External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-18 09:27:31 -02:30
Code Issues Packages Projects Releases Wiki Activity

update playbooks to use fqcn

Browse Source 
Signed-off-by: Adam Miller <admiller@redhat.com>
This commit is contained in:
Adam Miller
2024-03-25 14:33:37 -05:00
committed by Chris Meyers
parent 0b5e59d9cb
commit 2034cca3a9
13 changed files with 132 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
tools/docker-compose-minikube/minikube/tasks/main.yml
View File

@@ -1,27 +1,27 @@
---
- name: Include pre-flight checks
include_tasks: preflight.yml
ansible.builtin.include_tasks: preflight.yml
- name: Create _sources directory
file:
ansible.builtin.file:
path: "{{ sources_dest }}"
state: 'directory'
mode: '0700'
- name: debug minikube_setup
debug:
ansible.builtin.debug:
var: minikube_setup
# Linux block
- block:
- name: Download Minikube
get_url:
ansible.builtin.get_url:
url: "{{ minikube_url_linux }}"
dest: "{{ sources_dest }}/minikube"
mode: 0755
- name: Download Kubectl
get_url:
ansible.builtin.get_url:
url: "{{ kubectl_url_linux }}"
dest: "{{ sources_dest }}/kubectl"
mode: 0755
@@ -33,13 +33,13 @@
# MacOS block
- block:
- name: Download Minikube
get_url:
ansible.builtin.get_url:
url: "{{ minikube_url_macos }}"
dest: "{{ sources_dest }}/minikube"
mode: 0755
- name: Download Kubectl
get_url:
ansible.builtin.get_url:
url: "{{ kubectl_url_macos }}"
dest: "{{ sources_dest }}/kubectl"
mode: 0755
@@ -50,18 +50,18 @@
- block:
- name: Starting Minikube
shell: "{{ sources_dest }}/minikube start --driver={{ driver }} --install-addons=true --addons={{ addons | join(',') }}"
ansible.builtin.shell: "{{ sources_dest }}/minikube start --driver={{ driver }} --install-addons=true --addons={{ addons | join(',') }}"
register: minikube_stdout
- name: Enable Ingress Controller on Minikube
shell: "{{ sources_dest }}/minikube addons enable ingress"
ansible.builtin.shell: "{{ sources_dest }}/minikube addons enable ingress"
when:
- minikube_stdout.rc == 0
register: _minikube_ingress
ignore_errors: true
- name: Show Minikube Ingress known-issue 7332 warning
pause:
ansible.builtin.pause:
seconds: 5
prompt: "The Minikube Ingress addon has been disabled since it looks like you are hitting https://github.com/kubernetes/minikube/issues/7332"
when:
@@ -90,13 +90,13 @@
register: _service_account_secret
- name: Load Minikube Bearer Token
set_fact:
ansible.builtin.set_fact:
service_account_token: '{{ _service_account_secret["resources"][0]["data"]["token"] | b64decode }}'
when:
- _service_account_secret["resources"][0]["data"] | length
- name: Render minikube credential JSON template
template:
ansible.builtin.template:
src: bootstrap_minikube.py.j2
dest: "{{ sources_dest }}/bootstrap_minikube.py"
mode: '0600'

16
tools/docker-compose/ansible/plumb_keycloak.yml
View File

@@ -13,12 +13,12 @@
cert_subject: "/C=US/ST=NC/L=Durham/O=awx/CN="
tasks:
- name: Generate certificates for keycloak
command: 'openssl req -new -x509 -days 365 -nodes -out {{ public_key_file }} -keyout {{ private_key_file }} -subj "{{ cert_subject }}"'
ansible.builtin.command: 'openssl req -new -x509 -days 365 -nodes -out {{ public_key_file }} -keyout {{ private_key_file }} -subj "{{ cert_subject }}"'
args:
creates: "{{ public_key_file }}"
- name: Load certs, existing and new SAML settings
set_fact:
ansible.builtin.set_fact:
private_key: "{{ private_key_content }}"
public_key: "{{ public_key_content }}"
public_key_trimmed: "{{ public_key_content | regex_replace('-----BEGIN CERTIFICATE-----\\\\n', '') | regex_replace('\\\\n-----END CERTIFICATE-----', '') }}"
@@ -32,18 +32,18 @@
private_key_content: "{{ lookup('file', private_key_file) | regex_replace('\n', '\\\\n') }}"
- name: Displauy existing SAML configuration
debug:
ansible.builtin.debug:
msg:
- "Here is your existing SAML configuration for reference:"
- "{{ existing_saml }}"
- "Here is your existing OIDC configuration for reference:"
- "{{ existing_oidc }}"
- pause:
- ansible.builtin.pause:
prompt: "Continuing to run this will replace your existing saml and OIDC settings (displayed above). They will all be captured except for your private key. Be sure that is backed up before continuing"
- name: Write out the existing content
copy:
ansible.builtin.copy:
dest: "../_sources/{{ item.filename }}"
content: "{{ item.content }}"
loop:
@@ -65,7 +65,7 @@
validate_certs: False
- name: Get a keycloak token
uri:
ansible.builtin.uri:
url: "https://localhost:8443/auth/realms/master/protocol/openid-connect/token"
method: POST
body_format: form-urlencoded
@@ -78,12 +78,12 @@
register: keycloak_response
- name: Template the AWX realm
template:
ansible.builtin.template:
src: keycloak.awx.realm.json.j2
dest: "{{ keycloak_realm_template }}"
- name: Create the AWX realm
uri:
ansible.builtin.uri:
url: "https://localhost:8443/auth/admin/realms"
method: POST
body_format: json

