Merge branch 'main' into jce/ansible-cfg

Update collection and role paths in ansible.cfg
2025-05-05 11:11:39 -06:00 · 2025-05-01 17:57:31 -04:00 · 2025-03-19 16:52:58 -04:00
14 changed files with 24 additions and 195 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,16 +1,10 @@
 ---
 profile: production
-offline: true
+offline: false

 skip_list:
  - "galaxy[no-changelog]"

-warn_list:
-  # seems to be a bug, see https://github.com/ansible/ansible-lint/issues/4172
-  - "fqcn[canonical]"
-  # @matferna: really not sure why lint thinks it can't find jmespath, it is installed and functional
-  - "jinja[invalid]"
-
 exclude_paths:
  # would be better to move the roles here to the top-level roles directory
  - collections/ansible_collections/demo/compliance/roles/
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,25 +0,0 @@
-{
-  "name": "ansible-dev-container-codespaces",
-  "image": "registry.redhat.io/ansible-automation-platform-25/ansible-dev-tools-rhel8:latest",
-  "containerUser": "root",
-  "runArgs": [
-    "--security-opt",
-    "seccomp=unconfined",
-    "--security-opt",
-    "label=disable",
-    "--cap-add=SYS_ADMIN",
-    "--cap-add=SYS_RESOURCE",
-    "--device",
-    "/dev/fuse",
-    "--security-opt",
-    "apparmor=unconfined",
-    "--hostname=ansible-dev-container"
-  ],
-  "updateRemoteUserUID": true,
-  "customizations": {
-    "vscode": {
-      "extensions": ["redhat.ansible","redhat.vscode-redhat-account"]
-    }
-  },
-  "postCreateCommand": "sh .devcontainers/postCreateCommand.sh"
-}
--- a/.devcontainer/docker/devcontainer.json
+++ b/.devcontainer/docker/devcontainer.json
@@ -1,24 +0,0 @@
-{
-  "name": "ansible-dev-container-docker",
-  "image": "registry.redhat.io/ansible-automation-platform-25/ansible-dev-tools-rhel8:latest",
-  "containerUser": "root",
-  "runArgs": [
-    "--security-opt",
-    "seccomp=unconfined",
-    "--security-opt",
-    "label=disable",
-    "--cap-add=SYS_ADMIN",
-    "--cap-add=SYS_RESOURCE",
-    "--device",
-    "/dev/fuse",
-    "--security-opt",
-    "apparmor=unconfined",
-    "--hostname=ansible-dev-container"
-  ],
-  "updateRemoteUserUID": true,
-  "customizations": {
-    "vscode": {
-      "extensions": ["redhat.ansible","redhat.vscode-redhat-account"]
-    }
-  }
-}
--- a/.devcontainer/podman/devcontainer.json
+++ b/.devcontainer/podman/devcontainer.json
@@ -1,28 +0,0 @@
-{
-  "name": "ansible-dev-container-podman",
-  "image": "registry.redhat.io/ansible-automation-platform-25/ansible-dev-tools-rhel8:latest",
-  "containerUser": "root",
-  "runArgs": [
-    "--cap-add=CAP_MKNOD",
-    "--cap-add=NET_ADMIN",
-    "--cap-add=SYS_ADMIN",
-    "--cap-add=SYS_RESOURCE",
-    "--device",
-    "/dev/fuse",
-    "--security-opt",
-    "seccomp=unconfined",
-    "--security-opt",
-    "label=disable",
-    "--security-opt",
-    "apparmor=unconfined",
-    "--security-opt",
-    "unmask=/sys/fs/cgroup",
-    "--userns=host",
-    "--hostname=ansible-dev-container"
-  ],
-  "customizations": {
-    "vscode": {
-      "extensions": ["redhat.ansible","redhat.vscode-redhat-account"]
-    }
-  }
-}
--- a/.devcontainer/postCreateCommand.sh
+++ b/.devcontainer/postCreateCommand.sh
@@ -1,3 +0,0 @@
-#!/bin/sh
-microdnf -y install git-lfs
-pip3 install pre-commit
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -1,25 +0,0 @@
-# GitHub Actions
-## Background
-We want to make attempts to run our integration tests in the same manner wether using GitHub actions or on a developers's machine locally. For this reason, the tests are curated to run using conatiner images. As of this writing, two images exist which we would like to test against:
-  - quay.io/ansible-product-demos/apd-ee-24:latest
-  - quay.io/ansible-product-demos/apd-ee-25:latest
-
-These images are built given the structure defined in their respective EE [definitions][../execution_environments]. Because they differ (mainly due to their python versions), each gets some special handling.
-
-## Troubleshooting GitHub Actions
-
-### Interactive
-It is likely the most straight-forward approach to interactively debug issues. The following podman command can be run from the project root directory to replicate the GitHub action:
-```
-podman run \
-           --user root  \
-           -v $(pwd):/runner:Z \
-           -it \
-           <image> \
-           /bin/bash
-```
-`<image>` is one of `quay.io/ansible-product-demos/apd-ee-25:latest`, `quay.io/ansible-product-demos/apd-ee-24:latest`
-It is not exact because GitHub seems to run closer to a sidecar container paradigm, and uses docker instead of podman, but hopefully it's close enough.
-
-For the 24 EE, the python interpreriter verions is set for our pre-commit script like so: `USE_PYTHON=python3.9 ./.github/workflows/run-pc.sh`
-The 25 EE is similary run but without the need for this variable: `./.github/workflows/run-pc.sh`
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -4,23 +4,17 @@ on:
 - push
 - pull_request_target

