ansible-collections/ansible_collection_centurion
2
0
Fork 0
Code Issues Activity

chore(make_docs): apply linting fixes

Browse Source 
remove trailing spaces
fix relative links
indentation
add error to ansible-lint-ignore
Capitalise Centurion ERP
This commit is contained in:
Jason Page
2024-08-19 15:25:44 +09:30
parent 8579a5934e
commit eee170f5cc
6 changed files with 153 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.ansible-lint-ignore
View File

@ -1 +1,5 @@
galaxy.yml galaxy[version-incorrect] galaxy.yml galaxy[version-incorrect]
# This playbook will only ever be run against the centurion host
playbooks/teams.yaml run-once[task]
# This task only saves the report on the local machine and is deleted after uploading
playbooks/inventory.yaml risky-file-permissions

3
docs/projects/ansible/collection/centurion/playbooks/inventory.md
View File

@ -18,7 +18,8 @@ On import to AWX / Ansible Automation Platform a credential type will also be cr
!!! warning !!! warning
The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on https://github.com/nofusscomputing/ansible_collection_centurion/issues/19 The inventory playbook currently has an issue relating to gathering software starting with L. This issue has been reported and is being worked on
[github issue 19](https://github.com/nofusscomputing/ansible_collection_centurion/issues/19)
## Play workflow ## Play workflow

6
docs/projects/ansible/collection/centurion/playbooks/teams.md
View File

@ -16,15 +16,15 @@ The following job template will be created:
!!! info !!! info
The playbook is able to work with centurion ERP directly or using the inventory pluggin that is included in this collection. The playbook is able to work with Centurion ERP directly or using the inventory pluggin that is included in this collection.
## Play workflow ## Play workflow
The teams playbook gathers information regarding centurion organisations from the ansible inventory. Using this information the play is designed to create new teams, patch permissions and patch notes. The workflow for the playbook is as follows The teams playbook gathers information regarding centurion organisations from the ansible inventory. Using this information the play is designed to create new teams, patch permissions and patch notes. The workflow for the playbook is as follows
- Fetch all organisations from centurion - Fetch all organisations from Centurion ERP
- Fetch all existing teams within each organisation from centurion - Fetch all existing teams within each organisation from Centurion ERP
- Fetch any teams to be created from inventory - Fetch any teams to be created from inventory
- Create new teams - Create new teams
- Patch all teams with required permissions - Patch all teams with required permissions

