Merge branch 'main' into gitlab_ver

.ansible-lint

@@ -10,4 +10,3 @@ exclude_paths:
   - collections/ansible_collections/demo/compliance/roles/
   - roles/redhatofficial.*
   - .github/
-  - execution_environments/ee_contexts/

.github/workflows/pre-commit.yml

@@ -5,16 +5,13 @@ on:
  - pull_request_target
 
 env:
-  ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN }}
+  ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }}
-  ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN }}
 
 jobs:
   pre-commit:
     name: pre-commit
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v3
-    - uses: actions/setup-python@v5
+    - uses: actions/setup-python@v3
-    - uses: pre-commit/action@v3.0.1
+    - uses: pre-commit/action@v3.0.0
-
-...

.gitignore

@@ -7,8 +7,6 @@ choose_demo_example_aws.yml
 .ansible.cfg
 *.gz
 *artifact*.json
-roles/*
+**/roles/*
-!roles/requirements.yml
+!**/roles/requirements.yml
 .deployment_id
-.cache/
-.ansible/

.pre-commit-config.yaml

@@ -3,8 +3,8 @@ repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.4.0
     hooks:
+      - id: end-of-file-fixer
       - id: trailing-whitespace
-        exclude: rhel[89]STIG/.*$
 
       - id: check-yaml
         exclude: \.j2.(yaml|yml)$|\.(yaml|yml).j2$
@@ -26,5 +26,4 @@ repos:
     rev: 23.11.0
     hooks:
       - id: black
-        exclude: rhel[89]STIG/.*$
 ...

CHANGELOG.md

@@ -0,0 +1,12 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [v-0.0.1](https://github.com/ansible/product-demos/-/tree/v-0.0.1) - 2024-01-12
+
+### Added
+
+- Initial release  ([1af584b4ea6d77812bfcb2f6474fee6ee1b13666](https://github.com/ansible/product-demos/-/commit/1af584b4ea6d77812bfcb2f6474fee6ee1b13666))

CONTRIBUTING.md

@@ -18,7 +18,6 @@ This document aims to outline the requirements for the various forms of contribu
 - PRs should be rebased against the `main` branch to avoid conflicts.
 - PRs should not impact more than a single directory/demo section.
 - PRs should not rely on external infrastructure or configuration unless the dependency is automated or specified in the `user_message` of `setup.yml`.
-- PR titles should describe the work done in the PR.  Titles should not be generic ("Added new demo") and should not refer to an issue number ("Fix for issue #123").
 
 ## Adding a New Demo
 1) Create a new branch based on main. (eg. `git checkout -b <branch name>`)
@@ -32,7 +31,7 @@ This document aims to outline the requirements for the various forms of contribu
    1) You can copy paste an existing one and edit it.
    2) Ensure you edit the name, playbook path, survey etc.
 5) Add any needed roles/collections to the [requirements.yml](/collections/requirements.yml)
-6) Test via [demo.redhat.com](https://demo.redhat.com/catalog?search=product&item=babylon-catalog-prod%2Fopenshift-cnv.aap-product-demos-cnv.prod), specifying your branch name within the project configuration.
+6) Test via [demo.redhat.com](https://demo.redhat.com/catalog?item=babylon-catalog-prod/sandboxes-gpte.aap-product-demos.prod&utm_source=webapp&utm_medium=share-link), specify your branch name within the project configuration.
 
 > NOTE: demo.redhat.com is available to Red Hat Associates and Partners with a valid account.
 
@@ -44,10 +43,13 @@ This document aims to outline the requirements for the various forms of contribu
     ---
     user_message: ''
 
+    controller_components:
+    - job_templates
+
     controller_templates:
     ...
     ```
-   - Configuration variables can be from any of the roles defined in the [infra.controller_configuration collection](https://github.com/redhat-cop/controller_configuration/tree/devel/roles)
+   - `controller_components` can be any of the roles defined [here](https://github.com/redhat-cop/controller_configuration/tree/devel/roles)
    - Add variables for each component listed
 3) Include a README.md in the subdirectory
 
@@ -70,3 +72,76 @@ Copy the token value and execute the following command:
 ```bash
 export ANSIBLE_GALAXY_SERVER_AH_TOKEN=<token>
 ```
+
+## Release Process
+
+We follow a structured release process for this project. Here are the steps involved:
+
+1. **Create a Release Branch:**
+   - Start by creating a new release branch from the `main` branch.
+
+   ```bash
+   git checkout -b release/v-<version>
+   ```
+
+2. **Update Changelog:**
+   - Open the `CHANGELOG.md` file to manually add your change to the appropriate section.
+   - Our changelog follows the [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) format and includes the following categories of changes:
+
+     - `Added` for new features.
+     - `Changed` for changes in existing functionality.
+     - `Deprecated` for features that will be removed in upcoming releases.
+     - `Fixed` for bug fixes.
+     - `Removed` for deprecated features that were removed.
+     - `Security` for security-related changes.
+
+   - Add a new entry under the relevant category. Include a brief summary of the change and the merge request commit tag.
+
+     ```markdown
+     ## [Unreleased]
+
+     ### Added
+
+     - New feature or enhancement ([Merge Request Commit](https://github.com/ansible/product-demos/-/commit/<commit-hash>))
+     ```
+
+   - Replace `<commit-hash>` with the actual commit hash from the merge request.
+
+3. **Commit Changes:**
+   - Commit the changes made to the `CHANGELOG.md` file.
+
+   ```bash
+   git add CHANGELOG.md
+   git commit -m "Update CHANGELOG for release <version>"
+   ```
+
+4. **Create a Pull Request:**
+   - Open a pull request from the release branch to the `main` branch.
+
+5. **Review and Merge:**
+   - Review the pull request and merge it into the `main` branch.
+
+6. **Tag the Release:**
+   - Once the pull request is merged, tag the release with the version number.
+
+   ```bash
+   git tag -a v-<version> -m "Release <version>"
+   git push origin v-<version>
+   ```
+
+7. **Publish the Release:**
+   - After the successful completion of the pull request and merging into the `main` branch, an automatic GitHub Action will be triggered to publish the release.
+
+     The GitHub Action will perform the following steps:
+     - Parse the `CHANGELOG.md` file.
+     - Generate a release note based on the changes.
+     - Attach relevant files (such as `LICENSE`, `CHANGELOG.md`, and the generated `CHANGELOG.txt`) to the GitHub Release.
+
+     No manual intervention is required for this step; the GitHub Action will handle the release process automatically.
+
+8. **Cleanup:**
+   - Delete the release branch.
+
+   ```bash
+   git branch -d release/v-<version>
+   ```

README.md

@@ -1,18 +1,16 @@
 [![Lab](https://img.shields.io/badge/Try%20Me-EE0000?style=for-the-badge&logo=redhat&logoColor=white)](https://red.ht/aap-product-demos)
 [![Dev Spaces](https://img.shields.io/badge/Customize%20Here-0078d7.svg?style=for-the-badge&logo=visual-studio-code&logoColor=white)](https://workspaces.openshift.com/f?url=https://github.com/ansible/product-demos)
-[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)
 
 # Official Ansible Product Demos
 
-This is a centralized location for Ansible Product Demos. This project is a collection of use cases implemented with Ansible for use with the [Ansible Automation Platform](https://www.redhat.com/en/technologies/management/ansible).
+This is a centralized location for Ansible Product Demos. This project is a collection of use cases implemented with Ansible for use with the Ansible Automation Platform.
 
 | Demo Name | Description |
 |-----------|-------------|
 | [Linux](linux/README.md) | Repository of demos for RHEL and Linux automation |
 | [Windows](windows/README.md) | Repository of demos for Windows Server automation |
 | [Cloud](cloud/README.md) | Demo for infrastructure and cloud provisioning automation |
-| [Network](network/README.md) | Network automation demos |
+| [Network](network/README.md) | Ansible Network automation demos |
-| [OpenShift](openshift/README.md) | OpenShift automation demos |
 | [Satellite](satellite/README.md) | Demos of automation with Red Hat Satellite Server |
 
 ## Contributions
@@ -21,7 +19,7 @@ If you would like to contribute to this project please refer to [contribution gu
 
 ## Using this project
 
-This project is tested for compatibility with the [demo.redhat.com Ansible Product Demos](https://demo.redhat.com/catalog?search=product+demos&item=babylon-catalog-prod%2Fopenshift-cnv.aap-product-demos-cnv.prod) lab environment. To use with other Ansible Automation Platform installations, review the [prerequisite documentation](https://github.com/ansible/product-demos-bootstrap).
+This project is tested for compatibility with the [demo.redhat.com Product Demos Sandbox]([red.ht/aap-product-demos](https://demo.redhat.com/catalog?item=babylon-catalog-prod/sandboxes-gpte.aap-product-demos.prod&utm_source=webapp&utm_medium=share-link)) lab environment. To use with other Ansible Controller installations, review the [prerequisite documentation](https://github.com/RedHatGov/ansible-tower-samples).
 
 > NOTE: demo.redhat.com is available to Red Hat Associates and Partners with a valid account.
 
@@ -39,7 +37,7 @@ This project is tested for compatibility with the [demo.redhat.com Ansible Produ
      - Image: quay.io/acme_corp/product-demos-ee:latest
      - Pull: Only pull the image if not present before running
 
-3. If it is not already created for you, create a Project called `Ansible Product Demos` with this repo as a source. NOTE: if you are using a fork, be sure that you have the correct URL. Update the project.
+3. If it is not already created for you, create a Project called `Ansible official demo project` with this repo as a source. NOTE: if you are using a fork, be sure that you have the correct URL. Update the project.
 
 4. Finally, Create a Job Template called `Setup` with the following configuration:
 
@@ -59,8 +57,8 @@ This project is tested for compatibility with the [demo.redhat.com Ansible Produ
 Can't find what you're looking for? Customize this repo to make it your own.
 
 1. Create a fork of this repo.
-2. Update the URL of the `Ansible Project Demos` in the Controller.
+2. Update the URL of the `Ansible official demo project` in the Controller.
-3. Make changes as needed and run the **Product Demos | Single demo setup** job
+3. Make changes as needed and run the **Setup** job
 
 See the [contribution guide](CONTRIBUTING.md) for more details on how to customize the project.
 

ansible.cfg

@@ -3,17 +3,13 @@ collections_path=./collections
 roles_path=./roles
 
 [galaxy]
-server_list = certified,validated,galaxy
+server_list = ah,galaxy
 
-[galaxy_server.certified]
+[galaxy_server.ah]
 # Grab a token at https://console.redhat.com/ansible/automation-hub/token
-# Then define it in the ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN environment variable
+# Then define it using ANSIBLE_GALAXY_SERVER_AH_TOKEN=""
-url=https://console.redhat.com/api/automation-hub/content/published/
-auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
 
-[galaxy_server.validated]
+url=https://console.redhat.com/api/automation-hub/content/published/
-# Define the token in the ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN environment variable
-url=https://console.redhat.com/api/automation-hub/content/validated/
 auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
 
 [galaxy_server.galaxy]

cloud/README.md

@@ -10,7 +10,7 @@
     - [Configure Credentials](#configure-credentials)
     - [Add Workshop Credential Password](#add-workshop-credential-password)
     - [Remove Inventory Variables](#remove-inventory-variables)
-    - [Getting your Public Key for Create Keypair Job](#getting-your-public-key-for-create-keypair-job)
+    - [Getting your Puiblic Key for Create Keypair Job](#getting-your-puiblic-key-for-create-keypair-job)
   - [Suggested Usage](#suggested-usage)
   - [Known Issues](#known-issues)
 
@@ -49,11 +49,11 @@ After running the setup job template, there are a few steps required to make the
 
 1) Remove Workshop Inventory variables on the Details page of the inventory. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
 
-### Getting your Public Key for Create Keypair Job
+### Getting your Puiblic Key for Create Keypair Job
 
 1) Connect to the command line of your Controller server. This is easiest to do by opening the VS Code Web Editor from the landing page where you found the Controller login details.
 2) Open a Terminal Window in the VS Code Web Editor.
-3) SSH to one of your linux nodes (eg. `ssh aws_rhel9`). This should log you into the node as `ec2-user`
+3) SSH to one of your linux nodes (eg. `ssh node1`). This should log you into the node as `ec2-user`
 4) `cat .ssh/authorized_keys` and copy the key listed including the  `ssh-rsa` prefix
 
 

cloud/aws_key.yml

@@ -23,8 +23,3 @@
         state: present
         tags:
           owner: "{{ aws_keypair_owner }}"
-
-    - name: Set VPC stats
-      ansible.builtin.set_stats:
-        data:
-          stat_aws_key_pair: '{{ aws_key_name }}'

cloud/create_vpc.yml

@@ -122,12 +122,3 @@
           Name: "{{ aws_rt_name }}"
           owner: "{{ aws_owner_tag }}"
           purpose: "{{ aws_purpose_tag }}"
-
-    - name: Set VPC stats
-      ansible.builtin.set_stats:
-        data:
-          stat_aws_region: '{{ create_vm_aws_region }}'
-          stat_aws_vpc_id: '{{ aws_vpc.vpc.id }}'
-          stat_aws_vpc_cidr: '{{ aws_vpc_cidr_block }}'
-          stat_aws_subnet_id: '{{ aws_subnet.subnet.id }}'
-          stat_aws_subnet_cidr: '{{ aws_subnet_cidr }}'

cloud/display-ec2-stats.yml

@@ -1,18 +0,0 @@
----
-- name: Display EC2 stats
-  hosts: localhost
-  gather_facts: false
-
-  tasks:
-    - name: Display stats for EC2 VPC and key pair
-      ansible.builtin.debug:
-        var: '{{ item }}'
-      loop:
-        - stat_aws_region
-        - stat_aws_key_pair
-        - stat_aws_vpc_id
-        - stat_aws_vpc_cidr
-        - stat_aws_subnet_id
-        - stat_aws_subnet_cidr
-
-...

cloud/setup.yml

@@ -3,6 +3,81 @@ _deployment_id: "{{ lookup('file', playbook_dir + '/.deployment_id') }}"
 
 user_message:
 
+controller_execution_environments:
+  - name: Cloud Services Execution Environment
+    image: quay.io/scottharwell/cloud-ee:latest
+
+controller_projects:
+  - name: Ansible Cloud Content Lab - AWS
+    organization: Default
+    scm_type: git
+    wait: true
+    scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
+    default_environment: Cloud Services Execution Environment
+
+controller_credentials:
+  - name: AWS
+    credential_type: Amazon Web Services
+    organization: Default
+    update_secrets: false
+    inputs:
+      username: REPLACEME
+      password: REPLACEME
+
+#  - name: Azure
+#    credential_type: Microsoft Azure Resource Manager
+#    organization: Default
+#    update_secrets: false
+#    inputs:
+#      subscription: REPLACEME
+
+controller_inventory_sources:
+  - name: AWS Inventory
+    organization: Default
+    source: ec2
+    inventory: Demo Inventory
+    credential: AWS
+    overwrite: true
+    source_vars:
+      hostnames:
+        - tag:Name
+      compose:
+        ansible_host: public_ip_address
+        ansible_user: 'ec2-user'
+      groups:
+        cloud_aws: true
+        os_linux: tags.blueprint.startswith('rhel')
+      keyed_groups:
+        - key: platform
+          prefix: os
+        - key: tags.blueprint
+          prefix: blueprint
+        - key: tags.owner
+          prefix: owner
+
+#  - name: Azure Inventory
+#    organization: Default
+#    source: azure_rm
+#   inventory: Demo Inventory
+#    credential: Azure
+#    execution_environment: Ansible Engine 2.9 execution environment
+#    overwrite: true
+#    source_vars:
+#      hostnames:
+#        - tags.Name
+#        - default
+#      keyed_groups:
+#        - key: os_profile.system
+#          prefix: os
+#      conditional_groups:
+#        cloud_azure: true
+
+controller_groups:
+  - name: cloud_aws
+    inventory: Demo Inventory
+    variables:
+      ansible_user: ec2-user
+
 controller_templates:
   - name: Cloud / AWS / Create Peer Infrastructure
     job_type: run
@@ -64,21 +139,168 @@ controller_templates:
     extra_vars:
       aws_region: us-east-1
 
+  - name: Cloud / AWS / Create VPC
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible official demo project
+    playbook: cloud/create_vpc.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Owner
+          type: text
+          variable: aws_owner_tag
+          required: true
+
+  - name: Cloud / AWS / Create VM
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+      - Demo Credential
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbooks/create_vm.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    allow_simultaneous: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Name
+          type: text
+          variable: create_vm_vm_name
+          required: true
+        - question_name: Owner
+          type: text
+          variable: create_vm_vm_owner
+          required: true
+        - question_name: Deployment
+          type: text
+          variable: create_vm_vm_deployment
+          required: true
+        - question_name: Environment
+          type: multiplechoice
+          variable: create_vm_vm_environment
+          required: true
+          choices:
+            - Dev
+            - QA
+            - Prod
+        - question_name: Blueprint
+          type: multiplechoice
+          variable: vm_blueprint
+          required: true
+          choices:
+            - windows_core
+            - windows_full
+            - rhel9
+            - rhel8
+            - rhel7
+            - al2023
+        - question_name: Subnet
+          type: text
+          variable: create_vm_aws_vpc_subnet_name
+          required: true
+          default: aws-test-subnet
+        - question_name: Security Group
+          type: text
+          variable: create_vm_aws_securitygroup_name
+          required: true
+          default: aws-test-sg
+        - question_name: SSH Keypair
+          type: text
+          variable: create_vm_aws_keypair_name
+          required: true
+          default: aws-test-key
+        - question_name: AWS Instance Type (defaults to blueprint value)
+          type: text
+          variable: create_vm_aws_instance_size
+          required: false
+        - question_name: AWS Image Filter (defaults to blueprint value)
+          type: text
+          variable: create_vm_aws_image_filter
+          required: false
+
+  - name: Cloud / AWS / Delete VM
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+      - Demo Credential
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbooks/delete_inventory_vm.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+
   - name: Cloud / AWS / VPC Report
     job_type: run
     organization: Default
     credentials:
       - AWS
-    project: Ansible Cloud AWS Demos
+    project: Ansible Cloud Content Lab - AWS
-    playbook: playbooks/cloud_report.yml
+    playbook: playbooks/create_reports.yml
     inventory: Demo Inventory
-    execution_environment: Cloud Services Execution Environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
     extra_vars:
+      aws_report: vpc
       reports_aws_bucket_name: reports-pd-{{ _deployment_id }}
-      reports_aws_region: "us-east-1"
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
 