-jobs:
-  pre-commit-25:
-    container:
-      image: quay.io/ansible-product-demos/apd-ee-25
-      options: --user root
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - run: ./.github/workflows/run-pc.sh
-      shell: bash
-  pre-commit-24:
-    container:
-      image: quay.io/ansible-product-demos/apd-ee-24
-      options: --user root
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - run: USE_PYTHON=python3.9 ./.github/workflows/run-pc.sh
-      shell: bash
+env:
+  ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_CERTIFIED_TOKEN }}
+  ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_VALIDATED_TOKEN }}

+jobs:
+  pre-commit:
+    name: pre-commit
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-python@v5
+    - uses: pre-commit/action@v3.0.1
+
+...
--- a/.github/workflows/run-pc.sh
+++ b/.github/workflows/run-pc.sh
@@ -1,24 +0,0 @@
-#!/bin/bash -x
-
-dnf install git-lfs -y
-
-PYTHON_VARIANT="${USE_PYTHON:-python3.11}"
-PATH="$PATH:$HOME/.local/bin"
-
-# intsall pip
-eval "${PYTHON_VARIANT} -m pip install --user --upgrade pip"
-
-# try to fix 2.4 incompatibility 
-eval "${PYTHON_VARIANT} -m pip install --user --upgrade setuptools wheel twine check-wheel-contents"
-
-# intsall pre-commit
-eval "${PYTHON_VARIANT} -m pip install --user pre-commit"
-
-# view pip packages
-eval "${PYTHON_VARIANT} -m pip freeze --local"
-
-# fix permissions on directory
-git config --global --add safe.directory $(pwd)
-
-# run pre-commit
-pre-commit run --config $(pwd)/.pre-commit-gh.yml --show-diff-on-failure --color=always 
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -14,12 +14,13 @@ repos:
      - id: check-json
      - id: check-symlinks

-  - repo: local
+  - repo: https://github.com/ansible/ansible-lint.git
+    # get latest release tag from https://github.com/ansible/ansible-lint/releases/
+    rev: v6.20.3
    hooks:
      - id: ansible-lint
-        name: ansible-navigator lint --eei quay.io/ansible-product-demos/apd-ee-25:latest --mode stdout
-        language: python
-        entry: bash -c "ansible-navigator lint --eei quay.io/ansible-product-demos/apd-ee-25 -v --force-color --mode stdout"
+        additional_dependencies:
+          - jmespath

  - repo: https://github.com/psf/black-pre-commit-mirror
    rev: 23.11.0
--- a/.pre-commit-gh.yml
+++ b/.pre-commit-gh.yml
@@ -1,30 +0,0 @@
---
-repos:
-  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
-    hooks:
-      - id: trailing-whitespace
-        exclude: rhel[89]STIG/.*$
-
-      - id: check-yaml
-        exclude: \.j2.(yaml|yml)$|\.(yaml|yml).j2$
-        args: [--unsafe]   # see https://github.com/pre-commit/pre-commit-hooks/issues/273
-
-      - id: check-toml
-      - id: check-json
-      - id: check-symlinks
-
-  - repo: https://github.com/ansible/ansible-lint.git
-    # get latest release tag from https://github.com/ansible/ansible-lint/releases/
-    rev: v6.20.3
-    hooks:
-      - id: ansible-lint
-        additional_dependencies:
-          - jmespath
-
-  - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 23.11.0
-    hooks:
-      - id: black
-        exclude: rhel[89]STIG/.*$
-...
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,4 +1,3 @@
 {
-    "editor.renderWhitespace": "all",
-    "files.insertFinalNewline": true
+    "editor.renderWhitespace": "all"
 }
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,6 +1,6 @@
 [defaults]
 collections_path=./collections:/usr/share/ansible/collections
-roles_path=./roles
+roles_path=./roles:/usr/share/ansible/roles

 [galaxy]
 server_list = certified,validated,galaxy
--- a/windows/helpdesk_new_user_portal.yml
+++ b/windows/helpdesk_new_user_portal.yml
@@ -10,7 +10,7 @@
        # Example result: ['&Qw2|E[-']

    - name: Create new user
-      microsoft.ad.user:
+      community.windows.win_domain_user:
        name: "{{ firstname }} {{ surname }}"
        firstname: "{{ firstname }}"
        surname: "{{ surname }}"
--- a/windows/join_ad_domain.yml
+++ b/windows/join_ad_domain.yml
@@ -16,7 +16,7 @@
    - name: Ensure Demo OU exists
      run_once: true
      delegate_to: "{{ domain_controller }}"
-      microsoft.ad.ou:
+      community.windows.win_domain_ou:
        name: Demo
        state: present

@@ -26,7 +26,7 @@

    - name: Join ansible.local domain
      register: r_domain_membership
-      microsoft.ad.membership:
+      ansible.windows.win_domain_membership:
        dns_domain_name: ansible.local
        hostname: "{{ inventory_hostname.split('.')[0] }}"
        domain_admin_user: "{{ ansible_user }}@ansible.local"
Author	SHA1	Message	Date
Matthew Fernandez	3c437804de	Merge branch 'main' into jce/ansible-cfg	2025-05-05 11:11:39 -06:00
Chris Edillon	b26c44a4d3	Merge branch 'main' into jce/ansible-cfg	2025-05-01 17:57:31 -04:00
Chris Edillon	d98afd7a7f	Update collection and role paths in ansible.cfg	2025-03-19 16:52:58 -04:00