Merge pull request #406 from sean-m-sullivan/option_update

update options on multiple roles

.github/workflow-config/kube/awx.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: awx.ansible.com/v1beta1
+kind: AWX
+metadata:
+  name: awx
+spec:
+  service_type: nodeport
+  nodeport_port: 30080
+...

.github/workflow-config/kube/kustomization.yaml

@@ -0,0 +1,15 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  # Find the latest tag here: https://github.com/ansible/awx-operator/releases
+  - github.com/ansible/awx-operator/config/default?ref=1.0.0
+  - awx.yaml
+
+# Set the image tags to match the git version from above
+images:
+  - name: quay.io/ansible/awx-operator
+    newTag: 1.0.0
+
+# Specify a custom namespace in which to install AWX
+namespace: default
+...

.github/workflow-config/kustomization.yaml

@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  # Find the latest tag here: https://github.com/ansible/awx-operator/releases
+  - github.com/ansible/awx-operator/config/default?ref=1.0.0
+
+# Set the image tags to match the git version from above
+images:
+  - name: quay.io/ansible/awx-operator
+    newTag: 1.0.0
+
+# Specify a custom namespace in which to install AWX
+namespace: default
+...

.github/workflows/testing_minikube.yml

@@ -8,18 +8,12 @@ jobs:
     name: Deploy Tower to Minikube and run tests
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout awx operator
-        uses: actions/checkout@v2
-        with:
-          repository: ansible/awx-operator
 
       - name: Checkout
         uses: actions/checkout@v2
-        with:
-          path: controller_configuration
 
       - name: "Install dependencies"
-        run: pip install -r controller_configuration/.github/requirements.txt
+        run: pip install -r .github/requirements.txt
 
       - name: Setup Minikube
         uses: manusa/[email protected]
@@ -35,17 +29,27 @@ jobs:
 
       - name: Setup awx operator
         run: |
-          minikube kubectl get deployments
           minikube kubectl create secret generic awx-admin-password -- --from-literal=password=password
           minikube addons enable ingress
           alias kubectl="minikube kubectl --"
-          make deploy NAMESPACE=default
-          kubectl apply -f controller_configuration/.github/workflow-config/kube/awx_def.yml
+
+      - name: kustomize awx operator
+        working-directory: .github/workflow-config
+        run: kustomize build . | kubectl apply -f -
 
       - name: Wait / Sleep
         uses: jakejarvis/[email protected]
         with:
-          time: '180s'
+          time: '30s'
+
+      - name: kustomize awx
+        working-directory: .github/workflow-config/kube
+        run: kustomize build . | kubectl apply -f -
+
+      - name: Wait / Sleep
+        uses: jakejarvis/[email protected]
+        with:
+          time: '30s'
 
       - name: Check service URL
         uses: nick-invision/retry@v2
@@ -68,15 +72,9 @@ jobs:
       - name: Display Versions
         run: which python && pip --version && ansible --version
 
-      - name: Checkout
-        uses: actions/checkout@v2
-
       - name: "Install Galaxy dependencies"
         run: ansible-galaxy collection install -r .github/collections/requirements.yml
 
-      - name: Check service password
-        run: echo "Service password is ${{ steps.service-password.outputs.SERVICEPASSWORD }}"
-
       - name: "Perform playbook tests"
         run: ansible-playbook examples/configure_controller.yml -e controller_hostname=${{ steps.service-url.outputs.SERVICEURL }}
 

README.md

@@ -160,6 +160,12 @@ Adding the ability to use direct output from the awx export command in the roles
 We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against the [Controller Configuration collection repository](https://github.com/redhat-cop/controller_configuration).
 More information about contributing can be found in our [Contribution Guidelines.](https://github.com/redhat-cop/controller_configuration/blob/devel/.github/CONTRIBUTING.md)
 
+## Code of Conduct
+
+This collection follows the Ansible project's
+[Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html).
+Please read and familiarize yourself with this document.
+
 ## Licensing
 
 GNU General Public License v3.0 or later.

changelogs/fragments/update_options.yml

@@ -0,0 +1,7 @@
+---
+minor_changes:
+  - Update options on inventories, job templates, liscence, projects, schedules, and workflow_job_templates roles to match latest awx.awx release
+
+major_changes:
+  - Added instance role to add instances using the new awx.awx.instance module.
+...

examples/configs/instances.yml

@@ -0,0 +1,5 @@
+---
+controller_instances:
+  - hostname: my-instance.prod.example.com
+    capacity_adjustment: 0.4
+...