   - name: Cloud / AWS / Tags Report
     job_type: run
@@ -109,12 +331,51 @@ controller_templates:
             - us-west-1
             - us-west-2
 
+  - name: Cloud / AWS / Create Keypair
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible official demo project
+    playbook: cloud/aws_key.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Keypair Name
+          type: text
+          variable: aws_key_name
+          required: true
+          default: aws-test-key
+        - question_name: Keypair Public Key
+          type: textarea
+          variable: aws_public_key
+          required: true
+        - question_name: Owner
+          type: text
+          variable: aws_keypair_owner
+          required: true
+
   - name: Cloud / AWS / Snapshot EC2
     job_type: run
     organization: Default
     credentials:
       - AWS
-    project: Ansible Product Demos
+    project: Ansible official demo project
     playbook: cloud/snapshot_ec2.yml
     inventory: Demo Inventory
     notification_templates_started: Telemetry
@@ -145,7 +406,7 @@ controller_templates:
     organization: Default
     credentials:
       - AWS
-    project: Ansible Product Demos
+    project: Ansible official demo project
     playbook: cloud/restore_ec2.yml
     inventory: Demo Inventory
     notification_templates_started: Telemetry
@@ -171,22 +432,10 @@ controller_templates:
           variable: _hosts
           required: false
 
-  - name: Cloud / AWS / Display EC2 Stats
-    job_type: run
-    organization: Default
-    credentials:
-      - AWS
-    project: Ansible Product Demos
-    playbook: cloud/display-ec2-stats.yml
-    inventory: Demo Inventory
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-
   - name: "LINUX / Patching"
     job_type: check
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/patching.yml"
     execution_environment: Default execution environment
     notification_templates_started: Telemetry
@@ -253,24 +502,19 @@ controller_workflows:
       - identifier: Create Keypair
         unified_job_template: Cloud / AWS / Create Keypair
         success_nodes:
-          - EC2 Stats
+          - VPC Report
         failure_nodes:
           - Ticket - Keypair Failed
       - identifier: Create VPC
         unified_job_template: Cloud / AWS / Create VPC
         success_nodes:
-          - EC2 Stats
+          - VPC Report
         failure_nodes:
           - Ticket - VPC Failed
       - identifier: Ticket - Keypair Failed
         unified_job_template: 'SUBMIT FEEDBACK'
         extra_data:
           feedback: Failed to create AWS keypair
-      - identifier: EC2 Stats
-        unified_job_template: Cloud / AWS / Display EC2 Stats
-        all_parents_must_converge: true
-        always_nodes:
-          - VPC Report
       - identifier: VPC Report
         unified_job_template: Cloud / AWS / VPC Report
         all_parents_must_converge: true
@@ -279,7 +523,6 @@ controller_workflows:
           - Deploy RHEL8 Blueprint
           - Deploy RHEL9 Blueprint
           - Deploy Windows Core Blueprint
-          - Deploy Report Server
       - identifier: Deploy Windows GUI Blueprint
         unified_job_template: Cloud / AWS / Create VM
         extra_data:
@@ -316,15 +559,10 @@ controller_workflows:
           - Update Inventory
         failure_nodes:
           - Ticket - Instance Failed
-      - identifier: Deploy Report Server
+      - identifier: Ticket - VPC Failed
-        unified_job_template: Cloud / AWS / Create VM
+        unified_job_template: 'SUBMIT FEEDBACK'
         extra_data:
-          create_vm_vm_name: reports
+          feedback: Failed to create AWS VPC
-          vm_blueprint: rhel9
-        success_nodes:
-          - Update Inventory
-        failure_nodes:
-          - Ticket - Instance Failed
       - identifier: Update Inventory
         unified_job_template: AWS Inventory
         success_nodes:
@@ -335,10 +573,6 @@ controller_workflows:
           feedback: Failed to create AWS instance
       - identifier: Tag Report
         unified_job_template: Cloud / AWS / Tags Report
-      - identifier: Ticket - VPC Failed
-        unified_job_template: 'SUBMIT FEEDBACK'
-        extra_data:
-          feedback: Failed to create AWS VPC
 
   - name: Cloud / AWS / Patch EC2 Workflow
     description: A workflow to patch ec2 instances with snapshot and restore on failure.
@@ -368,7 +602,7 @@ controller_workflows:
           default: os_linux
     simplified_workflow_nodes:
       - identifier: Project Sync
-        unified_job_template: Ansible Product Demos
+        unified_job_template: Ansible official demo project
         success_nodes:
           - Take Snapshot
       - identifier: Inventory Sync

collections/ansible_collections/demo/compliance/roles/iosxeSTIG/tasks/main.yml

@@ -137,14 +137,14 @@
     - (cmd_result.stdout|join('\n')).find('ip dns server') != -1
     - iosxeSTIG_stigrule_215823_Manage
 # R-215823 CISC-ND-000470
-# - name : stigrule_215823_disable_identd
+- name : stigrule_215823_disable_identd
-#   ignore_errors: "{{ ignore_all_errors }}"
+  ignore_errors: "{{ ignore_all_errors }}"
-#   notify: "save configuration"
+  notify: "save configuration"
-#   ios_config:
+  ios_config:
-#     defaults: yes
+    defaults: yes
-#     lines: "{{ iosxeSTIG_stigrule_215823_disable_identd_Lines }}"
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_identd_Lines }}"
-#   when:
+  when:
-#     - iosxeSTIG_stigrule_215823_Manage
+    - iosxeSTIG_stigrule_215823_Manage
 # R-215823 CISC-ND-000470
 - name : stigrule_215823_disable_finger
   ignore_errors: "{{ ignore_all_errors }}"
@@ -378,9 +378,9 @@
 - name : stigrule_215837_host
   ignore_errors: "{{ ignore_all_errors }}"
   notify: "save configuration"
-  ios_config:
+  ios_logging:
-    lines:
+    dest: host
-      - "logging {{ iosxeSTIG_stigrule_215837_host_Name }}"
+    name: "{{ iosxeSTIG_stigrule_215837_host_Name }}"
   when: iosxeSTIG_stigrule_215837_Manage
 # R-215837 CISC-ND-001000
 # Please configure name IP address to a valid one.
@@ -397,18 +397,16 @@
 - name : stigrule_215838_ntp_server_1
   ignore_errors: "{{ ignore_all_errors }}"
   notify: "save configuration"
-  cisco.ios.ios_config:
+  ios_ntp:
-    lines:
+    server: "{{ iosxeSTIG_stigrule_215838_ntp_server_1_Server }}"
-      - "ntp server {{ iosxeSTIG_stigrule_215838_ntp_server_1_Server }}"
   when: iosxeSTIG_stigrule_215838_Manage
 # R-215838 CISC-ND-001030
 # Replace ntp servers' IP address before enabling.
 - name : stigrule_215838_ntp_server_2
   ignore_errors: "{{ ignore_all_errors }}"
   notify: "save configuration"
-  cisco.ios.ios_config:
+  ios_ntp:
-    lines:
+    server: "{{ iosxeSTIG_stigrule_215838_ntp_server_2_Server }}"
-      - "ntp server {{ iosxeSTIG_stigrule_215838_ntp_server_2_Server }}"
   when: iosxeSTIG_stigrule_215838_Manage
 # R-215840 CISC-ND-001050
 # service timestamps log datetime localtime is set in 215817.

collections/ansible_collections/demo/compliance/roles/rhel8STIG/callback_plugins/stig_xml.py

@@ -1,4 +1,5 @@
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
+
 __metaclass__ = type
 
 from ansible.plugins.callback import CallbackBase
@@ -11,76 +12,82 @@ import os
 import xml.etree.ElementTree as ET
 import xml.dom.minidom
 
+
 class CallbackModule(CallbackBase):
     CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'xml'
+    CALLBACK_TYPE = "xml"
-    CALLBACK_NAME = 'stig_xml'
+    CALLBACK_NAME = "stig_xml"
 
     CALLBACK_NEEDS_WHITELIST = True
 
     def _get_STIG_path(self):
-        cwd = os.path.abspath('.')
+        cwd = os.path.abspath(".")
         for dirpath, dirs, files in os.walk(cwd):
-            if os.path.sep + 'files' in dirpath and '.xml' in files[0]:
+            if os.path.sep + "files" in dirpath and ".xml" in files[0]:
                 return os.path.join(cwd, dirpath, files[0])
 
     def __init__(self):
         super(CallbackModule, self).__init__()
         self.rules = {}
-        self.stig_path = os.environ.get('STIG_PATH')
+        self.stig_path = os.environ.get("STIG_PATH")
-        self.XML_path = os.environ.get('XML_PATH')
+        self.XML_path = os.environ.get("XML_PATH")
         if self.stig_path is None:
             self.stig_path = self._get_STIG_path()
-        self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
+        self._display.display("Using STIG_PATH: {}".format(self.stig_path))
         if self.XML_path is None:
             self.XML_path = tempfile.mkdtemp() + "/xccdf-results.xml"
-        self._display.display('Using XML_PATH: {}'.format(self.XML_path))
+        self._display.display("Using XML_PATH: {}".format(self.XML_path))
 
         print("Writing: {}".format(self.XML_path))
         STIG_name = os.path.basename(self.stig_path)
-        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
+        ET.register_namespace("cdf", "http://checklists.nist.gov/xccdf/1.2")
-        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
+        self.tr = ET.Element("{http://checklists.nist.gov/xccdf/1.2}TestResult")
-        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
+        self.tr.set(
+            "id",
+            "xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}".format(STIG_name),
+        )
         endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
-        self.tr.set('end-time', endtime)
+        self.tr.set("end-time", endtime)
-        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
+        tg = ET.SubElement(self.tr, "{http://checklists.nist.gov/xccdf/1.2}target")
         tg.text = platform.node()
 
     def _get_rev(self, nid):
-        with open(self.stig_path, 'r') as f:
+        with open(self.stig_path, "r") as f:
-            r = 'SV-{}r(?P<rev>\d+)_rule'.format(nid)
+            r = "SV-{}r(?P<rev>\d+)_rule".format(nid)
             m = re.search(r, f.read())
         if m:
-            rev = m.group('rev')
+            rev = m.group("rev")
         else:
-            rev = '0'
+            rev = "0"
         return rev
 
     def v2_runner_on_ok(self, result):
         name = result._task.get_name()
-        m = re.search('stigrule_(?P<id>\d+)', name)
+        m = re.search("stigrule_(?P<id>\d+)", name)
         if m:
-            nid = m.group('id')
+            nid = m.group("id")
         else:
             return
         rev = self._get_rev(nid)
         key = "{}r{}".format(nid, rev)
-        if self.rules.get(key, 'Unknown') != False:
+        if self.rules.get(key, "Unknown") != False:
             self.rules[key] = result.is_changed()
 
     def v2_playbook_on_stats(self, stats):
         for rule, changed in self.rules.items():
-            state = 'fail' if changed else 'pass'
+            state = "fail" if changed else "pass"
-            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
+            rr = ET.SubElement(
-            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
+                self.tr, "{http://checklists.nist.gov/xccdf/1.2}rule-result"
-            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
+            )
+            rr.set("idref", "xccdf_mil.disa.stig_rule_SV-{}_rule".format(rule))
+            rs = ET.SubElement(rr, "{http://checklists.nist.gov/xccdf/1.2}result")
             rs.text = state
         passing = len(self.rules) - sum(self.rules.values())
-        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
+        sc = ET.SubElement(self.tr, "{http://checklists.nist.gov/xccdf/1.2}score")
-        sc.set('maximum', str(len(self.rules)))
+        sc.set("maximum", str(len(self.rules)))
-        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
+        sc.set("system", "urn:xccdf:scoring:flat-unweighted")
         sc.text = str(passing)
-        with open(self.XML_path, 'wb') as f:
+        with open(self.XML_path, "wb") as f:
             out = ET.tostring(self.tr)
-            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
+            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding="utf-8")
             f.write(pretty)

collections/ansible_collections/demo/compliance/roles/rhel8STIG/defaults/main.yml

@@ -142,6 +142,9 @@ rhel8STIG_stigrule_230347__etc_dconf_db_local_d_00_screensaver_Value: 'true'
 rhel8STIG_stigrule_230348_Manage: True
 rhel8STIG_stigrule_230348_ensure_tmux_is_installed_State: installed
 rhel8STIG_stigrule_230348__etc_tmux_conf_Line: 'set -g lock-command vlock'
+# R-230349 RHEL-08-020041
+rhel8STIG_stigrule_230349_Manage: True
+rhel8STIG_stigrule_230349__etc_bashrc_Line: '[ -n "$PS1" -a -z "$TMUX" ] && exec tmux'
 # R-230352 RHEL-08-020060
 rhel8STIG_stigrule_230352_Manage: True
 rhel8STIG_stigrule_230352__etc_dconf_db_local_d_00_screensaver_Value: 'uint32 900'
@@ -229,6 +232,9 @@ rhel8STIG_stigrule_230394__etc_audit_auditd_conf_Line: 'name_format = hostname'
 # R-230395 RHEL-08-030063
 rhel8STIG_stigrule_230395_Manage: True
 rhel8STIG_stigrule_230395__etc_audit_auditd_conf_Line: 'log_format = ENRICHED'
+# R-230396 RHEL-08-030070
+rhel8STIG_stigrule_230396_Manage: True
+rhel8STIG_stigrule_230396__etc_audit_auditd_conf_Line: 'log_group = root'
 # R-230398 RHEL-08-030090
 # A duplicate of 230396
 # duplicate of 230396
@@ -563,6 +569,3 @@ rhel8STIG_stigrule_244553_net_ipv4_conf_all_accept_redirects_Value: 0
 # R-244554 RHEL-08-040286
 rhel8STIG_stigrule_244554_Manage: True
 rhel8STIG_stigrule_244554__etc_sysctl_d_99_sysctl_conf_Line: 'net.core.bpf_jit_harden = 2'
-# R-256974 RHEL-08-010358
-rhel8STIG_stigrule_256974_Manage: True
-rhel8STIG_stigrule_256974_mailx_State: installed

collections/ansible_collections/demo/compliance/roles/rhel8STIG/tasks/main.yml

@@ -4,7 +4,7 @@
 - name: stigrule_230225_banner
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*banner\s+'
+    regexp: '^\s*(?i)banner\s+'
     line: "{{ rhel8STIG_stigrule_230225_banner_Line }}"
   notify: ssh_restart
   when:
@@ -82,7 +82,7 @@
 - name: stigrule_230244_ClientAliveCountMax
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*ClientAliveCountMax\s+'
+    regexp: '^\s*(?i)ClientAliveCountMax\s+'
     line: "{{ rhel8STIG_stigrule_230244_ClientAliveCountMax_Line }}"
   notify: ssh_restart
   when:
@@ -249,7 +249,7 @@
 - name: stigrule_230288_StrictModes
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*StrictModes\s+'
+    regexp: '^\s*(?i)StrictModes\s+'
     line: "{{ rhel8STIG_stigrule_230288_StrictModes_Line }}"
   notify: ssh_restart
   when:
@@ -259,7 +259,7 @@
 - name: stigrule_230290_IgnoreUserKnownHosts
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*IgnoreUserKnownHosts\s+'
+    regexp: '^\s*(?i)IgnoreUserKnownHosts\s+'
     line: "{{ rhel8STIG_stigrule_230290_IgnoreUserKnownHosts_Line }}"
   notify: ssh_restart
   when:
@@ -269,7 +269,7 @@
 - name: stigrule_230291_KerberosAuthentication
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*KerberosAuthentication\s+'
+    regexp: '^\s*(?i)KerberosAuthentication\s+'
     line: "{{ rhel8STIG_stigrule_230291_KerberosAuthentication_Line }}"
   notify: ssh_restart
   when:
@@ -279,7 +279,7 @@
 - name: stigrule_230296_PermitRootLogin
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*PermitRootLogin\s+'
+    regexp: '^\s*(?i)PermitRootLogin\s+'
     line: "{{ rhel8STIG_stigrule_230296_PermitRootLogin_Line }}"
   notify: ssh_restart
   when:
@@ -395,7 +395,7 @@
 - name: stigrule_230330_PermitUserEnvironment
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*PermitUserEnvironment\s+'
+    regexp: '^\s*(?i)PermitUserEnvironment\s+'
     line: "{{ rhel8STIG_stigrule_230330_PermitUserEnvironment_Line }}"
   notify: ssh_restart
   when:
@@ -436,6 +436,14 @@
     create: yes
   when:
     - rhel8STIG_stigrule_230348_Manage
+# R-230349 RHEL-08-020041
+- name: stigrule_230349__etc_bashrc
+  lineinfile:
+    path: /etc/bashrc
+    line: "{{ rhel8STIG_stigrule_230349__etc_bashrc_Line }}"
+    create: yes
+  when:
+    - rhel8STIG_stigrule_230349_Manage
 # R-230352 RHEL-08-020060
 - name: stigrule_230352__etc_dconf_db_local_d_00_screensaver
   ini_file:
@@ -594,7 +602,7 @@
 - name: stigrule_230382_PrintLastLog
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*PrintLastLog\s+'
+    regexp: '^\s*(?i)PrintLastLog\s+'
     line: "{{ rhel8STIG_stigrule_230382_PrintLastLog_Line }}"
   notify: ssh_restart
   when:
@@ -718,6 +726,16 @@
   notify: auditd_restart
   when:
     - rhel8STIG_stigrule_230395_Manage
+# R-230396 RHEL-08-030070
+- name: stigrule_230396__etc_audit_auditd_conf
+  lineinfile:
+    path: /etc/audit/auditd.conf
+    regexp: '^log_group = '
+    line: "{{ rhel8STIG_stigrule_230396__etc_audit_auditd_conf_Line }}"
+    create: yes
+  notify: auditd_restart
+  when:
+    - rhel8STIG_stigrule_230396_Manage
 # R-230402 RHEL-08-030121
 - name : stigrule_230402__etc_audit_rules_d_audit_rules_e2
   lineinfile:
@@ -1330,7 +1348,7 @@
 - name: stigrule_230527_RekeyLimit
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*RekeyLimit\s+'
+    regexp: '^\s*(?i)RekeyLimit\s+'
     line: "{{ rhel8STIG_stigrule_230527_RekeyLimit_Line }}"
   notify: ssh_restart
   when:
@@ -1551,7 +1569,7 @@
 - name: stigrule_230555_X11Forwarding
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*X11Forwarding\s+'
+    regexp: '^\s*(?i)X11Forwarding\s+'
     line: "{{ rhel8STIG_stigrule_230555_X11Forwarding_Line }}"
   notify: ssh_restart
   when:
@@ -1561,7 +1579,7 @@
 - name: stigrule_230556_X11UseLocalhost
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*X11UseLocalhost\s+'
+    regexp: '^\s*(?i)X11UseLocalhost\s+'
     line: "{{ rhel8STIG_stigrule_230556_X11UseLocalhost_Line }}"
   notify: ssh_restart
   when:
@@ -1617,7 +1635,7 @@
 - name: stigrule_244525_ClientAliveInterval
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*ClientAliveInterval\s+'
+    regexp: '^\s*(?i)ClientAliveInterval\s+'
     line: "{{ rhel8STIG_stigrule_244525_ClientAliveInterval_Line }}"
   notify: ssh_restart
   when:
@@ -1633,7 +1651,7 @@
 - name: stigrule_244528_GSSAPIAuthentication
   lineinfile:
     path: /etc/ssh/sshd_config
-    regexp: '(?i)^\s*GSSAPIAuthentication\s+'
+    regexp: '^\s*(?i)GSSAPIAuthentication\s+'
     line: "{{ rhel8STIG_stigrule_244528_GSSAPIAuthentication_Line }}"
   notify: ssh_restart
   when:
@@ -1780,9 +1798,3 @@
     create: yes
   when:
     - rhel8STIG_stigrule_244554_Manage
-# R-256974 RHEL-08-010358
-- name: stigrule_256974_mailx
-  yum:
-    name: mailx
-    state: "{{ rhel8STIG_stigrule_256974_mailx_State }}"
-  when: rhel8STIG_stigrule_256974_Manage

collections/ansible_collections/demo/compliance/roles/rhel9STIG/callback_plugins/stig_xml.py

