redhat-cop · djdanielsson · Sep 27, 2022 · Sep 26, 2022 · Sep 26, 2022 · Sep 26, 2022
@@ -170,7 +170,7 @@ def run(self, terms, variables=None, **kwargs):
                 item.update({"unified_job_template": item["summary_fields"]["unified_job_template"]["name"]})
                 item.update({"workflow_job_template": item["summary_fields"]["workflow_job_template"]["name"]})
                 item.pop("summary_fields")
-        elif api_list[0]["type"] != "organization" and api_list[0]["type"] != "user":
+        elif api_list[0]["type"] != "organization" and api_list[0]["type"] != "user" and api_list[0]["type"] != "credential_type":
             for item in api_list_reduced:
                 item.update({"organization": item["summary_fields"]["organization"]["name"]})
                 item.pop("summary_fields")

@@ -29,4 +29,6 @@ output_path: "/tmp/filetree_output"
 # Maximum number of objects to return from the list. If a list view returns more an max_objects an exception will be raised
 query_controller_api_max_objects: 10000
 
+controller_configuration_filetree_create_secure_logging: "{{ controller_configuration_secure_logging | default('false') }}"
+
 ...
@@ -1,24 +1,27 @@
 ---
-- name: "Get the Authentication Token for the future requests"
-  ansible.builtin.uri:
-    url: "https://{{ controller_hostname }}/api/v2/tokens/"
-    user: "{{ controller_username }}"
-    password: "{{ controller_password }}"
-    method: POST
-    force_basic_auth: true
-    validate_certs: "{{ controller_validate_certs }}"
-    status_code: 201
-  register: authtoken_res
+- name: Generate oauth otken (block)
+  block:
+    - name: "Get the Authentication Token for the future requests"
+      ansible.builtin.uri:
+        url: "https://{{ controller_hostname }}/api/v2/tokens/"
+        user: "{{ controller_username }}"
+        password: "{{ controller_password }}"
+        method: POST
+        force_basic_auth: true
+        validate_certs: "{{ controller_validate_certs }}"
+        status_code: 201
+      register: authtoken_res
 
-- name: "Set the oauth token to be used since now"
-  ansible.builtin.set_fact:
-    oauthtoken: "{{ authtoken_res.json.token }}"
-    oauthtoken_url: "{{ authtoken_res.json.url }}"
-  no_log: true
+    - name: "Set the oauth token to be used since now"
+      ansible.builtin.set_fact:
+        controller_oauthtoken: "{{ authtoken_res.json.token }}"
+        controller_oauthtoken_url: "{{ authtoken_res.json.url }}"
+  no_log: "{{ controller_configuration_filetree_create_secure_logging }}"
+  when: controller_oauthtoken is not defined
 
 - name: "Check if the connection is to an Ansible Tower or to Automation Platform"
   ansible.builtin.set_fact:
-    is_aap: "{{ lookup(controller_api_plugin, 'ping', host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs).version is version('4.0.0', '>=') }}"
+    is_aap: "{{ lookup(controller_api_plugin, 'ping', host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs).version is version('4.0.0', '>=') }}"
 
 - name: Include tasks (block)
   block:
@@ -59,11 +62,12 @@
 
 - name: "Delete the Authentication Token used"
   ansible.builtin.uri:
-    url: "https://{{ controller_hostname }}{{ oauthtoken_url }}"
+    url: "https://{{ controller_hostname }}{{ controller_oauthtoken_url }}"
     user: "{{ controller_username }}"
     password: "{{ controller_password }}"
     method: DELETE
     force_basic_auth: true
     validate_certs: "{{ controller_validate_certs }}"
     status_code: 204
+  when: controller_oauthtoken_url is defined
 ...
@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     credential_types_lookvar: "{{ query(controller_api_plugin, 'api/v2/credential_types/',
                                         query_params={'managed': false},
-                                        host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                        host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                         return_all=true, max_objects=query_controller_api_max_objects)
                                }}"
   when: is_aap
@@ -12,7 +12,7 @@
   ansible.builtin.set_fact:
     credential_types_lookvar: "{{ query(controller_api_plugin, 'api/v2/credential_types/',
                                         query_params={'managed_by_tower': false},
-                                        host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                        host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                         return_all=true, max_objects=query_controller_api_max_objects)
                                }}"
   when: not is_aap

