diff --git a/cloud/aws_key.yml b/cloud/aws_key.yml index 275eec6..82e1802 100644 --- a/cloud/aws_key.yml +++ b/cloud/aws_key.yml @@ -6,20 +6,20 @@ aws_keypair_owner: undef tasks: - - name: Fail if variables not defined - ansible.builtin.assert: - that: - - aws_key_name is defined - - aws_region is defined - - aws_public_key is defined - - aws_keypair_owner is defined - fail_msg: "Required variables not set" + - name: Fail if variables not defined + ansible.builtin.assert: + that: + - aws_key_name is defined + - aws_region is defined + - aws_public_key is defined + - aws_keypair_owner is defined + fail_msg: "Required variables not set" - - name: Create AWS keypair - amazon.aws.ec2_key: - name: "{{ aws_key_name }}" - region: "{{ aws_region }}" - key_material: "{{ aws_public_key }}" - state: present - tags: - owner: "{{ aws_keypair_owner }}" + - name: Create AWS keypair + amazon.aws.ec2_key: + name: "{{ aws_key_name }}" + region: "{{ aws_region }}" + key_material: "{{ aws_public_key }}" + state: present + tags: + owner: "{{ aws_keypair_owner }}" diff --git a/cloud/blueprints/rhel7.yml b/cloud/blueprints/rhel7.yml index 8739d89..15a9ac7 100644 --- a/cloud/blueprints/rhel7.yml +++ b/cloud/blueprints/rhel7.yml @@ -4,4 +4,4 @@ vm_providers: aws_image_owners: 309956199498 aws_instance_size: t2.medium aws_image_architecture: x86_64 -aws_image_filter: 'RHEL-7.9_HVM*' \ No newline at end of file +aws_image_filter: 'RHEL-7.9_HVM*' diff --git a/cloud/blueprints/rhel8.yml b/cloud/blueprints/rhel8.yml index cb94a93..56301f4 100644 --- a/cloud/blueprints/rhel8.yml +++ b/cloud/blueprints/rhel8.yml @@ -4,4 +4,4 @@ vm_providers: aws_image_owners: 309956199498 aws_instance_size: t3.micro aws_image_architecture: x86_64 -aws_image_filter: 'RHEL-8*HVM-*Hourly*' \ No newline at end of file +aws_image_filter: 'RHEL-8*HVM-*Hourly*' diff --git a/cloud/blueprints/rhel9.yml b/cloud/blueprints/rhel9.yml index 244a0d5..edad985 100644 --- a/cloud/blueprints/rhel9.yml +++ b/cloud/blueprints/rhel9.yml @@ -4,4 +4,4 @@ vm_providers: aws_image_owners: 309956199498 aws_instance_size: t3.micro aws_image_architecture: x86_64 -aws_image_filter: 'RHEL-9*HVM-*Hourly*' \ No newline at end of file +aws_image_filter: 'RHEL-9*HVM-*Hourly*' diff --git a/cloud/blueprints/windows.yml b/cloud/blueprints/windows.yml index d70ca69..df4da7c 100644 --- a/cloud/blueprints/windows.yml +++ b/cloud/blueprints/windows.yml @@ -1,7 +1,7 @@ --- vm_blueprint_providers: - - aws - - azure + - aws + - azure aws_image_filter: 'Windows_Server-2019-English-Core-Base*' aws_instance_size: t3.medium aws_userdata_template: aws_windows_userdata @@ -11,4 +11,4 @@ az_vm_image: offer: WindowsServer publisher: MicrosoftWindowsServer sku: 2022-Datacenter - version: latest \ No newline at end of file + version: latest diff --git a/cloud/blueprints/windows_core.yml b/cloud/blueprints/windows_core.yml index 2c000f5..305500f 100644 --- a/cloud/blueprints/windows_core.yml +++ b/cloud/blueprints/windows_core.yml @@ -3,4 +3,4 @@ vm_blueprint_providers: - aws aws_image_filter: 'Windows_Server-2019-English-Core-Base*' aws_instance_size: t3.medium -aws_userdata_template: aws_windows_userdata \ No newline at end of file +aws_userdata_template: aws_windows_userdata diff --git a/cloud/blueprints/windows_full.yml b/cloud/blueprints/windows_full.yml index 92546f5..1862a24 100644 --- a/cloud/blueprints/windows_full.yml +++ b/cloud/blueprints/windows_full.yml @@ -3,4 +3,4 @@ vm_blueprint_providers: - aws aws_image_filter: 'Windows_Server-2019-English-Full-Base*' aws_instance_size: t3.medium -aws_userdata_template: aws_windows_userdata \ No newline at end of file +aws_userdata_template: aws_windows_userdata diff --git a/cloud/create_infra.yml b/cloud/create_infra.yml index 1f48725..85797dc 100644 --- a/cloud/create_infra.yml +++ b/cloud/create_infra.yml @@ -1,11 +1,12 @@ --- - name: Create Cloud Infra hosts: localhost - gather_facts: no + gather_facts: false vars: infra_provider: undef aws_public_key: undef tasks: - - include_role: - name: "demo.cloud.{{ infra_provider }}" - tasks_from: create_infra + - name: Include provider role + ansible.builtin.include_role: + name: "demo.cloud.{{ infra_provider }}" + tasks_from: create_infra diff --git a/cloud/create_vm.yml b/cloud/create_vm.yml index 9e1836b..941fddc 100644 --- a/cloud/create_vm.yml +++ b/cloud/create_vm.yml @@ -1,7 +1,7 @@ --- - name: Create Cloud Infra hosts: localhost - gather_facts: no + gather_facts: false vars: vm_name: undef vm_owner: undef @@ -9,17 +9,17 @@ vm_blueprint: undef tasks: - - name: "Importing {{ vm_blueprint | upper }} Blueprint" - include_vars: - file: "blueprints/{{ vm_blueprint }}.yml" + - name: "Importing {{ vm_blueprint | upper }}" + ansible.builtin.include_vars: + file: "blueprints/{{ vm_blueprint }}.yml" - - name: "Check Provider Compatibility" - assert: - that: "'{{ vm_provider }}' in {{ vm_blueprint_providers }}" - fail_msg: "{{ vm_blueprint | upper }} is not available for {{ vm_provider | upper }}" - when: "vm_blueprint_providers is defined" + - name: "Check Provider Compatibility" + ansible.builtin.assert: + that: "'{{ vm_provider }}' in {{ vm_blueprint_providers }}" + fail_msg: "{{ vm_blueprint | upper }} is not available for {{ vm_provider | upper }}" + when: "vm_blueprint_providers is defined" - - name: "Building {{ vm_blueprint | upper }} in {{ vm_provider | upper }}" - include_role: - name: "demo.cloud.{{ vm_provider }}" - tasks_from: create_vm \ No newline at end of file + - name: "Building {{ vm_blueprint | upper }}" + ansible.builtin.include_role: + name: "demo.cloud.{{ vm_provider }}" + tasks_from: create_vm diff --git a/cloud/setup.yml b/cloud/setup.yml index 97984e9..b6dfcb7 100644 --- a/cloud/setup.yml +++ b/cloud/setup.yml @@ -14,13 +14,13 @@ controller_execution_environments: image: quay.io/scottharwell/cloud-ee:latest controller_projects: -- name: Ansible Cloud Content Lab - AWS - organization: Default - scm_type: git - wait: yes - #scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git - scm_url: https://github.com/willtome/aws.infrastructure_config_demos.git - default_environment: Cloud Services Execution Environment + - name: Ansible Cloud Content Lab - AWS + organization: Default + scm_type: git + wait: true + # scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git + scm_url: https://github.com/willtome/aws.infrastructure_config_demos.git + default_environment: Cloud Services Execution Environment controller_credentials: - name: AWS @@ -31,12 +31,12 @@ controller_credentials: username: REPLACEME password: REPLACEME - #- name: Azure - # credential_type: Microsoft Azure Resource Manager - # organization: Default - # update_secrets: false - # inputs: - # subscription: REPLACEME + # - name: Azure + # credential_type: Microsoft Azure Resource Manager + # organization: Default + # update_secrets: false + # inputs: + # subscription: REPLACEME controller_inventory_sources: - name: AWS Inventory @@ -62,22 +62,22 @@ controller_inventory_sources: - key: tags.owner prefix: owner - #- name: Azure Inventory - # organization: Default - # source: azure_rm - # inventory: Workshop Inventory - # credential: Azure - # execution_environment: Ansible Engine 2.9 execution environment - # overwrite: true - # source_vars: - # hostnames: - # - tags.Name - # - default - # keyed_groups: - # - key: os_profile.system - # prefix: os - # conditional_groups: - # cloud_azure: true + # - name: Azure Inventory + # organization: Default + # source: azure_rm + # inventory: Workshop Inventory + # credential: Azure + # execution_environment: Ansible Engine 2.9 execution environment + # overwrite: true + # source_vars: + # hostnames: + # - tags.Name + # - default + # keyed_groups: + # - key: os_profile.system + # prefix: os + # conditional_groups: + # cloud_azure: true controller_groups: - name: cloud_aws @@ -90,7 +90,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_create_peer_network.yml inventory: Workshop Inventory @@ -106,7 +106,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_delete_peer_network.yml inventory: Workshop Inventory @@ -120,7 +120,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_create_transit_network.yml inventory: Workshop Inventory @@ -136,7 +136,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_delete_transit_network.yml inventory: Workshop Inventory @@ -150,8 +150,8 @@ controller_templates: job_type: run organization: Default credentials: - - AWS - #- Azure + - AWS + # - Azure project: Ansible official demo project playbook: cloud/create_infra.yml inventory: Workshop Inventory @@ -171,7 +171,7 @@ controller_templates: required: true choices: - aws - #- azure + # - azure - question_name: AWS Public Key (only required for aws provider) type: textarea required: false @@ -180,9 +180,9 @@ controller_templates: - name: Cloud / AWS / Create VM job_type: run organization: Default - credentials: - - AWS - - Workshop Credential + credentials: + - AWS + - Workshop Credential project: Ansible Cloud Content Lab - AWS playbook: playbook_create_vm.yml inventory: Workshop Inventory @@ -241,9 +241,9 @@ controller_templates: - name: Cloud / AWS / Delete VM job_type: run organization: Default - credentials: - - AWS - - Workshop Credential + credentials: + - AWS + - Workshop Credential project: Ansible Cloud Content Lab - AWS playbook: playbook_delete_inventory_vm.yml inventory: Workshop Inventory @@ -266,7 +266,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_create_reports.yml inventory: Workshop Inventory @@ -281,7 +281,7 @@ controller_templates: job_type: run organization: Default credentials: - - AWS + - AWS project: Ansible Cloud Content Lab - AWS playbook: playbook_create_reports.yml inventory: Workshop Inventory @@ -295,8 +295,8 @@ controller_templates: - name: Cloud / AWS / Create Keypair job_type: run organization: Default - credentials: - - AWS + credentials: + - AWS project: Ansible official demo project playbook: cloud/aws_key.yml inventory: Workshop Inventory diff --git a/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml b/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml index 997346e..b152f7e 100644 --- a/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml +++ b/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml @@ -10,10 +10,10 @@ aws_region: us-east-1 aws_vm_name: "{{ vm_name }}" aws_vm_owner: "{{ vm_owner }}" aws_blueprint: "{{ vm_blueprint }}" -#aws_image_filter: "{{ omit }}" -#aws_instance_size: "{{ omit }}" -#aws_image_architecture: "{{ omit }}" -#aws_image_owners: "{{ omit }} " +# aws_image_filter: "{{ omit }}" +# aws_instance_size: "{{ omit }}" +# aws_image_architecture: "{{ omit }}" +# aws_image_owners: "{{ omit }} " aws_userdata_template: default aws_keypair_name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-demo-key" aws_securitygroup_name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group" @@ -21,4 +21,3 @@ aws_env_tag: prod aws_purpose_tag: ansible_demo aws_ansiblegroup_tag: cloud aws_ec2_wait: true - diff --git a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml index 5d296dd..04ce474 100644 --- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml +++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml @@ -17,19 +17,19 @@ vpc_id: "{{ aws_vpc.vpc.id }}" region: "{{ aws_region }}" tags: - Name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-vpc-igw" + Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-vpc-igw" owner: "{{ aws_vpc_name }}" purpose: "{{ aws_purpose_tag }}" register: aws_gateway - name: Create security group internal - amazon.aws.ec2_group: + amazon.aws.ec2_security_group: state: present - name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-sec-group" + name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group" region: "{{ aws_region }}" - description: Inbound WinRM and RDP, http for demo servers and internal AD ports + description: Inbound WinRM and RDP, http for demo servers and internal AD ports rules: - - proto: tcp + - proto: tcp ports: - 80 # HTTP - 443 # HTTPS @@ -42,7 +42,7 @@ from_port: -1 cidr_ip: 0.0.0.0/0 - proto: tcp - ports: + ports: - 80 # HTTP - 5986 # WinRM - 3389 # RDP @@ -55,27 +55,27 @@ - 464 # Kerberos Authentication - 5432 # PostgreSQL - 636 # LDAPS (LDAP over TLS) - - 873 # Rsync - - 3268-3269 # Global Catalog + - 873 # Rsync + - 3268-3269 # Global Catalog - 1024-65535 # Ephemeral RPC ports cidr_ip: 10.0.0.0/16 - - proto: udp - ports: + - proto: udp + ports: - 53 # DNS - 88 # Kerberos Authentication - 123 # NTP - - 137-138 # Netlogon - - 389 # LDAP + - 137-138 # Netlogon + - 389 # LDAP - 445 # SMB - 464 # Kerberos Authentication - 1024-65535 # Ephemeral RPC ports cidr_ip: 10.0.0.0/16 rules_egress: - - proto: -1 + - proto: -1 cidr_ip: 0.0.0.0/0 vpc_id: "{{ aws_vpc.vpc.id }}" tags: - Name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-sec-group" + Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group" owner: "{{ aws_vpc_name }}" purpose: "{{ aws_purpose_tag }}" @@ -85,31 +85,31 @@ vpc_id: "{{ aws_vpc.vpc.id }}" cidr: "{{ aws_subnet_cidr }}" region: "{{ aws_region }}" - map_public: yes + map_public: true tags: - Name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-subnet" + Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-subnet" owner: "{{ aws_vpc_name }}" purpose: "{{ aws_purpose_tag }}" register: aws_subnet -- name: Create a subnet route table +- name: Create a subnet route table amazon.aws.ec2_vpc_route_table: - state: present + state: present vpc_id: "{{ aws_vpc.vpc.id }}" region: "{{ aws_region }}" subnets: - "{{ aws_subnet.subnet.id }}" routes: - - dest: 0.0.0.0/0 + - dest: 0.0.0.0/0 gateway_id: "{{ aws_gateway.gateway_id }}" - tags: - Name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-vpc-rtbl" + tags: + Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-vpc-rtbl" owner: "{{ aws_vpc_name }}" purpose: "{{ aws_purpose_tag }}" - name: Create AWS keypair amazon.aws.ec2_key: - name: "{{ aws_vpc_name }}-{{aws_vpc_prefix }}-demo-key" + name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-demo-key" region: "{{ aws_region }}" key_material: "{{ aws_public_key }}" state: present diff --git a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml index 2fc236f..61e4779 100644 --- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml +++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml @@ -7,27 +7,27 @@ register: aws_subnet - name: AWS | CREATE VM | save subnet id - set_fact: - aws_subnet_id: "{{ aws_subnet.subnets|map(attribute='id')| list | last }}" + ansible.builtin.set_fact: + aws_subnet_id: "{{ aws_subnet.subnets | map(attribute='id') | list | last }}" - name: AWS| CREATE VM | find ami amazon.aws.ec2_ami_info: region: "{{ aws_region }}" - owners: "{{ aws_image_owners | default(omit)}}" + owners: "{{ aws_image_owners | default(omit) }}" filters: name: "{{ aws_image_filter }}" architecture: "{{ aws_image_architecture | default(omit) }}" register: amis - name: AWS| CREATE VM | save ami - set_fact: + ansible.builtin.set_fact: aws_instance_ami: > {{ (amis.images | selectattr('name', 'defined') | sort(attribute='creation_date'))[-2] }} - name: AWS| CREATE VM | create instance amazon.aws.ec2_instance: network: - assign_public_ip: yes + assign_public_ip: true key_name: "{{ aws_keypair_name }}" instance_type: "{{ aws_instance_size }}" image_id: "{{ aws_instance_ami.image_id }}" @@ -43,5 +43,5 @@ Name: "{{ aws_vm_name }}" wait: "{{ aws_ec2_wait }}" vpc_subnet_id: "{{ aws_subnet_id }}" - user_data: "{{ lookup('template', aws_userdata_template+'.j2', template_vars=dict(aws_vm_name=vm_name)) }}" + user_data: "{{ lookup('template', aws_userdata_template + '.j2', template_vars=dict(aws_vm_name=vm_name)) }}" register: aws_vm_output diff --git a/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml