|
| 1 | +# controller_configuration.projects |
| 2 | +## Description |
| 3 | +An Ansible Role to run all roles on Ansible Controller. |
| 4 | + |
| 5 | +## Requirements |
| 6 | +ansible-galaxy collection install -r tests/collections/requirements.yml to be installed |
| 7 | +Currently: |
| 8 | + awx.awx |
| 9 | + or |
| 10 | + ansible.controller |
| 11 | + |
| 12 | +## Variables |
| 13 | +Each role has its own variables, for information on those please see each role which this role will call. This role has one key variable `controller_configuration_dispatcher_roles` and its default value is shown below: |
| 14 | + |
| 15 | +```yaml |
| 16 | +controller_configuration_dispatcher_roles: |
| 17 | + - {role: settings, var: controller_settings, tags: settings} |
| 18 | + - {role: organizations, var: controller_organizations, tags: organizations} |
| 19 | + - {role: labels, var: controller_labels, tags: labels} |
| 20 | + - {role: users, var: controller_user_accounts, tags: users} |
| 21 | + - {role: teams, var: controller_teams, tags: teams} |
| 22 | + - {role: credential_types, var: controller_credential_types, tags: credential_types} |
| 23 | + - {role: credentials, var: controller_credentials, tags: credentials} |
| 24 | + - {role: credential_input_sources, var: controller_credential_input_sources, tags: credential_input_sources} |
| 25 | + - {role: notification_templates, var: controller_notifications, tags: notification_templates} |
| 26 | + - {role: projects, var: controller_projects, tags: projects} |
| 27 | + - {role: execution_environments, var: controller_execution_environments, tags: execution_environments} |
| 28 | + - {role: applications, var: controller_applications, tags: applications} |
| 29 | + - {role: inventories, var: controller_inventories, tags: inventories} |
| 30 | + - {role: instance_groups, var: controller_instance_groups, tags: instance_groups} |
| 31 | + - {role: project_update, var: controller_projects, tags: projects} |
| 32 | + - {role: inventory_sources, var: controller_inventory_sources, tags: inventory_sources} |
| 33 | + - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources} |
| 34 | + - {role: hosts, var: controller_hosts, tags: hosts} |
| 35 | + - {role: groups, var: controller_groups, tags: inventories} |
| 36 | + - {role: job_templates, var: controller_templates, tags: job_templates} |
| 37 | + - {role: workflow_job_templates, var: controller_workflows, tags: workflow_job_templates} |
| 38 | + - {role: schedules, var: controller_schedules, tags: schedules} |
| 39 | + - {role: roles, var: controller_roles, tags: roles} |
| 40 | +``` |
| 41 | +
|
| 42 | +Note that each item has three elements: |
| 43 | +- `role` which is the name of the role within redhat_cop.controller_configuration |
| 44 | +- `var` which is the variable which is used in that role. We use this to prevent the role being called if the variable is not set |
| 45 | +- `tags` the tags which are applied to the role so it is possible to apply tags to a playbook using the dispatcher with these tags. |
| 46 | + |
| 47 | +It is possible to redefine this variable with a subset of roles or with different tags. In general we suggest keeping the same structure and perhaps just using a subset. |
| 48 | + |
| 49 | + |
| 50 | +### Authentication |
| 51 | +|Variable Name|Default Value|Required|Description|Example| |
| 52 | +|:---:|:---:|:---:|:---:|:---:| |
| 53 | +|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'| |
| 54 | +|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1| |
| 55 | +|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.|| |
| 56 | +|`controller_username`|""|yes|Admin User on the Ansible Controller Server.|| |
| 57 | +|`controller_password`|""|yes|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook.|| |
| 58 | +|`controller_oauthtoken`|""|yes|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| |
| 59 | + |
| 60 | +### Secure Logging Variables |
| 61 | +The role defaults to False as normally most projects task does not include sensitive information. |
| 62 | +Each role the dispatch role calls has a separate variable which can be turned on to enforce secure logging for that role but defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it. If neither value is set then each role has a default value of true or false depending on the Red Hat COP suggestions. |
| 63 | + |
| 64 | +|Variable Name|Default Value|Required|Description| |
| 65 | +|:---:|:---:|:---:|:---:| |
| 66 | +|`controller_configuration_secure_logging`|""|no|This variable enables secure logging as well, but is shared across multiple roles, see above.| |
| 67 | + |
| 68 | +### Asynchronous Retry Variables |
| 69 | +The following Variables set asynchronous retries for the role. |
| 70 | +If neither of the retries or delay or retries are set, they will default to their respective defaults. |
| 71 | +This allows for all items to be created, then checked that the task finishes successfully. |
| 72 | +This also speeds up the overall role. Each individual role has its own variable which can allow the individual setting of values. See each role for more the variable names. |
| 73 | + |
| 74 | +|Variable Name|Default Value|Required|Description| |
| 75 | +|:---:|:---:|:---:|:---:| |
| 76 | +|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.| |
| 77 | +|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.| |
| 78 | + |
| 79 | +## Playbook Examples |
| 80 | +### Standard Role Usage |
| 81 | +```yaml |
| 82 | +--- |
| 83 | +- name: Playbook to configure ansible controller post installation |
| 84 | + hosts: localhost |
| 85 | + connection: local |
| 86 | + # Define following vars here, or in controller_configs/controller_auth.yml |
| 87 | + # controller_hostname: ansible-controller-web-svc-test-project.example.com |
| 88 | + # controller_username: admin |
| 89 | + # controller_password: changeme |
| 90 | + pre_tasks: |
| 91 | + - name: Include vars from controller_configs directory |
| 92 | + include_vars: |
| 93 | + dir: ./yaml |
| 94 | + ignore_files: [controller_config.yml.template] |
| 95 | + extensions: ["yml"] |
| 96 | + roles: |
| 97 | + - redhat_cop.controller_configuration.dispatch |
| 98 | +``` |
| 99 | +## License |
| 100 | +[MIT](LICENSE) |
| 101 | + |
| 102 | +## Author |
| 103 | +[Tom Page](https://github.com/Tompage1994) |
0 commit comments