0
docs/projects/ansible/playbooks/awx.md Normal file
View File

151
playbooks/inventory.yaml
View File

@ -14,36 +14,36 @@
- name: Inventory host - name: Inventory host
block: block:
- name: fetch Packages - name: Fetch Packages
ansible.builtin.package_facts: ansible.builtin.package_facts:
manager: auto manager: auto
become: true become: true
- name: Inventory Details - name: Inventory Details
ansible.builtin.set_fact: ansible.builtin.set_fact:
details: { details: {
"name": "{{ ansible_hostname }}", "name": "{{ ansible_hostname }}",
"serial_number": "{{ ansible_product_serial }}", "serial_number": "{{ ansible_product_serial }}",
"uuid": "{{ ansible_product_uuid }}" "uuid": "{{ ansible_product_uuid }}"
} }
- name: Inventory Software [a-k] - name: Inventory Software [a-k]
ansible.builtin.set_fact: ansible.builtin.set_fact:
cacheable: false cacheable: false
software: "{{ software | default([]) + [{ software: "{{ software | default([]) + [{
'name': package.value[0].name, 'name': package.value[0].name,
'category': package.value[0].category | default(''), 'category': package.value[0].category | default(''),
'version': package.value[0].version 'version': package.value[0].version
}] }}" }] }}"
# no_log: true # no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}" loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control: loop_control:
loop_var: package loop_var: package
label: "{{ package.key }}" label: "{{ package.key }}"
when: > when: >
package.value[0].name | regex_search("^[a-k]") package.value[0].name | regex_search("^[a-k]")
# https://github.com/nofusscomputing/ansible_collection_centurion/issues/19 # https://github.com/nofusscomputing/ansible_collection_centurion/issues/19
@ -55,7 +55,7 @@
# software: "{{ software | default([]) + [{ # software: "{{ software | default([]) + [{
# 'name': package.value[0].name, # 'name': package.value[0].name,
# 'category': package.value[0].category | default(''), # 'category': package.value[0].category | default(''),
# 'version': package.value[0].version # 'version': package.value[0].version
# }] }}" # }] }}"
# # no_log: true # # no_log: true
# loop: "{{ ansible_facts.packages | dict2items() }}" # loop: "{{ ansible_facts.packages | dict2items() }}"
@ -66,66 +66,66 @@
# package.value[0].name | regex_search("^[l]") # package.value[0].name | regex_search("^[l]")
- name: Inventory Software [m-z] - name: Inventory Software [m-z]
ansible.builtin.set_fact: ansible.builtin.set_fact:
cacheable: false cacheable: false
software: "{{ software | default([]) + [{ software: "{{ software | default([]) + [{
'name': package.value[0].name, 'name': package.value[0].name,
'category': package.value[0].category | default(''), 'category': package.value[0].category | default(''),
'version': package.value[0].version 'version': package.value[0].version
}] }}" }] }}"
# no_log: true # no_log: true
loop: "{{ ansible_facts.packages | dict2items() }}" loop: "{{ ansible_facts.packages | dict2items() }}"
loop_control: loop_control:
loop_var: package loop_var: package
label: "{{ package.key }}" label: "{{ package.key }}"
when: > when: >
package.value[0].name | regex_search("^[m-z]") package.value[0].name | regex_search("^[m-z]")
- name: Inventory Document - name: Inventory Document
ansible.builtin.set_fact: ansible.builtin.set_fact:
report: { report: {
"details": "{{ details }}", "details": "{{ details }}",
"os": { "os": {
"name": "{{ ansible_distribution | lower }}", "name": "{{ ansible_distribution | lower }}",
"version": "{{ ansible_distribution_version }}", "version": "{{ ansible_distribution_version }}",
"version_major": "{{ ansible_distribution_major_version }}" "version_major": "{{ ansible_distribution_major_version }}"
}, },
"software": "{{ software }}" "software": "{{ software }}"
} }
- name: Save report - name: Save report
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ report | to_nice_json }}" content: "{{ report | to_nice_json }}"
dest: "/tmp/{{ ansible_hostname }}.json" dest: "/tmp/{{ ansible_hostname }}.json"
- name: Upload inventory - {{ ansible_hostname }} - name: Upload inventory - {{ ansible_hostname }}
ansible.builtin.uri: ansible.builtin.uri:
url: |- url: |-
{{ lookup('env', 'ITSM_API') }}/api/device/inventory {{ lookup('env', 'ITSM_API') }}/api/device/inventory
method: POST method: POST
body_format: json body_format: json
src: "/tmp/{{ ansible_hostname }}.json" src: "/tmp/{{ ansible_hostname }}.json"
remote_src: true remote_src: true
headers: headers:
Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }} Authorization: Token {{ lookup('env', 'ITSM_TOKEN') }}
validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}" validate_certs: "{{ lookup('env', 'ITSM_VALIDATE_CERTS') | default(true) | bool }}"
timeout: 300 timeout: 300
status_code: status_code:
- 200 - 200
- 201 - 201
no_log: > # Contains a secret that logging shows no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }} {{ nfc_pb_disable_log | default(true) }}
always: always:
- name: Remove report - name: Remove report
ansible.builtin.file: ansible.builtin.file:
path: "/tmp/{{ ansible_hostname }}.json" path: "/tmp/{{ ansible_hostname }}.json"
state: absent state: absent
vars: vars:
@ -173,4 +173,3 @@
CENTURION_API: '{{ centurion_url }}' CENTURION_API: '{{ centurion_url }}'
CENTURION_TOKEN: '{{ centurion_token }}' CENTURION_TOKEN: '{{ centurion_token }}'
CENTURION_VALIDATE_CERTS: '{{ centurion_validate_certs | default(true) }}' CENTURION_VALIDATE_CERTS: '{{ centurion_validate_certs | default(true) }}'