@@ -1,86 +0,0 @@
-from __future__ import (absolute_import, division, print_function)
-__metaclass__ = type
-
-from ansible.plugins.callback import CallbackBase
-from time import gmtime, strftime
-import platform
-import tempfile
-import re
-import sys
-import os
-import xml.etree.ElementTree as ET
-import xml.dom.minidom
-
-class CallbackModule(CallbackBase):
-    CALLBACK_VERSION = 2.0
-    CALLBACK_TYPE = 'xml'
-    CALLBACK_NAME = 'stig_xml'
-
-    CALLBACK_NEEDS_WHITELIST = True
-
-    def _get_STIG_path(self):
-        cwd = os.path.abspath('.')
-        for dirpath, dirs, files in os.walk(cwd):
-            if os.path.sep + 'files' in dirpath and '.xml' in files[0]:
-                return os.path.join(cwd, dirpath, files[0])
-
-    def __init__(self):
-        super(CallbackModule, self).__init__()
-        self.rules = {}
-        self.stig_path = os.environ.get('STIG_PATH')
-        self.XML_path = os.environ.get('XML_PATH')
-        if self.stig_path is None:
-            self.stig_path = self._get_STIG_path()
-        self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
-        if self.XML_path is None:
-            self.XML_path = tempfile.mkdtemp() + "/xccdf-results.xml"
-        self._display.display('Using XML_PATH: {}'.format(self.XML_path))
-
-        print("Writing: {}".format(self.XML_path))
-        STIG_name = os.path.basename(self.stig_path)
-        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
-        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
-        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
-        endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
-        self.tr.set('end-time', endtime)
-        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
-        tg.text = platform.node()
-
-    def _get_rev(self, nid):
-        with open(self.stig_path, 'r') as f:
-            r = 'SV-{}r(?P<rev>\d+)_rule'.format(nid)
-            m = re.search(r, f.read())
-        if m:
-            rev = m.group('rev')
-        else:
-            rev = '0'
-        return rev
-
-    def v2_runner_on_ok(self, result):
-        name = result._task.get_name()
-        m = re.search('stigrule_(?P<id>\d+)', name)
-        if m:
-            nid = m.group('id')
-        else:
-            return
-        rev = self._get_rev(nid)
-        key = "{}r{}".format(nid, rev)
-        if self.rules.get(key, 'Unknown') != False:
-            self.rules[key] = result.is_changed()
-
-    def v2_playbook_on_stats(self, stats):
-        for rule, changed in self.rules.items():
-            state = 'fail' if changed else 'pass'
-            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
-            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
-            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
-            rs.text = state
-        passing = len(self.rules) - sum(self.rules.values())
-        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
-        sc.set('maximum', str(len(self.rules)))
-        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
-        sc.text = str(passing)
-        with open(self.XML_path, 'wb') as f:
-            out = ET.tostring(self.tr)
-            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
-            f.write(pretty)

collections/ansible_collections/demo/compliance/roles/rhel9STIG/handlers/main.yml

@@ -1,30 +0,0 @@
-- name: dconf_update
-  command: dconf update
-- name: auditd_restart
-  command: /usr/sbin/service auditd restart
-- name: ssh_restart
-  service:
-    name: sshd
-    state: restarted
-- name: rsyslog_restart
-  service:
-    name: rsyslog
-    state: restarted
-- name: sysctl_load_settings
-  command: sysctl --system
-- name: daemon_reload
-  systemd:
-    daemon_reload: true
-- name: networkmanager_reload
-  service:
-    name: NetworkManager
-    state: reloaded
-- name: logind_restart
-  service:
-    name: systemd-logind
-    state: restarted
-- name: with_faillock_enable
-  command: authselect enable-feature with-faillock
-- name: do_reboot
-  reboot:
-    pre_reboot_delay: 60

collections/ansible_collections/demo/openshift/roles/cluster_config/README.md

@@ -1,131 +0,0 @@
-Role Name
-=========
-
-This Ansible role helps configure Operators on the Openshift Cluster to support VM migrations. Tasks include
-- Configure Catalog Sources to use mirroring repository for Operators
-- Create and configure Operators
-
-
-Requirements
-------------
-
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
-
-Role Variables
---------------
-
-The task `operators/catalog_sources.yml` needs following variables:
-
-- **Variable Name**: `cluster_config_catalog_sources`
-  - **Type**: List
-  - **Description**: A list of custom CatalogSources configurations used as loop variables to generate Kubernetes manifest files from the  template `catalog_source.j2` for CatalogSource. If the variable is not available, no manifest is created.
-  - **Example**:
-    ```yaml
-    cluster_config_catalog_sources:
-      - name: redhat-marketplace2
-        source_type: grpc
-        display_name: Mirror to Red Hat Marketplace
-        image_path: internal-registry.example.com/operator:v1
-        priority: '-300'
-        icon:
-          base64data: ''
-          mediatype: ''
-        publisher: redhat
-        address: ''
-        grpc_pod_config: |
-          nodeSelector:
-            kubernetes.io/os: linux
-            node-role.kubernetes.io/master: ''
-          priorityClassName: system-cluster-critical
-          securityContextConfig: restricted
-          tolerations:
-            - effect: NoSchedule
-              key: node-role.kubernetes.io/master
-              operator: Exists
-            - effect: NoExecute
-              key: node.kubernetes.io/unreachable
-              operator: Exists
-              tolerationSeconds: 120
-            - effect: NoExecute
-              key: node.kubernetes.io/not-ready
-              operator: Exists
-              tolerationSeconds: 120
-        registry_poll_interval: 10m
-    ```
-
-The task `operators/operator_config.yaml` needs following variables:
-
-- **Variable Name**: `cluster_config_operators`
-  - **Type**: List
-  - **Description**: A list of operators to be installed on OCP cluster
-- **Variable Name**: `cluster_config_[OPERATOR_NAME]`
-  - **Type**: Dict
-  - **Description**: Configuration specific to each operator listed in `cluster_config_operators`. Includes settings for namespace, operator group, subscription, and any extra resources
-  - **Example**: Assume the `cluster_config_operators` specifies these operators:
-  ```yaml
-  cluster_config_operators:
-    - cnv
-    - oadp
-  ```
-  then the corresponding `cluster_config_mtv` and `cluster_config_cnv` can be configured as following:
-  ```yaml
-  cluster_config_cnv_namespace: openshift-cnv
-  cluster_config_cnv:
-  namespace:
-    name: "{{ cluster_config_cnv_namespace }}"
-  operator_group:
-    name: kubevirt-hyperconverged-group
-    target_namespaces:
-      - "{{ cluster_config_cnv_namespace }}"
-  subscription:
-    name: kubevirt-hyperconverged
-    starting_csv: kubevirt-hyperconverged-operator.v4.13.8
-  extra_resources:
-    - apiVersion: hco.kubevirt.io/v1beta1
-      kind: HyperConverged
-      metadata:
-        name: kubevirt-hyperconverged
-        namespace: "{{ cluster_config_cnv_namespace }}"
-      spec:
-        BareMetalPlatform: true
-
-  cluster_config_oadp_namespace: openshift-adp
-  cluster_config_oadp:
-  namespace:
-    name: "{{ cluster_config_oadp_namespace }}"
-  operator_group:
-    name: redhat-oadp-operator-group
-    target_namespaces:
-      - "{{ cluster_config_oadp_namespace }}"
-  subscription:
-    name: redhat-oadp-operator-subscription
-    spec_name: redhat-oadp-operator
-  ```
-Dependencies
-------------
-
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
-
-Example Playbook
-----------------
-
-An example of configuring a CatalogSource resource:
-```
-- name: Configure Catalog Sources for Operators
-  hosts: localhost
-  gather_facts: false
-  tasks:
-    - ansible.builtin.include_role:
-        name: cluster_config
-        tasks_from: operators/catalog_sources
-```
-
-License
--------
-
-BSD
-
-Author Information
-------------------
-
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).

collections/ansible_collections/demo/openshift/roles/cluster_config/defaults/main.yml

@@ -1,23 +0,0 @@
----
-# defaults file for cluster_config
-cluster_config_operators:
-  - cnv
-
-cluster_config_cnv:
-  checkplan: true
-  namespace:
-    name: &cluster_config_cnv_namespace openshift-cnv
-  operator_group:
-    name: kubevirt-hyperconverged-group
-    target_namespaces:
-      - *cluster_config_cnv_namespace
-  subscription:
-    name: kubevirt-hyperconverged
-  extra_resources:
-    - apiVersion: hco.kubevirt.io/v1beta1
-      kind: HyperConverged
-      metadata:
-        name: kubevirt-hyperconverged
-        namespace: *cluster_config_cnv_namespace
-      spec:
-        BareMetalPlatform: true

collections/ansible_collections/demo/openshift/roles/cluster_config/handlers/main.yml

@@ -1,2 +0,0 @@
----
-# handlers file for cluster_config

collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/main.yml

@@ -1,3 +0,0 @@
----
-- name: Configure Operators
-  ansible.builtin.import_tasks: operators/operator_config.yml

collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/_operator_config_item.yml

@@ -1,37 +0,0 @@
----
-- name: Retrieve Operator name
-  ansible.builtin.set_fact:
-    _operator: "{{ vars['cluster_config_' + _operator_name] }}"
-- name: Configure Operator {{ _operator_name }}
-  redhat.openshift.k8s:
-    state: present
-    template:
-      - operators/namespace.yml.j2
-      - operators/operator_group.yml.j2
-      - operators/subscription.yml.j2
-- name: Query for install plan
-  kubernetes.core.k8s_info:
-    api_version: operators.coreos.com/v1alpha1
-    kind: InstallPlan
-    namespace: "{{ _operator.namespace.name }}"
-  register: r_install_plans
-  retries: 30
-  delay: 5
-  until:
-    - r_install_plans.resources | default([]) | length > 0
-    - r_install_plans.resources[0].status is defined
-    - r_install_plans.resources[0].status.phase == "Complete"
-  when:
-    - _operator.checkplan is defined
-    - _operator.checkplan | bool
-
-- name: Configure extra resources for Operator {{ _operator_name }}
-  redhat.openshift.k8s:
-    state: present
-    definition: "{{ item }}"
-  register: creation_result
-  loop: "{{ _operator.extra_resources }}"
-  retries: 30
-  delay: 5
-  until: creation_result is success
-  when: _operator.extra_resources is defined

collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/catalog_sources.yml

@@ -1,7 +0,0 @@
----
-- name: Configure custom CatalogSource for Operators
-  redhat.openshift.k8s:
-    state: present
-    template: operators/catalog_source.j2
-  loop: "{{ cluster_config_catalog_sources }}"
-  when: cluster_config_catalog_sources is defined

collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/node-health-check.yml

@@ -1,59 +0,0 @@
----
-- name: Create node-health-check operator namespace
-  redhat.openshift.k8s:
-    name:  openshift-workload-availability
-    api_version: v1
-    kind: Namespace
-    state: present
-
-- name: Create node-health-check operator group
-  redhat.openshift.k8s:
-    state: present
-    definition:
-      apiVersion: operators.coreos.com/v1
-      kind: OperatorGroup
-      metadata:
-        generateName: openshift-workload-availability-
-        annotations:
-          olm.providedAPIs: >-
-            NodeHealthCheck.v1alpha1.remediation.medik8s.io,SelfNodeRemediation.v1alpha1.self-node-remediation.medik8s.io,SelfNodeRemediationConfig.v1alpha1.self-node-remediation.medik8s.io,SelfNodeRemediationTemplate.v1alpha1.self-node-remediation.medik8s.io
-        namespace: openshift-workload-availability
-      spec:
-        upgradeStrategy: Default
-
-- name: Create node-health-check operator subscription
-  redhat.openshift.k8s:
-    state: present
-    definition:
-      apiVersion: operators.coreos.com/v1alpha1
-      kind: Subscription
-      metadata:
-        labels:
-          operators.coreos.com/node-healthcheck-operator.openshift-workload-availability: ''
-        name: node-health-check-operator
-        namespace: openshift-workload-availability
-      spec:
-        channel: stable
-        installPlanApproval: Automatic
-        name: node-healthcheck-operator
-        source: redhat-operators
-        sourceNamespace: openshift-marketplace
-
-- name: Create Self Node Remediation subscription
-  redhat.openshift.k8s:
-    state: present
-    definition:
-      apiVersion: operators.coreos.com/v1alpha1
-      kind: Subscription
-      metadata:
-        name: self-node-remediation-stable-redhat-operators-openshift-marketplace
-        namespace: openshift-workload-availability
-        labels:
-          operators.coreos.com/self-node-remediation.openshift-workload-availability: ''
-      spec:
-        channel: stable
-        installPlanApproval: Automatic
-        name: self-node-remediation
-        source: redhat-operators
-        sourceNamespace: openshift-marketplace
-        startingCSV: self-node-remediation.v0.8.0

collections/ansible_collections/demo/openshift/roles/cluster_config/tasks/operators/operator_config.yml

@@ -1,6 +0,0 @@
----
-- name: Configure Operators
-  ansible.builtin.include_tasks: _operator_config_item.yml
-  loop: "{{ cluster_config_operators }}"
-  loop_control:
-    loop_var: _operator_name

collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/catalog_source.j2

@@ -1,34 +0,0 @@
-apiVersion: operators.coreos.com/v1alpha1
-kind: CatalogSource
-metadata:
-  name: {{ item.name }}
-  namespace: openshift-marketplace
-spec:
-  sourceType: {{ item.source_type | d('grpc',true) }}
-  image: {{ item.image_path }}
-  {% if item.display_name is defined -%}
-  displayName: {{ item.display_name }}
-  {% endif -%}
-  {% if item.priority is defined -%}
-  priority: {{ item.priority }}
-  {% endif -%}
-  {% if item.grpc_pod_config is defined -%}
-  grpcPodConfig:
-    {{ item.grpc_pod_config | indent(4) }}
-  {% endif -%}
-  {% if item.icon is defined -%}
-  icon:
-    base64data: '{{ item.icon.base64data or ''  }}'
-    mediatype: '{{ item.icon.mediatype or '' }}'
-  {% endif -%}
-  {% if item.publisher is defined -%}
-  publisher: {{ item.publisher }}
-  {% endif -%}
-  {% if item.address is defined -%}
-  address: {{ item.address }}
-  {% endif -%}
-  {% if item.registry_poll_interval is defined -%}
-  updateStrategy:
-    registryPoll:
-      interval: {{ item.registry_poll_interval }}
-  {% endif -%}

collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/namespace.yml.j2

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-    name: {{ _operator.namespace.name }}
-{% if _operator.namespace.labels is defined %}
-    labels:
-      {% for key, value in _operator.namespace.labels.items() -%}
-      {{ key }}: "{{ value }}"
-      {% endfor -%}
-{% endif -%}

collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/operator_group.yml.j2

@@ -1,12 +0,0 @@
-apiVersion: operators.coreos.com/v1
-kind: OperatorGroup
-metadata:
-  name: {{ _operator.operator_group.name }}
-  namespace: {{ _operator.operator_group.namespace | d(_operator.namespace.name, true) }}
-spec:
-  {% if _operator.operator_group.target_namespaces is defined -%}
-  targetNamespaces:
-  {% for item in _operator.operator_group.target_namespaces %}
-    - {{ item }}
-  {% endfor %}
-  {% endif -%}

collections/ansible_collections/demo/openshift/roles/cluster_config/templates/operators/subscription.yml.j2