examples/configs/inventories.yml

@@ -16,6 +16,7 @@ controller_inventories:
   - name: RHVM-02
     organization: Satellite
     description: created by Ansible Playbook - for RHVM-02
+    prevent_instance_group_fallback: true
   - name: Test Inventory - Smart
     organization: Default
     description: created by Ansible Playbook

examples/configs/schedule.yml

@@ -8,4 +8,12 @@ controller_schedules:
     description: Another demonstration
     unified_job_template: Demo Job Template
     rrule: "DTSTART:20200101T000000Z RRULE:FREQ=HOURLY;INTERVAL=3"
+    execution_environment: My EE
+    forks: 2
+    instance_groups:
+      - test_instance_group
+    labels:
+      - differential
+      - differential2
+    timeout: 165
 ...

examples/configs/templates.yml

@@ -16,6 +16,13 @@ controller_templates:
     verbosity: 2
     extra_vars:
       target_hosts: infra-ansible-tower-01.example.com
+    ask_execution_environment_on_launch: true
+    ask_forks_on_launch: true
+    ask_instance_groups_on_launch: true
+    ask_job_slice_count_on_launch: true
+    ask_labels_on_launch: true
+    ask_timeout_on_launch: true
+    prevent_instance_group_fallback: true
   - name: Demo Job Template
     project: Test Project
     job_type: run
@@ -26,6 +33,14 @@ controller_templates:
     verbosity: 0
     inventory: localhost
     execution_environment: "My EE"
+    ask_inventory_on_launch: true
+    ask_execution_environment_on_launch: true
+    ask_forks_on_launch: true
+    ask_instance_groups_on_launch: true
+    ask_job_slice_count_on_launch: true
+    ask_labels_on_launch: true
+    ask_timeout_on_launch: true
+    prevent_instance_group_fallback: true
     survey_spec:
       name: ''
       description: ''

examples/configs/workflows.yml

@@ -9,6 +9,13 @@ controller_workflows:
     inventory:
     state: present
     limit:
+    job_tags:
+      - stuff
+      - stuff2
+    skip_tags:
+      - stuff3
+    ask_labels_on_launch: true
+    ask_skip_tags_on_launch: true
     labels:
       - Prod
     scm_branch:
@@ -26,6 +33,12 @@ controller_workflows:
       - all_parents_must_converge: false
         identifier: node201
         unified_job_template: test-template-1
+        instance_groups:
+          - default
+        labels:
+          - differential
+          - differential2
+        timeout: 165
     notification_templates_started: []
     notification_templates_success: []
     notification_templates_error: []

examples/configure_controller.yml

@@ -44,10 +44,14 @@
         validate_certs: "{{ controller_validate_certs }}"
       register: result
       until: result.status == 200
-      retries: 20
+      retries: 10
       delay: 30
       ignore_errors: true
 
+    - name: "Show result of ping"
+      ansible.builtin.debug:
+        var: result
+
     - name: Sleep for 60 seconds and allow awx to come up.
       ansible.builtin.wait_for:
         timeout: 60

roles/dispatch/defaults/main.yml

@@ -15,6 +15,7 @@ controller_configuration_dispatcher_roles:
   - {role: inventory_source_update, var: controller_inventory_sources, tags: inventory_sources}
   - {role: execution_environments, var: controller_execution_environments, tags: execution_environments}
   - {role: applications, var: controller_applications, tags: applications}
+  - {role: instances, var: controller_instances, tags: instances}
   - {role: instance_groups, var: controller_instance_groups, tags: instance_groups}
   - {role: project_update, var: controller_projects, tags: projects}
   - {role: hosts, var: controller_hosts, tags: hosts}

roles/instances/README.md

@@ -0,0 +1,110 @@
+# controller_configuration.instances
+
+## Description
+
+An Ansible Role to create instances on Ansible Controller.
+
+## Requirements
+
+ansible-galaxy collection install -r tests/collections/requirements.yml to be installed
+Currently:
+  awx.awx
+  or
+  ansible.controller
+
+## Variables
+
+### Authentication
+
+|Variable Name|Default Value|Required|Description|Example|
+|:---|:---:|:---:|:---|:---|
+|`controller_state`|"present"|no|The state all objects will take unless overridden by object default|'absent'|
+|`controller_hostname`|""|yes|URL to the Ansible Controller Server.|127.0.0.1|
+|`controller_validate_certs`|`True`|no|Whether or not to validate the Ansible Controller Server's SSL certificate.||
+|`controller_username`|""|no|Admin User on the Ansible Controller Server. Either username / password or oauthtoken need to be specified.||
+|`controller_password`|""|no|Controller Admin User's password on the Ansible Controller Server. This should be stored in an Ansible Vault at vars/controller-secrets.yml or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.||
+|`controller_oauthtoken`|""|no|Controller Admin User's token on the Ansible Controller Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook. Either username / password or oauthtoken need to be specified.|||
+|`controller_instances`|`see below`|yes|Data structure describing your instances Described below.||
+
+### Secure Logging Variables
+
+The following Variables compliment each other.
+If Both variables are not set, secure logging defaults to false.
+The role defaults to False as normally the add instances task does not include sensitive information.
+controller_configuration_instances_secure_logging defaults to the value of controller_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of controller configuration roles with a single variable, or for the user to selectively use it.
+
+|Variable Name|Default Value|Required|Description|
+|:---:|:---:|:---:|:---:|
+|`controller_configuration_instances_secure_logging`|`False`|no|Whether or not to include the sensitive instance groups role tasks in the log. Set this value to `True` if you will be providing your sensitive values from elsewhere.|
+|`controller_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared across multiple roles, see above.|
+
+### Asynchronous Retry Variables
+
+The following Variables set asynchronous retries for the role.
+If neither of the retries or delay or retries are set, they will default to their respective defaults.
+This allows for all items to be created, then checked that the task finishes successfully.
+This also speeds up the overall role.
+
+|Variable Name|Default Value|Required|Description|
+|:---:|:---:|:---:|:---:|
+|`controller_configuration_async_retries`|30|no|This variable sets the number of retries to attempt for the role globally.|
+|`controller_configuration_instances_async_retries`|`{{ controller_configuration_async_retries }}`|no|This variable sets the number of retries to attempt for the role.|
+|`controller_configuration_async_delay`|1|no|This sets the delay between retries for the role globally.|
+|`controller_configuration_instances_async_delay`|`controller_configuration_async_delay`|no|This sets the delay between retries for the role.|
+
+## Data Structure
+
+### Instance Group Variables
+
+|Variable Name|Default Value|Required|Type|Description|
+|:---:|:---:|:---:|:---:|:---:|
+|`hostname`|""|yes|str|Hostname of this instance.|
+|`capacity_adjustment`|""|float|no|Capacity adjustment between 0 and 1. |
+|`enabled`|False|no|bool|If true, the instance will be enabled and used.|
+|`managed_by_policy`|False|no|bool|If true, will be managed by instance group policy.|
+|`node_type`|""|no|str|Role that this node plays in the mesh. Most likely Execution. Current options are 'execution'.|
+|`node_state`|""|no|str|Indicates the current life cycle stage of this instance. Current options are 'installed' and 'deprovisioning'.|
+|`listener_port`|""|no|int|Port that Receptor will listen for incoming connections on.|
+
+### Standard Project Data Structure
+
+#### Yaml Example
+
+```yaml
+---
+controller_instances:
+  - hostname: my-instance.prod.example.com
+    capacity_adjustment: 0.4
+    listener_port: 31337
+```
+
+## Playbook Examples
+
+### Standard Role Usage
+
+```yaml
+---
+- name: Playbook to configure ansible controller post installation
+  hosts: localhost
+  connection: local
+  # Define following vars here, or in controller_configs/controller_auth.yml
+  # controller_hostname: ansible-controller-web-svc-test-project.example.com
+  # controller_username: admin
+  # controller_password: changeme
+  pre_tasks:
+    - name: Include vars from controller_configs directory
+      include_vars:
+        dir: ./yaml
+        ignore_files: [controller_config.yml.template]
+        extensions: ["yml"]
+  roles:
+    - {role: redhat_cop.controller_configuration.instances, when: controller_instances is defined}
+```
+
+## License
+
+[MIT](LICENSE)
+
+## Author
+
+[Sean Sullivan](https://github.com/sean-m-sullivan)

roles/instances/defaults/main.yml

@@ -0,0 +1,6 @@
+---
+controller_instances: []
+controller_configuration_instances_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}"
+controller_configuration_instances_async_retries: "{{ controller_configuration_async_retries | default(30) }}"
+controller_configuration_instances_async_delay: "{{ controller_configuration_async_delay | default(1) }}"
+...