diff --git a/awx_collection/README.md b/awx_collection/README.md index ff01c8b150..2be1ad624a 100644 --- a/awx_collection/README.md +++ b/awx_collection/README.md @@ -15,7 +15,7 @@ This Ansible collection allows for easy interaction with an AWX server via Ansible playbooks. This source for this collection lives in the `awx_collection` folder inside of the -AWX source. +AWX GitHub repository. The previous home for this collection was inside the folder [lib/ansible/modules/web_infrastructure/ansible_tower](https://github.com/ansible/ansible/tree/stable-2.9/lib/ansible/modules/web_infrastructure/ansible_tower) in the Ansible repo, as well as other places for the inventory plugin, module utils, and doc fragment. @@ -72,7 +72,11 @@ Notable releases of the `awx.awx` collection: The following notes are changes that may require changes to playbooks: - - The module tower_notification was renamed tower_notification_template. In ansible >= 2.10 there is a seamless redirect. Ansible 2.9 does not respect the redirect. + - The `credential` module no longer allows `kind` as a parameter; additionally, `inputs` must now be used with a variety of key/value parameters to go with it (e.g., `become_method`) + - The `job_wait` module no longer allows `min_interval`/ `max_interval` parameters; use `interval` instead + - The `notification_template` requires various notification configuration information to be listed as a dictionary under the `notification_configuration` parameter (e.g., `use_ssl`) + - In the `inventory_source` module, the `source_project` (when provided) lookup defaults to the specified organization in the same way the inventory is looked up + - The module `tower_notification` was renamed `tower_notification_template`. In `ansible >= 2.10` there is a seamless redirect. Ansible 2.9 does not respect the redirect. - When a project is created, it will wait for the update/sync to finish by default; this can be turned off with the `wait` parameter, if desired. - Creating a "scan" type job template is no longer supported. - Specifying a custom certificate via the `TOWER_CERTIFICATE` environment variable no longer works. @@ -94,16 +98,16 @@ The following notes are changes that may require changes to playbooks: - Some return values (e.g., `credential_type`) have been removed. Use of `id` is recommended. - `tower_job_template` no longer supports the deprecated `extra_vars_path` parameter, please use `extra_vars` with the lookup plugin to replace this functionality. - The `notification_configuration` parameter of `tower_notification_template` has changed from a string to a dict. Please use the `lookup` plugin to read an existing file into a dict. - - `tower_credential` no longer supports passing a file name to ssh_key_data. + - `tower_credential` no longer supports passing a file name to `ssh_key_data`. - The HipChat `notification_type` has been removed and can no longer be created using the `tower_notification_template` module. ## Running Unit Tests Tests to verify compatibility with the most recent AWX code are in `awx_collection/test/awx`. -These can be ran by `make test_collection` in the development container. +These can be ran via the `make test_collection` command in the development container. -To run outside of the development container, or to run against -Ansible source, set up a working environment: +To run tests outside of the development container, or to run against +Ansible source, set up a dedicated virtual environment: ``` mkvirtualenv my_new_venv @@ -118,11 +122,11 @@ py.test awx_collection/test/awx/ ## Running Integration Tests -The integration tests require a virtualenv with `ansible` >= 2.9 and `awxkit`. +The integration tests require a virtualenv with `ansible >= 2.9` and `awxkit`. The collection must first be installed, which can be done using `make install_collection`. -You also need a configuration file, as described in the running section. +You also need a configuration file, as described in the [Running](https://github.com/ansible/awx/blob/devel/awx_collection/README.md#running) section. -Run the tests: +How to run the tests: ``` # ansible-test must be run from the directory in which the collection is installed @@ -133,5 +137,5 @@ ansible-test integration ## Licensing All content in this folder is licensed under the same license as Ansible, -which is the