@@ -1,14 +0,0 @@
-apiVersion: operators.coreos.com/v1alpha1
-kind: Subscription
-metadata:
-  name: {{ _operator.subscription.name }}
-  namespace: "{{ _operator.subscription.namespace | d(_operator.namespace.name, true) }}"
-spec:
-  channel: {{ _operator.subscription.channel | d('stable', true) }}
-  installPlanApproval: {{ _operator.subscription.install_plan_approval | d('Automatic', true) }}
-  name: {{ _operator.subscription.spec_name | d(_operator.subscription.name, true) }}
-  source: {{ _operator.subscription.source | d('redhat-operators', true) }}
-  sourceNamespace: {{ _operator.subscription.source_namespace | d('openshift-marketplace', true) }}
-{% if _operator.subscription.starting_csv is defined %}
-  startingCSV: {{ _operator.subscription.starting_csv }}
-{% endif -%}

collections/ansible_collections/demo/openshift/roles/cluster_config/tests/inventory

@@ -1 +0,0 @@
-localhost

collections/ansible_collections/demo/openshift/roles/cluster_config/tests/test.yml

@@ -1,6 +0,0 @@
----
-- name: Include cluster_config role
-  hosts: localhost
-  remote_user: root
-  roles:
-    - cluster_config

collections/ansible_collections/demo/openshift/roles/cluster_config/vars/main.yml

@@ -1,2 +0,0 @@
----
-# vars file for cluster_config

collections/ansible_collections/demo/openshift/roles/eda_controller/.yamllint

@@ -1,13 +0,0 @@
----
-extends: default
-
-rules:
-  comments:
-    require-starting-space: false
-    min-spaces-from-content: 1
-  comments-indentation: disable
-  indentation:
-    indent-sequences: consistent
-  line-length:
-    max: 120
-    allow-non-breakable-inline-mappings: true

collections/ansible_collections/demo/openshift/roles/eda_controller/defaults/main.yml

@@ -1,16 +0,0 @@
----
-# --------------------------------------------------------
-# Ansible Automation Platform Controller URL
-# --------------------------------------------------------
-# eda_controller_aap_controller_url: [Required]
-
-# --------------------------------------------------------
-# Workload: eda_controller
-# --------------------------------------------------------
-eda_controller_project: "aap"
-eda_controller_project_app_name: "eda-controller"
-
-# eda_controller_admin_password: "{{ common_password }}"
-
-eda_controller_cluster_rolebinding_name: eda_default
-eda_controller_cluster_rolebinding_role: cluster-admin

collections/ansible_collections/demo/openshift/roles/eda_controller/meta/main.yml

@@ -1,14 +0,0 @@
----
-galaxy_info:
-  role_name: eda_controller
-  author: Mitesh Sharma (mitsharm@redhat.com)
-  description: |
-    Installs EDA on OpenShift
-  license: GPLv3
-  min_ansible_version: "2.9"
-  platforms: []
-  galaxy_tags:
-    - eda
-    - openshift
-    - aap
-dependencies: []

collections/ansible_collections/demo/openshift/roles/eda_controller/readme.adoc

@@ -1,6 +0,0 @@
-== eda_controller
-
-This role installs EDA on OpenShift, mostly copied from https://github.com/redhat-cop/agnosticd/.
-
-== Dependencies
-Role: automation_controller_platform

collections/ansible_collections/demo/openshift/roles/eda_controller/tasks/main.yml

@@ -1,54 +0,0 @@
----
-- name: Setup environment vars
-  block:
-    - name: Create secret and Install EDA
-      kubernetes.core.k8s:
-        state: present
-        definition: "{{ lookup('template', __definition) }}"
-      loop:
-        - eda_admin_secret.j2
-        - eda_controller.j2
-      loop_control:
-        loop_var: __definition
-
-    - name: Retrieve created route
-      kubernetes.core.k8s_info:
-        api_version: "route.openshift.io/v1"
-        kind: Route
-        name: "{{ eda_controller_project_app_name }}"
-        namespace: "{{ eda_controller_project }}"
-      register: r_eda_route
-      until: r_eda_route.resources[0].spec.host is defined
-      retries: 30
-      delay: 45
-
-    - name: Get eda-controller route hostname
-      ansible.builtin.set_fact:
-        eda_controller_hostname: "{{ r_eda_route.resources[0].spec.host }}"
-
-    - name: Wait for eda_controller to be running
-      ansible.builtin.uri:
-        url: https://{{ eda_controller_hostname }}/api/eda/v1/users/me/awx-tokens/
-        user: "admin"
-        password: "{{ lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') }}"
-        method: GET
-        force_basic_auth: true
-        validate_certs: false
-        body_format: json
-        status_code: 200
-      register: r_result
-      until: not r_result.failed
-      retries: 60
-      delay: 45
-
-    - name: Create Rolebinding for Rulebook Activations
-      kubernetes.core.k8s:
-        state: present
-        definition: "{{ lookup('template', 'cluster_rolebinding.j2') }}"
-
-    - name: Display EDA Controller URL
-      ansible.builtin.debug:
-        msg:
-          - "EDA Controller URL: https://{{ eda_controller_hostname }}"
-          - "EDA Controller Admin Login: admin"
-          - "EDA Controller Admin Password: <same as the Controller Admin password>"

collections/ansible_collections/demo/openshift/roles/eda_controller/templates/cluster_rolebinding.j2

@@ -1,13 +0,0 @@
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: {{ eda_controller_cluster_rolebinding_name }}
-subjects:
-  - kind: ServiceAccount
-    name: default
-    namespace: {{ eda_controller_project }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ eda_controller_cluster_rolebinding_role }}

collections/ansible_collections/demo/openshift/roles/eda_controller/templates/eda_admin_secret.j2

@@ -1,15 +0,0 @@
----
-kind: Secret
-apiVersion: v1
-metadata:
-  name: {{ eda_controller_project_app_name }}-admin-password
-  namespace: {{ eda_controller_project }}
-  labels:
-    app.kubernetes.io/component: eda
-    app.kubernetes.io/managed-by: eda-operator
-    app.kubernetes.io/name: {{ eda_controller_project_app_name }}
-    app.kubernetes.io/operator-version: '2.4'
-    app.kubernetes.io/part-of: {{ eda_controller_project_app_name }}
-data:
-  password: "{{ lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') | b64encode }}"
-type: Opaque

collections/ansible_collections/demo/openshift/roles/eda_controller/templates/eda_controller.j2

@@ -1,26 +0,0 @@
----
-apiVersion: eda.ansible.com/v1alpha1
-kind: EDA
-metadata:
-  name: {{ eda_controller_project_app_name }}
-  namespace: {{ eda_controller_project }}
-spec:
-  route_tls_termination_mechanism: Edge
-  ingress_type: Route
-  loadbalancer_port: 80
-  no_log: true
-  image_pull_policy: IfNotPresent
-  ui:
-    replicas: 1
-  set_self_labels: true
-  api:
-    gunicorn_workers: 2
-    replicas: 1
-  redis:
-    replicas: 1
-  admin_user: admin
-  loadbalancer_protocol: http
-  worker:
-    replicas: 3
-  automation_server_url: '{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}'
-  admin_password_secret: {{ eda_controller_project_app_name }}-admin-password

collections/ansible_collections/demo/openshift/roles/snapshot/tasks/create.yml

@@ -1,49 +0,0 @@
----
-- name: Get state of VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm_info:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-  register: state
-
-- name: Stop VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-    running: false
-    wait: true
-  when: state.resources.0.spec.running
-
-- name: Create a VirtualMachineSnapshot
-  kubernetes.core.k8s:
-    definition:
-      apiVersion: snapshot.kubevirt.io/v1alpha1
-      kind: VirtualMachineSnapshot
-      metadata:
-        generateName: "{{ item }}-{{ ansible_date_time.epoch }}"
-        namespace: "{{ vm_namespace }}"
-      spec:
-        source:
-          apiGroup: kubevirt.io
-          kind: VirtualMachine
-          name: "{{ item }}"
-    wait: true
-    wait_condition:
-      type: Ready
-  register: snapshot
-
-- name: Start VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-    running: true
-    wait: true
-  when: state.resources.0.spec.running
-
-- name: Export snapshot name
-  ansible.builtin.set_stats:
-    data:
-      restore_snapshot_name: "{{ snapshot.result.metadata.name }}"
-
-- name: Output snapshot name
-  ansible.builtin.debug:
-    msg: "Successfully created snapshot {{ snapshot.result.metadata.name }}"

collections/ansible_collections/demo/openshift/roles/snapshot/tasks/main.yml

@@ -1,12 +0,0 @@
----
-# parameters
-# snapshot_opeation: <ceate/restore>
-- name: Show hostnames we care about
-  ansible.builtin.debug:
-    msg: "About to {{ snapshot_operation }} snapshot(s) for the following hosts:
-{{ lookup('ansible.builtin.inventory_hostnames', snapshot_hosts) | split(',') | difference(['localhost']) }}"
-
-- name: Manage snapshots based on operation
-  ansible.builtin.include_tasks:
-    file: "{{ snapshot_operation }}.yml"
-  loop: "{{ lookup('ansible.builtin.inventory_hostnames', snapshot_hosts) | regex_replace(vm_namespace + '-', '') | split(',') | difference(['localhost']) }}"

collections/ansible_collections/demo/openshift/roles/snapshot/tasks/restore.yml

@@ -1,51 +0,0 @@
----
-- name: Get state of VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm_info:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-  register: state
-
-- name: List snapshots
-  kubernetes.core.k8s_info:
-    api_version: snapshot.kubevirt.io/v1alpha1
-    kind: VirtualMachineSnapshot
-    namespace: "{{ vm_namespace }}"
-  register: snapshot
-
-- name: Set snapshot name for {{ item }}
-  ansible.builtin.set_fact:
-    latest_snapshot: "{{ snapshot.resources | selectattr('spec.source.name', 'equalto', item) | sort(attribute='metadata.creationTimestamp') | first }}"
-
-- name: Stop VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-    running: false
-    wait: true
-  when: state.resources.0.spec.running
-
-- name: Restore a VirtualMachineSnapshot
-  kubernetes.core.k8s:
-    definition:
-      apiVersion: snapshot.kubevirt.io/v1alpha1
-      kind: VirtualMachineRestore
-      metadata:
-        generateName: "{{ latest_snapshot.metadata.generateName }}"
-        namespace: "{{ vm_namespace }}"
-      spec:
-        target:
-          apiGroup: kubevirt.io
-          kind: VirtualMachine
-          name: "{{ item }}"
-        virtualMachineSnapshotName: "{{ latest_snapshot.metadata.name }}"
-    wait: true
-    wait_condition:
-      type: Ready
-
-- name: Start VirtualMachine
-  redhat.openshift_virtualization.kubevirt_vm:
-    name: "{{ item }}"
-    namespace: "{{ vm_namespace }}"
-    running: true
-    wait: true
-  when: state.resources.0.spec.running

collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml

@@ -6,34 +6,32 @@
     mode: "0755"
 
 - name: Create HTML report
-  check_mode: false
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/network.html"
     mode: "0644"
+  check_mode: false
 
 - name: Copy CSS over
-  check_mode: false
   ansible.builtin.copy:
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
     mode: "0775"
+  check_mode: false
 
 - name: Copy logos over
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0644"
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"
     - "router.png"
-  loop_control:
-    loop_var: logo
   check_mode: false
-  ansible.builtin.copy:
-    src: "{{ logo }}"
-    dest: "{{ file_path }}"
-    directory_mode: true
-    mode: "0644"
 
-- name: Display link to Linux patch report
+# - name: Display link to Linux patch report
-  ansible.builtin.debug:
+#   ansible.builtin.debug:
-    msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/network.html"
+#     msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/network.html"

collections/ansible_collections/demo/patching/roles/report_ocp_patching/README.md

@@ -1,36 +0,0 @@
-build_report_linux_patch
-========
-
-Installs Apache and creates a report based on facts from Linux patching
-
-Requirements
-------------
-
-Must run on Apache server
-
-Role Variables / Configuration
---------------
-
-N/A
-
-Dependencies
-------------
-
-N/A
-
-Example Playbook
-----------------
-
-The role can be used to create an html report on any number of Linux hosts using any number of Linux servers about their patching results(yum and dnf)
-
-
-```
----
-- hosts: all
-
-  tasks:
-  - name: Run Windows Report
-    import_role:
-      name: shadowman.reports.build_report_linux_patch
-
-```

collections/ansible_collections/demo/patching/roles/report_ocp_patching/defaults/main.yml

@@ -1,8 +0,0 @@
----
-email_from: tower@shadowman.dev  # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way
-to_emails: alex@shadowman.dev,tower@shadowman.dev  # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way
-to_emails_list: "{{ to_emails.split(',') }}"  # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way
-detailedreport: true  # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way
-reports:  # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way
-  - linux.html
-  - linuxpatch.html

collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/new.css

@@ -1,202 +0,0 @@
-p.hostname {
-    color: #000000;
-    font-weight: bolder;
-    font-size: large;
-    margin: auto;
-    width: 50%;
-  }
-
-  #subtable {
-    background: #ebebeb;
-    margin: 0px;
-    width: 100%;
-  }
-
-  #subtable tbody tr td {
-    padding: 5px 5px 5px 5px;
-  }
-
-  #subtable thead th {
-    padding: 5px;
-  }
-
-  * {
-    -moz-box-sizing: border-box;
-    -webkit-box-sizing: border-box;
-    box-sizing: border-box;
-    font-family: "Open Sans", "Helvetica";
-
-  }
-
-  a {
-    color: #ffffff;
-  }
-
-  p {
-    color: #ffffff;
-  }
-  h1 {
-    text-align: center;
-    color: #ffffff;
-  }
-
-  body {
-    background:#353a40;
-    padding: 0px;
-    margin: 0px;
-    font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-  }
-
-  table {
-    border-collapse: separate;
-    background:#fff;
-    @include border-radius(5px);
-    @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
-  }
-
-  .main_net_table {
-    margin:50px auto;
-  }
-
-  thead {
-    @include border-radius(5px);
-  }
-
-  thead th {
-    font-size:16px;
-    font-weight:400;
-    color:#fff;
-    @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
-    text-align:left;
-    padding:20px;
-    border-top:1px solid #858d99;
-    background: #353a40;
-
-    &:first-child {
-     @include border-top-left-radius(5px);
-    }
-
-    &:last-child {
-      @include border-top-right-radius(5px);
-    }
-  }
-
-  tbody tr td {
-    font-weight:400;
-    color:#5f6062;
-    font-size:13px;
-    padding:20px 20px 20px 20px;
-    border-bottom:1px solid #e0e0e0;
-  }
-
-  tbody tr:nth-child(2n) {
-    background:#f0f3f5;
-  }
-
-  tbody tr:last-child td {
-    border-bottom:none;
-    &:first-child {
-      @include border-bottom-left-radius(5px);
-    }
-    &:last-child {
-      @include border-bottom-right-radius(5px);
-    }
-  }
-
-  td {
-    vertical-align: top;
-  }
-
-  span.highlight {
-      background-color: yellow;
-  }
-
-  .expandclass {
-    color: #5f6062;
-  }
-
-  .content{
-           display:none;
-           margin: 10px;
-  }
-
-  header {
-    width: 100%;
-    position: initial;
-    float: initial;
-    padding: 0;
-    margin: 0;
-    border-radius: 0;
-    height: 88px;
-    background-color: #171717;
-  }
-
-  .header-container {
-    margin: 0 auto;
-    width: 100%;
-    height: 100%;
-    max-width: 1170px;
-    padding: 0;
-    float: initial;
-    display: flex;
-    align-items: center;
-  }
-
-  .header-logo {
-    width: 137px;
-    border: 0;
-    margin: 0;
-    margin-left: 15px;
-  }
-
-  .header-link {
-    margin-left: 40px;
-    text-decoration: none;
-    cursor: pointer;
-    text-transform: uppercase;
-    font-size: 15px;
-    font-family: 'Red Hat Text';
-    font-weight: 500;
-  }
-
-  .header-link:hover {
-    text-shadow: 0 0 0.02px white;
-    text-decoration: none;
-  }
-
-  table.net_info td {
-    padding: 5px;
-}
-
-p.expandclass:hover {
-    text-decoration: underline;
-    color: #EE0000;
-    cursor: pointer;
-}
-
-.summary_info {
-}
-
-.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
-    border: 1px solid #5F0000;
-    background: #EE0000;
-}
-
-div#net_content {
-    padding: 0px;
-    height: auto !important;
-}
-
-img.router_image {
-    vertical-align: middle;
-    padding: 0px 10px 10px 10px;
-    width: 50px;
-}
-
-table.net_info {
-    width: 100%;
-}
-
-p.internal_label {
-    color: #000000;
-}

collections/ansible_collections/demo/patching/roles/report_ocp_patching/files/redhat-ansible-logo.svg

