diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:03:42 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:03:42 +0000 |
| commit | 66cec45960ce1d9c794e9399de15c138acb18aed (patch) | |
| tree | 59cd19d69e9d56b7989b080da7c20ef1a3fe2a5a /ansible_collections/theforeman/foreman/roles | |
| parent | Initial commit. (diff) | |
| download | ansible-66cec45960ce1d9c794e9399de15c138acb18aed.tar.xz ansible-66cec45960ce1d9c794e9399de15c138acb18aed.zip | |
Adding upstream version 7.3.0+dfsg.upstream/7.3.0+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/theforeman/foreman/roles')
53 files changed, 2371 insertions, 0 deletions
diff --git a/ansible_collections/theforeman/foreman/roles/activation_keys/README.md b/ansible_collections/theforeman/foreman/roles/activation_keys/README.md new file mode 100644 index 00000000..4b04c593 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/activation_keys/README.md @@ -0,0 +1,79 @@ +theforeman.foreman.activation_keys +================================== + +This role creates and manages Activation Keys. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_activation_keys`. Each `activation_key` requires the following fields: + +- `name`: The name of the activation key. + +The following fields are required for an activation key but have defaults which make them optional for this role: + +- `lifecycle_environment`: Lifecycle Environment to assign to hosts registered with this activation key. Defaults to "Library". +- `content_view`: Content View to assign to hosts registered with this activation key. Defaults to "Default Organization View". + +The following fields are optional in the sense that the server will use default values when they are omitted: + +- `auto_attach`: Auto Attach behavior for the activation key. When true, it will attempt to attach a minimum of subscriptions (from the subset of assigned subscriptions on the activation key; selects from all subscriptions in the organization if none are assigned) to cover any present products on the host. When false, it will attempt to attach all subscriptions assigned on the activation key to the host at registration time. server defaults to true. +- `unlimited_hosts`: Allow an unlimited number of hosts to register with the activation key when true. When false, the `max_hosts` parameter which sets a numerical limit on the nnumber of hosts that can be registered becomes required. server defaults to true. + +The following fields are optional and will be omitted by default: + +- `description`: Description of the activation key. Helpful for other users to find which activation key to use. +- `host_collections`: List of Host Collections to associate with the activation key. +- `subscriptions`: List of Subscriptions to associate with the activation key. Each Subscription is required to have one of `name`, `pool_id`, or `upstream_pool_id`. Of these, only the `pool_id` is guaranteed to be unique. `upstream_pool_id` only exists for subscriptions imported from a 3rd party organization (e.g. on a Red Hat Subscription Manifest). When uniqueness is not an issue, `name` or `upstream_pool_id` can be easier to work with since the `pool_id` does not get determined until the subscription is imported or created and therefore may not yet be determined when you are writing playbooks. +- `content_overrides`: List of Content Overrides for the activation key. Each Content Override is required to have a `label` which refers to a repository and `override` which refers to one of the states enabled, disabled, or default. +- `release_version`: Release Version to set when registering hosts with the activation key. +- `service_level`: Service Level to set when registering hosts with the activation key. Premium, Standard, or Self-Support. This will limit Subscriptions available to hosts to those matching this service level. +- `purpose_usage`: System Purpose Usage to set when registering hosts with the activation key. Production, Development/Test, Disaster Recovery. When left unset this will not set System Purpose Usage on registering hosts. This should only be used when it is supported by the OS of registering hosts (RHEL 8 only at the time of writing). +- `purpose_role`: System Purpose Role to set when registering hosts with the activation key. Red Hat Enterprise Linux Server, Red Hat Enterprise Linux Workstation, Red Hat Enterprise Linux Compute Node. When left unset this will not set System Purpose Role on registering hosts. This should only be used when it is supported by the OS of registering hosts (RHEL 8 only at the time of writing). +- `purpose_addons`: List of System Purpose Addons (ELS, EUS) to set on registering hosts. This should only be used when it is supported by the OS of registering hosts (RHEL 8 only at the time of writing). + +A helpful behavior to keep in mind when creating activation keys is that a host can register with multiple activation keys; each activation key will attach subscriptions according to its own logic, in the order that the activation keys are listed. Host attributes like Lifecycle Environment, Content View, etc will be overwritten by later activation keys so that the last activation key listed wins. A common pattern is to first use an activation key which has auto-attach disabled and a list of subscriptions to attach for any applicable custom products, followed by a second activation key which has auto attach enabled to attach the best fitting subscription(s) for the OS and any remaining products which were not already covered, and also defines the LCE, Content View, and other host attributes as required. + +Example Playbooks +----------------- + +Create a basic Activation Key that uses Library LCE, Default Organization View, and performs auto-attach from the set of all available Subscriptions (i.e. auto-attach=true and no Subscriptions are assigned to the Activation Key). + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.activation_keys + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_activation_keys: + - name: "Basic Activation Key" + description: "Registers hosts in Library/Default Organization View and tries to attach the best fitting subscription(s) from all available in the organization" +``` + +Define two Activation Keys. The first registers hosts in the "ACME" organization and attaches the Subscription for the custom product "ACME_App". The second assigns the "Test" LCE and "RHEL7_Base" Content View, and auto-attaches the best fitting subscription(s) from all which are available in the ACME Organization: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.activation_keys + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_activation_keys: + - name: "ACME_App_Key" + auto_attach: false + subscriptions: + - name: "ACME_App" + - name: "ACME_RHEL7_Base_Test" + lifecycle_environment: "Test" + content_view: "RHEL7_Base" +``` + +Following the second example, a Host which is registered using `subscription-manager register --activationkey ACME_App_Key,ACME_RHEL7_Base_Test` will get the ACME_App subscription, Test LCE, RHEL7_Base Content View, and auto-attach any additional necessary subscriptions from ACME Organization to cover the Base OS and any other products which require an entitlement certificate. diff --git a/ansible_collections/theforeman/foreman/roles/activation_keys/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/activation_keys/tasks/main.yml new file mode 100644 index 00000000..787c2ae8 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/activation_keys/tasks/main.yml @@ -0,0 +1,26 @@ +--- +- name: 'Create Activation Keys' # noqa: args[module] + theforeman.foreman.activation_key: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + description: "{{ item.description | default(omit) }}" + lifecycle_environment: "{{ item.lifecycle_environment | default('Library') }}" + content_view: "{{ item.content_view | default('Default Organization View') }}" + host_collections: "{{ item.host_collections | default(omit) }}" + subscriptions: "{{ item.subscriptions | default(omit) }}" + content_overrides: "{{ item.content_overrides | default(omit) }}" + auto_attach: "{{ item.auto_attach | default(omit) }}" + unlimited_hosts: "{{ item.unlimited_hosts | default(omit) }}" + max_hosts: "{{ item.max_hosts | default(omit) }}" + release_version: "{{ item.release_version | default(omit) }}" + service_level: "{{ item.service_level | default(omit) }}" + purpose_usage: "{{ item.purpose_usage | default(omit) }}" + purpose_role: "{{ item.purpose_role | default(omit) }}" + purpose_addons: "{{ item.purpose_addons | default(omit) }}" + state: present + with_items: + - "{{ foreman_activation_keys }}" diff --git a/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/README.md b/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/README.md new file mode 100644 index 00000000..2a737c38 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/README.md @@ -0,0 +1,77 @@ +theforeman.foreman.auth_sources_ldap +==================================== + +This role manages LDAP authentication sources, allowing users from an external source such as Active Directory or +FreeIPA to authenticate to Foreman. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +Role specific variables should be documented as below: + +The main data structure for this role is the list of `foreman_auth_sources_ldap`. Each `auth_source_ldap` requires the following fields: + +- `name`: The name of the authentication source. + +For all other fields see the `auth_source_ldap` module. + +Example Playbooks +----------------- + +Configure FreeIPA as an authentication source, with automatic registration: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.auth_sources_ldap + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_auth_sources_ldap: + - name: "Example LDAP" + host: "ldap.example.org" + onthefly_register: True + account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com + account_password: secret + base_dn: dc=example,dc=com + groups_base: cn=groups,cn=accounts, dc=example,dc=com + server_type: free_ipa + attr_login: uid + attr_firstname: givenName + attr_lastname: sn + attr_mail: mail + attr_photo: jpegPhoto + state: present +``` + +To instead integrate with Active Directory, only allowing users who are member of the "Domain Users" group: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.auth_sources_ldap + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_auth_sources_ldap: + - name: "Example AD" + host: "ad.example.org" + onthefly_register: True + account: EXAMPLE\ansible + account_password: secret + base_dn: cn=Users,dc=example,dc=com + groups_base: cn=Users,dc=example,dc=com + server_type: active_directory + attr_login: sAMAccountName + attr_firstname: givenName + attr_lastname: sn + attr_mail: mail + ldap_filter: (memberOf=CN=Domain Users,CN=Users,DC=example,DC=com) + state: present +``` diff --git a/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/tasks/main.yml new file mode 100644 index 00000000..855a15fe --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/auth_sources_ldap/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: 'Create LDAP Authentication Source' + theforeman.foreman.auth_source_ldap: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + account: "{{ item.account }}" + account_password: "{{ item.account_password }}" + base_dn: "{{ item.base_dn | default(omit) }}" + attr_login: "{{ item.attr_login | default(omit) }}" + attr_firstname: "{{ item.attr_firstname | default(omit) }}" + attr_lastname: "{{ item.attr_lastname | default(omit) }}" + attr_mail: "{{ item.attr_mail | default(omit) }}" + attr_photo: "{{ item.attr_photo | default(omit) }}" + onthefly_register: "{{ item.onthefly_register | default(omit) }}" + usergroup_sync: "{{ item.usergroup_sync | default(omit) }}" + tls: "{{ item.tls | default(omit) }}" + groups_base: "{{ item.groups_base | default(omit) }}" + host: "{{ item.host | default(omit) }}" + port: "{{ item.port | default(omit) }}" + server_type: "{{ item.server_type | default(omit) }}" + ldap_filter: "{{ item.ldap_filter | default(omit) }}" + use_netgroups: "{{ item.use_netgroups | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_auth_sources_ldap }}" diff --git a/ansible_collections/theforeman/foreman/roles/compute_profiles/README.md b/ansible_collections/theforeman/foreman/roles/compute_profiles/README.md new file mode 100644 index 00000000..bc8a1e59 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/compute_profiles/README.md @@ -0,0 +1,54 @@ +theforeman.foreman.compute_profiles +=================================== + +This role creates and manages Compute Profiles. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_compute_profiles`. Each `compute_profile` requires the following fields: + +- `name`: The name of the compute profile. + +The following fields are optional and will be omitted by default: + +- `description`: Description of the compute profile +- `compute_attributes`: List of attributes for the profile on specific compute resources. + +Example Playbooks +----------------- + +Create a compute profile named `1-Small` with a VMware spec of 1 single core CPU, 2 GiB of memory, 15 GiB of disk, and a VMXNET3 network card connected to `VM Network`: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.compute_profiles + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_compute_profiles: + - name: "1-Small" + compute_attributes: + - compute_resource: "VMware" + vm_attrs: + cluster: "cluster01" + path: /Datacenters/ha-datacenter/vm/ + memoryHotAddEnabled: true + cpuHotAddEnabled: true + cpus: 1 + corespersocket: 1 + memory_mb: 2048 + volumes_attributes: + 0: + datastore: "datastore1" + size_gb: 15 + interfaces_attributes: + 0: + type: "VirtualVmxnet3" + network: "VM Network" +``` diff --git a/ansible_collections/theforeman/foreman/roles/compute_profiles/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/compute_profiles/tasks/main.yml new file mode 100644 index 00000000..6b51c75f --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/compute_profiles/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: 'Create Compute Profiles' # noqa: args[module] + theforeman.foreman.compute_profile: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + compute_attributes: "{{ item.compute_attributes | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_compute_profiles }}" diff --git a/ansible_collections/theforeman/foreman/roles/compute_resources/README.md b/ansible_collections/theforeman/foreman/roles/compute_resources/README.md new file mode 100644 index 00000000..cc12c82d --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/compute_resources/README.md @@ -0,0 +1,53 @@ +theforeman.foreman.compute_resources +==================================== + +This role creates and manages Compute Resources. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_compute_resources`. Each `compute_resource` requires the following fields: + +- `name`: The name of the compute resource. + +The following fields are optional and will be omitted by default: + +- `description`: Description of the compute resource +- `provider`: Compute resource provider. Required if *state=present_with_defaults*. +- `provider_params`: Parameter specific to compute resource provider. Required if *state=present_with_defaults*. + +Each `compute_resource` can also list a number of `images` associated with the compute resource. + +Example Playbooks +----------------- + +Create a compute resource for vSphere, with a single image for RHEL 8.4. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.compute_resources + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_compute_resources: + - name: "VMware" + provider: "vmware" + provider_params: + url: "vcenter.example.com" + user: "administrator@vsphere.local" + password: "changeme" + datacenter: "ha-datacenter" + images: + - name: "RHEL-8.4" + operatingsystem: "RedHat-8.4" + architecture: "x86_64" + user_data: true + image_username: "root" + image_password: "changeme" + uuid: "Templates/rhel-8.4-template" +``` diff --git a/ansible_collections/theforeman/foreman/roles/compute_resources/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/compute_resources/tasks/main.yml new file mode 100644 index 00000000..9e3c067e --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/compute_resources/tasks/main.yml @@ -0,0 +1,32 @@ +--- +- name: 'Create Compute Resources' # noqa: args[module] + theforeman.foreman.compute_resource: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + description: "{{ item.description | default(omit) }}" + organizations: "{{ item.organizations | default(omit) }}" + locations: "{{ item.locations | default(omit) }}" + provider: "{{ item.provider | default(omit) }}" + provider_params: "{{ item.provider_params | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_compute_resources }}" + +- name: 'Create Images' + theforeman.foreman.image: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.1.name }}" + architecture: "{{ item.1.architecture | default(omit) }}" + compute_resource: "{{ item.0.name | default(omit) }}" + image_password: "{{ item.1.image_password | default(omit) }}" + image_username: "{{ item.1.image_username | default(omit) }}" + operatingsystem: "{{ item.1.operatingsystem | default(omit) }}" + user_data: "{{ item.1.user_data | default(omit) }}" + uuid: "{{ item.1.uuid | default(omit) }}" + state: "{{ item.1.state | default('present') }}" + loop: "{{ foreman_compute_resources | subelements('images', {'skip_missing': True}) }}" diff --git a/ansible_collections/theforeman/foreman/roles/content_credentials/README.md b/ansible_collections/theforeman/foreman/roles/content_credentials/README.md new file mode 100644 index 00000000..6f2f68d4 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_credentials/README.md @@ -0,0 +1,107 @@ +theforeman.foreman.content_credentials +======================================= + +This role defines Content Credentials. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +- `foreman_content_credentials`: List of content credentials to create. Each content credential is represented as a dictionary which specifies the `name`, `content_type` (which can be `gpg_key` or `cert`) and `content` of the content credential. + +```yaml +foreman_content_credentials: + - name: RPM-GPG-KEY-foreman + content_type: gpg_key + content: "{{ lookup('url', 'https://yum.theforeman.org/releases/latest/RPM-GPG-KEY-foreman', split_lines=False) }}" + - name: RPM-GPG-KEY-my-repo + content_type: gpg_key + content: "{{ lookup('file', '/etc/pki/rpm-gpg/RPM-GPG-KEY-my-repo') }}" + - name: RPM-GPG-KEY-my-repo2 + content_type: gpg_key + content: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + mQINBGAX2bIBEADuTGNExTEST0hOcpJ13XS1BEwuhzo7r16QaI0hP1vRxZeLJgeC + b2KWRvHHfepr2jdAoAeOVhERrMz5EpMcgPEs7NUE+vbYr+K9LFzw5gmUC00CCuQ+ + RCJRRXYNV8F41y4dTGOkE/ON52ljDvVyFb3DbUUYPH9ZfOE0Z6kMIcJo6eYsDAdK + EjoQ1jQkVaRa8I4+YZ9XEFkPqVUkY1+tMfipqqQuNbvN2xgQSk8dc6uEouyC8FBA + GPugplbCaEZNFWt48xQU9vP1JblQ6z9cynLKFxxWkgr9DKRRh1kw2pIQyGhl1RhI + uvedY9OeJlqxuBsBvko7JULcX622HcHUkhzQD+ss0L9nE3lZuO5ywpZdTYln296E + 7awNEr0ER9Xqx9pMp5JeXNSHjlleFN01vLG5Xa7WNc32fvDtn2JhkzTU/dlIA2F+ + w5Tlg5ROY8olWc+jHKmvTQwxZ9s9XQuHmBpNbOijHg4Ekr0TGo6d3rjHZKiisZBG + mAbHe1pWLOmeRpjqc6xmIpDMrsx75U0WgkwjBtbfxUcDYEzzJOcO87Q3s8kH+ie3 + 5eSClT7coImWUmVKIoFSvxj8JgUT6P81v7CW4AlVDpRjBtYmc82NsGuSEgAykuQo + VRguqU/w3QTU3rEcWfLVmyfyEKC4tBUCAhGShii/rLrtCspBT+uVpcDkQwARAQAB + tD1Gb3JlbWFuIEF1dG9tYXRpYyBTaWduaW5nIEtleSAoMi40KSA8cGFja2FnZXNA + dGhlZm9yZW1hbi5vcmc+iQJUBBMBCAA+FiEEZDJT9xuCsb6vLh1PpDm9Vawq2fEF + AmAX2bICGy8FCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQpDm9Vawq + 2fHMBQ//ffbTmU0Bl9Im8dDCzebhO6/D3iyshoceAfUjJrwvuhzSlil2cjWiLdmP + CjBhUB8eDRhSQ+LlfJe9C0PKEyC72rzTsfUZj4NBKNQGT2P+peJ1l8PUAAlk7jZl + QZcDER9Nju7/d+VTqF6PXkcbnIo1GVD/EX+R9mKphIbu9qaxBqGhCVay1D7jNxzH + OBaMse5hf1hJ0WzcyK6pRLMU9JeuLEdhwJqSP0+/E8R31El92EO1+selLy6hD3ro + NX3iehtcQVKdQ/5rflP6K7ZbDDj76lgRBbOY+UT1tft1nvdgKIoRPMqlBc2tMLNT + jzJrw/AW7C9pRUTvox2uFKw0Eo/0pnSR4qllBCGE67VpJLXeMQFjwOLcaKX57civ + X1z7nGTg4K+Ye5BM33Pq0Df24M0qLeqD6vLhB0Ny2JFiivw4zWJu448RELb1Omai + aNipdHQDN8D345mjctUDcc/2T7q6bcu5ErrFT8GK/FPdwpgDIPN20gxEMR9vG83n + AMkzSNrMefNlJoyTdgthokPb99LmN6Foybk6VNoKy4u/mID6uprWGMIl1/LX2wu1 + xRxRy1YznHnmtGqTYOikyAp0e+4tDfHMZ58yC9/XGztxJvj6vvwwf9n5ZO4MC4Kj + XQVHErcrTa8cZWW87pLrNvILegPA6v778BV0GLV5PqnWhl9Y1sY= + =SrzP + -----END PGP PUBLIC KEY BLOCK----- + +``` + +Example Playbooks +----------------- + +Create two content credentials: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_credentials + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_content_credentials: + - name: RPM-GPG-KEY-foreman + content_type: gpg_key + content: "{{ lookup('url', 'https://yum.theforeman.org/releases/latest/RPM-GPG-KEY-foreman', split_lines=False) }}" + - name: RPM-GPG-KEY-my-repo + content_type: gpg_key + content: "{{ lookup('file', '/etc/pki/rpm-gpg/RPM-GPG-KEY-my-repo') }}" + - name: RPM-GPG-KEY-my-repo2 + content_type: gpg_key + content: | + -----BEGIN PGP PUBLIC KEY BLOCK----- + mQINBGAX2bIBEADuTGNExTEST0hOcpJ13XS1BEwuhzo7r16QaI0hP1vRxZeLJgeC + b2KWRvHHfepr2jdAoAeOVhERrMz5EpMcgPEs7NUE+vbYr+K9LFzw5gmUC00CCuQ+ + RCJRRXYNV8F41y4dTGOkE/ON52ljDvVyFb3DbUUYPH9ZfOE0Z6kMIcJo6eYsDAdK + EjoQ1jQkVaRa8I4+YZ9XEFkPqVUkY1+tMfipqqQuNbvN2xgQSk8dc6uEouyC8FBA + GPugplbCaEZNFWt48xQU9vP1JblQ6z9cynLKFxxWkgr9DKRRh1kw2pIQyGhl1RhI + uvedY9OeJlqxuBsBvko7JULcX622HcHUkhzQD+ss0L9nE3lZuO5ywpZdTYln296E + 7awNEr0ER9Xqx9pMp5JeXNSHjlleFN01vLG5Xa7WNc32fvDtn2JhkzTU/dlIA2F+ + w5Tlg5ROY8olWc+jHKmvTQwxZ9s9XQuHmBpNbOijHg4Ekr0TGo6d3rjHZKiisZBG + mAbHe1pWLOmeRpjqc6xmIpDMrsx75U0WgkwjBtbfxUcDYEzzJOcO87Q3s8kH+ie3 + 5eSClT7coImWUmVKIoFSvxj8JgUT6P81v7CW4AlVDpRjBtYmc82NsGuSEgAykuQo + VRguqU/w3QTU3rEcWfLVmyfyEKC4tBUCAhGShii/rLrtCspBT+uVpcDkQwARAQAB + tD1Gb3JlbWFuIEF1dG9tYXRpYyBTaWduaW5nIEtleSAoMi40KSA8cGFja2FnZXNA + dGhlZm9yZW1hbi5vcmc+iQJUBBMBCAA+FiEEZDJT9xuCsb6vLh1PpDm9Vawq2fEF + AmAX2bICGy8FCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQpDm9Vawq + 2fHMBQ//ffbTmU0Bl9Im8dDCzebhO6/D3iyshoceAfUjJrwvuhzSlil2cjWiLdmP + CjBhUB8eDRhSQ+LlfJe9C0PKEyC72rzTsfUZj4NBKNQGT2P+peJ1l8PUAAlk7jZl + QZcDER9Nju7/d+VTqF6PXkcbnIo1GVD/EX+R9mKphIbu9qaxBqGhCVay1D7jNxzH + OBaMse5hf1hJ0WzcyK6pRLMU9JeuLEdhwJqSP0+/E8R31El92EO1+selLy6hD3ro + NX3iehtcQVKdQ/5rflP6K7ZbDDj76lgRBbOY+UT1tft1nvdgKIoRPMqlBc2tMLNT + jzJrw/AW7C9pRUTvox2uFKw0Eo/0pnSR4qllBCGE67VpJLXeMQFjwOLcaKX57civ + X1z7nGTg4K+Ye5BM33Pq0Df24M0qLeqD6vLhB0Ny2JFiivw4zWJu448RELb1Omai + aNipdHQDN8D345mjctUDcc/2T7q6bcu5ErrFT8GK/FPdwpgDIPN20gxEMR9vG83n + AMkzSNrMefNlJoyTdgthokPb99LmN6Foybk6VNoKy4u/mID6uprWGMIl1/LX2wu1 + xRxRy1YznHnmtGqTYOikyAp0e+4tDfHMZ58yC9/XGztxJvj6vvwwf9n5ZO4MC4Kj + XQVHErcrTa8cZWW87pLrNvILegPA6v778BV0GLV5PqnWhl9Y1sY= + =SrzP + -----END PGP PUBLIC KEY BLOCK----- +``` diff --git a/ansible_collections/theforeman/foreman/roles/content_credentials/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/content_credentials/tasks/main.yml new file mode 100644 index 00000000..8cce34ae --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_credentials/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: 'Create Content Crendentials' + theforeman.foreman.content_credential: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + content_type: "{{ item.content_type }}" + content: "{{ item.content }}" + with_items: "{{ foreman_content_credentials | default([]) }}" diff --git a/ansible_collections/theforeman/foreman/roles/content_rhel/README.md b/ansible_collections/theforeman/foreman/roles/content_rhel/README.md new file mode 100644 index 00000000..f41514b9 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_rhel/README.md @@ -0,0 +1,126 @@ +theforeman.foreman.content_rhel +=============================== + +This role is an opinionated reuse of other roles in the collection, which creates a basic configuration for everything needed to register and patch existing RHEL clients. + +That includes uploading a subscription manifest to an organization; enabling base RHEL7 and RHEL8 repositories (x86_64 architecture), syncing them immediately, and creating a sync plan for future syncs; and creating an activation key `base_rhel_key` to use when registering RHEL clients. + +The subscription manifest will be retrieved from the specified path on the Ansible target host; optionally, it can be fetched first from the RHSM portal using the provided login credentials and manifest UUID. It will be uploaded to the specified organization. + +By default, the role enables the rhel-7-server-rpms repository with the 7Server release and x86_64 architecture, as well as rhel-8-for-x86_64-baseos-rpms and rhel-8-for-x86_64-appstream-rpms. The manifest must provide access to all enabled content for the role to work properly. + +The role creates a sync plan using any of the sync plan intervals supported by the basic [Sync Plan Role](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/sync_plans/README.md). + +The role creates an activation key with the provided name. This activation key will register client systems in the "Library" lifecycle environment and "Default Organization View" content view, using the subscription auto-attach feature. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +This role supports the same variables used in the [Manifest Role](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/manifest/README.md#role-variables). + +It also supports customizing the included roles with: + +`foreman_sync_plan_name`: Name of the sync plan to create. Default 'RHEL Sync Plan' + +`foreman_sync_plan_interval`: 'hourly', 'daily', 'weekly', or 'custom cron'. See the [Sync Plan Role Documentation](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/manifest/README.md#role-variables) for more information. Default 'daily' + +`foreman_sync_plan_cron_expression`: Required when using the 'custom cron' `sync_plan_interval`. + +`foreman_sync_plan_sync_date`: Initial sync date for the sync plan, formatted as 'YYYY-MM-DD HH:MM:SS UTC'. + +`foreman_activation_key_name`: Name of the activation key to create. Default 'base_rhel_key' + +Repository behavior is controlled via the variables: + +`foreman_content_rhel_enable_rhel7`: Enable rhel-7-server-rpms repository (x86 architecture and 7Server release). Default true. + +`foreman_content_rhel_enable_rhel8`: Enable rhel-8-for-x86_64-baseos-rpms and rhel-8-for-x86_64-appstream-rpms (x86 architecture). Default true. + +`foreman_content_rhel_rhel8_releasever`: Version of RHEL 8 repositories. Default `8`. + +`foreman_content_rhel_sync_now`: Sync repositories immediately after enabling. Default true. + +`foreman_content_rhel_wait_for_syncs`: Monitor status of sync tasks. When false, the sync tasks will continue running in the background after the playbook has finished running. This option is most useful when other automation (for example, registering and patching a client) requires the repository syncs to have completed. Default true. + +Example Playbooks +----------------- + +This minimal example assumes the manifest has already been downloaded to ~/manifest.zip on localhost (the Ansible control node) and uploads that manifest to the ACME organization. It enables RHEL7 and RHEL8 repositories, creates the role default sync plan for them, and also syncs the repositories immediately. It creates an activation key with the role default name `base_rhel_key`. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_rhel + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_manifest_download: False + foreman_manifest_path: "~/manifest.zip" +``` + +This example is identical to the above example, except instead of assuming the manifest is already downloaded at ~/manifest.zip, we first use the provided rhsm_{username,password} and manifest_uuid to download it from the Red Hat Customer Portal. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_rhel + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_manifest_download: True + foreman_rhsm_username: "happycustomer" + foreman_rhsm_password: "$ecur3p4$$w0rd" + foreman_manifest_uuid: "01234567-89ab-cdef-0123-456789abcdef" + foreman_manifest_path: "~/manifest.zip" +``` + +This example downloads a manifest with the provided UUID from the RHSM portal using the provided credentials and copies it to ~/manifest.zip before uploading it to "Default Organization". It then enables the RHEL7 and RHEL8 repositories without syncing them immediately, but creates a sync_plan which syncs the repositories at midnight each day. It creates an activation key "RHEL_Key" to register existing RHEL content hosts. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_rhel + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_manifest_download: True + foreman_rhsm_username: "happycustomer" + foreman_rhsm_password: "$ecur3p4$$w0rd" + foreman_manifest_uuid: "01234567-89ab-cdef-0123-456789abcdef" + foreman_manifest_path: "~/manifest.zip" + foreman_content_rhel_sync_now: false + foreman_sync_plan_name: "Daily RHEL Sync" + foreman_sync_plan_interval: daily + foreman_sync_plan_sync_date: 2021-02-02 00:00:00 UTC + foreman_activation_key_name: "RHEL_Key" + foreman_content_rhel_rhel8_releasever: 8.4 +``` + +This example assumes the manifest has already been downloaded to ~/my_subscription_manifesst.zip on localhost and uploads that manifest to the ACME organization. It enables the rhel-7-server-rpms repository only, syncs it immediately, and also creates a custom cron sync plan for it. It creates an activation key "RHEL_Key" to register existing RHEL content hosts. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_rhel + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "ACME" + foreman_manifest_download: False + foreman_manifest_path: "~/my_subscription_manifest.zip" + foreman_content_rhel_enable_rhel8: false + foreman_sync_plan_name: "RHEL Sync Plan" + foreman_sync_plan_interval: custom cron + foreman_sync_plan_cron_expression: 0 6 8 * * + foreman_sync_plan_sync_date: 2021-02-02 00:00:00 UTC + foreman_activation_key_name: "RHEL_Key" +``` diff --git a/ansible_collections/theforeman/foreman/roles/content_rhel/defaults/main.yml b/ansible_collections/theforeman/foreman/roles/content_rhel/defaults/main.yml new file mode 100644 index 00000000..1ed1023e --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_rhel/defaults/main.yml @@ -0,0 +1,6 @@ +--- +foreman_content_rhel_enable_rhel7: true +foreman_content_rhel_enable_rhel8: true +foreman_content_rhel_sync_now: true +foreman_content_rhel_wait_for_syncs: true +foreman_content_rhel_rhel8_releasever: 8 diff --git a/ansible_collections/theforeman/foreman/roles/content_rhel/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/content_rhel/tasks/main.yml new file mode 100644 index 00000000..9f857700 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_rhel/tasks/main.yml @@ -0,0 +1,95 @@ +--- +- name: "Subscription Manifest" + ansible.builtin.include_role: + name: theforeman.foreman.manifest + +- name: "Enable RHEL7 repository" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: Red Hat Enterprise Linux Server + repository_sets: + - name: Red Hat Enterprise Linux 7 Server (RPMs) + basearch: x86_64 + releasever: 7Server + when: foreman_content_rhel_enable_rhel7 + +- name: "Enable RHEL8 repositories" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: Red Hat Enterprise Linux for x86_64 + repository_sets: + - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) + releasever: "{{ foreman_content_rhel_rhel8_releasever }}" + - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) + releasever: "{{ foreman_content_rhel_rhel8_releasever }}" + when: foreman_content_rhel_enable_rhel8 + +- name: "Sync RHEL7 repository" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + organization: "{{ foreman_organization }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs }}" + product: Red Hat