From eee170f5cce0538eb9bd41d49b9c80218578c7cd Mon Sep 17 00:00:00 2001 From: "jasonpage.tas" Date: Mon, 19 Aug 2024 15:25:44 +0930 Subject: [PATCH] chore(make_docs): apply linting fixes remove trailing spaces fix relative links indentation add error to ansible-lint-ignore Capitalise Centurion ERP --- .ansible-lint-ignore | 6 +- .../centurion/playbooks/inventory.md | 3 +- .../collection/centurion/playbooks/teams.md | 6 +- docs/projects/ansible/playbooks/awx.md | 0 playbooks/inventory.yaml | 157 +++++++++--------- playbooks/teams.yaml | 131 ++++++++------- 6 files changed, 153 insertions(+), 150 deletions(-) create mode 100644 docs/projects/ansible/playbooks/awx.md diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore index d025a99..28e6563 100644 --- a/.ansible-lint-ignore +++ b/.ansible-lint-ignore @@ -1 +1,5 @@ -galaxy.yml galaxy[version-incorrect] \ No newline at end of file +galaxy.yml galaxy[version-incorrect] +# This playbook will only ever be run against the centurion host +playbooks/teams.yaml run-once[task] +# This task only saves the report on the local machine and is deleted after uploading +playbooks/inventory.yaml risky-file-permissions \ No newline at end of file diff --git a/docs/projects/ansible/collection/centurion/playbooks/inventory.md b/docs/projects/ansible/collection/centurion/playbooks/inventory.md index acfa78b..658dcf5 100644 --- a/docs/projects/ansible/collection/centurion/playbooks/inventory.md +++ b/docs/projects/ansible/collection/centurion/playbooks/inventory.md @@ -18,7 +18,8 @@ On import to AWX / Ansible Automation Platform a credential type will also be cr !!! warning - The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on https://github.com/nofusscomputing/ansible_collection_centurion/issues/19 + The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on + [github issue 19](https://github.com/nofusscomputing/ansible_collection_centurion/issues/19) ## Play workflow diff --git a/docs/projects/ansible/collection/centurion/playbooks/teams.md b/docs/projects/ansible/collection/centurion/playbooks/teams.md index 18efd8c..0c25a79 100644 --- a/docs/projects/ansible/collection/centurion/playbooks/teams.md +++ b/docs/projects/ansible/collection/centurion/playbooks/teams.md @@ -16,15 +16,15 @@ The following job template will be created: !!! info - The playbook is able to work with centurion ERP directly or using the inventory pluggin that is included in this collection. + The playbook is able to work with Centurion ERP directly or using the inventory pluggin that is included in this collection. ## Play workflow The teams playbook gathers information regarding centurion organisations from the ansible inventory. Using this information the play is designed to create new teams, patch permissions and patch notes. The workflow for the playbook is as follows -- Fetch all organisations from centurion -- Fetch all existing teams within each organisation from centurion +- Fetch all organisations from Centurion ERP +- Fetch all existing teams within each organisation from Centurion ERP - Fetch any teams to be created from inventory - Create new teams - Patch all teams with required permissions diff --git a/docs/projects/ansible/playbooks/awx.md b/docs/projects/ansible/playbooks/awx.md new file mode 100644 index 0000000..e69de29 diff --git a/playbooks/inventory.yaml b/playbooks/inventory.yaml index 24a965f..b72565b 100644 --- a/playbooks/inventory.yaml +++ b/playbooks/inventory.yaml @@ -13,37 +13,37 @@ - name: Inventory host block: - - - name: fetch Packages - ansible.builtin.package_facts: - manager: auto - become: true + + - name: Fetch Packages + ansible.builtin.package_facts: + manager: auto + become: true - - name: Inventory Details - ansible.builtin.set_fact: - details: { - "name": "{{ ansible_hostname }}", - "serial_number": "{{ ansible_product_serial }}", - "uuid": "{{ ansible_product_uuid }}" - } + - name: Inventory Details + ansible.builtin.set_fact: + details: { + "name": "{{ ansible_hostname }}", + "serial_number": "{{ ansible_product_serial }}", + "uuid": "{{ ansible_product_uuid }}" + } - - name: Inventory Software [a-k] - ansible.builtin.set_fact: - cacheable: false - software: "{{ software | default([]) + [{ - 'name': package.value[0].name, - 'category': package.value[0].category | default(''), - 'version': package.value[0].version - }] }}" - # no_log: true - loop: "{{ ansible_facts.packages | dict2items() }}" - loop_control: - loop_var: package - label: "{{ package.key }}" - when: > - package.value[0].name | regex_search("^[a-k]") + - name: Inventory Software [a-k] + ansible.builtin.set_fact: + cacheable: false + software: "{{ software | default([]) + [{ + 'name': package.value[0].name, + 'category': package.value[0].category | default(''), + 'version': package.value[0].version + }] }}" + # no_log: true + loop: "{{ ansible_facts.packages | dict2items() }}" + loop_control: + loop_var: package + label: "{{ package.key }}" + when: > + package.value[0].name | regex_search("^[a-k]") # https://github.com/nofusscomputing/ansible_collection_centurion/issues/19 @@ -55,7 +55,7 @@ # software: "{{ software | default([]) + [{ # 'name': package.value[0].name, # 'category': package.value[0].category | default(''), -# 'version': package.value[0].version +# 'version': package.value[0].version # }] }}" # # no_log: true # loop: "{{ ansible_facts.packages | dict2items() }}" @@ -66,66 +66,66 @@ # package.value[0].name | regex_search("^[l]") - - name: Inventory Software [m-z] - ansible.builtin.set_fact: - cacheable: false - software: "{{ software | default([]) + [{ - 'name': package.value[0].name, - 'category': package.value[0].category | default(''), - 'version': package.value[0].version - }] }}" - # no_log: true - loop: "{{ ansible_facts.packages | dict2items() }}" - loop_control: - loop_var: package - label: "{{ package.key }}" - when: > - package.value[0].name | regex_search("^[m-z]") + - name: Inventory Software [m-z] + ansible.builtin.set_fact: + cacheable: false + software: "{{ software | default([]) + [{ + 'name': package.value[0].name, + 'category': package.value[0].category | default(''), + 'version': package.value[0].version + }] }}" + # no_log: true + loop: "{{ ansible_facts.packages | dict2items() }}" + loop_control: + loop_var: package + label: "{{ package.key }}" + when: > + package.value[0].name | regex_search("^[m-z]") - - name: Inventory Document - ansible.builtin.set_fact: - report: { - "details": "{{ details }}", - "os": { - "name": "{{ ansible_distribution | lower }}", - "version": "{{ ansible_distribution_version }}", - "version_major": "{{ ansible_distribution_major_version }}" - }, - "software": "{{ software }}" - } + - name: Inventory Document + ansible.builtin.set_fact: + report: { + "details": "{{ details }}", + "os": { + "name": "{{ ansible_distribution | lower }}", + "version": "{{ ansible_distribution_version }}", + "version_major": "{{ ansible_distribution_major_version }}" + }, + "software": "{{ software }}" + } - - name: Save report - ansible.builtin.copy: - content: "{{ report | to_nice_json }}" - dest: "/tmp/{{ ansible_hostname }}.json" + - name: Save report + ansible.builtin.copy: + content: "{{ report | to_nice_json }}" + dest: "/tmp/{{ ansible_hostname }}.json" - - - name: Upload inventory - {{ ansible_hostname }} - ansible.builtin.uri: - url: |- - {{ lookup('env', 'ITSM_API') }}/api/device/inventory - method: POST - body_format: json - src: "/tmp/{{ ansible_hostname }}.json" - remote_src: true - headers: - Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }} - validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}" - timeout: 300 - status_code: - - 200 - - 201 - no_log: > # Contains a secret that logging shows - {{ nfc_pb_disable_log | default(true) }} - + - name: Upload inventory - {{ ansible_hostname }} + ansible.builtin.uri: + url: |- + {{ lookup('env', 'ITSM_API') }}/api/device/inventory + + method: POST + body_format: json + src: "/tmp/{{ ansible_hostname }}.json" + remote_src: true + headers: + Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }} + validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}" + timeout: 300 + status_code: + - 200 + - 201 + no_log: > # Contains a secret that logging shows + {{ nfc_pb_disable_log | default(true) }} + always: - name: Remove report ansible.builtin.file: - path: "/tmp/{{ ansible_hostname }}.json" + path: "/tmp/{{ ansible_hostname }}.json" state: absent vars: @@ -173,4 +173,3 @@ CENTURION_API: '{{ centurion_url }}' CENTURION_TOKEN: '{{ centurion_token }}' CENTURION_VALIDATE_CERTS: '{{ centurion_validate_certs | default(true) }}' - \ No newline at end of file diff --git a/playbooks/teams.yaml b/playbooks/teams.yaml index 73f0ca4..5c2c42f 100644 --- a/playbooks/teams.yaml +++ b/playbooks/teams.yaml @@ -1,3 +1,4 @@ +--- - name: Centurion ERP Teams Setup hosts: |- {%- if nfc_pb_host is defined -%} @@ -35,7 +36,7 @@ {{ lookup('env', 'CENTURION_API') }}/api/organization/ method: GET body_format: json - headers: + headers: authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }} validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}" return_content: true @@ -53,7 +54,7 @@ url: "{{ item }}" method: GET body_format: json - headers: + headers: authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }} validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}" return_content: true @@ -70,60 +71,60 @@ - name: Create list of Teams ansible.builtin.set_fact: team_permissions: | - [ - {% for config_organisation in centurion_erp.teams %} + [ + {% for config_organisation in centurion_erp.teams %} - {% set ns = namespace(added_teams = []) %} + {% set ns = namespace(added_teams = []) %} - {% for config_team in config_organisation.teams %} + {% for config_team in config_organisation.teams %} - {% for organization in api_get_permissions.results %} + {% for organization in api_get_permissions.results %} - {% if organization.json.name == config_organisation.name %} + {% if organization.json.name == config_organisation.name %} - {% for team in organization.json.teams %} + {% for team in organization.json.teams %} - {% if team.team_name == config_team.name %} + {% if team.team_name == config_team.name %} - { - "organization_id": "{{ organization.json.id }}", - "team_name": "{{ team.team_name }}", - "url": "{{ team.url }}", - "notes": "{{ config_team.notes }}", - "permissions": - {{ config_team.permissions }} - }, + { + "organization_id": "{{ organization.json.id }}", + "team_name": "{{ team.team_name }}", + "url": "{{ team.url }}", + "notes": "{{ config_team.notes }}", + "permissions": + {{ config_team.permissions }} + }, - {% set ns.added_teams = ns.added_teams + [ config_team.name ] %} + {% set ns.added_teams = ns.added_teams + [ config_team.name ] %} - {% endif %} + {% endif %} - {% endfor %} + {% endfor %} - {% endif %} - - {% endfor %} - - {% if config_team.name not in ns.added_teams %} - { - "organization_id": - {% for organization in api_get_permissions.results %} - {% if organization.json.name == config_organisation.name %} - "{{ organization.json.id }}", - {% endif %} - {% endfor %} - "team_name": "{{ config_team.name }}", - "notes": "{{ config_team.notes }}", - "permissions": - {{ config_team.permissions }} - }, - {% set ns.added_teams = ns.added_teams + [ config_team.name ] %} - - {% endif %} + {% endif %} {% endfor %} - {% endfor %} + {% if config_team.name not in ns.added_teams %} + { + "organization_id": + {% for organization in api_get_permissions.results %} + {% if organization.json.name == config_organisation.name %} + "{{ organization.json.id }}", + {% endif %} + {% endfor %} + "team_name": "{{ config_team.name }}", + "notes": "{{ config_team.notes }}", + "permissions": + {{ config_team.permissions }} + }, + {% set ns.added_teams = ns.added_teams + [ config_team.name ] %} + + {% endif %} + + {% endfor %} + + {% endfor %} ] delegate_to: localhost run_once: true @@ -156,7 +157,7 @@ {{ nfc_pb_disable_log | default(true) }} - - name: update permissions to include newly created teams + - name: Update permissions to include newly created teams ansible.builtin.set_fact: team_permissions: | [ @@ -166,14 +167,12 @@ "organization_id": "{{ team.organization_id }}", "team_name": "{{ team.team_name }}", "notes": "{{ team.notes }}", - "permissions": + "permissions": {{ team.permissions }}, - "url": + "url": {% if team.url is defined %} "{{ team.url }}", - {% elif team.url is not defined %} - {% for api_values in api_post_teams.results %} {% if api_values.item.organization_id == team.organization_id %} @@ -246,23 +245,23 @@ vars: - nfc_pb_awx_tower_template: + nfc_pb_awx_tower_template: - - name: "Centurion/Access/Teams" - ask_tags_on_launch: false - ask_inventory_on_launch: true - ask_credential_on_launch: true - ask_limit_on_launch: true - concurrent_jobs_enabled: true - description: Creation and patching of teams and permissions - execution_environment: "No Fuss Computing EE" - job_type: "run" - # job_tags: complete - labels: - - centurion_erp - - itsm - - itam - - access - - permissions - - teams - use_fact_cache: true + - name: "Centurion/Access/Teams" + ask_tags_on_launch: false + ask_inventory_on_launch: true + ask_credential_on_launch: true + ask_limit_on_launch: true + concurrent_jobs_enabled: true + description: Creation and patching of teams and permissions + execution_environment: "No Fuss Computing EE" + job_type: "run" + # job_tags: complete + labels: + - centurion_erp + - itsm + - itam + - access + - permissions + - teams + use_fact_cache: true