@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-<svg version="1.1" id="Logos" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
-	 width="930.2px" height="350px" viewBox="0 0 930.2 350" style="enable-background:new 0 0 930.2 350;" xml:space="preserve">
-<style type="text/css">
-	.st0{fill:#FFFFFF;}
-	.st1{fill:#EE0000;}
-</style>
-<title>Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB</title>
-<path class="st0" d="M383.3,228.5h18.8L446,335.7h-17.5l-12.4-31.4h-48l-12.6,31.4h-16.7L383.3,228.5z M410.9,291l-18.7-47l-18.7,47
-	H410.9z"/>
-<path class="st0" d="M455.2,257.7h15.3v7.8c6.2-6.2,14.7-9.6,23.5-9.3c17.9,0,30.5,12.4,30.5,30.5v49h-15.3v-46.5
-	c0-12.3-7.5-19.8-19.3-19.8c-7.8-0.3-15.1,3.6-19.3,10.1v56.1h-15.3V257.7z"/>
-<path class="st0" d="M543,315.5c8.1,6.4,16.7,9.8,25.4,9.8c11,0,18.7-4.8,18.7-11.7c0-5.5-4-8.7-12.6-10l-14.1-2
-	c-15.5-2.3-23.3-9.5-23.3-21.6c0-14.1,12.3-23.6,30.5-23.6c11.3-0.1,22.3,3.4,31.5,9.9l-7.8,10.1c-8.6-5.7-16.4-8.1-24.7-8.1
-	c-9.3,0-15.6,4.3-15.6,10.6c0,5.7,3.7,8.4,12.9,9.8l14.1,2c15.5,2.3,23.6,9.7,23.6,21.7c0,14-14.1,24.5-32.6,24.5
-	c-13.5,0-25.6-4-34.2-11.5L543,315.5z"/>
-<path class="st0" d="M611.6,235.6c0-5.2,4.1-9.4,9.3-9.5c0,0,0,0,0,0c5.2-0.2,9.7,3.9,9.9,9.1c0.2,5.2-3.9,9.7-9.1,9.9
-	c-0.2,0-0.5,0-0.7,0C615.8,245.1,611.6,240.9,611.6,235.6C611.6,235.7,611.6,235.7,611.6,235.6z M628.6,335.7h-15.3v-78h15.3V335.7z
-	"/>
-<path class="st0" d="M685.5,336.9c-8.5,0-16.8-2.7-23.6-7.8v6.6h-15.2V228.5l15.3-3.4v40c6.6-5.6,15.1-8.7,23.7-8.6
-	c22.1,0,39.4,17.7,39.4,40.1C725.2,319.1,707.9,336.9,685.5,336.9z M662,279.2v35.2c4.9,5.7,13,9.2,21.8,9.2
-	c15,0,26.4-11.5,26.4-26.8c0-15.3-11.5-27-26.4-27C674.9,269.8,667.1,273.2,662,279.2z"/>
-<path class="st0" d="M755,335.7h-15.3V228.5l15.3-3.4V335.7z"/>
-<path class="st0" d="M810.5,337.1c-23,0-40.9-17.7-40.9-40.4c0-22.5,17.2-40.1,39.1-40.1c21.5,0,37.7,17.8,37.7,40.8v4.4h-61.6
-	c2,13,13.2,22.5,26.4,22.4c7.2,0.2,14.2-2.3,19.8-6.8l9.8,9.7C832.1,333.7,821.5,337.4,810.5,337.1z M784.9,290.2h46.3
-	c-2.3-11.9-11.5-20.8-22.8-20.8C796.5,269.4,787.2,277.8,784.9,290.2z"/>
-<path class="st1" d="M202.8,137.5c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5l-11-47.7c-2.5-10.5-4.8-15.2-23.2-24.5
-	c-14.3-7.3-45.5-19.4-54.7-19.4c-8.6,0-11.1,11.1-21.3,11.1c-9.8,0-17.1-8.3-26.4-8.3c-8.8,0-14.6,6-19,18.4c0,0-12.4,34.9-14,40
-	c-0.3,0.9-0.4,1.9-0.4,2.9C77.6,92.9,131.1,137.5,202.8,137.5 M250.8,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1
-	c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8c-24.8,1.3-56.9,5.7-56.9,34c0,46.4,109.9,103.5,196.9,103.5
-	c66.7,0,83.5-30.2,83.5-54C296.1,154.6,279.9,133.4,250.8,120.7"/>
-<path d="M250.7,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8
-	l5.4-13.3c-0.3,0.9-0.4,1.9-0.4,2.8c0,13.6,53.5,58.1,125.2,58.1c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5L250.7,120.7z"/>
-<path class="st0" d="M869.1,151.2c0,17.5,10.5,26,29.7,26c5.9-0.1,11.8-1,17.5-2.5v-20.3c-3.7,1.2-7.5,1.7-11.3,1.7
-	c-7.9,0-10.8-2.5-10.8-9.9v-31.1h22.9V94.2h-22.9V67.7l-25,5.4v21.1h-16.6v20.9h16.6L869.1,151.2z M791,151.7
-	c0-5.4,5.4-8.1,13.6-8.1c5,0,10,0.7,14.9,1.9V156c-4.8,2.6-10.2,3.9-15.6,3.9C795.9,159.9,791.1,156.8,791,151.7 M798.7,177.5
-	c8.8,0,16-1.9,22.6-6.3v5h24.8v-52.5c0-20-13.5-30.9-35.9-30.9c-12.6,0-25,2.9-38.3,9l9,18.4c9.6-4,17.7-6.5,24.8-6.5
-	c10.3,0,15.6,4,15.6,12.2v4c-6.1-1.6-12.3-2.4-18.6-2.3c-21.1,0-33.8,8.8-33.8,24.6C768.9,166.6,780.4,177.6,798.7,177.5
-	 M662.5,176.2h26.7v-42.5h44.6v42.5h26.7V67.7h-26.6v41.7h-44.6V67.7h-26.7L662.5,176.2z M561,135.1c0-11.8,9.3-20.8,21.5-20.8
-	c6.4-0.1,12.6,2.1,17.4,6.4v28.6c-4.7,4.4-10.9,6.7-17.4,6.5C570.5,155.8,561,146.8,561,135.1 M600.2,176.1H625V62.3l-25,5.4v30.8
-	c-6.4-3.6-13.6-5.5-20.9-5.4c-23.9,0-42.6,18.4-42.6,42c-0.3,23,18.1,41.9,41.1,42.2c0.2,0,0.5,0,0.7,0c7.9,0,15.6-2.5,22-7.1V176.1
-	z M486.5,113.2c7.9,0,14.6,5.1,17.2,13h-34.2C471.9,118,478.2,113.2,486.5,113.2 M444.2,135.2c0,23.9,19.5,42.5,44.6,42.5
-	c13.8,0,23.9-3.7,34.3-12.4l-16.6-14.7c-3.9,4-9.6,6.2-16.4,6.2c-8.8,0.2-16.8-4.9-20.2-13h58.4v-6.2c0-26-17.5-44.8-41.4-44.8
-	c-23.2-0.4-42.4,18.2-42.7,41.5C444.2,134.6,444.2,134.9,444.2,135.2 M400.9,90.5c8.8,0,13.8,5.6,13.8,12.2s-5,12.2-13.8,12.2h-26.3
-	V90.5H400.9z M347.9,176.2h26.7v-39.5h20.3l20.5,39.5h29.7l-23.9-43.4c12.4-5,20.5-17.1,20.4-30.5c0-19.5-15.3-34.5-38.3-34.5H348
-	L347.9,176.2z"/>
-</svg>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/tasks/main.yml

@@ -1,22 +0,0 @@
----
-- name: Define namespace
-  redhat.openshift.k8s:
-    wait: true
-    state: present
-    api_version: v1
-    kind: Namespace
-    name: patching-report
-
-- name: Define deployment resources
-  redhat.openshift.k8s:
-    wait: true
-    state: present
-    namespace: patching-report
-    definition: "{{ lookup('ansible.builtin.template', 'resources.yaml.j2') }}"
-  register: resources_output
-
-- name: Display link to patching report
-  ansible.builtin.debug:
-    msg:
-      - "Patching report availbable at:"
-      - "{{ resources_output.result.results[3].result.spec.port.targetPort }}://{{ resources_output.result.results[3].result.spec.host }}"

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/header.j2

@@ -1,15 +0,0 @@
-
-
-  <div class="wrapper">
-    <header>
-      <div class="header-container">
-        <a href="https://ansible.com">
-          <img
-            class="header-logo"
-            src="redhat-ansible-logo.svg"
-            title="Red Hat Ansible"
-            alt="Red Hat Ansible"
-          />
-        </a>
-      </div>
-    </header>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/landing.j2

@@ -1,41 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title> Ansible Linux Automation Report </title>
-  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
-  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
-  <link rel="stylesheet" href="new.css">
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
-<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
-<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
-<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
-</head>
-<body>
-<div class="wrapper">
-  {% include 'header.j2' %}
-<section>
-<center>
-<h1>Ansible Automation Reports</h1>
-<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
-</center>
-<table class="table table-striped mt32 main_net_table">
-<tbody>
-{% for report in reports %}
-        <tr>
-            <td class="summary_info">
-              <div id="hostname">
-                <p class="hostname"> <img class="router_image" src="report.png"></p>
-              </div>
-            </td>
-            <td>
-              <a href="{{ report }}"> {{ report }} <a>
-            </td>
-{% endfor %}
-</tbody>
-</table>
-<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
-</center>
-</section>
-</div>
-</body>
-</html>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/new.css.j2

@@ -1,202 +0,0 @@
-p.hostname {
-    color: #000000;
-    font-weight: bolder;
-    font-size: large;
-    margin: auto;
-    width: 50%;
-  }
-
-  #subtable {
-    background: #ebebeb;
-    margin: 0px;
-    width: 100%;
-  }
-
-  #subtable tbody tr td {
-    padding: 5px 5px 5px 5px;
-  }
-
-  #subtable thead th {
-    padding: 5px;
-  }
-
-  * {
-    -moz-box-sizing: border-box;
-    -webkit-box-sizing: border-box;
-    box-sizing: border-box;
-    font-family: "Open Sans", "Helvetica";
-
-  }
-
-  a {
-    color: #000000;
-  }
-
-  p {
-    color: #ffffff;
-  }
-  h1 {
-    text-align: center;
-    color: #ffffff;
-  }
-
-  body {
-    background:#353a40;
-    padding: 0px;
-    margin: 0px;
-    font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-  }
-
-  table {
-    border-collapse: separate;
-    background:#fff;
-    @include border-radius(5px);
-    @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
-  }
-
-  .main_net_table {
-    margin:50px auto;
-  }
-
-  thead {
-    @include border-radius(5px);
-  }
-
-  thead th {
-    font-size:16px;
-    font-weight:400;
-    color:#fff;
-    @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
-    text-align:left;
-    padding:20px;
-    border-top:1px solid #858d99;
-    background: #353a40;
-
-    &:first-child {
-     @include border-top-left-radius(5px);
-    }
-
-    &:last-child {
-      @include border-top-right-radius(5px);
-    }
-  }
-
-  tbody tr td {
-    font-weight:400;
-    color:#5f6062;
-    font-size:13px;
-    padding:20px 20px 20px 20px;
-    border-bottom:1px solid #e0e0e0;
-  }
-
-  tbody tr:nth-child(2n) {
-    background:#f0f3f5;
-  }
-
-  tbody tr:last-child td {
-    border-bottom:none;
-    &:first-child {
-      @include border-bottom-left-radius(5px);
-    }
-    &:last-child {
-      @include border-bottom-right-radius(5px);
-    }
-  }
-
-  td {
-    vertical-align: top;
-  }
-
-  span.highlight {
-      background-color: yellow;
-  }
-
-  .expandclass {
-    color: #5f6062;
-  }
-
-  .content{
-           display:none;
-           margin: 10px;
-  }
-
-  header {
-    width: 100%;
-    position: initial;
-    float: initial;
-    padding: 0;
-    margin: 0;
-    border-radius: 0;
-    height: 88px;
-    background-color: #171717;
-  }
-
-  .header-container {
-    margin: 0 auto;
-    width: 100%;
-    height: 100%;
-    max-width: 1170px;
-    padding: 0;
-    float: initial;
-    display: flex;
-    align-items: center;
-  }
-
-  .header-logo {
-    width: 137px;
-    border: 0;
-    margin: 0;
-    margin-left: 15px;
-  }
-
-  .header-link {
-    margin-left: 40px;
-    text-decoration: none;
-    cursor: pointer;
-    text-transform: uppercase;
-    font-size: 15px;
-    font-family: 'Red Hat Text';
-    font-weight: 500;
-  }
-
-  .header-link:hover {
-    text-shadow: 0 0 0.02px white;
-    text-decoration: none;
-  }
-
-  table.net_info td {
-    padding: 5px;
-}
-
-p.expandclass:hover {
-    text-decoration: underline;
-    color: #EE0000;
-    cursor: pointer;
-}
-
-.summary_info {
-}
-
-.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
-    border: 1px solid #5F0000;
-    background: #EE0000;
-}
-
-div#net_content {
-    padding: 0px;
-    height: auto !important;
-}
-
-img.router_image {
-    vertical-align: middle;
-    padding: 0px 10px 10px 10px;
-    width: 50px;
-}
-
-table.net_info {
-    width: 100%;
-}
-
-p.internal_label {
-    color: #000000;
-}

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/packages.j2

@@ -1,31 +0,0 @@
-<!–– INTERNAL TABLE FOR PACKAGES --!>
-<div id="accordion">
-<div class="ui-accordion ui-widget ui-helper-reset" role="tablist">
-<h3 class="ui-accordion-header ui-corner-top ui-state-default ui-accordion-icons ui-accordion-header-collapsed ui-corner-all" role="tab" id="ui-id-3" aria-controls="ui-id-4" aria-selected="false" aria-expanded="false" tabindex="0">Package Facts</h3>
-<div class="net_content ui-accordion-content ui-corner-bottom ui-helper-reset ui-widget-content" id="ui-id-4" aria-labelledby="ui-id-3" role="tabpanel" aria-hidden="true" style="display: none; height: 194px;">
-<table id="subtable" class="sortable">
-    <thead>
-        <tr>
-            <th>Package Name</th>
-            <th>source</th>
-            <th>release</th>
-            <th>version</th>
-        </tr>
-    </thead>
-    <tbody>
-    {% if hostvars[linux_host]['packages'] is defined %}
-    {% for package in hostvars[linux_host]['packages'] %}
-        <tr>
-            <td>{{package['name']}}</td>
-            <td>{{package['source']}}</td>
-            <td>{{package['release']}}</td>
-            <td>{{package['version']}}</td>
-        </tr>
-{% endfor %}
-{% endif %}
-    </tbody>
-</table>
-</div>
-</div>
-</div>
-<!–– END INTERNAL TABLE FOR PACKAGES --!>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/patch.j2

@@ -1,120 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title> Linux Patch Report </title>
-</head>
-<body>
-<center>
-<h1>Ansible Linux Patching Report</h1>
-<style>
-@media print {
-   .noprint {
-        display: none !important;
-    }
-}
-</style>
-<div class="noprint">
-<button type="button" onclick="tableToCSV()">Download CSV</button>
-<input type="button" value="Print" onClick="window.print()">
-</div>
-</center>
-<table border = "1" cellpadding = "5" cellspacing = "5">
-    <thead>
-        <tr>
-            <th>Hostname</th>
-            <th>Operating System</th>
-            <th>Operating System Version</th>
-            <th>Required Updates</th>
-        </tr>
-    </thead>
-    <tbody>
-{% for linux_host in ansible_play_hosts |sort %}
-        <tr>
-            <td>{{hostvars[linux_host]['inventory_hostname']}}</td>
-            <td>{{hostvars[linux_host]['ansible_os_family']|default("none")}}</td>
-            <td>{{hostvars[linux_host]['ansible_distribution_version']|default("none")}}</td>
-            <td>
-              <ul>
-{% if hostvars[linux_host].patchingresult_yum.changed|default("false",true) == true %}
-{% for packagename in hostvars[linux_host].patchingresult_yum.changes.updated|sort %}
-        <li> {{ packagename[0] }} - {{ packagename[1] }} </li>
-{% endfor %}
-{% elif hostvars[linux_host].patchingresult_dnf.changed|default("false",true) == true %}
-{% for packagename in hostvars[linux_host].patchingresult_dnf.results|sort %}
-        <li> {{ packagename }} </li>
-{% endfor %}
-{% elif hostvars[linux_host].patchingresult_dnf.changed is undefined %}
-        <li> Patching Failed </li>
-{% elif hostvars[linux_host].patchingresult_yum.changed is undefined %}
-        <li> Patching Failed </li>
-{% else %}
-        <li> Compliant </li>
-{% endif %}
-              </ul>
-            </td>
-        </tr>
-{% endfor %}
-    </tbody>
-</table>
-<center><p>Created with Ansible on {{hostvars[inventory_hostname].ansible_date_time.iso8601}}</p></center>
-<script type="text/javascript">
-function tableToCSV() {
-
-    // Variable to store the final csv data
-    var csv_data = [];
-
-    // Get each row data
-    var rows = document.getElementsByTagName('tr');
-    for (var i = 0; i < rows.length; i++) {
-
-        // Get each column data
-        var cols = rows[i].querySelectorAll('td,th');
-
-        // Stores each csv row data
-        var csvrow = [];
-        for (var j = 0; j < (cols.length); j++) {
-
-            // Get the text data of each cell of
-            // a row and push it to csvrow
-            if ( j == cols.length-1 && i==0){}
-            else{
-            csvrow.push(cols[j].textContent.replace(/,/g, " "));
-            }
-
-       }
-       csv_data.push(csvrow.join(","));
-}
-
-    // combine each row data with new line character
-    csv_data = csv_data.join('\n');
-
-    // Call this function to download csv file
-    downloadCSVFile(csv_data);
-}
-function downloadCSVFile(csv_data) {
-
-    // Create CSV file object and feed our
-    // csv_data into it
-    CSVFile = new Blob([csv_data], { type: "text/csv" });
-
-    // Create to temporary link to initiate
-    // download process
-    var temp_link = document.createElement('a');
-    var todayDate = new Date().toISOString().slice(0, 10);
-
-    // Download csv file
-    temp_link.download = "linuxpatching-" + todayDate + ".csv";
-    var url = window.URL.createObjectURL(CSVFile);
-    temp_link.href = url;
-
-    // This link should not be displayed
-    temp_link.style.display = "none";
-    document.body.appendChild(temp_link);
-
-    // Automatically click the link to trigger download
-    temp_link.click();
-    document.body.removeChild(temp_link);
-}
-</script>
-</body>
-</html>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/report.j2

