forked from redhat-cop/infra.aap_configuration
-
Notifications
You must be signed in to change notification settings - Fork 0
/
aap-synchronization.yml
132 lines (115 loc) · 4.57 KB
/
aap-synchronization.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
---
# Test
- name: Playbook to configure ansible Controller post installation
hosts: localhost
connection: local
vars:
controller_validate_certs: false
controller_username: admin
controller_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
32656537316230666662363130373538326161663366373731653535613664323930353332303236
3237613130656439363031313864306562643066623130620a303136616131343163643862613831
37666665396539343131326334323530313863636131393335393137363931663863366462316330
6664363866646161310a643939383436373331613738343761316133303830323436643734326139
3337
collections:
- ansible.controller
- redhat_cop.controller_configuration
# Define following vars here, or in configs/controller_auth.yml
# controller_hostname: controller.example.com
# controller_username: admin
# controller_password: changeme
pre_tasks:
- name: Ensure that the customer source directory is cleaned
ansible.builtin.file:
path: "{{ customer_organization }}"
state: absent
# Uncomment sections below if you need authenticated integration to git
# - name: Ensure that the customers key directed is created
# ansible.builtin.file:
# path: "/root/.ssh"
# state: directory
# recurse: yes
# mode: 0700
# owner: root
# group: root
# - name: Load git integration key
# include_vars:
# file: vars/secret.yml
# - name: Ensure key for git integration is in place
# ansible.builtin.copy:
# content: "{{ gitkey }}"
# dest: "/root/.ssh/id_rsa"
# mode: 0600
# owner: root
# group: root
#
# For repo: below, you may have to add ssh:// if that is the only supported protocol.
- name: Just ensuring the repo checkout exists
ansible.builtin.git:
repo: "{{ customer_git_repo }}"
dest: "{{ customer_organization }}/git"
clone: yes
accept_hostkey: yes
single_branch: yes
version: "{{ customer_git_branch }}"
# key_file: "/root/.ssh/id_rsa"
become_user: root
- name: Include vars from configs directory
include_vars:
dir: "{{ customer_organization }}/git/controller"
ignore_files: [controller_config.yml.template]
extensions: ["yml","json"]
tags:
- always
roles:
- {role: labels, when: controller_labels is defined, tags: labels}
- {role: users, when: controller_user_accounts is defined, tags: users}
- {role: teams, when: controller_teams is defined, tags: teams}
- {role: credentials, when: controller_credentials is defined, tags: credentials}
- {role: projects, when: controller_projects is defined, tags: projects}
- {role: inventories, when: controller_inventories is defined, tags: inventories}
- {role: hosts, when: controller_hosts is defined, tags: hosts}
- {role: groups, when: controller_groups is defined, tags: inventories}
- {role: job_templates, when: controller_templates is defined, tags: job_templates}
- {role: notification_templates, when: controller_notifications is defined, tags: notification_templates}
# - {role: schedules, when: controller_schedules is defined, tags: schedules}
- {role: workflow_job_templates, when: controller_workflows is defined, tags: workflow_job_templates}
- {role: roles, when: controller_roles is defined, tags: roles}
tasks:
- name: Set schedule to be default off
set_fact:
schedules_activation: False
- name: Fetch local cluster install uuid
uri:
url: https://{{ controller_fqdn }}/api/v2/ping/
validate_certs: false
register: local_cluster
- name: Local cluster install uuid
debug:
msg: "{{ local_cluster.json.install_uuid }}"
- name: Fetch cluster install uuid via the load balancer
uri:
url: https://{{ load_balancer_fqdn }}/api/v2/ping/
validate_certs: false
register: ldb_cluster
- name: Load balancer install uuid
debug:
msg: "{{ ldb_cluster.json.install_uuid }}"
- name: Set schedule mode depending on if we are active cluster or not
set_fact:
schedules_activation: True
when: local_cluster.json.install_uuid in ldb_cluster.json.install_uuid
- name: Include schedules role
include_role:
name: schedules
when: controller_schedules is defined
tags: schedules
# tasks:
# - name: Add Controller Settings Individually
# include_role:
# name: settings
# vars:
# controller_settings: "{{ controller_settings_individuale }}"
...