b/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml index 7b5093b..ad31142 100644 --- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml +++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml @@ -4,4 +4,4 @@ state: absent instance_ids: "{{ instance_id }}" region: "{{ placement.region }}" - delegate_to: localhost \ No newline at end of file + delegate_to: localhost diff --git a/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml index f00e455..c067467 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml @@ -4,29 +4,29 @@ state: directory mode: '0755' -- name: create HTML report +- name: Create HTML report ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/network.html" - check_mode: no + check_mode: false -- name: copy CSS over +- name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false -- name: copy logos over +- name: Copy logos over ansible.builtin.copy: - src: "{{ item }}" + src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" - "router.png" - check_mode: no + check_mode: false # - name: Display link to Linux patch report # ansible.builtin.debug: diff --git a/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml index c29051c..4b645cb 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml @@ -8,4 +8,4 @@ vendor: transport: cliconf: "Network_CLI" netconf: "NETCONF" - nxapi: "NX-API" \ No newline at end of file + nxapi: "NX-API" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml index 1154771..667052d 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: True \ No newline at end of file +detailedreport: true diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml index f349f23..50963b4 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml @@ -1,17 +1,17 @@ -- name: create HTML report +- name: Create HTML report ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/windows.html" -- name: copy CSS over +- name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true -- name: copy logos over +- name: Copy logos over ansible.builtin.copy: - src: "{{ item }}" + src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true loop: @@ -19,6 +19,6 @@ - "redhat-ansible-logo.svg" - "server.png" -- name: display link to inventory report +- name: Display link to inventory report ansible.builtin.debug: - msg: "Please go to http://{{ ansible_host }}/windows.html" \ No newline at end of file + msg: "Please go to http://{{ ansible_host }}/windows.html" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml index f09b15e..e9da5bb 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml @@ -1 +1 @@ -file_path: /var/www/html \ No newline at end of file +file_path: /var/www/html diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml index aaf5c3d..dcd86a2 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml @@ -1,3 +1,3 @@ -EMAIL_FROM: tower@shadowman.dev +email_from: tower@shadowman.dev to_emails: alex@shadowman.dev,tower@shadowman.dev -EMAIL_TO: "{{ to_emails.split(',') }}" \ No newline at end of file +to_emails_list: "{{ to_emails.split(',') }}" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml index 12a9a74..4605962 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml @@ -2,21 +2,21 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/windowspatch.html" - check_mode: no + check_mode: false - name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Copy logo over ansible.builtin.copy: src: "webpage_logo.png" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Display link to Patch report ansible.builtin.debug: @@ -33,6 +33,6 @@ from: "{{ EMAIL_FROM }}" to: "{{ EMAIL_TO }}" subtype: html - delegate_to: localhost + delegate_to: localhost become: false - check_mode: no \ No newline at end of file + check_mode: false diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml index f09b15e..e9da5bb 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml @@ -1 +1 @@ -file_path: /var/www/html \ No newline at end of file +file_path: /var/www/html diff --git a/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml index 04bf772..c68e073 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml @@ -1,3 +1,3 @@ --- exclude_packages: [] -allow_reboot: true \ No newline at end of file +allow_reboot: true diff --git a/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml index 410d37c..4cd6063 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml @@ -1,24 +1,24 @@ --- -- name: get packages +- name: Get packages ansible.builtin.package_facts: - check_mode: no + check_mode: false -- name: get services +- name: Get services ansible.builtin.service_facts: - check_mode: no + check_mode: false -- name: upgrade packages (yum) - yum: +- name: Upgrade packages (yum) + ansible.builtin.yum: name: '*' - state: latest + state: latest # noqa: package-latest - Intended to update packages to latest exclude: "{{ exclude_packages }}" when: ansible_pkg_mgr == "yum" register: patchingresult_yum -- name: upgrade packages (dnf) +- name: Upgrade packages (dnf) ansible.builtin.dnf: name: '*' - state: latest + state: latest # noqa: package-latest - Intended to update packages to latest exclude: "{{ exclude_packages }}" when: ansible_pkg_mgr == "dnf" register: patchingresult_dnf @@ -28,10 +28,10 @@ register: result changed_when: result.rc == 1 failed_when: result.rc > 1 - check_mode: no + check_mode: false - name: Reboot Server if Necessary ansible.builtin.reboot: when: - - result.rc == 1 - - allow_reboot == true + - result.rc == 1 + - allow_reboot == true diff --git a/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml index f8a73c3..d2af09e 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml @@ -11,4 +11,4 @@ win_update_categories: - Tools - UpdateRollups - Updates -allow_reboot: true \ No newline at end of file +allow_reboot: true diff --git a/collections/ansible_collections/demo/patching/roles/patch_windows/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/patch_windows/tasks/main.yml index 0518c79..429340e 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_windows/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_windows/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: Scan packages demo.patching.win_scan_packages: - check_mode: no + check_mode: false - name: Scan Services demo.patching.win_scan_services: - check_mode: no + check_mode: false - name: Install Windows Updates ansible.windows.win_updates: diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml index 1154771..667052d 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: True \ No newline at end of file +detailedreport: true diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml index fede495..0615c85 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml @@ -1,27 +1,27 @@ -- name: create HTML report +- name: Create HTML report ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/linux.html" - check_mode: no + check_mode: false -- name: copy CSS over +- name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false -- name: copy logos over +- name: Copy logos over ansible.builtin.copy: - src: "{{ item }}" + src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" - "server.png" - check_mode: no + check_mode: false -- name: display link to inventory report +- name: Display link to inventory report ansible.builtin.debug: msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/linux.html" diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml index b91cc7a..ce0a730 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml @@ -1 +1 @@ -file_path: /var/www/html/reports \ No newline at end of file +file_path: /var/www/html/reports diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml index aaf5c3d..dcd86a2 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml @@ -1,3 +1,3 @@ -EMAIL_FROM: tower@shadowman.dev +email_from: tower@shadowman.dev to_emails: alex@shadowman.dev,tower@shadowman.dev -EMAIL_TO: "{{ to_emails.split(',') }}" \ No