@@ -1,105 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title> Ansible Linux Automation Report </title>
-  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
-  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
-  <link rel="stylesheet" href="new.css">
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
-<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
-<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
-<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
-<script>
-$(function() {
-$( "#accordion > div" ).accordion({
-    header: "h3",
-    active: false,
-collapsible: true
-});
-});
-</script>
-<script>
-        (function(document) {
-            'use strict';
-
-            var TableFilter = (function(myArray) {
-                var search_input;
-
-                function _onInputSearch(e) {
-                    search_input = e.target;
-                    var tables = document.getElementsByClassName(search_input.getAttribute('data-table'));
-                    myArray.forEach.call(tables, function(table) {
-                        myArray.forEach.call(table.tBodies, function(tbody) {
-                            myArray.forEach.call(tbody.rows, function(row) {
-                                var text_content = row.textContent.toLowerCase();
-                                var search_val = search_input.value.toLowerCase();
-                                row.style.display = text_content.indexOf(search_val) > -1 ? '' : 'none';
-                            });
-                        });
-                    });
-                }
-
-                return {
-                    init: function() {
-                        var inputs = document.getElementsByClassName('search-input');
-                        myArray.forEach.call(inputs, function(input) {
-                            input.oninput = _onInputSearch;
-                        });
-                    }
-                };
-            })(Array.prototype);
-
-            document.addEventListener('readystatechange', function() {
-                if (document.readyState === 'complete') {
-                    TableFilter.init();
-                }
-            });
-
-        })(document);
-    </script>
-</head>
-<body>
-<div class="wrapper">
-  {% include 'header.j2' %}
-<section>
-<center>
-<h1>Ansible Linux Automation Report</h1>
-<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
-</center>
-<table class="table table-striped mt32 main_net_table">
-    <thead>
-        <tr>
-            <th>Linux Device</th>
-            <th>Package Manager</th>
-            <th>Operating System</th>
-            <th>Operating System Version</th>
-            <th>Operating System Kernel Version</th>
-        </tr>
-    </thead>
-    <tbody>
-{% for linux_host in ansible_play_hosts |sort %}
-        <tr>
-            <td class="summary_info">
-              <div id="hostname">
-                <p class="hostname">
-                  <img class="router_image" src="server.png"> {{ hostvars[linux_host]['inventory_hostname'].split('.')[0] }}</p>
-                </div>
-{% if detailedreport == 'True' %}
-{% include 'packages.j2' %}
-{% include 'services.j2' %}
-{% endif %}
-</td>
-            <td>{{hostvars[linux_host]['ansible_pkg_mgr']|default("none")}}</td>
-            <td>{{hostvars[linux_host]['ansible_os_family']|default("none")}}</td>
-            <td>{{hostvars[linux_host]['ansible_distribution_version']|default("none")}}</td>
-            <td>{{hostvars[linux_host]['ansible_kernel']|default("none")}}</td>
-        </tr>
-{% endfor %}
-    </tbody>
-</table>
-<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
-</center>
-</section>
-</div>
-</body>
-</html>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/resources.yaml.j2

@@ -1,94 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: linux-patching-report
-  labels:
-    app: linux-patching-report
-data:
-  index.html: |
-    {% filter indent(width=4) %}
-    {%- include 'landing.j2' %}
-    {% endfilter %}
-
-  linux.html: |
-    {% filter indent(width=4) %}
-    {%- include 'report.j2' %}
-    {% endfilter %}
-
-  linuxpatch.html: |
-    {% filter indent(width=4) %}
-    {%- include 'patch.j2' %}
-    {% endfilter %}
-
-  new.css: |
-    {% filter indent(width=4) %}
-    {%- include 'new.css.j2' %}
-    {% endfilter %}
-
-binaryData:
-  server.png: {{ lookup('ansible.builtin.file', 'server.png') | b64encode }}
-  report.png: {{ lookup('ansible.builtin.file', 'report.png') | b64encode }}
-  webpage_logo.png: {{ lookup('file', 'webpage_logo.png') | b64encode }}
-  redhat-ansible-logo.svg: {{ lookup('ansible.builtin.file', 'redhat-ansible-logo.svg') | b64encode }}
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: linux-patching-report
-  labels:
-    app: linux-patching-report
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: linux-patching-report
-  template:
-    metadata:
-      labels:
-        app: linux-patching-report
-    spec:
-      terminationGracePeriodSeconds: 1
-      containers:
-      - image: registry.redhat.io/rhel8/httpd-24
-        name: report-server
-        volumeMounts:
-        - name: html
-          mountPath: /var/www/html
-      volumes:
-      - name: html
-        configMap:
-          name: linux-patching-report
----
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: linux-patching-report
-  name: linux-patching-report
-spec:
-  ports:
-  - name: http
-    port: 8080
-    protocol: TCP
-    targetPort: 8080
-  selector:
-    app: linux-patching-report
-  type: ClusterIP
----
-kind: Route
-apiVersion: route.openshift.io/v1
-metadata:
-  labels:
-    app: linux-patching-report
-  name: linux-patching-report
-spec:
-  to:
-    kind: Service
-    name: linux-patching-report
-    weight: 100
-  port:
-    targetPort: http
-  tls:
-    termination: edge
-    insecureEdgeTerminationPolicy: Redirect

collections/ansible_collections/demo/patching/roles/report_ocp_patching/templates/services.j2

@@ -1,30 +0,0 @@
-<!–– INTERNAL TABLE FOR SERVICES --!>
-<div id="accordion">
-<div class="ui-accordion ui-widget ui-helper-reset" role="tablist">
-<h3 class="ui-accordion-header ui-corner-top ui-state-default ui-accordion-icons ui-accordion-header-collapsed ui-corner-all" role="tab" id="ui-id-3" aria-controls="ui-id-4" aria-selected="false" aria-expanded="false" tabindex="0">Services Facts</h3>
-<div class="net_content ui-accordion-content ui-corner-bottom ui-helper-reset ui-widget-content" id="ui-id-4" aria-labelledby="ui-id-3" role="tabpanel" aria-hidden="true" style="display: none; height: 194px;">
-<table id="subtable" class="sortable">
-    <thead>
-        <tr>
-            <th>Service Name</th>
-            <th>State</th>
-            <th>Source</th>
-        </tr>
-    </thead>
-    <tbody>
-    {% if hostvars[linux_host]['services'] is defined %}
-    {% for servicesname in hostvars[linux_host]['services']|sort %}
-    {% set service = hostvars[linux_host]['services'][servicesname] %}
-        <tr>
-            <td>{{service['name']}}</td>
-            <td>{{service['state']}}</td>
-            <td>{{service['source']}}</td>
-        </tr>
-{% endfor %}
-{% endif %}
-    </tbody>
-</table>
-</div>
-</div>
-</div>
-<!–– END INTERNAL TABLE FOR SERVICES --!>

collections/ansible_collections/demo/patching/roles/report_ocp_patching/vars/main.yml

@@ -1 +0,0 @@
----

collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml

@@ -2,6 +2,14 @@
 - name: Include system variables
   ansible.builtin.include_vars: "{{ ansible_system }}.yml"
 
+- name: Permit traffic in default zone for http service
+  ansible.posix.firewalld:
+    service: http
+    permanent: true
+    state: enabled
+    immediate: true
+  check_mode: false
+
 - name: Install httpd package
   ansible.builtin.yum:
     name: httpd
@@ -22,10 +30,8 @@
     mode: "0644"
   check_mode: false
 
-- name: Start httpd service
+- name: Install httpd service
   ansible.builtin.service:
     name: httpd
     state: started
   check_mode: false
-
-...

collections/requirements.yml

@@ -1,6 +1,30 @@
 ---
-# required collections are installed in the Product Demos EE.
+collections:
-# additional collections needed during testing can be added here.
+  - name: ansible.controller
-collections: []
+  - name: infra.ah_configuration
-
+  - name: infra.controller_configuration
-...
+  - name: redhat_cop.controller_configuration
+  # linux
+  - name: ansible.posix
+  - name: community.general
+    version: ">=8.0.0"
+  - name: containers.podman
+  - name: redhat.insights
+  - name: redhat.rhel_system_roles
+  # windows
+  - name: ansible.windows
+  - name: chocolatey.chocolatey
+  - name: community.windows
+  # cloud
+  - name: amazon.aws
+  # satellite
+  - name: redhat.satellite
+  # network
+  - name: ansible.netcommon
+  - name: cisco.ios
+  - name: cisco.iosxr
+  - name: cisco.nxos
+  # openshift
+  - name: kubernetes.core
+  - name: redhat.openshift
+  - name: redhat.openshift_virtualization

common/README.md

@@ -1,3 +0,0 @@
-# Common Prerequisites
-
-Demos from some categories (cloud, linux, windows, etc.) have become dependent on controller resources defined in other demo categories.  The setup.yml file in this directory is used to configure these common prerequisites so that they are available before setup for a demo category is called.

common/setup.yml

@@ -1,290 +0,0 @@
----
-controller_execution_environments:
-  - name: Cloud Services Execution Environment
-    image: quay.io/scottharwell/cloud-ee:latest
-
-controller_organizations:
-  - name: Default
-    default_environment: Product Demos EE
-
-controller_projects:
-  - name: Ansible Cloud Content Lab - AWS
-    organization: Default
-    scm_type: git
-    wait: true
-    scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
-    default_environment: Cloud Services Execution Environment
-
-  - name: Ansible Cloud AWS Demos
-    organization: Default
-    scm_type: git
-    wait: true
-    scm_url: https://github.com/ansible-cloud/aws_demos.git
-    default_environment: Cloud Services Execution Environment
-
-controller_credentials:
-  - name: AWS
-    credential_type: Amazon Web Services
-    organization: Default
-    update_secrets: false
-    state: exists
-    inputs:
-      username: REPLACEME
-      password: REPLACEME
-
-controller_inventory_sources:
-  - name: AWS Inventory
-    organization: Default
-    source: ec2
-    inventory: Demo Inventory
-    credential: AWS
-    overwrite: true
-    source_vars:
-      hostnames:
-        - tag:Name
-      compose:
-        ansible_host: public_ip_address
-        ansible_user: 'ec2-user'
-      groups:
-        cloud_aws: true
-        os_linux: tags.blueprint.startswith('rhel')
-        os_windows: tags.blueprint.startswith('win')
-      keyed_groups:
-        - key: platform
-          prefix: os
-        - key: tags.blueprint
-          prefix: blueprint
-        - key: tags.owner
-          prefix: owner
-        - key: tags.purpose
-          prefix: purpose
-        - key: tags.deployment
-          prefix: deployment
-
-controller_groups:
-  - name: cloud_aws
-    inventory: Demo Inventory
-    variables:
-      ansible_user: ec2-user
-  - name: os_windows
-    inventory: Demo Inventory
-    variables:
-      ansible_connection: winrm
-      ansible_winrm_transport: credssp
-      ansible_winrm_server_cert_validation: ignore
-      ansible_port: 5986
-
-controller_templates:
-  - name: SUBMIT FEEDBACK
-    job_type: run
-    inventory: Demo Inventory
-    project: Ansible Product Demos
-    playbook: feedback.yml
-    execution_environment: Default execution environment
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-    survey_enabled: true
-    survey:
-      name: ''
-      description: ''
-      spec:
-        - question_name: Name/Email/Contact
-          type: text
-          variable: email
-          required: true
-        - question_name: Issue or Feedback
-          type: textarea
-          variable: feedback
-          required: true
-
-  - name: Cloud / AWS / Create VPC
-    job_type: run
-    organization: Default
-    credentials:
-      - AWS
-    project: Ansible Product Demos
-    playbook: cloud/create_vpc.yml
-    inventory: Demo Inventory
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-    survey_enabled: true
-    survey:
-      name: ''
-      description: ''
-      spec:
-        - question_name: AWS Region
-          type: multiplechoice
-          variable: create_vm_aws_region
-          required: true
-          choices:
-            - us-east-1
-            - us-east-2
-            - us-west-1
-            - us-west-2
-        - question_name: Owner
-          type: text
-          variable: aws_owner_tag
-          required: true
-
-  - name: Cloud / AWS / Create Keypair
-    job_type: run
-    organization: Default
-    credentials:
-      - AWS
-    project: Ansible Product Demos
-    playbook: cloud/aws_key.yml
-    inventory: Demo Inventory
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-    survey_enabled: true
-    survey:
-      name: ''
-      description: ''
-      spec:
-        - question_name: AWS Region
-          type: multiplechoice
-          variable: create_vm_aws_region
-          required: true
-          choices:
-            - us-east-1
-            - us-east-2
-            - us-west-1
-            - us-west-2
-        - question_name: Keypair Name
-          type: text
-          variable: aws_key_name
-          required: true
-          default: aws-test-key
-        - question_name: Keypair Public Key
-          type: textarea
-          variable: aws_public_key
-          required: true
-        - question_name: Owner
-          type: text
-          variable: aws_keypair_owner
-          required: true
-
-  - name: Cloud / AWS / Create VM
-    job_type: run
-    organization: Default
-    credentials:
-      - AWS
-      - Demo Credential
-    project: Ansible Cloud Content Lab - AWS
-    playbook: playbooks/create_vm.yml
-    inventory: Demo Inventory
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-    survey_enabled: true
-    allow_simultaneous: true
-    survey:
-      name: ''
-      description: ''
-      spec:
-        - question_name: AWS Region
-          type: multiplechoice
-          variable: create_vm_aws_region
-          required: true
-          choices:
-            - us-east-1
-            - us-east-2
-            - us-west-1
-            - us-west-2
-        - question_name: Name
-          type: text
-          variable: create_vm_vm_name
-          required: true
-        - question_name: Owner
-          type: text
-          variable: create_vm_vm_owner
-          required: true
-        - question_name: Deployment
-          type: text
-          variable: create_vm_vm_deployment
-          required: true
-        - question_name: Purpose
-          type: text
-          variable: create_vm_vm_purpose
-          required: true
-          default: demo
-        - question_name: Environment
-          type: multiplechoice
-          variable: create_vm_vm_environment
-          required: true
-          choices:
-            - Dev
-            - QA
-            - Prod
-        - question_name: Blueprint
-          type: multiplechoice
-          variable: vm_blueprint
-          required: true
-          choices:
-            - windows_core
-            - windows_full
-            - rhel9
-            - rhel8
-            - rhel7
-            - al2023
-        - question_name: Subnet
-          type: text
-          variable: create_vm_aws_vpc_subnet_name
-          required: true
-          default: aws-test-subnet
-        - question_name: Security Group
-          type: text
-          variable: create_vm_aws_securitygroup_name
-          required: true
-          default: aws-test-sg
-        - question_name: SSH Keypair
-          type: text
-          variable: create_vm_aws_keypair_name
-          required: true
-          default: aws-test-key
-        - question_name: AWS Instance Type (defaults to blueprint value)
-          type: text
-          variable: create_vm_aws_instance_size
-          required: false
-        - question_name: AWS Image Filter (defaults to blueprint value)
-          type: text
-          variable: create_vm_aws_image_filter
-          required: false
-
-  - name: Cloud / AWS / Delete VM
-    job_type: run
-    organization: Default
-    credentials:
-      - AWS
-      - Demo Credential
-    project: Ansible Cloud Content Lab - AWS
-    playbook: playbooks/delete_inventory_vm.yml
-    inventory: Demo Inventory
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry
-    survey_enabled: true
-    survey:
-      name: ''
-      description: ''
-      spec:
-        - question_name: Name or Pattern
-          type: text
-          variable: _hosts
-          required: true
-
-controller_notifications:
-  - name: Telemetry
-    organization: Default
-    notification_type: webhook
-    notification_configuration:
-      url: https://script.google.com/macros/s/AKfycbzxUObvCJ6ZbzfJyicw4RvxlGE3AZdrK4AR5-TsedCYd7O-rtTOVjvsRvqyb3rx6B0g8g/exec
-      http_method: POST
-      headers: {}
-
-controller_settings:
-  - name: SESSION_COOKIE_AGE
-    value: 180000

execution_environments/.gitattributes

@@ -1 +0,0 @@
-openshift-clients-4.16.0-202408021139.p0.ge8fb3c0.assembly.stream.el9.x86_64.rpm filter=lfs diff=lfs merge=lfs -text

execution_environments/README.md

@@ -1,17 +0,0 @@
-# Execution Environment Images for Ansible Product Demos
-
-When the Ansible Product Demos setup job template is run, it creates a number of execution environment definitions on the automation controller.  The content of this directory is used to create and update the default execution environment images defined during the setup process.
-
-Currently these execution environment images are created manually using the `build.sh` script, with a future goal of building in a CI pipeline when any EE definitions or requirements are updated.
-
-## Building the execution environment images
-
-1. `podman login registry.redhat.io` in order to pull the base EE images
-2. `export ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN="<token>"` obtained from [Automation Hub](https://console.redhat.com/ansible/automation-hub/token)
-3. `export ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN="<token>"` (same as above)
-4. `./build.sh` to build the EE images and add them to your local podman image cache
-
-The `build.sh` script creates multiple EE images, each based on the ee-minimal image that comes with a different minor version of AAP.  These images are created in the "quay.io/ansible-product-demos" namespace.  Currently the script builds the following images:
-
-* quay.io/ansible-product-demos/apd-ee-24
-* quay.io/ansible-product-demos/apd-ee-25

execution_environments/ansible.cfg

@@ -1,15 +0,0 @@
-[defaults]
-
-[galaxy]
-server_list = certified, validated, community_galaxy
-
-[galaxy_server.certified]
-url=https://cloud.redhat.com/api/automation-hub/content/published/
-auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
-
-[galaxy_server.validated]
-url=https://cloud.redhat.com/api/automation-hub/content/validated/
-auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
-
-[galaxy_server.community_galaxy]
-url=https://galaxy.ansible.com/

execution_environments/apd-ee-24.yml

@@ -1,32 +0,0 @@
----
-version: 3
-images:
-  base_image:
-    name: registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9:latest
-
-dependencies:
-  galaxy: requirements.yml
-
-additional_build_files:
-  # https://access.redhat.com/solutions/7024259
-  # download from access.redhat.com -> Downloads -> OpenShift Container Platform -> Packages
-  - src: openshift-clients-4.16.0-202408021139.p0.ge8fb3c0.assembly.stream.el9.x86_64.rpm
-    dest: rpms
-  - src: ansible.cfg
-    dest: configs
-
-options:
-  package_manager_path: /usr/bin/microdnf
-
-additional_build_steps:
-  prepend_base:
-    - RUN $PYCMD -m pip install --upgrade pip setuptools
-    - COPY _build/rpms/openshift-clients*.rpm /tmp/openshift-clients.rpm
-    - RUN $PKGMGR -y update && $PKGMGR -y install bash-completion && $PKGMGR clean all
-    - RUN rpm -ivh /tmp/openshift-clients.rpm && rm /tmp/openshift-clients.rpm
-  prepend_galaxy:
-    - ADD _build/configs/ansible.cfg /etc/ansible/ansible.cfg
-    - ARG ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN
-    - ARG ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN
-
-...

