/playbook.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index e5dbe00..557d0ce 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -158,6 +158,9 @@ limit: "dev" machine_credential: "network-nxos-ssh" network_credential: "network-nxos-net" + associated_credentials: + - name: "empty-scm" + state: present - name: "Dev: devops:helloworld" description: "Dev: devops:helloworld" project: "Dev: devops:ansible-tower-example" From feb955782e0901ee09a36e48af4ee4ca79ffefa6 Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Tue, 4 Jun 2019 14:59:59 -0500 Subject: [PATCH 4/6] This adds support for credentials types into the flow, and changes the file over to a native module that exists --- tasks/config/organization/credential_type.yml | 115 ++---------------- tasks/config/organization/main.yml | 8 ++ 2 files changed, 20 insertions(+), 103 deletions(-) diff --git a/tasks/config/organization/credential_type.yml b/tasks/config/organization/credential_type.yml index b12054e..30feb2b 100644 --- a/tasks/config/organization/credential_type.yml +++ b/tasks/config/organization/credential_type.yml @@ -1,105 +1,14 @@ --- -- name: "config.organization.credential_type: [ {{ tower_config_organization_credential_type.name }} ]" - vars: - url_host: "https://{{ tower_config.host }}" - url_api: "/api/v2/credential_types/" - user: "{{ tower_config.username }}" - password: "{{ tower_config.password }}" - validate_certs: "{{ tower_config.verify_ssl | default(omit) }}" - force_basic_auth: true - headers: - Content-Type: "application/json" - Accept: "application/json" - body: - name: "{{ tower_config_organization_credential_type.name | mandatory }}" - description: "{{ tower_config_organization_credential_type.name | default('') }}" - kind: "{{ tower_config_organization_credential_type.kind | default('cloud') }}" - inputs: "{{ tower_config_organization_credential_type.inputs | mandatory }}" - injectors: "{{ tower_config_organization_credential_type.injectors | mandatory }}" - body_format: "{{ tower_config.format }}" - - block: - - when: "tower_config_organization_credential_type.state|default('present') == 'present'" - block: - - vars: - a: "{{ url_host }}" - b: "{{ url_api }}" - c: "{{ tower_config_organization_credential_type.name }}" - d: "{{ tower_config_organization_credential_type.kind | default('cloud') }}" - uri: - method: GET - url: "{{ a }}{{ b }}{{ c }}+{{ d }}" - user: "{{ user }}" - password: "{{ password }}" - validate_certs: "{{ validate_certs }}" - force_basic_auth: true - headers: "{{ headers }}" - body_format: "{{ body_format }}" - register: reg_credential_type - - rescue: - - uri: - method: POST - url: "{{ url_host }}{{ url_api }}" - user: "{{ user }}" - password: "{{ password }}" - validate_certs: "{{ validate_certs }}" - force_basic_auth: true - headers: "{{ headers }}" - body_format: "{{ body_format }}" - register: reg_credential_type - always: - - uri: - method: PATCH - url: "https://{{ tower_config.host }}/{{ reg_credential_type.json.url }}" - user: "{{ tower_config.username }}" - password: "{{ tower_config.password }}" - validate_certs: "{{ tower_config.verify_ssl|bool }}" - force_basic_auth: true - headers: "{{ headers }}" - body: "{{ body }}" - body_format: "{{ tower_config.format }}" - register: reg_credential_type - - when: "tower_config_organization_credential_type.state|default('present') == 'absent'" - block: - - vars: - a: "{{ url_host }}" - b: "{{ url_api }}" - c: "{{ tower_config_organization_credential_type.name }}" - d: "{{ tower_config_organization_credential_type.kind | default('cloud') }}" - uri: - method: GET - url: "{{ a }}{{ b }}{{ c }}+{{ d }}" - user: "{{ user }}" - password: "{{ password }}" - validate_certs: "{{ validate_certs }}" - force_basic_auth: true - headers: "{{ headers }}" - body_format: "{{ body_format }}" - register: reg_credential_type - - rescue: - - uri: - method: POST - url: "{{ url_host }}{{ url_api }}" - user: "{{ user }}" - password: "{{ password }}" - validate_certs: "{{ validate_certs }}" - force_basic_auth: true - headers: "{{ headers }}" - body_format: "{{ body_format }}" - register: reg_credential_type - - always: - - uri: - method: PATCH - url: "https://{{ tower_config.host }}/{{ reg_credential_type.json.url }}" - user: "{{ tower_config.username }}" - password: "{{ tower_config.password }}" - validate_certs: "{{ tower_config.verify_ssl|bool }}" - force_basic_auth: true - headers: "{{ headers }}" - body: "{{ body }}" - body_format: "{{ tower_config.format }}" - register: reg_credential_type +- name: "config.organization.credential_type: [ {{ tower_config_organization_credential_type.name }} ]" + tower_credential_type: + tower_host: "{{ tower_config.host | default(omit) }}" + tower_username: "{{ tower_config.username | default(omit) }}" + tower_password: "{{ tower_config.password | default(omit) }}" + tower_verify_ssl: "{{ tower_config.verify_ssl | default(omit) }}" + description: "{{ tower_config_organization_credential_type.description | default(omit) }}" + injectors: "{{ tower_config_organization_credential_type.injectors | default(omit) | to_json }}" + inputs: "{{ tower_config_organization_credential_type.inputs | default(omit) }}" + kind: "{{ tower_config_organization_credential_type.kind | default(omit) }}" + name: "{{ tower_config_organization_credential_type.name }}" + state: "{{ tower_config_organization_credential_type.state | default(omit) }}" diff --git a/tasks/config/organization/main.yml b/tasks/config/organization/main.yml index a131405..1520514 100644 --- a/tasks/config/organization/main.yml +++ b/tasks/config/organization/main.yml @@ -25,6 +25,14 @@ loop_var: tower_config_organization_team label: "{{ tower_config_organization_team.name }}" +- name: "config.organization: Process [ credential_types ]" + when: tower_config_organization.credential_types is defined + include_tasks: "credential_type.yml" + loop: "{{ tower_config_organization.credential_types | default ([]) }}" + loop_control: + loop_var: tower_config_organization_credential_type + label: "{{ tower_config_organization_credential_type.name }}" + - name: "config.organization: Process [ credentials ]" when: tower_config_organization.credentials is defined include_tasks: "credential.yml" From 5461b941b8b7668761611d3e97955d6c9f725f75 Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Mon, 5 Aug 2019 11:05:39 -0500 Subject: [PATCH 5/6] remove async from include_tasks --- tasks/config/organization/inventory.yml | 1 - tasks/config/organization/team.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/tasks/config/organization/inventory.yml b/tasks/config/organization/inventory.yml index a930e5f..78c2255 100644 --- a/tasks/config/organization/inventory.yml +++ b/tasks/config/organization/inventory.yml @@ -19,5 +19,4 @@ loop_control: loop_var: tower_config_organization_inventory_source label: "{{ tower_config_organization_inventory_source.name }}" - async: 15 poll: 1 diff --git a/tasks/config/organization/team.yml b/tasks/config/organization/team.yml index eab38f8..6f44d42 100644 --- a/tasks/config/organization/team.yml +++ b/tasks/config/organization/team.yml @@ -20,5 +20,4 @@ loop_control: loop_var: tower_config_organization_team_member label: "{{ tower_config_organization_team_member.name }}" - async: 15 poll: 1 From 27ebe38f05c618d193c9e777a7f0d6e159fed63e Mon Sep 17 00:00:00 2001 From: Corey Wanless Date: Mon, 5 Aug 2019 15:36:48 -0500 Subject: [PATCH 6/6] poll not supported on include tasks --- tasks/config/organization/inventory.yml | 1 - tasks/config/organization/team.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/tasks/config/organization/inventory.yml b/tasks/config/organization/inventory.yml index 78c2255..6e3e43f 100644 --- a/tasks/config/organization/inventory.yml +++ b/tasks/config/organization/inventory.yml @@ -19,4 +19,3 @@ loop_control: loop_var: tower_config_organization_inventory_source label: "{{ tower_config_organization_inventory_source.name }}" - poll: 1 diff --git a/tasks/config/organization/team.yml b/tasks/config/organization/team.yml index 6f44d42..b4bcec9 100644 --- a/tasks/config/organization/team.yml +++ b/tasks/config/organization/team.yml @@ -20,4 +20,3 @@ loop_control: loop_var: tower_config_organization_team_member label: "{{ tower_config_organization_team_member.name }}" - poll: 1