8
tools/docker-compose/ansible/plumb_ldap.yml
View File

@@ -7,21 +7,21 @@
awx_host: "https://localhost:8043"
tasks:
- name: Load existing and new LDAP settings
set_fact:
ansible.builtin.set_fact:
existing_ldap: "{{ lookup('awx.awx.controller_api', 'settings/ldap', host=awx_host, verify_ssl=false) }}"
new_ldap: "{{ lookup('template', 'ldap_settings.json.j2') }}"
- name: Display existing LDAP configuration
debug:
ansible.builtin.debug:
msg:
- "Here is your existing LDAP configuration for reference:"
- "{{ existing_ldap }}"
- pause:
- ansible.builtin.pause:
prompt: "Continuing to run this will replace your existing ldap settings (displayed above). They will all be captured. Be sure that is backed up before continuing"
- name: Write out the existing content
copy:
ansible.builtin.copy:
dest: "../_sources/existing_ldap_adapter_settings.json"
content: "{{ existing_ldap }}"

8
tools/docker-compose/ansible/plumb_splunk.yml
View File

@@ -26,21 +26,21 @@
ansible_connection: httpapi
- name: Load existing and new Logging settings
set_fact:
ansible.builtin.set_fact:
existing_logging: "{{ lookup('awx.awx.controller_api', 'settings/logging', host=awx_host, verify_ssl=false) }}"
new_logging: "{{ lookup('template', 'logging.json.j2') }}"
- name: Display existing Logging configuration
debug:
ansible.builtin.debug:
msg:
- "Here is your existing SAML configuration for reference:"
- "{{ existing_logging }}"
- pause:
prompt: "Continuing to run this will replace your existing logging settings (displayed above). They will all be captured except for your connection password. Be sure that is backed up before continuing"
ansible.builtin.prompt: "Continuing to run this will replace your existing logging settings (displayed above). They will all be captured except for your connection password. Be sure that is backed up before continuing"
- name: Write out the existing content
copy:
ansible.builtin.copy:
dest: "../_sources/existing_logging.json"
content: "{{ existing_logging }}"

8
tools/docker-compose/ansible/plumb_tacacs.yml
View File

@@ -7,21 +7,21 @@
awx_host: "https://localhost:8043"
tasks:
- name: Load existing and new tacacs+ settings
set_fact:
ansible.builtin.set_fact:
existing_tacacs: "{{ lookup('awx.awx.controller_api', 'settings/tacacsplus', host=awx_host, verify_ssl=false) }}"
new_tacacs: "{{ lookup('template', 'tacacsplus_settings.json.j2') }}"
- name: Display existing tacacs+ configuration
debug:
ansible.builtin.debug:
msg:
- "Here is your existing tacacsplus configuration for reference:"
- "{{ existing_tacacs }}"
- pause:
- ansible.builtin.pause:
prompt: "Continuing to run this will replace your existing tacacs settings (displayed above). They will all be captured. Be sure that is backed up before continuing"
- name: Write out the existing content
copy:
ansible.builtin.copy:
dest: "../_sources/existing_tacacsplus_adapter_settings.json"
content: "{{ existing_tacacs }}"

4
tools/docker-compose/ansible/unseal_vault.yml
View File

@@ -4,10 +4,10 @@
gather_facts: False
tasks:
- name: Unseal the vault
include_role:
ansible.builtin.include_role:
name: vault
tasks_from: unseal
- name: Display root token
debug:
ansible.builtin.debug:
var: Initial_Root_Token