execution_environments/apd-ee-25.yml

@@ -1,39 +0,0 @@
----
-version: 3
-images:
-  base_image:
-    name: registry.redhat.io/ansible-automation-platform-25/ee-minimal-rhel9:latest
-
-dependencies:
-  galaxy: requirements-25.yml
-  python:
-    - pywinrm>=0.4.3
-  python_interpreter:
-    python_path: /usr/bin/python3.11
-
-additional_build_files:
-  # https://access.redhat.com/solutions/7024259
-  # download from access.redhat.com -> Downloads -> OpenShift Container Platform -> Packages
-  - src: openshift-clients-4.16.0-202408021139.p0.ge8fb3c0.assembly.stream.el9.x86_64.rpm
-    dest: rpms
-  - src: ansible.cfg
-    dest: configs
-
-options:
-  package_manager_path: /usr/bin/microdnf
-
-additional_build_steps:
-  prepend_base:
-    # AgnosticD can use this to deterine it is running from an EE
-    # see https://github.com/redhat-cop/agnosticd/blob/development/ansible/install_galaxy_roles.yml
-    - ENV LAUNCHED_BY_RUNNER=1
-    - RUN $PYCMD -m pip install --upgrade pip setuptools
-    - COPY _build/rpms/openshift-clients*.rpm /tmp/openshift-clients.rpm
-    - RUN $PKGMGR -y update && $PKGMGR -y install bash-completion && $PKGMGR clean all
-    - RUN rpm -ivh /tmp/openshift-clients.rpm && rm /tmp/openshift-clients.rpm
-  prepend_galaxy:
-    - ADD _build/configs/ansible.cfg /etc/ansible/ansible.cfg
-    - ARG ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN
-    - ARG ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN
-
-...

execution_environments/build.sh

@@ -1,29 +0,0 @@
-#!/bin/bash
-
-# array of images to build
-ee_images=(
-    "apd-ee-24"
-    "apd-ee-25"
-)
-
-for ee in "${ee_images[@]}"
-do
-    echo "Building EE image ${ee}"
-
-    # build EE image
-    ansible-builder build \
-        --file ${ee}.yml \
-        --context ./ee_contexts/${ee} \
-        --build-arg ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN \
-        --build-arg ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN \
-        -v 3 \
-        -t quay.io/ansible-product-demos/${ee}:$(date +%Y%m%d)
-
-    if [[ $? == 0 ]]
-    then
-        # tag EE image as latest
-        podman tag \
-            quay.io/ansible-product-demos/${ee}:$(date +%Y%m%d) \
-            quay.io/ansible-product-demos/${ee}:latest
-    fi
-done

execution_environments/openshift-clients-4.16.0-202408021139.p0.ge8fb3c0.assembly.stream.el9.x86_64.rpm

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f637eb0440f14f1458800c7a9012adcb9b58eb2131c02f64dfa4ca515e182093
-size 54960859

execution_environments/requirements-25.yml

@@ -1,75 +0,0 @@
----
-collections:
-  # AAP config as code
-  - name: ansible.controller
-    version: ">=4.6.0"
-  # TODO this fails trying to install a different version of
-  # the python-systemd package
-  # - name: ansible.eda  # fails trying to install systemd-python package
-  #   version: ">=2.1.0"
-  - name: ansible.hub
-    version: ">=1.0.0"
-  - name: ansible.platform
-    version: ">=2.5.0"
-  - name: infra.ah_configuration
-    version: ">=2.0.6"
-  - name: infra.controller_configuration
-    version: ">=2.11.0"
-  # linux demos
-  - name: ansible.posix
-    version: ">=1.5.4"
-  - name: community.general
-    version: ">=8.0.0"
-  - name: containers.podman
-    version: ">=1.12.1"
-  - name: redhat.insights
-    version: ">=1.2.2"
-  - name: redhat.rhel_system_roles
-    version: ">=1.23.0"
-  # windows demos
-  - name: ansible.windows
-    version: ">=2.3.0"
-  - name: chocolatey.chocolatey
-    version: ">=1.5.1"
-  - name: community.windows
-    version: ">=2.2.0"
-  # cloud demos
-  - name: amazon.aws
-    version: ">=7.5.0"
-  # satellite demos
-  - name: redhat.satellite
-    version: ">=4.0.0"
-  # network demos
-  - name: ansible.netcommon
-    version: ">=6.0.0"
-  - name: cisco.ios
-    version: ">=7.0.0"
-  - name: cisco.iosxr
-    version: ">=8.0.0"
-  - name: cisco.nxos
-    version: ">=7.0.0"
-  - name: network.backup
-    version: ">=3.0.0"
-  # TODO on 2.5 ee-minimal-rhel9 this tries to build and install
-  # a different version of python netifaces, which fails
-  # - name: infoblox.nios_modules
-  #   version: ">=1.6.1"
-  # openshift demos
-  - name: kubernetes.core
-    version: ">=4.0.0"
-  - name: redhat.openshift
-    version: ">=3.0.1"
-  - name: redhat.openshift_virtualization
-    version: ">=1.4.0"
-  # for RHDP
-  - name: ansible.utils
-    version: ">=5.1.0"
-  - name: kubevirt.core
-    version: ">=2.1.0"
-  - name: community.okd
-    version: ">=4.0.0"
-  - name: https://github.com/rhpds/assisted_installer.git
-    type: git
-    version: "v0.0.1"
-
-...

execution_environments/requirements.yml

@@ -1,52 +0,0 @@
----
-collections:
-  - name: ansible.controller
-    version: "<4.6.0"
-  - name: infra.ah_configuration
-    version: ">=2.0.6"
-  - name: infra.controller_configuration
-    version: ">=2.9.0"
-  - name: redhat_cop.controller_configuration
-    version: ">=2.3.1"
-  # linux
-  - name: ansible.posix
-    version: ">=1.5.4"
-  - name: community.general
-    version: ">=8.0.0"
-  - name: containers.podman
-    version: ">=1.12.1"
-  - name: redhat.insights
-    version: ">=1.2.2"
-  - name: redhat.rhel_system_roles
-    version: ">=1.23.0"
-  # windows
-  - name: ansible.windows
-    version: ">=2.3.0"
-  - name: chocolatey.chocolatey
-    version: ">=1.5.1"
-  - name: community.windows
-    version: ">=2.2.0"
-  # cloud
-  - name: amazon.aws
-    version: ">=7.5.0"
-  # satellite
-  - name: redhat.satellite
-    version: ">=4.0.0"
-  # network
-  - name: ansible.netcommon
-    version: ">=6.0.0"
-  - name: cisco.ios
-    version: ">=7.0.0"
-  - name: cisco.iosxr
-    version: ">=8.0.0"
-  - name: cisco.nxos
-    version: ">=7.0.0"
-  - name: infoblox.nios_modules
-    version: ">=1.6.1"
-  # openshift
-  - name: kubernetes.core
-    version: ">=4.0.0"
-  - name: redhat.openshift
-    version: ">=3.0.1"
-  - name: redhat.openshift_virtualization
-    version: ">=1.4.0"

linux/README.md

@@ -60,7 +60,7 @@ Edit the `Linux / System Roles` job to include the list of roles that you wish t
 
 **Linux / Temporary Sudo** - Use this job to show how to grant sudo access with automated cleanup to a server. The user must exist on the system. Using the student user is a good example (ie. student1)
 
-**Linux / Patching** - Use this job to apply updates or audit for missing updates and produce an html report of systems with missing updates. See the end of the job for the URL to view the report. In other environments this report could be uploaded to a wiki, email, other system. This demo also shows installing a webserver on a linux server. The report is places on the system defined by the `report_server` variable. By default, `report_server` is configured as `reports`. This may be overridden with `extra_vars` on the Job Template.
+**Linux / Patching** - Use this job to apply updates or audit for missing updates and produce an html report of systems with missing updates. See the end of the job for the URL to view the report. In other environments this report could be uploaded to a wiki, email, other system. This demo also shows installing a webserver on a linux server. The report is places on the system defined by the `report_server` variable. By default, `report_server` is configured as `node1`. This may be overridden with `extra_vars` on the Job Template.
 
 **Linux / Run Shell Script** - Use this job to demonstrate running shell commands or an existing shell script across a group of systems as root. This can be preferred over using Ad-Hoc commands due to the ability to control usage with RBAC. This is helpful in showing the scalable of execution of an existing shell script. It is always recommended to convert shell scripts to playbooks over time. Example usage would be getting the public key used in the environment with the command `cat .ssh/authorized_keys`.
 

linux/compliance-enforce.yml

@@ -12,5 +12,5 @@
 
     - name: Run Compliance Profile
       ansible.builtin.include_role:
-        name: "redhatofficial.rhel{{ ansible_distribution_major_version }}-{{ compliance_profile }}"
+        name: "redhatofficial.rhel{{ ansible_distribution_major_version }}_{{ compliance_profile }}"
 ...

linux/patching.yml

@@ -3,7 +3,7 @@
   hosts: "{{ _hosts | default(omit) }}"
   become: true
   vars:
-    report_server: reports
+    report_server: node1
 
   tasks:
     # Install yum-utils if it's not there
@@ -45,16 +45,6 @@
             name: firewalld
             state: started
 
-        - name: Enable firewall http service
-          ansible.posix.firewalld:
-            service: '{{ item }}'
-            state: enabled
-            immediate: true
-            permanent: true
-          loop:
-            - http
-            - https
-
         - name: Build report server
           ansible.builtin.include_role:
             name: "{{ item }}"

linux/setup.yml

@@ -27,7 +27,6 @@ controller_credentials:
   - name: Insights Inventory
     credential_type: Insights Collection
     organization: Default
-    state: exists
     inputs:
       insights_user: REPLACEME
       insights_password: REPLACEME
@@ -36,7 +35,7 @@ controller_inventory_sources:
   - name: Insights Inventory
     inventory: Demo Inventory
     source: scm
-    source_project: Ansible Product Demos
+    source_project: Ansible official demo project
     source_path: linux/inventory.insights.yml
     credential: Insights Inventory
 
@@ -44,7 +43,7 @@ controller_templates:
   - name: "LINUX / Register with Insights"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/ec2_register.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -83,7 +82,7 @@ controller_templates:
   - name: "LINUX / Troubleshoot"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/tshoot.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -104,7 +103,7 @@ controller_templates:
   - name: "LINUX / Temporary Sudo"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/temp_sudo.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -133,7 +132,7 @@ controller_templates:
   - name: "LINUX / Patching"
     job_type: check
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/patching.yml"
     execution_environment: Default execution environment
     notification_templates_started: Telemetry
@@ -156,7 +155,7 @@ controller_templates:
   - name: "LINUX / Start Service"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/service_start.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -181,7 +180,7 @@ controller_templates:
   - name: "LINUX / Stop Service"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/service_stop.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -206,7 +205,7 @@ controller_templates:
   - name: "LINUX / Run Shell Script"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/run_script.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -228,7 +227,7 @@ controller_templates:
           required: true
 
   - name: "LINUX / Fact Scan"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: linux/fact_scan.yml
     inventory: Demo Inventory
     execution_environment: Default execution environment
@@ -251,7 +250,7 @@ controller_templates:
   - name: "LINUX / Podman Webserver"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/podman.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -276,7 +275,7 @@ controller_templates:
   - name: "LINUX / System Roles"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/system_roles.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -303,7 +302,7 @@ controller_templates:
   - name: "LINUX / Install Web Console (cockpit)"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/system_roles.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -337,7 +336,7 @@ controller_templates:
   - name: "LINUX / DISA STIG"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/compliance.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -359,7 +358,7 @@ controller_templates:
   - name: "LINUX / Multi-profile Compliance"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/compliance-enforce.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -377,9 +376,6 @@ controller_templates:
       # used by the CJIS profile role
       service_firewalld_enabled: false
       firewalld_sshd_port_enabled: false
-      # used by the PCI-DSS profile role
-      firewalld_loopback_traffic_restricted: false
-      firewalld_loopback_traffic_trusted: false
     survey_enabled: true
     survey:
       name: ''
@@ -399,13 +395,13 @@ controller_templates:
             - cui
             - hipaa
             - ospp
-            - pci-dss
+            - pci_dss
             - stig
 
   - name: "LINUX / Multi-profile Compliance Report"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/compliance-report.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -445,7 +441,7 @@ controller_templates:
   - name: "LINUX / Insights Compliance Scan"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/insights_compliance_scan.yml"
     credentials:
       - "Demo Credential"
@@ -470,7 +466,7 @@ controller_templates:
   - name: "LINUX / Deploy Application"
     job_type: run
     inventory: "Demo Inventory"
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "linux/deploy_application.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry

multi_select_setup.yml

@@ -4,16 +4,15 @@
   gather_facts: false
   vars:
     launch_jobs:
-      name: "Product Demos | Single demo setup"
+      name: "SETUP"
       wait: true
   tasks:
     - name: Build controller launch jobs
       ansible.builtin.set_fact:
-        controller_launch_jobs: "{{ (controller_launch_jobs | d([])) + [launch_jobs | combine({'extra_vars': {'demo': item}})] }}"
+        controller_launch_jobs: "{{ (controller_launch_jobs | d([]))
+        + [launch_jobs | combine( {'extra_vars': { 'demo':  item }})] }}"
       loop: "{{ demos }}"
 
     - name: Default Components
       ansible.builtin.include_role:
         name: "infra.controller_configuration.job_launch"
-      vars:
-        controller_dependency_check: false  # noqa: var-naming[no-role-prefix]

network/README.md

@@ -12,23 +12,18 @@
 This category of demos shows examples of network operations and management with Ansible Automation Platform. The list of demos can be found below. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
 - [**NETWORK / Configuration**](https://github.com/nleiva/ansible-net-modules/blob/main/main.yml) - Deploy golden configurations for different resources to Cisco IOS, IOSXR, and NXOS.
 
-To run the demos, deploy them using Infrastructure as Code, run either the "Product Demos | Multi-demo setup" or the "Product Demos | Single demo setup" and select 'Network' in the "Product Demos" deployment, or utilize the steps in the repo level README.
-
 ### Project
 
 These demos leverage playbooks from a [git repo](https://github.com/nleiva/ansible-net-modules) that is added as the **`Network Golden Configs`** Project in your Ansible Controller. Review this repo for the playbooks to configure different resources and network config templates that will be configured.
 
 ### Inventory
 
-These demos leverage "always-on" instances for Cisco IOS, IOSXR, and NXOS from [Cisco DevNet Sandboxes](https://developer.cisco.com/docs/sandbox/#!getting-started/always-on-sandboxes). These instances are shared and do not provide admin access but they are instantly avaible all the time meaning no setup time is required.
+These demos leverage "always-on" instances for Cisco IOS, IOSXR, and NXOS from [Cisco DevNet Sandboxes](https://developer.cisco.com/docs/sandbox/#!getting-started/always-on-sandboxes). These instances are shared and do not provide admin access but they are instantly avaible all the time meaning not setup time is required.
 
-A **`Demo Inventory`** is created when setting up these demos and a dynamic source is added to populate the Always-On instances. Review the inventory file [here](https://github.com/nleiva/ansible-net-modules/blob/main/hosts).  Demo Inventory is the default inventory for **`Product Demos`**.
+A **`Network Inventory`** is created when setting up these demos and a dynamic source is added to populate the Always-On instances. Review the inventory file [here](https://github.com/nleiva/ansible-net-modules/blob/main/hosts).
 
 ## Suggested Usage
 
-**NETWORK / Report** - Use this job to gather facts from Cisco Network devices and create a report with information about the device such as code version, along with configuration information about layers 1, 2, and 3.  This shows how Ansible can be used to gather facts and build reports.  Generating html pages is just one potential output.  This information can be used in a number of ways, such as integration with different network management tools.
-  - to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server.  If using a demo.redhat.com Product Demos instance you should use the public key provided in the demo page in the Bastion Host Credentials section. If you are using a different environment, you may need to update the "Demo Credential".
-
 **NETWORK / Configuration** - Use this job to execute different [Ansible Network Resource Modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html) to deploy golden configs. Below is a list of the different resources the can be configured with a link to their golden config.
   - [acls](https://github.com/nleiva/ansible-net-modules/blob/main/acls.cfg)
   - [banner](https://github.com/nleiva/ansible-net-modules/blob/main/banner.cfg)
@@ -41,49 +36,3 @@ A **`Demo Inventory`** is created when setting up these demos and a dynamic sour
   - [prefix_lists](https://github.com/nleiva/ansible-net-modules/blob/main/prefix_lists.cfg)
   - [snmp](https://github.com/nleiva/ansible-net-modules/blob/main/snmp.cfg)
   - [user](https://github.com/nleiva/ansible-net-modules/blob/main/user.cfg)
-
-**NETWORK / DISA STIG** - Use this job to run the DISA STIG role (in check mode) and show how Ansible can be used for configuration compliance of network devices.  Click into tasks to see what is changed for each compliance rule, i.e.:
-{
-  "changed": true,
-  "warnings": [
-    "To ensure idempotency and correct diff the input configuration lines should be similar to how they appear if present in the running configuration on device"
-  ],
-  "commands": [
-    "ip http max-connections 2"
-  ],
-  "updates": [
-    "ip http max-connections 2"
-  ],
-  "banners": {},
-  "invocation": {
-    "module_args": {
-      "defaults": true,
-      "lines": [
-        "ip http max-connections 2"
-      ],
-      "match": "line",
-      "replace": "line",
-      "multiline_delimiter": "@",
-      "backup": false,
-      "save_when": "never",
-      "src": null,
-      "parents": null,
-      "before": null,
-      "after": null,
-      "running_config": null,
-      "intended_config": null,
-      "backup_options": null,
-      "diff_against": null,
-      "diff_ignore_lines": null
-    }
-  },
-  "_ansible_no_log": false
-}
-
-**NETWORK / BACKUP** - Use this job to show how Ansible can be used to backup network devices using Red Hat validated content. Job Template will create a backup file on the reports server where they can be viewed as a webpage.  This is just an example - backups can also be sent to other repositories such as a Git repo (Github, Gitlab, etc).
-
-To run this demo, you will need to complete a couple of prerequisites:
-  - to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server.
-  - If using a demo.redhat.com Product Demos instance you should use the public key provided in the demo page in the 'Bastion Host Credentials' section. If you are using a different environment, you may need to update the "Demo Credential".
-  - This works with Product Demos for AAP v2.5; which includes the "Product Demos EE" includes the \
-  network.backup collection.