newline at end of file +to_emails_list: "{{ to_emails.split(',') }}" diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml index ee42bc6..1b1fcbd 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml @@ -2,38 +2,38 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/linuxpatch.html" - check_mode: no + check_mode: false - name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Copy logo over ansible.builtin.copy: src: "webpage_logo.png" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Display link to Linux patch report ansible.builtin.debug: msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/linuxpatch.html" -#- name: Send Report via E-mail -# community.general.mail: -# host: "{{ EMAIL_HOST }}" -# username: "{{ EMAIL_USERNAME }}" -# password: "{{ EMAIL_PASSWORD }}" -# port: "{{ EMAIL_PORT }}" -# subject: "Linux Patching Report" -# body: "{{ lookup('template', 'report.j2') }}" -# from: "{{ EMAIL_FROM }}" -# to: "{{ EMAIL_TO }}" -# subtype: html -# delegate_to: localhost -# become: false -# check_mode: no \ No newline at end of file +# - name: Send Report via E-mail +# community.general.mail: +# host: "{{ EMAIL_HOST }}" +# username: "{{ EMAIL_USERNAME }}" +# password: "{{ EMAIL_PASSWORD }}" +# port: "{{ EMAIL_PORT }}" +# subject: "Linux Patching Report" +# body: "{{ lookup('template', 'report.j2') }}" +# from: "{{ EMAIL_FROM }}" +# to: "{{ EMAIL_TO }}" +# subtype: html +# delegate_to: localhost +# become: false +# check_mode: no diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml index b91cc7a..ce0a730 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml @@ -1 +1 @@ -file_path: /var/www/html/reports \ No newline at end of file +file_path: /var/www/html/reports diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml index 0991231..51b7a4f 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml @@ -1,22 +1,27 @@ --- -- include_vars: "{{ ansible_system }}.yml" +- name: Inlcude system variables + ansible.builtin.include_vars: "{{ ansible_system }}.yml" -- yum: +- name: Install httpd package + ansible.builtin.yum: name: httpd - state: latest - check_mode: no + state: installed + check_mode: false -- file: +- name: Create reports directory + ansible.builtin.file: path: "{{ doc_root }}/{{ reports_dir }}" state: directory - check_mode: no + check_mode: false -- copy: +- name: Copy .htaccess + ansible.builtin.copy: dest: "{{ doc_root }}/{{ reports_dir }}/.htaccess" content: Options +Indexes - check_mode: no + check_mode: false -- service: +- name: Install httpd service + ansible.builtin.service: name: httpd state: started - check_mode: no + check_mode: false diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/iis.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/iis.yml index e2f61d6..dc50a7d 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/iis.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/iis.yml @@ -1,23 +1,24 @@ --- -- include_vars: "{{ ansible_system }}.yml" +- name: Include system vars + ansible.builtin.include_vars: "{{ ansible_system }}.yml" - name: Install IIS ansible.windows.win_feature: name: Web-Server state: present - check_mode: no + check_mode: false - name: Start IIS service ansible.windows.win_service: name: W3Svc state: started - check_mode: no + check_mode: false - name: Create Directory ansible.windows.win_file: path: "{{ doc_root }}\\{{ reports_dir }}" state: directory - check_mode: no + check_mode: false - name: Enable Directory Browsing ansible.windows.win_powershell: diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml index 30419e3..6757f96 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml @@ -1,34 +1,34 @@ --- -- include_vars: "{{ ansible_system }}.yml" +- name: Include system vars + ansible.builtin.include_vars: "{{ ansible_system }}.yml" -- name: get reports +- name: Get reports ansible.builtin.find: paths: "{{ doc_root }}/{{ reports_dir }}" patterns: '*.html' register: reports - check_mode: no + check_mode: false -- name: publish landing page +- name: Publish landing page ansible.builtin.template: src: linux_report.j2 dest: "{{ doc_root }}/index.html" - check_mode: no + check_mode: false -- name: copy CSS over +- name: Copy CSS ansible.builtin.copy: src: "css" dest: "{{ doc_root }}" directory_mode: true - check_mode: no + check_mode: false -- name: copy logos over +- name: Copy logos ansible.builtin.copy: - src: "{{ item }}" + src: "{{ item }}" dest: "{{ doc_root }}" directory_mode: true loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" - "report.png" - check_mode: no - + check_mode: false diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/main.yml index a275ceb..77e7c2d 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/main.yml @@ -1,6 +1,8 @@ --- -- include_tasks: apache.yml +- name: Include Linux tasks + ansible.builtin.include_tasks: apache.yml when: ansible_system == 'Linux' -- include_tasks: iis.yml +- name: Include Windows tasks + ansible.builtin.include_tasks: iis.yml when: ansible_system == 'Win32NT' diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/windows_landing_page.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/windows_landing_page.yml index 76574c9..d9faab9 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/windows_landing_page.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/windows_landing_page.yml @@ -1,34 +1,34 @@ --- -- include_vars: "{{ ansible_system }}.yml" +- name: Include system variables + ansible.builtin.include_vars: "{{ ansible_system }}.yml" -- name: get reports +- name: Get reports ansible.windows.win_find: paths: "{{ doc_root }}/{{ reports_dir }}" patterns: '*.html' register: reports - check_mode: no + check_mode: false -- name: publish landing page - ansible.builtin.win_template: +- name: Publish landing page + ansible.windows.win_template: src: windows_report.j2 dest: "{{ doc_root }}/index.html" - check_mode: no + check_mode: false -- name: copy CSS over - ansible.builtin.win_copy: +- name: Copy CSS + ansible.windows.win_copy: src: "css" dest: "{{ doc_root }}" directory_mode: true - check_mode: no + check_mode: false -- name: copy logos over - ansible.builtin.win_copy: - src: "{{ item }}" +- name: Copy logos + ansible.windows.win_copy: + src: "{{ item }}" dest: "{{ doc_root }}" directory_mode: true loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" - "report.png" - check_mode: no - + check_mode: false diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml index 1154771..667052d 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: True \ No newline at end of file +detailedreport: true diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml index 51bed40..b02e9f1 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows/tasks/main.yml @@ -1,28 +1,28 @@ --- -- name: create HTML report +- name: Create HTML report ansible.windows.win_template: src: report.j2 dest: "{{ file_path }}/windows.html" - check_mode: no + check_mode: false -- name: copy CSS over +- name: Copy CSS over ansible.windows.win_copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false -- name: copy logos over +- name: Copy logos over ansible.windows.win_copy: - src: "{{ item }}" + src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" - "server.png" - check_mode: no + check_mode: false -#- name: display link to inventory report -# ansible.builtin.debug: -# msg: "Please go to http://{{ host_vars[report_server]['ansible_host'] }}/reports/windows.html" +# - name: display link to inventory report +# ansible.builtin.debug: +# msg: "Please go to http://{{ host_vars[report_server]['ansible_host'] }}/reports/windows.html" diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml index 3ec787e..4c3fa14 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml @@ -1 +1,2 @@ -file_path: C:\Inetpub\wwwroot\reports \ No newline at end of file +--- +file_path: C:\Inetpub\wwwroot\reports diff --git