same as license that applied before the split into an +which is the same as the license that applied before the split into an independent collection. diff --git a/awx_collection/plugins/modules/credential.py b/awx_collection/plugins/modules/credential.py index c04609c46c..6eacbecf73 100644 --- a/awx_collection/plugins/modules/credential.py +++ b/awx_collection/plugins/modules/credential.py @@ -51,6 +51,12 @@ options: description: - The credential type being created. - Can be a built-in credential type such as "Machine", or a custom credential type such as "My Credential Type" + - Choices include Amazon Web Services, Ansible Galaxy/Automation Hub API Token, Centrify Vault Credential Provider Lookup, + Container Registry, CyberArk AIM Central Credential Provider Lookup, CyberArk Conjur Secret Lookup, Google Compute Engine, + GitHub Personal Access Token, GitLab Personal Access Token, HashiCorp Vault Secret Lookup, HashiCorp Vault Signed SSH, + Insights, Machine, Microsoft Azure Key Vault, Microsoft Azure Resource Manager, Network, OpenShift or Kubernetes API + Bearer Token, OpenStack, Red Hat Ansible Automation Platform, Red Hat Satellite 6, Red Hat Virtualization, Source Control, + Thycotic DevOps Secrets Vault, Thycotic Secret Server, Vault, VMware vCenter, or a custom credential type type: str inputs: description: diff --git a/awx_collection/plugins/modules/job_template.py b/awx_collection/plugins/modules/job_template.py index 3ffbbd2f3a..0030339b1f 100644 --- a/awx_collection/plugins/modules/job_template.py +++ b/awx_collection/plugins/modules/job_template.py @@ -495,10 +495,10 @@ def main(): if field_val is not None: new_fields[field_name] = field_val - # Special treatment of extra_vars parameter - extra_vars = module.params.get('extra_vars') - if extra_vars is not None: - new_fields['extra_vars'] = json.dumps(extra_vars) + # Special treatment of extra_vars parameter + extra_vars = module.params.get('extra_vars') + if extra_vars is not None: + new_fields['extra_vars'] = json.dumps(extra_vars) # Attempt to look up the related items the user specified (these will fail the module if not found) inventory = module.params.get('inventory') diff --git a/awx_collection/tests/integration/targets/ad_hoc_command_cancel/tasks/main.yml b/awx_collection/tests/integration/targets/ad_hoc_command_cancel/tasks/main.yml index 282c596d28..f7ffe9bc97 100644 --- a/awx_collection/tests/integration/targets/ad_hoc_command_cancel/tasks/main.yml +++ b/awx_collection/tests/integration/targets/ad_hoc_command_cancel/tasks/main.yml @@ -58,6 +58,16 @@ - results is failed - "results['msg'] == 'Monitoring of ad hoc command aborted due to timeout'" +- block: + - name: "Wait for up to a minute until the job enters the can_cancel: False state" + debug: + msg: "The job can_cancel status has transitioned into False, we can proceed with testing" + until: not job_status + retries: 6 + delay: 10 + vars: + job_status: "{{ lookup('awx.awx.controller_api', 'ad_hoc_commands/'+ command.id | string +'/cancel')['can_cancel'] }}" + - name: Cancel the command with hard error if it's not running ad_hoc_command_cancel: command_id: "{{ command.id }}" diff --git a/awx_collection/tests/integration/targets/inventory/tasks/main.yml b/awx_collection/tests/integration/targets/inventory/tasks/main.yml index 2026cb3e37..0e828553e7 100644 --- a/awx_collection/tests/integration/targets/inventory/tasks/main.yml +++ b/awx_collection/tests/integration/targets/inventory/tasks/main.yml @@ -26,7 +26,7 @@ credential: name: "{{ cred_name1 }}" organization: Default - kind: insights + credential_type: Insights inputs: username: joe password: secret @@ -180,5 +180,5 @@ credential: name: "{{ cred_name1 }}" organization: "Default" - kind: insights + credential_type: Insights state: absent diff --git a/awx_collection/tests/integration/targets/inventory_source/tasks/main.yml b/awx_collection/tests/integration/targets/inventory_source/tasks/main.yml index a1654bf25b..d905d03a97 100644 --- a/awx_collection/tests/integration/targets/inventory_source/tasks/main.yml +++ b/awx_collection/tests/integration/targets/inventory_source/tasks/main.yml @@ -9,13 +9,14 @@ credential: description: Credentials for Openstack Test project name: "{{ openstack_cred }}" - kind: openstack + credential_type: OpenStack organization: Default - project: Test - username: admin - host: https://example.org:5000 - password: passw0rd - domain: test + inputs: + project: Test + username: admin + host: https://example.org:5000 + password: passw0rd + domain: test register: credential_result - name: Add an inventory @@ -57,13 +58,14 @@ credential: description: Credentials for Openstack Test project name: "{{ openstack_cred }}" - kind: openstack + credential_type: OpenStack organization: Default - project: Test - username: admin - host: https://example.org:5000 - password: passw0rd - domain: test + inputs: + project: Test + username: admin + host: https://example.org:5000 + password: passw0rd + domain: test state: absent - assert: diff --git a/awx_collection/tests/integration/targets/job_launch/tasks/main.yml b/awx_collection/tests/integration/targets/job_launch/tasks/main.yml index 178ab84e3e..843c5c96f2 100644 --- a/awx_collection/tests/integration/targets/job_launch/tasks/main.yml +++ b/awx_collection/tests/integration/targets/job_launch/tasks/main.yml @@ -18,7 +18,7 @@ - name: Wait for a job template to complete job_wait: job_id: "{{ result.id }}" - max_interval: 10 + interval: 10 timeout: 120 register: result @@ -173,7 +173,7 @@ - name: Wait for a job template to complete job_wait: job_id: "{{ result.id }}" - max_interval: 10 + interval: 10 timeout: 120 register: result diff --git a/awx_collection/tests/integration/targets/job_template/tasks/main.yml b/awx_collection/tests/integration/targets/job_template/tasks/main.yml index 612e32ecc0..1551374f5d 100644 --- a/awx_collection/tests/integration/targets/job_template/tasks/main.yml +++ b/awx_collection/tests/integration/targets/job_template/tasks/main.yml @@ -37,20 +37,20 @@ credential: name: "{{ cred1 }}" organization: Default - kind: tower + credential_type: Red Hat Ansible Automation Platform register: cred1_result - name: Create Credential2 credential: name: "{{ cred2 }}" organization: Default - kind: ssh + credential_type: Machine - name: Create Credential3 credential: name: "{{ cred3 }}" organization: Default - kind: ssh + credential_type: Machine - name: Create Labels label: @@ -75,15 +75,16 @@ name: "{{ email_not }}" organization: Default notification_type: email - username: user - password: s3cr3t - sender: tower@example.com - recipients: - - user1@example.com - host: smtp.example.com - port: 25 - use_tls: false - use_ssl: false + notification_configuration: + username: user + password: s3cr3t + sender: tower@example.com + recipients: + - user1@example.com + host: smtp.example.com + port: 25 + use_tls: false + use_ssl: false state: present - name: Add webhook notification @@ -91,9 +92,10 @@ name: "{{ webhook_not }}" organization: Default notification_type: webhook - url: http://www.example.com/hook - headers: - X-Custom-Header: value123 + notification_configuration: + url: http://www.example.com/hook + headers: + X-Custom-Header: value123 state: present register: result @@ -386,21 +388,21 @@ credential: name: "{{ cred1 }}" organization: Default - kind: tower + credential_type: Red Hat Ansible Automation Platform state: absent - name: Delete Credential2 credential: name: "{{ cred2 }}" organization: Default - kind: ssh + credential_type: Machine state: absent - name: Delete Credential3 credential: name: "{{ cred3 }}" organization: Default - kind: ssh + credential_type: Machine state: absent # You can't delete a label directly so no cleanup needed diff --git a/awx_collection/tests/integration/targets/project/tasks/main.yml b/awx_collection/tests/integration/targets/project/tasks/main.yml index 61e51dd887..0c51560f79 100644 --- a/awx_collection/tests/integration/targets/project/tasks/main.yml +++ b/awx_collection/tests/integration/targets/project/tasks/main.yml @@ -14,7 +14,7 @@ credential: name: "{{ scm_cred_name }}" organization: Default - kind: scm + credential_type: Source Control register: result - assert: @@ -59,7 +59,7 @@ - name: Create credential credential: - kind: scm + credential_type: Source Control name: "{{ cred_name }}" organization: "{{ org_name }}" register: result @@ -207,7 +207,7 @@ credential: name: "{{ scm_cred_name }}" organization: Default - kind: scm + credential_type: Source Control state: absent register: result @@ -228,7 +228,7 @@ - name: Delete credential credential: - kind: scm + credential_type: Source Control name: "{{ cred_name }}" organization: "{{ org_name }}" state: absent diff --git a/awx_collection/tests/integration/targets/project_manual/tasks/create_project_dir.yml b/awx_collection/tests/integration/targets/project_manual/tasks/create_project_dir.yml index f59c90ec94..9fb9607258 100644 --- a/awx_collection/tests/integration/targets/project_manual/tasks/create_project_dir.yml +++ b/awx_collection/tests/integration/targets/project_manual/tasks/create_project_dir.yml @@ -15,16 +15,17 @@ variables: ansible_connection: local -- name: create an unused SSH / Machine credential +- name: Create an unused SSH / Machine credential credential: name: dummy - kind: ssh - ssh_key_data: | - -----BEGIN EC PRIVATE KEY----- - MHcCAQEEIIUl6R1xgzR6siIUArz4XBPtGZ09aetma2eWf1v3uYymoAoGCCqGSM49 - AwEHoUQDQgAENJNjgeZDAh/+BY860s0yqrLDprXJflY0GvHIr7lX3ieCtrzOMCVU - QWzw35pc5tvuP34SSi0ZE1E+7cVMDDOF3w== - -----END EC PRIVATE KEY----- + credential_type: Machine + inputs: + ssh_key_data: | + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIIUl6R1xgzR6siIUArz4XBPtGZ09aetma2eWf1v3uYymoAoGCCqGSM49 + AwEHoUQDQgAENJNjgeZDAh/+BY860s0yqrLDprXJflY0GvHIr7lX3ieCtrzOMCVU + QWzw35pc5tvuP34SSi0ZE1E+7cVMDDOF3w== + -----END EC PRIVATE KEY----- organization: Default - block: @@ -51,5 +52,5 @@ - name: Delete dummy credential credential: name: dummy - kind: ssh + credential_type: Machine state: absent diff --git a/awx_collection/tests/integration/targets/project_manual/tasks/main.yml b/awx_collection/tests/integration/targets/project_manual/tasks/main.yml index a0e4315680..3cd328b4f0 100644 --- a/awx_collection/tests/integration/targets/project_manual/tasks/main.yml +++ b/awx_collection/tests/integration/targets/project_manual/tasks/main.yml @@ -1,16 +1,17 @@ --- -- name: generate random string for project +- name: Generate random string for project set_fact: rand_string: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}" -- name: Generate manual project dir name + +- name: Generate manual project name set_fact: - project_name: "manual project {{ rand_string }}" + project_name: "Manual_Project_{{ rand_string }}" - name: Generate manual project dir name set_fact: project_dir_name: "proj_{{ rand_string }}" -- name: create a project directory for manual project +- name: Create a project directory for manual project import_tasks: create_project_dir.yml - name: Create a manual project diff --git a/awx_collection/tests/integration/targets/workflow_job_template/tasks/main.yml b/awx_collection/tests/integration/targets/workflow_job_template/tasks/main.yml index 87fd84ab14..ea7887077a 100644 --- a/awx_collection/tests/integration/targets/workflow_job_template/tasks/main.yml +++ b/awx_collection/tests/integration/targets/workflow_job_template/tasks/main.yml @@ -29,7 +29,7 @@ credential: name: "{{ scm_cred_name }}" organization: Default - kind: scm + credential_type: Source Control register: result - assert: @@ -41,15 +41,16 @@ name: "{{ email_not }}" organization: Default notification_type: email - username: user - password: s3cr3t - sender: tower@example.com - recipients: - - user1@example.com - host: smtp.example.com - port: 25 - use_tls: false - use_ssl: false + notification_configuration: + username: user + password: s3cr3t + sender: tower@example.com + recipients: + - user1@example.com + host: smtp.example.com + port: 25 + use_tls: false + use_ssl: false state: present - name: Add webhook notification @@ -57,9 +58,10 @@ name: "{{ webhook_not }}" organization: Default notification_type: webhook - url: http://www.example.com/hook - headers: - X-Custom-Header: value123 + notification_configuration: + url: http://www.example.com/hook + headers: + X-Custom-Header: value123 state: present register: result @@ -664,7 +666,7 @@ credential: name: "{{ scm_cred_name }}" organization: Default - kind: scm + credential_type: Source Control state: absent register: result diff --git a/awx_collection/tools/roles/template_galaxy/templates/README.md.j2 b/awx_collection/tools/roles/template_galaxy/templates/README.md.j2 index 4e48302f0a..246897f1b4 100644 --- a/awx_collection/tools/roles/template_galaxy/templates/README.md.j2 +++ b/awx_collection/tools/roles/template_galaxy/templates/README.md.j2 @@ -15,7 +15,7 @@ This Ansible collection allows for easy interaction with an {% if collection_package | lower() == 'awx' %}AWX{% else %}Red Hat Ansible Automation Platform{% endif %} server via Ansible playbooks. This source for this collection lives in the `awx_collection` folder inside of the -AWX source. +AWX GitHub repository. The previous home for this collection was inside the folder [lib/ansible/modules/web_infrastructure/ansible_tower](https://github.com/ansible/ansible/tree/stable-2.9/lib/ansible/modules/web_infrastructure/ansible_tower) in the Ansible repo, as well as other places for the inventory plugin, module utils, and doc fragment. @@ -83,7 +83,11 @@ Notable releases of the `{{ collection_namespace }}.