ansible-collections/ansible_collection_centurion
2
0
Fork 0
Code Issues Activity

chore(make_docs): apply linting fixes

Browse Source 
remove trailing spaces
fix relative links
indentation
add error to ansible-lint-ignore
Capitalise Centurion ERP
This commit is contained in:
Jason Page
2024-08-19 15:25:44 +09:30
parent 8579a5934e
commit eee170f5cc
6 changed files with 153 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.ansible-lint-ignore
View File

@ -1 +1,5 @@
galaxy.yml galaxy[version-incorrect]
galaxy.yml galaxy[version-incorrect]
# This playbook will only ever be run against the centurion host
playbooks/teams.yaml run-once[task]
# This task only saves the report on the local machine and is deleted after uploading
playbooks/inventory.yaml risky-file-permissions

3
docs/projects/ansible/collection/centurion/playbooks/inventory.md
View File

@ -18,7 +18,8 @@ On import to AWX / Ansible Automation Platform a credential type will also be cr
!!! warning
The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on https://github.com/nofusscomputing/ansible_collection_centurion/issues/19
The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on
[github issue 19](https://github.com/nofusscomputing/ansible_collection_centurion/issues/19)
## Play workflow

6
docs/projects/ansible/collection/centurion/playbooks/teams.md
View File

@ -16,15 +16,15 @@ The following job template will be created:
!!! info
The playbook is able to work with centurion ERP directly or using the inventory pluggin that is included in this collection.
The playbook is able to work with Centurion ERP directly or using the inventory pluggin that is included in this collection.
## Play workflow
The teams playbook gathers information regarding centurion organisations from the ansible inventory. Using this information the play is designed to create new teams, patch permissions and patch notes. The workflow for the playbook is as follows
- Fetch all organisations from centurion
- Fetch all existing teams within each organisation from centurion
- Fetch all organisations from Centurion ERP
- Fetch all existing teams within each organisation from Centurion ERP
- Fetch any teams to be created from inventory
- Create new teams
- Patch all teams with required permissions

0
docs/projects/ansible/playbooks/awx.md Normal file
View File

157
playbooks/inventory.yaml
View File

@ -13,37 +13,37 @@
- name: Inventory host
block:
- name: fetch Packages
ansible.builtin.package_facts:
manager: auto
become: true
- name: Fetch Packages
ansible.builtin.package_facts:
manager: auto
become: true
- name: Inventory Details
ansible.builtin.set_fact:
details: {
"name": "{{ ansible_hostname }}",
"serial_number": "{{ ansible_product_serial }}",
"uuid": "{{ ansible_product_uuid }}"
}
- name: Inventory Details
ansible.builtin.set_fact:
details: {
"name": "{{ ansible_hostname }}",
"serial_number": "{{ ansible_product_serial }}",
"uuid": "{{ ansible_product_uuid }}"
}
- name: Inventory Software [a-k]
ansible.builtin.set_fact:
cacheable: false
software: "{{ software | default([]) + [{
'name': package.value[0].name,
'category': package.value[0].category | default(''),
'version': package.value[0].version
}] }}"
# no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control:
loop_var: package
label: "{{ package.key }}"
when: >
package.value[0].name | regex_search("^[a-k]")
- name: Inventory Software [a-k]
ansible.builtin.set_fact:
cacheable: false
software: "{{ software | default([]) + [{
'name': package.value[0].name,
'category': package.value[0].category | default(''),
'version': package.value[0].version
}] }}"
# no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control:
loop_var: package
label: "{{ package.key }}"
when: >
package.value[0].name | regex_search("^[a-k]")
# https://github.com/nofusscomputing/ansible_collection_centurion/issues/19
@ -55,7 +55,7 @@
# software: "{{ software | default([]) + [{
# 'name': package.value[0].name,
# 'category': package.value[0].category | default(''),
# 'version': package.value[0].version
# 'version': package.value[0].version
# }] }}"
# # no_log: true
# loop: "{{ ansible_facts.packages | dict2items() }}"
@ -66,66 +66,66 @@
# package.value[0].name | regex_search("^[l]")
- name: Inventory Software [m-z]
ansible.builtin.set_fact:
cacheable: false
software: "{{ software | default([]) + [{
'name': package.value[0].name,
'category': package.value[0].category | default(''),
'version': package.value[0].version
}] }}"
# no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control:
loop_var: package
label: "{{ package.key }}"
when: >
package.value[0].name | regex_search("^[m-z]")
- name: Inventory Software [m-z]
ansible.builtin.set_fact:
cacheable: false
software: "{{ software | default([]) + [{
'name': package.value[0].name,
'category': package.value[0].category | default(''),
'version': package.value[0].version
}] }}"
# no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control:
loop_var: package
label: "{{ package.key }}"
when: >
package.value[0].name | regex_search("^[m-z]")
- name: Inventory Document
ansible.builtin.set_fact:
report: {
"details": "{{ details }}",
"os": {
"name": "{{ ansible_distribution | lower }}",
"version": "{{ ansible_distribution_version }}",
"version_major": "{{ ansible_distribution_major_version }}"
},
"software": "{{ software }}"
}
- name: Inventory Document
ansible.builtin.set_fact:
report: {
"details": "{{ details }}",
"os": {
"name": "{{ ansible_distribution | lower }}",
"version": "{{ ansible_distribution_version }}",
"version_major": "{{ ansible_distribution_major_version }}"
},
"software": "{{ software }}"
}
- name: Save report
ansible.builtin.copy:
content: "{{ report | to_nice_json }}"
dest: "/tmp/{{ ansible_hostname }}.json"
- name: Save report
ansible.builtin.copy:
content: "{{ report | to_nice_json }}"
dest: "/tmp/{{ ansible_hostname }}.json"
- name: Upload inventory - {{ ansible_hostname }}
ansible.builtin.uri:
url: |-
{{ lookup('env', 'ITSM_API') }}/api/device/inventory
method: POST
body_format: json
src: "/tmp/{{ ansible_hostname }}.json"
remote_src: true
headers:
Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }}
validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}"
timeout: 300
status_code:
- 200
- 201
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Upload inventory - {{ ansible_hostname }}
ansible.builtin.uri:
url: |-
{{ lookup('env', 'ITSM_API') }}/api/device/inventory
method: POST
body_format: json
src: "/tmp/{{ ansible_hostname }}.json"
remote_src: true
headers:
Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }}
validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}"
timeout: 300
status_code:
- 200
- 201
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
always:
- name: Remove report
ansible.builtin.file:
path: "/tmp/{{ ansible_hostname }}.json"
path: "/tmp/{{ ansible_hostname }}.json"
state: absent
vars:
@ -173,4 +173,3 @@
CENTURION_API: '{{ centurion_url }}'
CENTURION_TOKEN: '{{ centurion_token }}'
CENTURION_VALIDATE_CERTS: '{{ centurion_validate_certs | default(true) }}'

