a19615eaf3
* add satellite demos * move satellite vars to setup.yml * fix var * fix playbook path * remove async * fix = * fix condition * fix lookup * add credential * update tools version * fix scap role * add satellite setup * add satellite stuff * remove local * stupid * stupid * params * these vars arent right * these vars arent right * add compliance workflow * work on landing page * work on landing page * work on landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * add files * derp * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add ee * add ee * add ee * fix landing page * fix landing page * fix landing page * fix landing page * fix landing page * remove commented out sections * remove default ee * set local admin password * set ee for fact scan * fall back to default ee for patching * check for valid org_id * check for valid org_id * no gpg * no gpg * add satllite stuff * update cred type * update cred type * raw * raw * work on landing page * work on landing page * work on landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * landing page * add files * derp * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add link * add ee * add ee * add ee * fix landing page * fix landing page * fix landing page * fix landing page * fix landing page * remove commented out sections * remove default ee * set local admin password * set ee for fact scan * fall back to default ee for patching * check for valid org_id * check for valid org_id * no gpg * no gpg * add satllite stuff * update cred type * update cred type * raw * raw * raw * merge satellite * fix vars * fix vars * fix vars * fix vars * add publish * add lifecycle and actviation keys * workaround for publish issue * use module to publish * use module to publish * use module to publish * use module to publish * change sat version * change sat version * change sat version * remove maint repos * launch sat setup * reorder * reorder * moar inventory * add manifest refresh * add telemetry * run linux setup * parentefcf729fa0author willtome <willtome@gmail.com> 1663173584 -0400 committer willtome <willtome@gmail.com> 1668183942 -0500 parentefcf729fa0author willtome <willtome@gmail.com> 1663173584 -0400 committer willtome <willtome@gmail.com> 1668183785 -0500 parentefcf729fa0author willtome <willtome@gmail.com> 1663173584 -0400 committer willtome <willtome@gmail.com> 1668183318 -0500 parentefcf729fa0author willtome <willtome@gmail.com> 1663173584 -0400 committer willtome <willtome@gmail.com> 1668182787 -0500 parentefcf729fa0author willtome <willtome@gmail.com> 1663173584 -0400 committer willtome <willtome@gmail.com> 1668182651 -0500 add satellite demos work on landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page add files derp add link add link add link add link add link add link add link add link add link add link add link add link add ee add ee add ee fix landing page fix landing page fix landing page fix landing page fix landing page remove commented out sections remove default ee set local admin password set ee for fact scan fall back to default ee for patching check for valid org_id check for valid org_id no gpg no gpg add satllite stuff update cred type update cred type raw raw raw add satellite demos move satellite vars to setup.yml fix var fix playbook path remove async fix = fix condition fix lookup add credential update tools version fix scap role add satellite setup add satellite stuff remove local stupid stupid params these vars arent right these vars arent right add compliance workflow work on landing page work on landing page work on landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page landing page add files derp add link add link add link add link add link add link add link add link add link add link add link add link add ee add ee add ee fix landing page fix landing page fix landing page fix landing page fix landing page remove commented out sections remove default ee set local admin password set ee for fact scan fall back to default ee for patching check for valid org_id check for valid org_id no gpg no gpg update cred type update cred type raw merge satellite fix vars fix vars fix vars fix vars add publish add lifecycle and actviation keys workaround for publish issue use module to publish use module to publish use module to publish use module to publish change sat version change sat version change sat version remove maint repos launch sat setup reorder reorder moar inventory add manifest refresh add telemetry run linux setup * Updates to node1 (#42) clean up satellite config clean up server registration add web console job Co-authored-by: Calvin Smith <calvingsmith@users.noreply.github.com> * add rhel 8 tailoring * add ee * dont verify certs * Update setup.yml * Update setup.yml * what the heck Co-authored-by: calvingsmith <4283930+calvingsmith@users.noreply.github.com> Co-authored-by: Calvin Smith <calvingsmith@users.noreply.github.com>
413 lines
12 KiB
YAML
413 lines
12 KiB
YAML
---
|
|
user_message:
|
|
- Be sure to update the 'activation_key' and 'org_id' extra variables for 'LINUX / Register'. https://access.redhat.com/management/activation_keys
|
|
- Update Credential for Insights Inventory with Red Hat account.
|
|
- Add variables for system_roles. https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles
|
|
controller_components:
|
|
- projects
|
|
- credential_types
|
|
- credentials
|
|
- inventory_sources
|
|
- job_templates
|
|
|
|
controller_credential_types:
|
|
- name: Insights Collection
|
|
kind: cloud
|
|
inputs:
|
|
fields:
|
|
- id: insights_user
|
|
type: string
|
|
label: Insights User
|
|
- id: insights_password
|
|
type: string
|
|
label: Insights Password
|
|
secret: true
|
|
injectors:
|
|
env:
|
|
INSIGHTS_USER: "{% raw %}{ { insights_user }}{% endraw %}"
|
|
INSIGHTS_PASSWORD: "{% raw %}{ { insights_password }}{% endraw %}"
|
|
|
|
controller_credentials:
|
|
- name: Insights Inventory
|
|
credential_type: Insights Collection
|
|
organization: Default
|
|
inputs:
|
|
insights_user: REPLACEME
|
|
insights_password: REPLACEME
|
|
- name: Satellite Inventory
|
|
credential_type: Red Hat Satellite 6
|
|
organization: Default
|
|
inputs:
|
|
host: https://satellite.example.com
|
|
username: admin
|
|
password: ansible123!