network/backup.yml

@@ -1,63 +0,0 @@
----
-- name: Create network reports server
-  hosts: reports
-  become: true
-
-  tasks:
-    - name: Build report server
-      ansible.builtin.include_role:
-        name: "{{ item }}"
-      loop:
-        - demo.patching.report_server
-
-    - name: Create a backup directory if it does not exist
-      run_once: true
-      ansible.builtin.file:
-        path: "/var/www/html/backups"
-        state: directory
-        owner: ec2-user
-        group: ec2-user
-        mode: '0755'
-
-- name: Play to Backup Cisco Always-On Network Devices
-  hosts: routers
-  gather_facts: false
-  vars:
-    report_server: reports
-    backup_dir: "/tmp/network_backups"
-
-  tasks:
-    - name: Network Backup and Resource Manager
-      ansible.builtin.include_role:
-        name: network.backup.run
-      vars:  # noqa var-naming[no-role-prefix]
-        operation: backup
-        type: full
-        data_store:
-          local: "{{ backup_dir }}"
-
-    # This task removes the Current configuration... from the top of IOS routers show run
-    - name: Remove non config lines - regexp
-      delegate_to: localhost
-      ansible.builtin.lineinfile:
-        path: "{{ backup_dir }}/{{ inventory_hostname }}.txt"
-        line: "Building configuration..."
-        state: absent
-
-    - name: Copy backup file
-      delegate_to: "{{ report_server }}"
-      ansible.builtin.copy:
-        src: "{{ backup_dir }}/{{ inventory_hostname }}.txt"
-        dest: "/var/www/html/backups/{{ inventory_hostname }}.cfg"
-        backup: true
-        owner: ec2-user
-        group: ec2-user
-        mode: '0644'
-
-    - name: Review backup on report server
-      delegate_to: "{{ report_server }}"
-      run_once: true
-      ansible.builtin.debug:
-        msg: "To review backed up configurations, go to http://{{ ansible_host }}/backups/"
-
-...

network/hosts

@@ -1,42 +0,0 @@
-[ios]
-sandbox-iosxe-latest-1.cisco.com
-
-[ios:vars]
-ansible_network_os=cisco.ios.ios
-ansible_password=C1sco12345
-ansible_ssh_password=C1sco12345
-ansible_port=22
-ansible_user=admin
-
-[iosxr]
-sandbox-iosxr-1.cisco.com
-
-[iosxr:vars]
-ansible_network_os=cisco.iosxr.iosxr
-ansible_password=C1sco12345
-ansible_ssh_pass=C1sco12345
-ansible_port=22
-ansible_user=admin
-
-[nxos]
-sbx-nxos-mgmt.cisco.com
-sandbox-nxos-1.cisco.com
-
-[nxos:vars]
-ansible_network_os=cisco.nxos.nxos
-ansible_password=Admin_1234!
-ansible_ssh_pass=Admin_1234!
-ansible_port=22
-ansible_user=admin
-
-[routers]
-sbx-nxos-mgmt.cisco.com
-sandbox-nxos-1.cisco.com
-sandbox-iosxr-1.cisco.com
-sandbox-iosxe-latest-1.cisco.com
-
-[routers:vars]
-ansible_connection=ansible.netcommon.network_cli
-
-[webservers]
-reports ansible_host=ec2-18-118-189-162.us-east-2.compute.amazonaws.com ansible_user=ec2-user

network/report.yml

@@ -20,19 +20,22 @@
         gather_network_resources: all
       when: ansible_network_os == 'cisco.nxos.nxos'
 
-    # TODO figure out why this keeps failing
     - name: Gather all network resource and minimal legacy facts [Cisco IOS XR]
-      ignore_errors: true  # noqa: ignore-errors
       cisco.iosxr.iosxr_facts:
         gather_subset: min
         gather_network_resources: all
       when: ansible_network_os == 'cisco.iosxr.iosxr'
 
+#   # The dig lookup requires the python 'dnspython' library
+#   - name: Resolve IP address
+#     ansible.builtin.set_fact:
+#       ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}"
+
 - name: Create network reports
   hosts: "{{ report_server }}"
   become: true
   vars:
-    report_server: reports
+    report_server: node1
     web_path: /var/www/html/reports/
 
   tasks:

network/setup.yml

@@ -11,32 +11,35 @@ controller_projects:
     scm_type: git
     scm_url: https://github.com/nleiva/ansible-net-modules
     update_project: true
-    wait: false
+    wait: true
-    controller_request_timeout: 20
-    controller_configuration_async_retries: 40
     default_environment: Networking Execution Environment
 
 controller_inventories:
-  - name: Demo Inventory
+  - name: Network Inventory
     organization: Default
 
 controller_inventory_sources:
   - name: DevNet always-on sandboxes
     source: scm
-    inventory: Demo Inventory
+    inventory: Network Inventory
     overwrite: true
-    source_project: Ansible Product Demos
+    source_project: Network Golden Configs
-    source_path: network/hosts
+    source_path: hosts
+
+controller_hosts:
+  - name: node1
+    inventory: Network Inventory
+    variables:
+      ansible_user: rhel
+      ansible_host: node1
 
 controller_templates:
   - name: NETWORK / Configuration
     organization: Default
-    inventory: Demo Inventory
+    inventory: Network Inventory
     survey_enabled: true
     project: Network Golden Configs
     playbook: main.yml
-    credentials:
-      - "Demo Credential"
     execution_environment: Networking Execution Environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -67,8 +70,8 @@ controller_templates:
   - name: "NETWORK / Report"
     job_type: check
     organization: Default
-    inventory: Demo Inventory
+    inventory: Network Inventory
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "network/report.yml"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -96,26 +99,12 @@ controller_templates:
   - name: "NETWORK / DISA STIG"
     job_type: check
     organization: Default
-    inventory: Demo Inventory
+    inventory: Network Inventory
-    project: "Ansible Product Demos"
+    project: "Ansible official demo project"
     playbook: "network/compliance.yml"
-    credentials:
-      - "Demo Credential"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
     use_fact_cache: true
     ask_job_type_on_launch: true
     survey_enabled: true
-
-  - name: "NETWORK / Backup"
-    job_type: run
-    organization: Default
-    inventory: Demo Inventory
-    project: "Ansible Product Demos"
-    playbook: "network/backup.yml"
-    credentials:
-      - "Demo Credential"
-    notification_templates_started: Telemetry
-    notification_templates_success: Telemetry
-    notification_templates_error: Telemetry

openshift/README.md

@@ -5,45 +5,16 @@
   - [Table of Contents](#table-of-contents)
   - [About These Demos](#about-these-demos)
     - [Jobs](#jobs)
-  - [Suggested Usage](#suggested-usage)
+  - [Pre Setup](#pre-setup)
 
 ## About These Demos
-This category of demos shows examples of OpenShift operations and management with Ansible Automation Platform. The list of demos can be found below. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
+This category of demos shows examples of openshift operations and management with Ansible Automation Platform. The list of demos can be found below. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
 
 ### Jobs
 - [**OpenShift / Dev Spaces**](devspaces.yml) - Install and deploy dev spaces on OCP cluster. After this job has run successfully, login to your OCP cluster, click the application icon (to the left of the bell icon in the top right) to access Dev Spaces
-- [**OpenShift / GitLab**](gitlab.yml) - Install and deploy GitLab on OCP.
-- [**OpenShift / EDA / Install Controller**](eda/install.yml) - Install and deploy EDA Controller instance using the AAP OpenShift operator.
-- [**OpenShift / CNV / Install Operator**](cnv/install.yml) - Install the Container Native Virtualization (CNV) operator and all its required dependencies.
-- **OpenShift / CNV / Infra Stack** - Workflow Job Template to build out infrastructure necessary to run jobs against VMs in OpenShift Virtualization.
-    - [**OpenShift / CNV / Create RHEL VM**](cnv/install.yml) - Install the Container Native Virtualization (CNV) operator and all its required dependencies.
-- **OpenShift / CNV / Patch CNV Workflow** - Workflow Job Template to snapshot and patch VMs deployed in OpenShift Virtualization.
-    - [**OpenShift / CNV / Create VM Snapshots**](cnv/snapshot.yml) - Create snapshot of VMs running in CNV.
-    - [**OpenShift / CNV / Patch**](cnv/patch.yml) - Patch VMs in OpenShift CNV, when run in `run` mode build out container native patching report and display link to the user.
-    - [**OpenShift / CNV / Restore Latest VM Snapshots**](cnv/snapshot.yml) - Restore VM in CNV to last snapshot.
-- [**OpenShift / CNV / Delete VM**](cnv/install.yml) - Deletes VMs in OpenShift CNV.
 
 ## Pre Setup
-These demos require an OpenShift cluster to deploy to. Luckily the default Ansible Product Demos item from [demo.redhat.com](https://demo.redhat.com) includes an OpenShift cluster. Most of the jobs require an `OpenShift or Kubernetes API Bearer Token` credential in order to interact with OpenShift. When ordered from RHDP this credential is configured for the user.
+This demo requires an OpenShift cluster to deploy to. If you do not have a cluster to use, one can be requested from [demo.redhat.com](https://demo.redhat.com).
-
+- Search for the [Red Hat OpenShift Container Platform 4.12 Workshop](https://demo.redhat.com/catalog?item=babylon-catalog-prod/sandboxes-gpte.ocp412-wksp.prod&utm_source=webapp&utm_medium=share-link) item in the catalog and request with the number of users you would like for Dev Spaces.
-## Suggested Usage
+- Login using the admin credentials provided. Click the `admin` username at the top right and select `Copy login command`.
-**OpenShift / EDA / Install Controller** - This job uses the `admin` Controller user's password to configure the EDA controller login of the same name. This job displays the created route after finished and takes roughly 2.5 minutes to run.
+- Authenticate and click `Display Token`. This information will be used to populate the OpenShift Credential after you run the setup.
-
-**OpenShift / CNV /  Deploy Automation Hub and sync EEs and Collections** - A custom credential type is created for the use in this WJT, `Usable Hub Credential` and it must be filled out in order to pull content from console.redhat.com. This workflow takes roughly 30 minutes to run. This workflow includes the following Job Templates:
-- **OpenShift / Hub / Install Automation Hub** - This job does not require a hub credential
-
-- **OpenShift / Hub / Sync EE Registries** - The registries can be configured via `extra_vars` and conforms roughly to those described in [infra.ah_configuration.ah_ee_registry](https://console.redhat.com/ansible/automation-hub/repo/validated/infra/ah_configuration/content/module/ah_ee_registry/).
-
-- **OpenShift / Hub / Sync Collection Repositories** - The collections can be configured via `extra_vars` and conforms roughly to those described in [infra.ah_configuration.collection_repository_sync](https://console.redhat.com/ansible/automation-hub/repo/validated/infra/ah_configuration/content/role/collection_repository_sync/).
-
-**OpenShift / CNV / Install Operator** - This job takes no parameters, to ensure the CNV operator is fully operational it provisions a VM in CNV which is cleaned up upon success.
-
-**OpenShift / CNV / Infra Stack** - This workflow takes three parameters, SSH public key, RHEL activation key, and org ID. The SSH public key is placed as an SSH authorized key, thus in order to then authenticate to these VMs the `Machine Credential` `Demo Credential` must be configured with the private key pair associated with the SSH public key. The RHEL activation key and ID are to receive updates from the DNF repositories for the final patching job. This workflow includes the following Job Templates:
-- **OpenShift / CNV / Create RHEL VM** - creates a VM using OpenShift Virtualization
-**OpenShift / CNV / Patch CNV Workflow** - This workflow takes an ansible host string as a parameter, by default the hosts generated by APD in CNV are of the format `<namespace>-<vm name>`, for example `openshift-cnv-rhel9`. This workflow includes the following Job Templates:
-
-- **OpenShift / CNV / Create VM Snapshots** - Creates snapshots of VMs relevant to the workflow
-- **OpenShift / CNV / Patch** - Patches relevant VMs and generate patching report
-- **OpenShift / CNV / Restore Latest VM Snapshots** - restores VMs to their latest snapshot, for the workflow this is invoked upon failure of the patching job. The same host string is used by this job template as the others in the workflow.
-
-**OpenShift / CNV / Delete VM** - Delete VMs based on host string pattern, similar to the other CNV jobs.

openshift/cnv/delete.yml

@@ -1,82 +0,0 @@
----
-- name: De-Provision OCP-CNV VMs
-  hosts: localhost
-  tasks:
-    - name: Show VM(s) we are about to make {{ instance_state }}
-      ansible.builtin.debug:
-        msg: "Setting the following hosts to {{ instance_state }}
-{{ lookup('ansible.builtin.inventory_hostnames', vm_host_string) | split(',') | difference(['localhost']) }}"
-
-    - name: Define resources
-      kubernetes.core.k8s:
-        wait: true
-        state: "{{ instance_state | default('present') }}"
-        definition:
-          apiVersion: kubevirt.io/v1
-          kind: VirtualMachine
-          metadata:
-            name: "{{ item }}"
-            namespace: "{{ vm_namespace }}"
-            labels:
-              app: "{{ item }}"
-              os.template.kubevirt.io/fedora36: 'true'
-              vm.kubevirt.io/name: "{{ item }}"
-          spec:
-            dataVolumeTemplates:
-              - apiVersion: cdi.kubevirt.io/v1beta1
-                kind: DataVolume
-                metadata:
-                  creationTimestamp: null
-                  name: "{{ item }}"
-                spec:
-                  sourceRef:
-                    kind: DataSource
-                    name: "{{ os_version | default('rhel9') }}"
-                    namespace: openshift-virtualization-os-images
-                  storage:
-                    resources:
-                      requests:
-                        storage: 30Gi
-            running: true
-            template:
-              metadata:
-                annotations:
-                  vm.kubevirt.io/flavor: small
-                  vm.kubevirt.io/os: "{{ os_version | default('rhel9') }}"
-                  vm.kubevirt.io/workload: server
-                creationTimestamp: null
-                labels:
-                  kubevirt.io/domain: "{{ item }}"
-                  kubevirt.io/size: small
-              spec:
-                domain:
-                  cpu:
-                    cores: 4
-                    sockets: 1
-                    threads: 1
-                  devices:
-                    disks:
-                      - disk:
-                          bus: virtio
-                        name: rootdisk
-                    interfaces:
-                      - masquerade: {}
-                        model: virtio
-                        name: default
-                    networkInterfaceMultiqueue: true
-                    rng: {}
-                  machine:
-                    type: pc-q35-rhel9.2.0
-                  resources:
-                    requests:
-                      memory: 8Gi
-                evictionStrategy: LiveMigrate
-                networks:
-                  - name: default
-                    pod: {}
-                terminationGracePeriodSeconds: 180
-                volumes:
-                  - dataVolume:
-                      name: "{{ item }}"
-                    name: rootdisk
-      loop: "{{ lookup('ansible.builtin.inventory_hostnames', vm_host_string) | regex_replace(vm_namespace + '-', '') | split(',') | difference(['localhost']) }}"

openshift/cnv/install.yml

@@ -1,101 +0,0 @@
----
-- name: Deploy OpenShift CNV Operator and create the Hyperconverged object, provision VM to prove funciontality
-  hosts: localhost
-  gather_facts: false
-  vars:
-    vm_name: ocpvtest
-    vm_namespace: openshift-cnv
-  tasks:
-    - name: Include role
-      ansible.builtin.include_role:
-        name: demo.openshift.cluster_config
-
-    - name: Attempt to Provision a VM
-      kubernetes.core.k8s:
-        wait: true
-        state: "{{ instance_state | default('present') }}"
-        definition:
-          apiVersion: kubevirt.io/v1
-          kind: VirtualMachine
-          metadata:
-            name: "{{ vm_name }}"
-            namespace: "{{ vm_namespace }}"
-            labels:
-              app: "{{ vm_name }}"
-              vm.kubevirt.io/name: "{{ vm_name }}"
-          spec:
-            dataVolumeTemplates:
-              - apiVersion: cdi.kubevirt.io/v1beta1
-                kind: DataVolume
-                metadata:
-                  creationTimestamp: null
-                  name: "{{ vm_name }}"
-                spec:
-                  sourceRef:
-                    kind: DataSource
-                    name: "{{ os_version | default('fedora') }}"
-                    namespace: openshift-virtualization-os-images
-                  storage:
-                    resources:
-                      requests:
-                        storage: 30Gi
-            running: true
-            template:
-              metadata:
-                annotations:
-                  vm.kubevirt.io/flavor: small
-                  vm.kubevirt.io/os: "{{ os_version | default('fedora') }}"
-                  vm.kubevirt.io/workload: server
-                creationTimestamp: null
-                labels:
-                  kubevirt.io/domain: "{{ vm_name }}"
-                  kubevirt.io/size: small
-              spec:
-                domain:
-                  cpu:
-                    cores: 4
-                    sockets: 1
-                    threads: 1
-                  devices:
-                    disks:
-                      - disk:
-                          bus: virtio
-                        name: rootdisk
-                    interfaces:
-                      - masquerade: {}
-                        model: virtio
-                        name: default
-                    networkInterfaceMultiqueue: true
-                    rng: {}
-                  machine:
-                    type: pc-q35-rhel9.2.0
-                  resources:
-                    requests:
-                      memory: 8Gi
-                evictionStrategy: LiveMigrate
-                networks:
-                  - name: default
-                    pod: {}
-                terminationGracePeriodSeconds: 180
-                volumes:
-                  - dataVolume:
-                      name: "{{ vm_name }}"
-                    name: rootdisk
-      retries: 60
-      delay: 5
-      register: provision
-      until: provision.changed
-
-    - name: Clean up test VM
-      kubernetes.core.k8s:
-        wait: true
-        state: absent
-        definition:
-          apiVersion: kubevirt.io/v1
-          kind: VirtualMachine
-          metadata:
-            name: "{{ vm_name }}"
-            namespace: "{{ vm_namespace }}"
-            labels:
-              app: "{{ vm_name }}"
-              vm.kubevirt.io/name: "{{ vm_name }}"