a/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml index aaf5c3d..8aa09a6 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml @@ -1,3 +1,4 @@ -EMAIL_FROM: tower@shadowman.dev +--- +email_from: tower@shadowman.dev to_emails: alex@shadowman.dev,tower@shadowman.dev -EMAIL_TO: "{{ to_emails.split(',') }}" \ No newline at end of file +to_emails_list: "{{ to_emails.split(',') }}" diff --git a/collections/ansible_collections/demo/patching/roles/report_windows_patching/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows_patching/tasks/main.yml index 83b014c..a7224fd 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows_patching/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows_patching/tasks/main.yml @@ -2,22 +2,22 @@ ansible.windows.win_template: src: report.j2 dest: "{{ file_path }}/windowspatch.html" - check_mode: no + check_mode: false - name: Copy CSS over ansible.windows.win_copy: src: "css" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Copy logo over ansible.windows.win_copy: src: "webpage_logo.png" dest: "{{ file_path }}" directory_mode: true - check_mode: no + check_mode: false - name: Display link to Patch report ansible.builtin.debug: - msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/windowspatch.html" \ No newline at end of file + msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/windowspatch.html" diff --git a/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml index 3ec787e..4c3fa14 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml @@ -1 +1,2 @@ -file_path: C:\Inetpub\wwwroot\reports \ No newline at end of file +--- +file_path: C:\Inetpub\wwwroot\reports diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml index ce441c2..8c82b5c 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml @@ -1,4 +1,4 @@ --- -instance_name: "{{ inventory_hostname | regex_replace('_','-') }}" +instance_name: "{{ inventory_hostname | regex_replace('_', '-') }}" activation_key: "{{ 'RHEL' + ansible_distribution_major_version + '_' + env }}" rex_user: root # "{{ ansible_user }}" diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml b/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml index 0f158ae..86a064f 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/tasks/main.yml @@ -1,67 +1,66 @@ --- -- name: verify operating system - assert: +- name: Verify operating system + ansible.builtin.assert: that: - ansible_os_family == 'RedHat' - (ansible_distribution_major_version == '7') or (ansible_distribution_major_version == '8') -- name: set hostname - hostname: +- name: Set hostname + ansible.builtin.hostname: name: "{{ instance_name }}" - -- name: remove rhui client packages - yum: - name: - - google-rhui-client* - - rh-amazon-rhui-client* - state: removed -- name: get current repos - command: +- name: Remove rhui client packages + ansible.builtin.yum: + name: + - google-rhui-client* + - rh-amazon-rhui-client* + state: removed + +- name: Get current repos + ansible.builtin.command: cmd: ls /etc/yum.repos.d/ register: repos - changed_when: False + changed_when: false -- name: remove existing rhui repos - file: +- name: Remove existing rhui repos + ansible.builtin.file: path: "/etc/yum.repos.d/{{ item }}" state: absent loop: "{{ repos.stdout_lines }}" -- name: install satellite certificate - yum: +- name: Install satellite certificate + ansible.builtin.yum: name: "{{ satellite_url }}/pub/katello-ca-consumer-latest.noarch.rpm" state: present - validate_certs: no + validate_certs: false disable_gpg_check: true -- name: register system via subscription-mangler - redhat_subscription: +- name: Register system via subscription-mangler + community.general.redhat_subscription: state: present activationkey: "{{ activation_key }}" consumer_name: "{{ instance_name }}" - org_id: "{{ org_id | default('Default_Organization')}}" + org_id: "{{ org_id | default('Default_Organization') }}" throttle: 1 -- name: include repos - include_vars: "vars/{{ ansible_distribution + ansible_distribution_major_version }}.yml" +- name: Include repos + ansible.builtin.include_vars: "vars/{{ ansible_distribution + ansible_distribution_major_version }}.yml" -- name: enable repos - rhsm_repository: +- name: Enable repos + community.general.rhsm_repository: name: "{{ rhsm_enabled_repos }}" state: enabled -- name: install satellite client - yum: +- name: Install satellite client + ansible.builtin.yum: name: - katello-host-tools - katello-host-tools-tracer - state: latest - -- name: enable remote execution - authorized_key: + state: installed + +- name: Enable remote execution + ansible.posix.authorized_key: user: "{{ rex_user }}" state: present key: "{{ satellite_url }}:9090/ssh/pubkey" - validate_certs: no - + validate_certs: false diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml index c529625..07c3a0e 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml @@ -1,4 +1,4 @@ --- rhsm_enabled_repos: - rhel-7-server-rpms - #- rhel-7-server-satellite-maintenance-6.11-rpms + # - rhel-7-server-satellite-maintenance-6.11-rpms diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml b/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml deleted file mode 100644 index 61d2458..0000000 --- a/collections/ansible_collections/demo/satellite/roles/scap_client/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -galaxy_info: - author: morenod - description: Role created to configure a client to execute openscap policies based on the information obtained from a Red Hat Satellite/Foreman Host. \ No newline at end of file diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml b/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml index 8dc130f..b9ce9ef 100644 --- a/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml +++ b/collections/ansible_collections/demo/satellite/roles/scap_client/tasks/main.yaml @@ -1,85 +1,85 @@ --- - name: Install openscap client packages - yum: + ansible.builtin.yum: name: - - openscap-scanner - - rubygem-foreman_scap_client + - openscap-scanner + - rubygem-foreman_scap_client state: present - name: Get Policy parameters - uri: + ansible.builtin.uri: url: "{{ foreman_server_url }}/api/v2/compliance/policies" method: GET user: "{{ foreman_username }}" - password: "{{ foreman_password }}" - force_basic_auth: yes + password: "{{ foreman_password }}" + force_basic_auth: true body_format: json - validate_certs: False + validate_certs: false register: policies no_log: "{{ foreman_operations_scap_client_secure_logging }}" -- name: Build policy {{ policy_name }} parameters - set_fact: +- name: Build policy {{ policy_name }} + ansible.builtin.set_fact: policy: "{{ policy | default([]) }} + {{ [item] }}" - loop: "{{policies.json.results}}" + loop: "{{ policies.json.results }}" when: item.name in policy_name or policy_name == 'all' - name: Fail if no policy found with required name - fail: + ansible.builtin.fail: when: policy is not defined - name: Get scap content information - uri: - url: "{{ foreman_server_url }}/api/v2/compliance/scap_contents/{{item.scap_content_id}}" + ansible.builtin.uri: + url: "{{ foreman_server_url }}/api/v2/compliance/scap_contents/{{ item.scap_content_id }}" method: GET user: "{{ foreman_username }}" password: "{{ foreman_password }}" - force_basic_auth: yes + force_basic_auth: false body_format: json - validate_certs: False + validate_certs: false register: scapcontents loop: "{{ policy }}" no_log: "{{ foreman_operations_scap_client_secure_logging }}" - name: Get tailoring content information - uri: - url: "{{ foreman_server_url }}/api/v2/compliance/tailoring_files/{{item.tailoring_file_id}}" + ansible.builtin.uri: + url: "{{ foreman_server_url }}/api/v2/compliance/tailoring_files/{{ item.tailoring_file_id }}" method: GET user: "{{ foreman_username }}" password: "{{ foreman_password }}" - force_basic_auth: yes + force_basic_auth: false body_format: json - validate_certs: False + validate_certs: false register: tailoringfiles when: item.tailoring_file_id | int > 0 | d(False) loop: "{{ policy }}" no_log: "{{ foreman_operations_scap_client_secure_logging }}" - name: Build scap content parameters - set_fact: - scap_content: "{{ scap_content | default({}) | combine({item.json.id: item.json }) }}" + ansible.builtin.set_fact: + scap_content: "{{ scap_content | default({}) | combine({item.json.id: item.json}) }}" loop: "{{ scapcontents.results }}" - name: Build tailoring content parameters - set_fact: - tailoring_files: "{{ tailoring_files | default({}) | combine({item.json.id: item.json }) }}" + ansible.builtin.set_fact: + tailoring_files: "{{ tailoring_files | default({}) | combine({item.json.id: item.json}) }}" when: item.json is defined loop: "{{ tailoringfiles.results }}" - name: Apply openscap client configuration template - template: + ansible.builtin.template: src: openscap_client_config.yaml.j2 dest: /etc/foreman_scap_client/config.yaml mode: "0644" owner: root group: root -#- name: Configure execution crontab -# cron: -# name: "Openscap Execution" -# cron_file: 'foreman_openscap_client' -# job: '/usr/bin/foreman_scap_client {{policy.id}} > /dev/null' -# weekday: "{{crontab_weekdays}}" -# hour: "{{crontab_hour}}" -# minute: "{{crontab_minute}}" -# user: root +# - name: Configure execution crontab +# cron: +# name: "Openscap Execution" +# cron_file: 'foreman_openscap_client' +# job: '/usr/bin/foreman_scap_client {{policy.id}} > /dev/null' +# weekday: "{{crontab_weekdays}}" +# hour: "{{crontab_hour}}" +# minute: "{{crontab_minute}}" +# user: root diff --git a/collections/requirements.yml b/collections/requirements.yml index a8d98a2..3dec4dc 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -26,7 +26,7 @@ collections: # satellite - name: redhat.satellite version: 3.8.0 - #network + # network - name: cisco.ios version: 3.1.0 - name: cisco.nxos diff --git a/feedback.yml b/feedback.yml index 810ab1e..9d1e03a 100644 --- a/feedback.yml +++ b/feedback.yml @@ -1,13 +1,14 @@ --- -- hosts: localhost - gather_facts: no +- name: Submit feedback + hosts: localhost + gather_facts: false tasks: - name: Submit Feedback ansible.builtin.uri: url: https://docs.google.com/forms/d/e/1FAIpQLSfTq7Dm0hw0sOthHTH2F6wbwwJc-fsJPbn72IZX4CY7p4uGBg/formResponse method: POST body: "ifq&entry.1139138403={{ email }} &entry.735882959={{ feedback }}&sumbit=Submit" - + - name: Thank you - debug: + ansible.builtin.debug: msg: Thank you for your feedback! diff --git a/linux/hardening.yml b/linux/hardening.yml index 750a120..c4d81ea 100644 --- a/linux/hardening.yml +++ b/linux/hardening.yml @@ -3,10 +3,10 @@ hosts: "{{ _hosts | default('web') }}" become: true vars: - - harden_firewall: false - - harden_time: false - - harden_ssh: false - - harden_pci: false + harden_firewall: false + harden_time: false + harden_ssh: false + harden_pci: false tasks: - name: Configure Firewall diff --git a/linux/insights_compliance_scan.yml b/linux/insights_compliance_scan.yml index 69a44f0..9c0c9eb 100644 --- a/linux/insights_compliance_scan.yml +++ b/linux/insights_compliance_scan.yml @@ -3,7 +3,7 @@ hosts: "{{ _hosts | default(omit) }}" become: true vars: - # compliance_profile: undef + compliance_profile_configured: undef tasks: - name: Check OS Type diff --git a/linux/patching.yml b/linux/patching.yml index a4d2e82..23b91eb 100644 --- a/linux/patching.yml +++ b/linux/patching.yml @@ -2,7 +2,6 @@ - name: Linux server patching hosts: "{{ _hosts | default(omit) }}" become: true - strategy: linear vars: report_server: node1 @@ -23,7 +22,7 @@ when: - ansible_local.insights.system_id is not defined - - name: Run the Insights Client Scan + - name: Run the Insights Client Scan # noqa: no-changed-when ansible.builtin.command: insights-client when: - not ansible_check_mode @@ -31,7 +30,7 @@ - name: Deploy report server delegate_to: "{{ report_server }}" - run_once: true + run_once: true # noqa: run-once[task] block: - name: Build report server ansible.builtin.include_role: diff --git a/linux/tshoot.yml b/linux/tshoot.yml index 333e4d0..e11f6c4 100644 --- a/linux/tshoot.yml +++ b/linux/tshoot.yml @@ -4,15 +4,15 @@ become: true tasks: - - name: Gather recent vmstat info + - name: Gather recent vmstat info # noqa: no-changed-when ansible.builtin.command: /bin/vmstat 1 5 register: vmstat - - name: Gather top CPU hogs + - name: Gather top CPU hogs # noqa: no-changed-when ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu register: pscpu - - name: Gather top memory hogs + - name: Gather top memory hogs # noqa: no-changed-when ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-size register: pssize diff --git a/network/report.yml b/network/report.yml index 4e4eeea..a4b3ee5 100644 --- a/network/report.yml +++ b/network/report.yml @@ -1,5 +1,5 @@ --- -# Re-write of: +# Re-write of: # https://github.com/network-automation/toolkit/blob/master/playbooks/network_report.yml # https://github.com/network-automation/toolkit/blob/master/roles/build_report/tasks/main.yml @@ -26,33 +26,27 @@ gather_network_resources: all when: ansible_network_os == 'cisco.iosxr.iosxr' - # The dig lookup requires the python 'dnspython' library + # The dig lookup requires the python 'dnspython' library # - name: Resolve IP address # ansible.builtin.set_fact: # ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}" -- hosts: node1 +- name: Create network reports + hosts: "{{ report_server }}" become: true vars: report_server: node1 web_path: /var/www/html/reports/ - + tasks: - - ansible.builtin.include_role: + - name: Build report server + ansible.builtin.include_role: name: "{{ item }}" loop: - demo.patching.report_server - demo.patching.build_report_network - - block: - - ansible.builtin.include_role: - name: "{{ item }}" - loop: - - demo.patching.report_server - - demo.patching.build_report_network - - - ansible.builtin.include_role: - name: demo.patching.report_server - tasks_from: linux_landing_page - delegate_to: "{{ report_server }}" - run_once: yes + - name: Update landing page + ansible.builtin.include_role: + name: demo.patching.report_server + tasks_from: linux_landing_page diff --git a/network/setup.yml b/network/setup.yml index 37409d6..59d54bf 100644 --- a/network/setup.yml +++ b/network/setup.yml @@ -81,7 +81,7 @@ controller_templates: use_fact_cache: true ask_job_type_on_launch: true credentials: - - "Workshop Credential" + - "Workshop Credential" survey_enabled: true survey: name: '' diff --git a/satellite/host_vars/satellite.example.com/content_views.yml b/satellite/host_vars/satellite.example.com/content_views.yml index 6e6a7e0..816b577 100644 --- a/satellite/host_vars/satellite.example.com/content_views.yml +++ b/satellite/host_vars/satellite.example.com/content_views.yml @@ -4,26 +4,26 @@ satellite_content_views: - name: RHEL7 content_view: RHEL7 repositories: - - name: Red Hat Enterprise Linux 7 Server (RPMs) - basearch: x86_64 - releasever: 7Server - product: 'Red Hat Enterprise Linux Server' - - name: Red Hat Enterprise Linux 7 Server - Extras (RPMs) - basearch: x86_64 - product: 'Red Hat Enterprise Linux Server' - - name: Red Hat Satellite Tools 6.8 (for RHEL 7 Server) (RPMs) - basearch: x86_64 - product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Enterprise Linux 7 Server (RPMs) + basearch: x86_64 + releasever: 7Server + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Enterprise Linux 7 Server - Extras (RPMs) + basearch: x86_64 + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Satellite Tools 6.8 (for RHEL 7 Server) (RPMs) + basearch: x86_64 + product: 'Red Hat Enterprise Linux Server' # Red Hat Enterprise Linux 8 - name: RHEL8 content_view: RHEL8 content_view_update: true repositories: - - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) - releasever: 8 - product: Red Hat Enterprise Linux for x86_64 - - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) - releasever: 