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     credentials_lookvar: "{{ query(controller_api_plugin, 'api/v2/credentials/',
                                    query_params={'order_by': 'organization,id'},
-                                   host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                   host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                    return_all=true, max_objects=query_controller_api_max_objects)
                           }}"
 

@@ -2,7 +2,7 @@
 - name: "Get current Execution Environments from the API"
   ansible.builtin.set_fact:
     execution_environments_lookvar: "{{ query(controller_api_plugin, 'api/v2/execution_environments/',
-                                              host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                              host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                               return_all=true, max_objects=query_controller_api_max_objects)
                                      }}"
 

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     inventory_lookvar: "{{ query(controller_api_plugin, 'api/v2/inventories/',
                                  query_params={'not__kind': 'smart', 'order_by': 'organization,id'},
-                                 host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                 host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                  return_all=true, max_objects=query_controller_api_max_objects)
                         }}"
 
@@ -40,7 +40,7 @@
     inventory_name: "{{ current_inventory_sources.name | regex_replace('/','_') }}"
     inventory_sources_output_path: "{{ output_path }}/{{ inventory_organization }}/inventories/{{ inventory_name }}"
     current_inventory_sources_asset_value: "{{ query(controller_api_plugin, current_inventory_sources.related.inventory_sources,
-                                                          host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                                          host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                                           return_all=true, max_objects=query_controller_api_max_objects
                                                     ) if current_inventory_sources.has_inventory_sources else []
                                             }}"
@@ -56,7 +56,7 @@
     inventory_name: "{{ current_inventory_hosts.name | regex_replace('/','_') }}"
     hosts_output_path: "{{ output_path }}/{{ inventory_organization }}/inventories/{{ inventory_name }}"
     current_hosts_asset_value: "{{ query(controller_api_plugin, current_inventory_hosts.related.hosts,
-                                              host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                              host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                               return_all=true, max_objects=query_controller_api_max_objects
                                         ) if not current_inventory_hosts.has_inventory_sources else []
                                 }}"
@@ -72,7 +72,7 @@
     inventory_name: "{{ current_inventory_groups.name | regex_replace('/','_') }}"
     groups_output_path: "{{ output_path }}/{{ inventory_organization }}/inventories/{{ inventory_name }}"
     current_groups_asset_value: "{{ query(controller_api_plugin, current_inventory_groups.related.groups,
-                                               host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                               host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                                return_all=true, max_objects=query_controller_api_max_objects
                                          ) if not current_inventory_groups.has_inventory_sources else []
                                  }}"

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     job_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/job_templates/',
                                      query_params={'order_by': 'organization,id'},
-                                     host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                     host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                      return_all=true, max_objects=query_controller_api_max_objects)
                             }}"
 

@@ -2,7 +2,7 @@
 - name: "Get current Notification Templates from the API"
   ansible.builtin.set_fact:
     notification_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/notification_templates/',
-                                              host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                              host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                               return_all=true, max_objects=query_controller_api_max_objects)
                                      }}"
 

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     orgs_lookvar: "{{ query(controller_api_plugin, 'api/v2/organizations/',
                             query_params={'order_by': 'id'},
-                            host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                            host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                             return_all=true, max_objects=query_controller_api_max_objects)
                    }}"
 

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     projects_lookvar: "{{ query(controller_api_plugin, 'api/v2/projects/',
                                 query_params={'order_by': 'organization,id'},
-                                host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                 return_all=true, max_objects=query_controller_api_max_objects)
                        }}"
 

@@ -2,7 +2,7 @@
 - name: "Get current Team Roles from the API"
   ansible.builtin.set_fact:
     team_roles_lookvar: "{{ query(controller_api_plugin, 'api/v2/teams/' + teamid + '/roles/',
-                                  host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                  host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                   return_all=true, max_objects=query_controller_api_max_objects)
                          }}"
 

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     teams_lookvar: "{{ query(controller_api_plugin, 'api/v2/teams/',
                              query_params={'order_by': 'organization,id'},
-                             host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                             host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                              return_all=true, max_objects=query_controller_api_max_objects)
                     }}"
 

@@ -2,7 +2,7 @@
 - name: "Get current Users from the API"
   ansible.builtin.set_fact:
     user_roles_lookvar: "{{ query(controller_api_plugin, 'api/v2/users/' + (username | urlencode()) + '/roles/',
-                                  host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                  host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                   return_all=true, max_objects=query_controller_api_max_objects)
                          }}"
 

@@ -2,15 +2,15 @@
 - name: "Get current Users from the API"
   ansible.builtin.set_fact:
     users_lookvar: "{{ query(controller_api_plugin, 'api/v2/users/',
-                             host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                             host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                              return_all=true, max_objects=query_controller_api_max_objects)
                     }}"
 
 - name: "Add the users the Organizations information"
   ansible.builtin.set_fact:
     current_users: "{{ (current_users | default([])) + [user_lookvar_item | combine({'organizations': user_lookvar_item_organizations})] }}"
   vars:
-    user_lookvar_item_organizations: "{{ query(controller_api_plugin, user_lookvar_item.related.organizations, host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) | selectattr('name', 'defined') | map(attribute='name') }}"
+    user_lookvar_item_organizations: "{{ query(controller_api_plugin, user_lookvar_item.related.organizations, host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs, return_all=true, max_objects=query_controller_api_max_objects) | selectattr('name', 'defined') | map(attribute='name') }}"
   loop: "{{ users_lookvar }}"
   loop_control:
     loop_var: user_lookvar_item

@@ -3,7 +3,7 @@
   ansible.builtin.set_fact:
     workflow_job_templates_lookvar: "{{ query(controller_api_plugin, 'api/v2/workflow_job_templates/',
                                               query_params={'order_by': 'organization,id'},
-                                              host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                                              host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                                               return_all=true, max_objects=query_controller_api_max_objects)
                                      }}"
 

@@ -6,7 +6,7 @@ configure_tower_groups:
     inventory: "{{ group.summary_fields.inventory.name }}"
     hosts:
 {{ query(controller_api_plugin, group.related.hosts,
-         host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+         host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
          return_all=true, max_objects=query_controller_api_max_objects
    ) | selectattr("name", "defined") | map(attribute="name") | to_nice_yaml(indent=2) | indent(width=6, first=True)
 }}

@@ -6,7 +6,7 @@ controller_workflows:
     simplified_workflow_nodes:
 {% for node in query(controller_api_plugin, 'api/v2/workflow_job_template_nodes/',
                      query_params={'workflow_job_template': current_workflow_job_templates_asset_value.id},
-                     host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs,
+                     host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs,
                      return_all=true, max_objects=query_controller_api_max_objects) %}
       - identifier: "{{ node.identifier }}"
         workflow_job_template: "{{ node.summary_fields.workflow_job_template.name }}"
@@ -19,19 +19,19 @@ controller_workflows:
 {% if node.success_nodes is defined and node.success_nodes | length > 0 %}
         success_nodes:
 {% for success in node.success_nodes %}
-          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(success | string), host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
+          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(success | string), host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
 {% endfor %}
 {% endif %}
 {% if node.always_nodes and node.always_nodes | length > 0 %}
         always_nodes:
 {% for always in node.always_nodes %}
-          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(always | string), host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
+          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(always | string), host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
 {% endfor %}
 {% endif %}
 {% if node.failure_nodes and node.failure_nodes | length > 0 %}
         failure_nodes:
 {% for failure in node.failure_nodes %}
-          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(failure | string), host=controller_hostname, oauth_token=oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
+          - {{ query(controller_api_plugin, 'workflow_job_template_nodes/'+(failure | string), host=controller_hostname, oauth_token=controller_oauthtoken, verify_ssl=controller_validate_certs)[0].identifier }}
 {% endfor %}
 {% endif %}
 {% endfor %}