|
|
|
|
controller_inventory_sources:
|
|
- name: Insights Inventory
|
|
inventory: Workshop Inventory
|
|
source: scm
|
|
source_project: Ansible official demo project
|
|
source_path: linux/inventory.insights.yml
|
|
credential: Insights Inventory
|
|
- name: Satellite Inventory
|
|
inventory: Workshop Inventory
|
|
source: satellite6
|
|
overwrite: true
|
|
credential: Satellite Inventory
|
|
source_vars:
|
|
hostnames:
|
|
- name.split('.')[0]
|
|
groups:
|
|
patch_bugs: foreman_content_facet_attributes.errata_counts.bugfix
|
|
patch_enhancements: foreman_content_facet_attributes.errata_counts.enhancement
|
|
patch_security: foreman_content_facet_attributes.errata_counts.security
|
|
keyed_groups:
|
|
- prefix: env
|
|
key: foreman_content_facet_attributes.lifecycle_environment_name
|
|
- prefix: cv
|
|
key: foreman_content_facet_attributes.content_view_name
|
|
- prefix: os
|
|
key: foreman_operatingsystem_name
|
|
|
|
|
|
controller_templates:
|
|
- name: "LINUX / Register"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/ec2_register.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
extra_vars:
|
|
activation_key: !unsafe "RHEL{{ ansible_distribution_major_version }}_{{ env }}"
|
|
org_id: Default_Organization
|
|
sat_url: satellite.example.com
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Choose Environment
|
|
type: multiplechoice
|
|
variable: env
|
|
choices:
|
|
- Dev
|
|
- QA
|
|
- Prod
|
|
required: true
|
|
- question_name: Ansible Inventory Group (and Insights tag) to be created
|
|
type: text
|
|
variable: insights_tag
|
|
required: true
|
|
|
|
- name: "LINUX / Troubleshoot"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/tshoot.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
use_fact_cache: true
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
|
|
- name: "LINUX / Temporary Sudo"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/temp_sudo.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: User Name
|
|
type: text
|
|
variable: sudo_user
|
|
required: true
|
|
- question_name: How long to grant access in minutes
|
|
type: integer
|
|
variable: sudo_time
|
|
default: 10
|
|
required: true
|
|
|
|
- name: "LINUX / Patching"
|
|
job_type: check
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/patching.yml"
|
|
execution_environment: Default execution environment
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
use_fact_cache: true
|
|
ask_job_type_on_launch: yes
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
|
|
- name: "LINUX / Start Service"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/service_start.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
use_fact_cache: true
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Service Name
|
|
type: text
|
|
variable: service_name
|
|
required: true
|
|
|
|
- name: "LINUX / Stop Service"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/service_stop.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
use_fact_cache: true
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Service Name
|
|
type: text
|
|
variable: service_name
|
|
required: true
|
|
|
|
- name: "LINUX / Run Shell Script"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/run_script.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Shell Script
|
|
type: textarea
|
|
variable: shell_script
|
|
required: true
|
|
|
|
- name: "LINUX / Fact Scan"
|
|
project: "Ansible official demo project"
|
|
playbook: linux/fact_scan.yml
|
|
inventory: Workshop Inventory
|
|
execution_environment: Default execution environment
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
use_fact_cache: true
|
|
credentials:
|
|
- Workshop Credential
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
|
|
- name: "LINUX / Podman Webserver"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/podman.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Web Page Message
|
|
type: textarea
|
|
variable: message
|
|
required: true
|
|
default: "This is Apache webserver running in a container with podman"
|
|
|
|
- name: "LINUX / System Roles"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/system_roles.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
diff_mode: yes
|
|
ask_job_type_on_launch: yes
|
|
extra_vars:
|
|
system_roles: undef
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
|
|
- name: "LINUX / Install web console"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/system_roles.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
diff_mode: yes
|
|
ask_job_type_on_launch: yes
|
|
extra_vars:
|
|
system_roles:
|
|
- cockpit
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Cockpit package load
|
|
type: multiplechoice
|
|
variable: cockpit_packages
|
|
default: minimal
|
|
choices:
|
|
- default
|
|
- minimal
|
|
- full
|
|
required: true
|
|
|
|
- name: "LINUX / Compliance Enforce"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/compliance.yml"
|
|
notification_templates_started: Telemetry
|
|
notification_templates_success: Telemetry
|
|
notification_templates_error: Telemetry
|
|
credentials:
|
|
- "Workshop Credential"
|
|
extra_vars:
|
|
sudo_remove_nopasswd: false
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Compliance Profile
|
|
type: multiplechoice
|
|
variable: compliance_profile
|
|
required: true
|
|
choices:
|
|
- stig
|
|
|
|
- name: "LINUX / Insights Compliance Scan"
|
|
job_type: run
|
|
inventory: "Workshop Inventory"
|
|
project: "Ansible official demo project"
|
|
playbook: "linux/insights_compliance_scan.yml"
|
|
credentials:
|
|
- "Workshop Credential"
|
|
survey_enabled: true
|
|
survey:
|
|
name: ''
|
|
description: ''
|
|
spec:
|
|
- question_name: Server Name or Pattern
|
|
type: text
|
|
variable: HOSTS
|
|
required: true
|
|
- question_name: Have you associated a compliance profile in the Insights Console for all hosts to be scanned? If not, then the scan will fail.
|
|
type: multiplechoice
|
|
variable: compliance_profile_configured
|
|
required: true
|
|
choices:
|
|
- "Yes"
|
|
- "No"
|
|
default: "No"
|