131
playbooks/teams.yaml
View File

@ -1,3 +1,4 @@
---
- name: Centurion ERP Teams Setup
hosts: |-
{%- if nfc_pb_host is defined -%}
@ -35,7 +36,7 @@
{{ lookup('env', 'CENTURION_API') }}/api/organization/
method: GET
body_format: json
headers:
headers:
authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
return_content: true
@ -53,7 +54,7 @@
url: "{{ item }}"
method: GET
body_format: json
headers:
headers:
authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
return_content: true
@ -70,60 +71,60 @@
- name: Create list of Teams
ansible.builtin.set_fact:
team_permissions: |
[
{% for config_organisation in centurion_erp.teams %}
[
{% for config_organisation in centurion_erp.teams %}
{% set ns = namespace(added_teams = []) %}
{% set ns = namespace(added_teams = []) %}
{% for config_team in config_organisation.teams %}
{% for config_team in config_organisation.teams %}
{% for organization in api_get_permissions.results %}
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
{% if organization.json.name == config_organisation.name %}
{% for team in organization.json.teams %}
{% for team in organization.json.teams %}
{% if team.team_name == config_team.name %}
{% if team.team_name == config_team.name %}
{
"organization_id": "{{ organization.json.id }}",
"team_name": "{{ team.team_name }}",
"url": "{{ team.url }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{
"organization_id": "{{ organization.json.id }}",
"team_name": "{{ team.team_name }}",
"url": "{{ team.url }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endif %}
{% endfor %}
{% endfor %}
{% endif %}
{% endfor %}
{% if config_team.name not in ns.added_teams %}
{
"organization_id":
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
"{{ organization.json.id }}",
{% endif %}
{% endfor %}
"team_name": "{{ config_team.name }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endif %}
{% endfor %}
{% endfor %}
{% if config_team.name not in ns.added_teams %}
{
"organization_id":
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
"{{ organization.json.id }}",
{% endif %}
{% endfor %}
"team_name": "{{ config_team.name }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endfor %}
{% endfor %}
]
delegate_to: localhost
run_once: true
@ -156,7 +157,7 @@
{{ nfc_pb_disable_log | default(true) }}
- name: update permissions to include newly created teams
- name: Update permissions to include newly created teams
ansible.builtin.set_fact:
team_permissions: |
[
@ -166,14 +167,12 @@
"organization_id": "{{ team.organization_id }}",
"team_name": "{{ team.team_name }}",
"notes": "{{ team.notes }}",
"permissions":
"permissions":
{{ team.permissions }},
"url":
"url":
{% if team.url is defined %}
"{{ team.url }}",
{% elif team.url is not defined %}
{% for api_values in api_post_teams.results %}
{% if api_values.item.organization_id == team.organization_id %}
@ -246,23 +245,23 @@
vars:
nfc_pb_awx_tower_template:
nfc_pb_awx_tower_template:
- name: "Centurion/Access/Teams"
ask_tags_on_launch: false
ask_inventory_on_launch: true
ask_credential_on_launch: true
ask_limit_on_launch: true
concurrent_jobs_enabled: true
description: Creation and patching of teams and permissions
execution_environment: "No Fuss Computing EE"
job_type: "run"
# job_tags: complete
labels:
- centurion_erp
- itsm
- itam
- access
- permissions
- teams
use_fact_cache: true
- name: "Centurion/Access/Teams"
ask_tags_on_launch: false
ask_inventory_on_launch: true
ask_credential_on_launch: true
ask_limit_on_launch: true
concurrent_jobs_enabled: true
description: Creation and patching of teams and permissions
execution_environment: "No Fuss Computing EE"
job_type: "run"
# job_tags: complete
labels:
- centurion_erp
- itsm
- itam
- access
- permissions
- teams
use_fact_cache: true