8 - product: Red Hat Enterprise Linux for x86_64 - - name: Red Hat Satellite Tools 6.8 for RHEL 8 x86_64 (RPMs) - product: Red Hat Enterprise Linux for x86_64 + - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) + releasever: 8 + product: Red Hat Enterprise Linux for x86_64 + - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) + releasever: 8 + product: Red Hat Enterprise Linux for x86_64 + - name: Red Hat Satellite Tools 6.8 for RHEL 8 x86_64 (RPMs) + product: Red Hat Enterprise Linux for x86_64 diff --git a/satellite/satellite_promote.yml b/satellite/satellite_promote.yml index 3b39ace..8cb5fef 100644 --- a/satellite/satellite_promote.yml +++ b/satellite/satellite_promote.yml @@ -1,7 +1,8 @@ --- -- hosts: localhost +- name: Promote content view version + hosts: localhost connection: local - gather_facts: no + gather_facts: false vars: organization: Default Organization lifecycle_environment: undef @@ -9,9 +10,9 @@ content_view: undef tasks: - - name: Promote Content View - redhat.satellite.content_view_version: - content_view: "{{ content_view }}" - organization: "{{ organization }}" - lifecycle_environments: "{{ lifecycle_environment }}" - current_lifecycle_environment: "{{ current_lifecycle_environment }}" + - name: Promote Content View # noqa: args[module] - required parameters provided with environment vars + redhat.satellite.content_view_version: + content_view: "{{ content_view }}" + organization: "{{ organization }}" + lifecycle_environments: "{{ lifecycle_environment }}" + current_lifecycle_environment: "{{ current_lifecycle_environment }}" diff --git a/satellite/satellite_publish.yml b/satellite/satellite_publish.yml index 33c2567..728f974 100644 --- a/satellite/satellite_publish.yml +++ b/satellite/satellite_publish.yml @@ -1,7 +1,8 @@ --- -- hosts: localhost +- name: Publish content view version + hosts: localhost connection: local - gather_facts: no + gather_facts: false vars: content_view: undef env: undef @@ -11,11 +12,11 @@ publish_retry_interval: 15 tasks: - - name: publish content view - redhat.satellite.content_view_version: - content_view: "{{ content_view }}" - organization: "{{ organization }}" - lifecycle_environments: "{{ lifecycle_environment }}" + - name: Publish content view # noqa: args[module] - required parameters provided with environment vars + redhat.satellite.content_view_version: + content_view: "{{ content_view }}" + organization: "{{ organization }}" + lifecycle_environments: "{{ lifecycle_environment }}" # async: "{{ publish_timeout }}" # poll: 0 # register: publish_async diff --git a/satellite/server_openscap.yml b/satellite/server_openscap.yml index 0caa1da..d62e5b7 100644 --- a/satellite/server_openscap.yml +++ b/satellite/server_openscap.yml @@ -12,6 +12,8 @@ ansible.builtin.pause: seconds="{{ 5 | random }}" - name: Run SCAP Scan - ansible.builtin.shell: "/usr/bin/foreman_scap_client {{ item.id }}" + ansible.builtin.command: "/usr/bin/foreman_scap_client {{ item.id }}" loop: "{{ policy }}" when: policy_scan == 'all' or item.name in policy_scan + register: scap_cmd_output + failed_when: "'Error' in command_result.stderr" diff --git a/satellite/setup.yml b/satellite/setup.yml index 3beeae3..b0fa535 100644 --- a/satellite/setup.yml +++ b/satellite/setup.yml @@ -51,148 +51,148 @@ controller_credentials: password: ansible123! controller_inventory_sources: -- name: Satellite Inventory - inventory: Workshop Inventory - credential: Satellite Inventory - source: satellite6 - update_on_launch: false - execution_environment: Control Plane Execution Environment - overwrite: true - source_vars: - hostnames: - - name.split('.')[0] - groups: - patch_bugs: foreman_content_facet_attributes.errata_counts.bugfix - patch_enhancements: foreman_content_facet_attributes.errata_counts.enhancement - patch_security: foreman_content_facet_attributes.errata_counts.security - keyed_groups: - - prefix: env - key: foreman_content_facet_attributes.lifecycle_environment_name - - prefix: cv - key: foreman_content_facet_attributes.content_view_name - - prefix: os - key: foreman_operatingsystem_name - - prefix: scap - key: foreman_compliance_status_label - validate_certs: no + - name: Satellite Inventory + inventory: Workshop Inventory + credential: Satellite Inventory + source: satellite6 + update_on_launch: false + execution_environment: Control Plane Execution Environment + overwrite: true + source_vars: + hostnames: + - name.split('.')[0] + groups: + patch_bugs: foreman_content_facet_attributes.errata_counts.bugfix + patch_enhancements: foreman_content_facet_attributes.errata_counts.enhancement + patch_security: foreman_content_facet_attributes.errata_counts.security + keyed_groups: + - prefix: env + key: foreman_content_facet_attributes.lifecycle_environment_name + - prefix: cv + key: foreman_content_facet_attributes.content_view_name + - prefix: os + key: foreman_operatingsystem_name + - prefix: scap + key: foreman_compliance_status_label + validate_certs: false controller_templates: -- name: LINUX / Register with Satellite - project: Ansible official demo project - playbook: satellite/server_register.yml - inventory: Workshop Inventory - notification_templates_started: Telemetry - notification_templates_success: Telemetry - notification_templates_error: Telemetry - credentials: - - Workshop Credential - - Satellite Credential - extra_vars: - org_id: "Default_Organization" - survey_enabled: true - survey: - name: '' - description: '' - spec: - - question_name: Server Name or Pattern - type: text - variable: HOSTS - required: false - - question_name: Choose Environment - type: multiplechoice - variable: env - choices: - - Dev - - QA - - Prod - required: true + - name: LINUX / Register with Satellite + project: Ansible official demo project + playbook: satellite/server_register.yml + inventory: Workshop Inventory + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + credentials: + - Workshop Credential + - Satellite Credential + extra_vars: + org_id: "Default_Organization" + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Server Name or Pattern + type: text + variable: HOSTS + required: false + - question_name: Choose Environment + type: multiplechoice + variable: env + choices: + - Dev + - QA + - Prod + required: true -- name: LINUX / Compliance Scan with Satellite - project: Ansible official demo project - playbook: satellite/server_openscap.yml - inventory: Workshop Inventory - execution_environment: Ansible Engine 2.9 execution environment - notification_templates_started: Telemetry - notification_templates_success: Telemetry - notification_templates_error: Telemetry - credentials: - - Satellite Credential - - Workshop Credential - extra_vars: - policy_scan: all - survey_enabled: true - survey: - name: '' - description: '' - spec: - - question_name: Server Name or Pattern - type: text - variable: HOSTS - required: false + - name: LINUX / Compliance Scan with Satellite + project: Ansible official demo project + playbook: satellite/server_openscap.yml + inventory: Workshop Inventory + execution_environment: Ansible Engine 2.9 execution environment + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + credentials: + - Satellite Credential + - Workshop Credential + extra_vars: + policy_scan: all + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Server Name or Pattern + type: text + variable: HOSTS + required: false -- name: SATELLITE / Publish Content View Version - project: Ansible official demo project - playbook: satellite/satellite_publish.yml - inventory: Workshop Inventory - notification_templates_started: Telemetry - notification_templates_success: Telemetry - notification_templates_error: Telemetry - credentials: - - Satellite Credential - extra_vars: - env: Dev - survey_enabled: true - survey: - name: '' - description: '' - spec: - - question_name: Select Content View - variable: content_view - type: multiplechoice - choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" - required: true + - name: SATELLITE / Publish Content View Version + project: Ansible official demo project + playbook: satellite/satellite_publish.yml + inventory: Workshop Inventory + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + credentials: + - Satellite Credential + extra_vars: + env: Dev + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Select Content View + variable: content_view + type: multiplechoice + choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" + required: true -- name: SATELLITE / Promote Content View Version - project: Ansible official demo project - playbook: satellite/satellite_promote.yml - inventory: Workshop Inventory - notification_templates_started: Telemetry - notification_templates_success: Telemetry - notification_templates_error: Telemetry - credentials: - - Satellite Credential - survey_enabled: true - survey: - name: '' - description: '' - spec: - - question_name: Select Content View - variable: content_view - type: multiplechoice - choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" - required: true - - question_name: Current Lifecycle Environment - variable: current_lifecycle_environment - type: multiplechoice - choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" - required: true - - question_name: Next Lifecycle Environment - variable: lifecycle_environment - type: multiplechoice - choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" - required: true + - name: SATELLITE / Promote Content View Version + project: Ansible official demo project + playbook: satellite/satellite_promote.yml + inventory: Workshop Inventory + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + credentials: + - Satellite Credential + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Select Content View + variable: content_view + type: multiplechoice + choices: "{{ satellite_content_views | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" + required: true + - question_name: Current Lifecycle Environment + variable: current_lifecycle_environment + type: multiplechoice + choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" + required: true + - question_name: Next Lifecycle Environment + variable: lifecycle_environment + type: multiplechoice + choices: "{{ satellite_lifecycle_environments | selectattr('name', 'match', '^RHEL.*$') | map(attribute='name') | list}}" + required: true + + - name: SETUP / Satellite + project: Ansible official demo project + playbook: satellite/setup_satellite.yml + inventory: Workshop Inventory + notification_templates_started: Telemetry + notification_templates_success: Telemetry + notification_templates_error: Telemetry + credentials: + - Satellite Credential -- name: SETUP / Satellite - project: Ansible official demo project - playbook: satellite/setup_satellite.yml - inventory: Workshop Inventory - notification_templates_started: Telemetry - notification_templates_success: Telemetry - notification_templates_error: Telemetry - credentials: - - Satellite Credential - controller_launch_jobs: - name: SETUP wait: false @@ -207,7 +207,7 @@ controller_launch_jobs: ###################### satellite_components: - content_views - #- content_view_publish + # - content_view_publish - lifecycle_environments - activation_keys @@ -219,12 +219,12 @@ satellite_content_views: - name: RHEL7 content_view: RHEL7 repositories: - - name: Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server - product: 'Red Hat Enterprise Linux Server' - - name: Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64 - product: 'Red Hat Enterprise Linux Server' - - name: Red Hat Satellite Client 6 for RHEL 7 Server RPMs x86_64 - product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64 + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Satellite Client 6 for RHEL 7 Server RPMs x86_64 + product: 'Red Hat Enterprise Linux Server' # Red Hat Enterprise Linux 8 - name: RHEL8 content_view: RHEL8 diff --git a/satellite/setup_satellite.yml b/satellite/setup_satellite.yml index 1a298e4..6fbacc4 100644 --- a/satellite/setup_satellite.yml +++ b/satellite/setup_satellite.yml @@ -1,54 +1,55 @@ --- -- hosts: localhost - gather_facts: no +- name: Setup satellite configuration + hosts: localhost + gather_facts: false vars_files: setup.yml vars: refresh_satellite_manifest: true tasks: - - name: refresh manifest - redhat.satellite.subscription_manifest: - organization: "Default Organization" - state: refreshed - when: refresh_satellite_manifest + - name: Refresh manifest # noqa: args[module] - required parameters provided with environment vars + redhat.satellite.subscription_manifest: + organization: "Default Organization" + state: refreshed + when: refresh_satellite_manifest - - name: Setup CV - include_role: - name: redhat.satellite.content_views + - name: Setup CV + ansible.builtin.include_role: + name: redhat.satellite.content_views - - name: Publish CV - include_role: - name: redhat.satellite.content_view_publish - vars: - satellite_content_views: - - RHEL7 - - RHEL8 + - name: Publish CV + ansible.builtin.include_role: + name: redhat.satellite.content_view_publish + vars: + satellite_content_views: + - RHEL7 + - RHEL8 - - name: Setup Lifecycle Environment - include_role: - name: redhat.satellite.lifecycle_environments + - name: Setup Lifecycle Environment + ansible.builtin.include_role: + name: redhat.satellite.lifecycle_environments - - name: redhat.satellite.content_view_publish CV - redhat.satellite.content_view_version: - organization: "{{ satellite_organization }}" - content_view: "{{ item }}" - lifecycle_environments: - - "{{ item }}_Dev" - - "{{ item }}_QA" - - "{{ item }}_Prod" - loop: - - RHEL7 - - RHEL8 + - name: Content view publish # noqa: args[module] - required parameters provided with environment vars + redhat.satellite.content_view_version: + organization: "{{ satellite_organization }}" + content_view: "{{ item }}" + lifecycle_environments: + - "{{ item }}_Dev" + - "{{ item }}_QA" + - "{{ item }}_Prod" + loop: + - RHEL7 + - RHEL8 - - name: Setup activation_keys - include_role: - name: redhat.satellite.activation_keys + - name: Setup activation_keys + ansible.builtin.include_role: + name: redhat.satellite.activation_keys - - name: Add SCAP Tailoring File - redhat.satellite.scap_tailoring_file: - name: RHEL7_STIG - organizations: "{{ satellite_organization }}" - scap_file: "{{ item }}" - loop: - - files/ssg-rhel7-ds-tailoring.xml - - files/ssg-rhel8-ds-tailoring-stig-gui.xml + - name: Add SCAP Tailoring File # noqa: args[module] - required parameters provided with environment vars + redhat.satellite.scap_tailoring_file: + name: RHEL7_STIG + organizations: "{{ satellite_organization }}" + scap_file: "{{ item }}" + loop: + - files/ssg-rhel7-ds-tailoring.xml + - files/ssg-rhel8-ds-tailoring-stig-gui.xml diff --git a/setup_demo.yml b/setup_demo.yml index 7c62b7a..b9c89be 100644 --- a/setup_demo.yml +++ b/setup_demo.yml @@ -69,7 +69,7 @@ url: https://docs.google.com/forms/d/e/1FAIpQLSdIZ77YpETjEfGOoYlXtMnQiU-6M7QFlb2hJA4ujo25QYb2jw/formResponse method: POST body: "ifq&entry.1569353616={{ demo }} &entry.498055740={{ lookup('ansible.builtin.env', 'AWX_HOST') }}&sumbit=Submit" - ignore_errors: true + ignore_errors: true # noqa: ignore-errors - connectivity should not fail play - name: Print Message ansible.builtin.debug: diff --git a/windows/patching.yml b/windows/patching.yml index d6a8ec0..57234b4 100644 --- a/windows/patching.yml +++ b/windows/patching.yml @@ -1,7 +1,6 @@ --- - name: Windows updates hosts: "{{ _hosts | default('os_windows') }}" - strategy: linear vars: report_server: win1 @@ -12,7 +11,7 @@ - name: Build report server delegate_to: "{{ report_server }}" - run_once: true + run_once: true # noqa: run-once[task] block: - name: Install report server ansible.builtin.include_role: