mirror of
https://github.com/ansible/awx.git
synced 2026-05-19 14:57:39 -02:30
[chore] update project_update playbook to be compliant with ansible-lint
reshaving the yak Co-Authored-By: Gabriel Muniz <gmuniz@redhat.com>
This commit is contained in:
Hao Liu
@@ -4028,7 +4028,7 @@ class ProjectUpdateEventSerializer(JobEventSerializer):
|
|||||||
# raw SCM URLs in their stdout (which *could* contain passwords)
|
# raw SCM URLs in their stdout (which *could* contain passwords)
|
||||||
# attempt to detect and filter HTTP basic auth passwords in the stdout
|
# attempt to detect and filter HTTP basic auth passwords in the stdout
|
||||||
# of these types of events
|
# of these types of events
|
||||||
if obj.event_data.get('task_action') in ('git', 'svn'):
|
if obj.event_data.get('task_action') in ('git', 'svn', 'ansible.builtin.git', 'ansible.builtin.svn'):
|
||||||
try:
|
try:
|
||||||
return json.loads(UriCleaner.remove_sensitive(json.dumps(obj.event_data)))
|
return json.loads(UriCleaner.remove_sensitive(json.dumps(obj.event_data)))
|
||||||
except Exception:
|
except Exception:
|
||||||
|
|||||||
@@ -116,7 +116,7 @@ class RunnerCallback:
|
|||||||
# so it *should* have a negligible performance impact
|
# so it *should* have a negligible performance impact
|
||||||
task = event_data.get('event_data', {}).get('task_action')
|
task = event_data.get('event_data', {}).get('task_action')
|
||||||
try:
|
try:
|
||||||
if task in ('git', 'svn'):
|
if task in ('git', 'svn', 'ansible.builtin.git', 'ansible.builtin.svn'):
|
||||||
event_data_json = json.dumps(event_data)
|
event_data_json = json.dumps(event_data)
|
||||||
event_data_json = UriCleaner.remove_sensitive(event_data_json)
|
event_data_json = UriCleaner.remove_sensitive(event_data_json)
|
||||||
event_data = json.loads(event_data_json)
|
event_data = json.loads(event_data_json)
|
||||||
@@ -219,7 +219,7 @@ class RunnerCallbackForProjectUpdate(RunnerCallback):
|
|||||||
def event_handler(self, event_data):
|
def event_handler(self, event_data):
|
||||||
super_return_value = super(RunnerCallbackForProjectUpdate, self).event_handler(event_data)
|
super_return_value = super(RunnerCallbackForProjectUpdate, self).event_handler(event_data)
|
||||||
returned_data = event_data.get('event_data', {})
|
returned_data = event_data.get('event_data', {})
|
||||||
if returned_data.get('task_action', '') == 'set_fact':
|
if returned_data.get('task_action', '') in ('set_fact', 'ansible.builtin.set_fact'):
|
||||||
returned_facts = returned_data.get('res', {}).get('ansible_facts', {})
|
returned_facts = returned_data.get('res', {}).get('ansible_facts', {})
|
||||||
if 'scm_version' in returned_facts:
|
if 'scm_version' in returned_facts:
|
||||||
self.playbook_new_revision = returned_facts['scm_version']
|
self.playbook_new_revision = returned_facts['scm_version']
|
||||||
|
|||||||
@@ -25,17 +25,21 @@
|
|||||||
connection: local
|
connection: local
|
||||||
name: Update source tree if necessary
|
name: Update source tree if necessary
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Delete project directory before update
|
||||||
- name: delete project directory before update
|
ansible.builtin.shell: set -o pipefail && find . -delete -print | tail -2 # volume mounted, cannot delete folder itself
|
||||||
command: "find -delete" # volume mounted, cannot delete folder itself
|
register: reg
|
||||||
|
changed_when: reg.stdout_lines | length > 1
|
||||||
args:
|
args:
|
||||||
chdir: "{{ project_path }}"
|
chdir: "{{ project_path }}"
|
||||||
tags:
|
tags:
|
||||||
- delete
|
- delete
|
||||||
|
|
||||||
- block:
|
- name: Update project using git
|
||||||
- name: update project using git
|
tags:
|
||||||
git:
|
- update_git
|
||||||
|
block:
|
||||||
|
- name: Update project using git
|
||||||
|
ansible.builtin.git:
|
||||||
dest: "{{ project_path | quote }}"
|
dest: "{{ project_path | quote }}"
|
||||||
repo: "{{ scm_url }}"
|
repo: "{{ scm_url }}"
|
||||||
version: "{{ scm_branch | quote }}"
|
version: "{{ scm_branch | quote }}"
|
||||||
@@ -46,15 +50,16 @@
|
|||||||
register: git_result
|
register: git_result
|
||||||
|
|
||||||
- name: Set the git repository version
|
- name: Set the git repository version
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
scm_version: "{{ git_result['after'] }}"
|
scm_version: "{{ git_result['after'] }}"
|
||||||
when: "'after' in git_result"
|
when: "'after' in git_result"
|
||||||
tags:
|
|
||||||
- update_git
|
|
||||||
|
|
||||||
- block:
|
- name: Update project using svn
|
||||||
- name: update project using svn
|
tags:
|
||||||
subversion:
|
- update_svn
|
||||||
|
block:
|
||||||
|
- name: Update project using svn
|
||||||
|
ansible.builtin.subversion:
|
||||||
dest: "{{ project_path | quote }}"
|
dest: "{{ project_path | quote }}"
|
||||||
repo: "{{ scm_url | quote }}"
|
repo: "{{ scm_url | quote }}"
|
||||||
revision: "{{ scm_branch | quote }}"
|
revision: "{{ scm_branch | quote }}"
|
||||||
@@ -68,21 +73,24 @@
|
|||||||
register: svn_result
|
register: svn_result
|
||||||
|
|
||||||
- name: Set the svn repository version
|
- name: Set the svn repository version
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
scm_version: "{{ svn_result['after'] }}"
|
scm_version: "{{ svn_result['after'] }}"
|
||||||
when: "'after' in svn_result"
|
when: "'after' in svn_result"
|
||||||
|
|
||||||
- name: parse subversion version string properly
|
- name: Parse subversion version string properly
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
scm_version: "{{ scm_version | regex_replace('^.*Revision: ([0-9]+).*$', '\\1') }}"
|
scm_version: "{{ scm_version | regex_replace('^.*Revision: ([0-9]+).*$', '\\1') }}"
|
||||||
tags:
|
|
||||||
- update_svn
|
|
||||||
|
|
||||||
- block:
|
|
||||||
|
- name: Project update for Insights
|
||||||
|
tags:
|
||||||
|
- update_insights
|
||||||
|
block:
|
||||||
- name: Ensure the project directory is present
|
- name: Ensure the project directory is present
|
||||||
file:
|
ansible.builtin.file:
|
||||||
dest: "{{ project_path | quote }}"
|
dest: "{{ project_path | quote }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
- name: Fetch Insights Playbook(s)
|
- name: Fetch Insights Playbook(s)
|
||||||
insights:
|
insights:
|
||||||
@@ -95,25 +103,29 @@
|
|||||||
register: results
|
register: results
|
||||||
|
|
||||||
- name: Save Insights Version
|
- name: Save Insights Version
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
scm_version: "{{ results.version }}"
|
scm_version: "{{ results.version }}"
|
||||||
when: results is defined
|
when: results is defined
|
||||||
tags:
|
|
||||||
- update_insights
|
|
||||||
|
|
||||||
- block:
|
|
||||||
|
- name: Update project using archive
|
||||||
|
tags:
|
||||||
|
- update_archive
|
||||||
|
block:
|
||||||
- name: Ensure the project archive directory is present
|
- name: Ensure the project archive directory is present
|
||||||
file:
|
ansible.builtin.file:
|
||||||
dest: "{{ project_path | quote }}/.archive"
|
dest: "{{ project_path | quote }}/.archive"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
- name: Get archive from url
|
- name: Get archive from url
|
||||||
get_url:
|
ansible.builtin.get_url:
|
||||||
url: "{{ scm_url | quote }}"
|
url: "{{ scm_url | quote }}"
|
||||||
dest: "{{ project_path | quote }}/.archive/"
|
dest: "{{ project_path | quote }}/.archive/"
|
||||||
url_username: "{{ scm_username | default(omit) }}"
|
url_username: "{{ scm_username | default(omit) }}"
|
||||||
url_password: "{{ scm_password | default(omit) }}"
|
url_password: "{{ scm_password | default(omit) }}"
|
||||||
force_basic_auth: true
|
force_basic_auth: true
|
||||||
|
mode: '0755'
|
||||||
register: get_archive
|
register: get_archive
|
||||||
|
|
||||||
- name: Unpack archive
|
- name: Unpack archive
|
||||||
@@ -125,7 +137,7 @@
|
|||||||
register: unarchived
|
register: unarchived
|
||||||
|
|
||||||
- name: Find previous archives
|
- name: Find previous archives
|
||||||
find:
|
ansible.builtin.find:
|
||||||
paths: "{{ project_path | quote }}/.archive/"
|
paths: "{{ project_path | quote }}/.archive/"
|
||||||
excludes:
|
excludes:
|
||||||
- "{{ get_archive.dest | basename }}"
|
- "{{ get_archive.dest | basename }}"
|
||||||
@@ -133,20 +145,18 @@
|
|||||||
register: previous_archive
|
register: previous_archive
|
||||||
|
|
||||||
- name: Remove previous archives
|
- name: Remove previous archives
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: "{{ item.path }}"
|
path: "{{ item.path }}"
|
||||||
state: absent
|
state: absent
|
||||||
loop: "{{ previous_archive.files }}"
|
loop: "{{ previous_archive.files }}"
|
||||||
when: previous_archive.files | default([])
|
when: previous_archive.files | default([])
|
||||||
|
|
||||||
- name: Set scm_version to archive sha1 checksum
|
- name: Set scm_version to archive sha1 checksum
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
scm_version: "{{ get_archive.checksum_src }}"
|
scm_version: "{{ get_archive.checksum_src }}"
|
||||||
tags:
|
|
||||||
- update_archive
|
|
||||||
|
|
||||||
- name: Repository Version
|
- name: Repository Version
|
||||||
debug:
|
ansible.builtin.debug:
|
||||||
msg: "Repository Version {{ scm_version }}"
|
msg: "Repository Version {{ scm_version }}"
|
||||||
tags:
|
tags:
|
||||||
- update_git
|
- update_git
|
||||||
@@ -188,23 +198,22 @@
|
|||||||
# otherwise, files cannot be moved accross volumes and will cause error
|
# otherwise, files cannot be moved accross volumes and will cause error
|
||||||
ANSIBLE_LOCAL_TEMP: "{{ projects_root }}/.__awx_cache/{{ local_path }}/stage/tmp"
|
ANSIBLE_LOCAL_TEMP: "{{ projects_root }}/.__awx_cache/{{ local_path }}/stage/tmp"
|
||||||
tasks:
|
tasks:
|
||||||
|
|
||||||
- name: Check content sync settings
|
- name: Check content sync settings
|
||||||
block:
|
|
||||||
- debug:
|
|
||||||
msg: >
|
|
||||||
Collection and role syncing disabled. Check the AWX_ROLES_ENABLED and
|
|
||||||
AWX_COLLECTIONS_ENABLED settings and Galaxy credentials on the project's organization.
|
|
||||||
|
|
||||||
- meta: end_play
|
|
||||||
|
|
||||||
when: not roles_enabled | bool and not collections_enabled | bool
|
when: not roles_enabled | bool and not collections_enabled | bool
|
||||||
tags:
|
tags:
|
||||||
- install_roles
|
- install_roles
|
||||||
- install_collections
|
- install_collections
|
||||||
|
block:
|
||||||
|
- name: Warn about disabled content sync
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: >
|
||||||
|
Collection and role syncing disabled. Check the AWX_ROLES_ENABLED and
|
||||||
|
AWX_COLLECTIONS_ENABLED settings and Galaxy credentials on the project's organization.
|
||||||
|
- name: End play due to disabled content sync
|
||||||
|
ansible.builtin.meta: end_play
|
||||||
|
|
||||||
- name: fetch galaxy roles from requirements.(yml/yaml)
|
- name: Fetch galaxy roles from requirements.(yml/yaml)
|
||||||
command: >
|
ansible.builtin.command: >
|
||||||
ansible-galaxy role install -r {{ item }}
|
ansible-galaxy role install -r {{ item }}
|
||||||
--roles-path {{ projects_root }}/.__awx_cache/{{ local_path }}/stage/requirements_roles
|
--roles-path {{ projects_root }}/.__awx_cache/{{ local_path }}/stage/requirements_roles
|
||||||
{{ ' -' + 'v' * ansible_verbosity if ansible_verbosity else '' }}
|
{{ ' -' + 'v' * ansible_verbosity if ansible_verbosity else '' }}
|
||||||
@@ -220,8 +229,8 @@
|
|||||||
tags:
|
tags:
|
||||||
- install_roles
|
- install_roles
|
||||||
|
|
||||||
- name: fetch galaxy collections from collections/requirements.(yml/yaml)
|
- name: Fetch galaxy collections from collections/requirements.(yml/yaml)
|
||||||
command: >
|
ansible.builtin.command: >
|
||||||
ansible-galaxy collection install -r {{ item }}
|
ansible-galaxy collection install -r {{ item }}
|
||||||
--collections-path {{ projects_root }}/.__awx_cache/{{ local_path }}/stage/requirements_collections
|
--collections-path {{ projects_root }}/.__awx_cache/{{ local_path }}/stage/requirements_collections
|
||||||
{{ ' -' + 'v' * ansible_verbosity if ansible_verbosity else '' }}
|
{{ ' -' + 'v' * ansible_verbosity if ansible_verbosity else '' }}
|
||||||
|
|||||||
Reference in New Issue
Block a user