121
playbooks/teams.yaml
View File

@ -1,3 +1,4 @@
---
- name: Centurion ERP Teams Setup - name: Centurion ERP Teams Setup
hosts: |- hosts: |-
{%- if nfc_pb_host is defined -%} {%- if nfc_pb_host is defined -%}
@ -71,59 +72,59 @@
ansible.builtin.set_fact: ansible.builtin.set_fact:
team_permissions: | team_permissions: |
[ [
{% for config_organisation in centurion_erp.teams %} {% for config_organisation in centurion_erp.teams %}
{% set ns = namespace(added_teams = []) %} {% set ns = namespace(added_teams = []) %}
{% for config_team in config_organisation.teams %} {% for config_team in config_organisation.teams %}
{% for organization in api_get_permissions.results %} {% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %} {% if organization.json.name == config_organisation.name %}
{% for team in organization.json.teams %} {% for team in organization.json.teams %}
{% if team.team_name == config_team.name %} {% if team.team_name == config_team.name %}
{ {
"organization_id": "{{ organization.json.id }}", "organization_id": "{{ organization.json.id }}",
"team_name": "{{ team.team_name }}", "team_name": "{{ team.team_name }}",
"url": "{{ team.url }}", "url": "{{ team.url }}",
"notes": "{{ config_team.notes }}", "notes": "{{ config_team.notes }}",
"permissions": "permissions":
{{ config_team.permissions }} {{ config_team.permissions }}
}, },
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %} {% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% endfor %}
{% if config_team.name not in ns.added_teams %}
{
"organization_id":
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
"{{ organization.json.id }}",
{% endif %}
{% endfor %}
"team_name": "{{ config_team.name }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endfor %} {% endfor %}
{% endfor %} {% if config_team.name not in ns.added_teams %}
{
"organization_id":
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
"{{ organization.json.id }}",
{% endif %}
{% endfor %}
"team_name": "{{ config_team.name }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endfor %}
{% endfor %}
] ]
delegate_to: localhost delegate_to: localhost
run_once: true run_once: true
@ -156,7 +157,7 @@
{{ nfc_pb_disable_log | default(true) }} {{ nfc_pb_disable_log | default(true) }}
- name: update permissions to include newly created teams - name: Update permissions to include newly created teams
ansible.builtin.set_fact: ansible.builtin.set_fact:
team_permissions: | team_permissions: |
[ [
@ -171,9 +172,7 @@
"url": "url":
{% if team.url is defined %} {% if team.url is defined %}
"{{ team.url }}", "{{ team.url }}",
{% elif team.url is not defined %} {% elif team.url is not defined %}
{% for api_values in api_post_teams.results %} {% for api_values in api_post_teams.results %}
{% if api_values.item.organization_id == team.organization_id %} {% if api_values.item.organization_id == team.organization_id %}
@ -246,23 +245,23 @@
vars: vars:
nfc_pb_awx_tower_template: nfc_pb_awx_tower_template:
- name: "Centurion/Access/Teams" - name: "Centurion/Access/Teams"
ask_tags_on_launch: false ask_tags_on_launch: false
ask_inventory_on_launch: true ask_inventory_on_launch: true
ask_credential_on_launch: true ask_credential_on_launch: true
ask_limit_on_launch: true ask_limit_on_launch: true
concurrent_jobs_enabled: true concurrent_jobs_enabled: true
description: Creation and patching of teams and permissions description: Creation and patching of teams and permissions
execution_environment: "No Fuss Computing EE" execution_environment: "No Fuss Computing EE"
job_type: "run" job_type: "run"
# job_tags: complete # job_tags: complete
labels: labels:
- centurion_erp - centurion_erp
- itsm - itsm
- itam - itam
- access - access
- permissions - permissions
- teams - teams
use_fact_cache: true use_fact_cache: true