{{ collection_package }}` co The following notes are changes that may require changes to playbooks: - - The module tower_notification was renamed tower_notification_template. In ansible >= 2.10 there is a seamless redirect. Ansible 2.9 does not respect the redirect. + - The `credential` module no longer allows `kind` as a parameter; additionally, `inputs` must now be used with a variety of key/value parameters to go with it (e.g., `become_method`) + - The `job_wait` module no longer allows `min_interval`/ `max_interval` parameters; use `interval` instead + - The `notification_template` requires various notification configuration information to be listed as a dictionary under the `notification_configuration` parameter (e.g., `use_ssl`) + - In the `inventory_source` module, the `source_project` (when provided) lookup defaults to the specified organization in the same way the inventory is looked up + - The module `tower_notification` was renamed `tower_notification_template`. In `ansible >= 2.10` there is a seamless redirect. Ansible 2.9 does not respect the redirect. - When a project is created, it will wait for the update/sync to finish by default; this can be turned off with the `wait` parameter, if desired. - Creating a "scan" type job template is no longer supported. - Specifying a custom certificate via the `TOWER_CERTIFICATE` environment variable no longer works. @@ -105,17 +109,17 @@ The following notes are changes that may require changes to playbooks: - Some return values (e.g., `credential_type`) have been removed. Use of `id` is recommended. - `tower_job_template` no longer supports the deprecated `extra_vars_path` parameter, please use `extra_vars` with the lookup plugin to replace this functionality. - The `notification_configuration` parameter of `tower_notification_template` has changed from a string to a dict. Please use the `lookup` plugin to read an existing file into a dict. - - `tower_credential` no longer supports passing a file name to ssh_key_data. + - `tower_credential` no longer supports passing a file name to `ssh_key_data`. - The HipChat `notification_type` has been removed and can no longer be created using the `tower_notification_template` module. {% if collection_package | lower() == "awx" %} ## Running Unit Tests Tests to verify compatibility with the most recent AWX code are in `awx_collection/test/awx`. -These can be ran by `make test_collection` in the development container. +These can be ran via the `make test_collection` command in the development container. -To run outside of the development container, or to run against -Ansible source, set up a working environment: +To run tests outside of the development container, or to run against +Ansible source, set up a dedicated virtual environment: ``` mkvirtualenv my_new_venv @@ -130,11 +134,11 @@ py.test awx_collection/test/awx/ ## Running Integration Tests -The integration tests require a virtualenv with `ansible` >= 2.9 and `awxkit`. +The integration tests require a virtualenv with `ansible >= 2.9` and `awxkit`. The collection must first be installed, which can be done using `make install_collection`. -You also need a configuration file, as described in the running section. +You also need a configuration file, as described in the [Running](https://github.com/ansible/awx/blob/devel/awx_collection/README.md#running) section. -Run the tests: +How to run the tests: ``` # ansible-test must be run from the directory in which the collection is installed @@ -146,5 +150,5 @@ ansible-test integration ## Licensing All content in this folder is licensed under the same license as Ansible, -which is the same as license that applied before the split into an +which is the same as the license that applied before the split into an independent collection.