Enterprise Linux Server + async: 14400 + poll: 0 + register: rhel7_sync + when: foreman_content_rhel_enable_rhel7 and foreman_content_rhel_sync_now + +- name: "Sync RHEL8 repositories" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + organization: "{{ foreman_organization }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs }}" + product: Red Hat Enterprise Linux for x86_64 + async: 14400 + poll: 0 + register: rhel8_sync + when: foreman_content_rhel_enable_rhel8 and foreman_content_rhel_sync_now + +- name: "Create Sync Plan" + ansible.builtin.include_role: + name: theforeman.foreman.sync_plans + vars: + foreman_sync_plans: + - name: "{{ foreman_sync_plan_name | default('RHEL Sync Plan') }}" + interval: "{{ foreman_sync_plan_interval | default('daily') }}" + cron_expression: "{{ foreman_sync_plan_cron_expression | default(omit) }}" + sync_date: "{{ foreman_sync_plan_sync_date | default('2020-01-01 00:00:00 UTC') }}" + products: + "{{ [foreman_content_rhel_enable_rhel7 | ternary('Red Hat Enterprise Linux Server', ''), + foreman_content_rhel_enable_rhel8 | ternary('Red Hat Enterprise Linux for x86_64', '')] + | select() | list }}" + +- name: "Create Activation Key" + ansible.builtin.include_role: + name: theforeman.foreman.activation_keys + vars: + foreman_activation_keys: + - name: "{{ foreman_activation_key_name | default('base_rhel_key') }}" + description: "Generated by ansible role theforeman.foreman.content_rhel" + +- name: "Wait for RHEL7 sync completion" # noqa: args[module] + ansible.builtin.async_status: + jid: "{{ rhel7_sync.ansible_job_id }}" + register: rhel7_job_result + until: rhel7_job_result.finished + retries: 99999 + delay: 10 + when: foreman_content_rhel_enable_rhel7 and foreman_content_rhel_sync_now and foreman_content_rhel_wait_for_syncs + +- name: "Wait for RHEL8 sync completion" # noqa: args[module] + ansible.builtin.async_status: + jid: "{{ rhel8_sync.ansible_job_id }}" + register: rhel8_job_result + until: rhel8_job_result.finished + retries: 99999 + delay: 10 + when: foreman_content_rhel_enable_rhel8 and foreman_content_rhel_sync_now and foreman_content_rhel_wait_for_syncs diff --git a/ansible_collections/theforeman/foreman/roles/content_view_publish/README.md b/ansible_collections/theforeman/foreman/roles/content_view_publish/README.md new file mode 100644 index 00000000..47b38bbb --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_publish/README.md @@ -0,0 +1,30 @@ +theforeman.foreman.content_view_publish +======================================= + +Publish a list of Content Views. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +### Required + +- `foreman_content_views`: List of content views to publish + +Example Playbook +---------------- + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_view_publish + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_content_views: + - RHEL 7 View + - RHEL 8 View +``` diff --git a/ansible_collections/theforeman/foreman/roles/content_view_publish/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/content_view_publish/tasks/main.yml new file mode 100644 index 00000000..55680abb --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_publish/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: "Publish content views" + theforeman.foreman.content_view_version: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + content_view: "{{ content_view }}" + organization: "{{ foreman_organization }}" + loop: "{{ foreman_content_views }}" + loop_control: + loop_var: "content_view" diff --git a/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/README.md b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/README.md new file mode 100644 index 00000000..02bfea49 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/README.md @@ -0,0 +1,44 @@ +theforeman.foreman.content_view_version_cleanup +=============================================== + +Clean up unused Content View Versions. + +This role will remove any unused versions of your Content Views and +Composite Content Views. + +Unused versions are those that match the following criteria: +* not published to any Lifecycle Environment +* not published as part of any Composite Content View +* not part of any Composite Content View Version + +This role will first clean Composite Content Views, to avoid leaving +unused versions of regular Content Views behind. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +### Required + +- `foreman_content_view_version_cleanup_keep`: How many unused versions to keep. + +### Optional + +- `foreman_content_view_version_cleanup_search`: Limit the cleaned content views using a search string (example: `name ~ SOE`). + When using Composite Content Views, both the composite and the non-composite ones need to match this search to be properly cleaned up by this role. + +Example Playbook +---------------- + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_view_version_cleanup + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_content_view_version_cleanup_keep: 10 +``` diff --git a/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/delete_cv_versions.yml b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/delete_cv_versions.yml new file mode 100644 index 00000000..5654126a --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/delete_cv_versions.yml @@ -0,0 +1,14 @@ +--- +- name: "Delete content view versions of {{ cv_name }}" + theforeman.foreman.content_view_version: + server_url: "{{ foreman_server_url | default(omit) }}" + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + content_view: "{{ cv_name }}" + version: "{{ cv_version }}" + state: absent + loop: "{{ cv_versions }}" + loop_control: + loop_var: "cv_version" diff --git a/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/find_and_delete_unused_cv_versions.yml b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/find_and_delete_unused_cv_versions.yml new file mode 100644 index 00000000..b5b866b3 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/find_and_delete_unused_cv_versions.yml @@ -0,0 +1,20 @@ +--- +- name: "Find content view versions of {{ cv.name }}" + theforeman.foreman.resource_info: + server_url: "{{ foreman_server_url | default(omit) }}" + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + resource: content_view_versions + params: + content_view_id: "{{ cv.id }}" + register: versions + +- name: "Delete unused content view versions of {{ cv.name }}" + ansible.builtin.include_tasks: delete_cv_versions.yml + vars: + cv_name: "{{ cv.name }}" + cv_versions: "{{ (versions.resources | rejectattr('environments') | rejectattr('composite_content_view_ids') | + rejectattr('published_in_composite_content_view_ids') | map(attribute='version') | map('float') | sort | + map('string') | reverse | list)[foreman_content_view_version_cleanup_keep:] }}" diff --git a/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/main.yml new file mode 100644 index 00000000..bcaa6fff --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_view_version_cleanup/tasks/main.yml @@ -0,0 +1,37 @@ +--- +- name: "Verify foreman_content_view_version_cleanup_keep is set" + ansible.builtin.assert: + that: + - foreman_content_view_version_cleanup_keep|int >= 0 + fail_msg: "foreman_content_view_version_cleanup_keep needs to be set to >= 0" + +- name: "Find all content views" + theforeman.foreman.resource_info: + server_url: "{{ foreman_server_url | default(omit) }}" + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + resource: content_views + search: "{{ foreman_content_view_version_cleanup_search | default(omit) }}" + register: all_cvs + +- name: "Delete unused composite content view versions" + ansible.builtin.include_tasks: delete_cv_versions.yml + vars: + cv_name: "{{ ccv.name }}" + cv_versions: "{{ (ccv.versions | rejectattr('environment_ids') | map(attribute='version') | map('float') | sort + | map('string') | reverse | list)[foreman_content_view_version_cleanup_keep:] }}" + loop: "{{ all_cvs.resources | selectattr('composite') | list }}" + loop_control: + label: "{{ ccv.label }}" + loop_var: "ccv" + when: (ccv.versions | rejectattr('environment_ids') | map(attribute='version') | reverse | list)[foreman_content_view_version_cleanup_keep:] + +- name: "Find and delete unused content view versions" + ansible.builtin.include_tasks: find_and_delete_unused_cv_versions.yml + loop: "{{ all_cvs.resources | rejectattr('composite') | list }}" + loop_control: + label: "{{ cv.label }}" + loop_var: "cv" + when: (cv.versions | rejectattr('environment_ids') | map(attribute='version') | reverse | list)[foreman_content_view_version_cleanup_keep:] diff --git a/ansible_collections/theforeman/foreman/roles/content_views/README.md b/ansible_collections/theforeman/foreman/roles/content_views/README.md new file mode 100644 index 00000000..67069882 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_views/README.md @@ -0,0 +1,70 @@ +theforeman.foreman.content_views +================================ + +This role creates and manages Content Views. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_content_views`. Each Content View requires the following fields: + +- `name` - the name of the content view + +Each content view also requires either a list of repositories or components (for a composite content view): +- `repositories` - List of repositories to add to the content view. Each repository requires the following fields: + - `name` - The name of the repository + - `product` - The product which the repository belongs to +- `components` - List of content views to add to the composite content view. Each component requires the following fields: + - `content_view` - The name of the content view + - `content_view_version` - The version of the content view to add, *or* + - `latest` - If `true`, the latest version of the content view will be used + +Additionally you can pass any other parameters accepted by the `content_view` module. + +This role also allows you to create Content View Filters and add them to the Content View by passing a list of `filters`: + +- `filters` - List of filters to create and add to the content view. Each filter needs the following fields: + - `name` - Name of the content view filter + - `filter_type` - Content view filter type. The available types are `rpm`, `package_group`, `erratum`, or `docker` + +Additionally you can pass any other parameters accepted by the `content_view_filter` module. + +Example Playbooks +----------------- + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.content_views + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_content_views: + - name: RHEL7 + repositories: + - name: Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64 + product: 'Red Hat Enterprise Linux Server' + - name: Red Hat Satellite Tools 6.8 (for RHEL 7 Server) (RPMs) + product: 'Red Hat Enterprise Linux Server' + - name: BearApp + repositories: + - name: MyApps + product: ACME + filters: + - name: "bear app" + filter_state: "present" + filter_type: "rpm" + rule_name: "bear" + - name: BearAppServer + components: + - content_view: RHEL7 + latest: true + - content_view: BearApp + latest: true +``` diff --git a/ansible_collections/theforeman/foreman/roles/content_views/tasks/_create_content_view.yml b/ansible_collections/theforeman/foreman/roles/content_views/tasks/_create_content_view.yml new file mode 100644 index 00000000..5f075b1c --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_views/tasks/_create_content_view.yml @@ -0,0 +1,44 @@ +--- +- name: Create content view # noqa: args[module] + theforeman.foreman.content_view: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ content_view.name }}" + auto_publish: "{{ content_view.auto_publish | default(omit) }}" + components: "{{ content_view.components | default(omit) }}" + composite: "{{ content_view.components | default(false) | ternary(true, false) }}" + description: "{{ content_view.description | default(omit) }}" + label: "{{ content_view.label | default(omit) }}" + repositories: "{{ content_view.repositories | default(omit) }}" + solve_dependencies: "{{ content_view.solve_dependencies | default(omit) }}" + +- name: Add content view filters + theforeman.foreman.content_view_filter: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + content_view: "{{ content_view.name }}" + repositories: "{{ item.repositories | default(omit) }}" + filter_type: "{{ item.filter_type }}" + start_date: "{{ item.start_date | default(omit) }}" + end_date: "{{ item.end_date | default(omit) }}" + types: "{{ item.types | default(omit) }}" + date_type: "{{ item.date_type | default(omit) }}" + inclusion: "{{ item.inclusion | default(omit) }}" + errata_id: "{{ item.errata_id | default(omit) }}" + max_version: "{{ item.max_version | default(omit) }}" + min_version: "{{ item.min_version | default(omit) }}" + rule_name: "{{ item.rule_name | default(omit) }}" + version: "{{ item.version | default(omit) }}" + description: "{{ item.description | default(omit) }}" + architecture: "{{ item.architecture | default(omit) }}" + filter_state: "{{ item.filter_state | default(omit) }}" + original_packages: "{{ item.original_packages | default(omit) }}" + rule_state: "{{ item.rule_state | default(omit) }}" + loop: "{{ content_view.filters | default([]) }}" diff --git a/ansible_collections/theforeman/foreman/roles/content_views/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/content_views/tasks/main.yml new file mode 100644 index 00000000..54b892d9 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/content_views/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Create Content Views + ansible.builtin.include_tasks: '_create_content_view.yml' + with_items: "{{ foreman_content_views | default([]) }}" + loop_control: + loop_var: content_view diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/README.md b/ansible_collections/theforeman/foreman/roles/convert2rhel/README.md new file mode 100644 index 00000000..ac17d670 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/README.md @@ -0,0 +1,44 @@ +theforeman.foreman.convert2rhel +=============================== + +This role creates a basic configuration for everything needed to register and convert CentOS clients to Red hat Enterprise Linux. + +First step is upload of manifest and synchronization of RHEL repositories. For more detail see [content_rhel Role](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/content_rhel/README.md). + +Then the role creates Convert2RHEL products & repositories (and synchronizes them), activation keys and host groups for each OS. + +If simple content access is disabled, subscriptions and repositories for RHEL activation keys must be added manually. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables) and [Content RHEL variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/content_rhel/README.md) + +- `foreman_convert2rhel_manage_subscription`: Run [content_rhel Role](https://github.com/theforeman/foreman-ansible-modules/blob/develop/roles/content_rhel/README.md) role, default: `true` +- `foreman_convert2rhel_lifecycle_env`: Lifecycle environment for activation keys, default: Library. +- `foreman_convert2rhel_content_view`: Content view for activation keys, default: Default Organization View. +- `foreman_convert2rhel_enable_oracle7`: Create data for Oracle Linux 7 conversion, default: `false` + +Example Playbooks +----------------- + +Convert2RHEL + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.convert2rhel + vars: + foreman_server_url: "https://foreman.example.com" + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_manifest_path: "~/manifest.zip" + foreman_content_rhel_enable_rhel7: true + foreman_content_rhel_enable_rhel8: true + foreman_content_rhel_rhel8_releasever: 8.5 + foreman_content_rhel_wait_for_syncs: false + foreman_convert2rhel_lifecycle_env: "Library" + foreman_convert2rhel_content_view: "Default Organization View" + foreman_convert2rhel_enable_oracle7: true +``` diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/defaults/main.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/defaults/main.yml new file mode 100644 index 00000000..882802f1 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/defaults/main.yml @@ -0,0 +1,32 @@ +--- +foreman_convert2rhel_manage_subscription: true + +# Convert2RHEL Products & repos +foreman_convert2rhel_rhel7_product: "Convert2RHEL7" +foreman_convert2rhel_rhel7_repo: "Convert2RHEL7 main" +foreman_convert2rhel_rhel8_product: "Convert2RHEL8" +foreman_convert2rhel_rhel8_repo: "Convert2RHEL8 main" +foreman_convert2rhel_oracle7_product: "Oracle Linux 7 Convert2RHEL" +foreman_convert2rhel_oracle7_repo: "Oracle Linux 7 Convert2RHEL main" +foreman_convert2rhel_oracle8_product: "Oracle Linux 8 Convert2RHEL" +foreman_convert2rhel_oracle8_repo: "Oracle Linux 8 Convert2RHEL main" + +# Activation keys +foreman_convert2rhel_key_centos7: "convert2rhel_centos7" +foreman_convert2rhel_key_centos8: "convert2rhel_centos8" +foreman_convert2rhel_key_oracle7: "convert2rhel_oracle7" +foreman_convert2rhel_key_oracle8: "convert2rhel_oracle8" +foreman_convert2rhel_key_rhel7: "convert2rhel_rhel7" +foreman_convert2rhel_key_rhel8: "convert2rhel_rhel8" +foreman_convert2rhel_lifecycle_env: "Library" +foreman_convert2rhel_content_view: "Default Organization View" + +# Host groups +foreman_convert2rhel_hostgroup7: "CentOS 7 converting" +foreman_convert2rhel_hostgroup8: "CentOS 8 converting" +foreman_convert2rhel_hostgroup_oracle7: "Oracle Linux 7 converting" +foreman_convert2rhel_hostgroup_oracle8: "Oracle Linux 8 converting" + +# Oracle Linux +foreman_convert2rhel_enable_oracle7: false +foreman_convert2rhel_enable_oracle8: false diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/activation_keys.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/activation_keys.yml new file mode 100644 index 00000000..457fd0c6 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/activation_keys.yml @@ -0,0 +1,111 @@ +--- +- name: "Get organization (SCA) info" + theforeman.foreman.organization_info: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ foreman_organization }}" + register: foreman_convert2rhel_org_info + +- name: "Set non SCA facts" + ansible.builtin.set_fact: + foreman_convert2rhel_centos7_subs: + - name: "Convert2RHEL7" + foreman_convert2rhel_centos8_subs: + - name: "Convert2RHEL8" + foreman_convert2rhel_ol7_subs: + - name: "Convert2RHEL7" + - name: "{{ foreman_convert2rhel_oracle7_product }}" + foreman_convert2rhel_ol8_subs: + - name: "Convert2RHEL8" + - name: "{{ foreman_convert2rhel_oracle8_product }}" + when: not foreman_convert2rhel_org_info['organization']['simple_content_access'] + +- name: "Create activation key '{{ foreman_convert2rhel_key_centos7 }}'" + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_centos7 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_key_centos7 }}" + when: foreman_content_rhel_enable_rhel7 + +- name: "Create activation key '{{ foreman_convert2rhel_key_centos8 }}'" + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_centos8 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_key_centos8 }}" + when: foreman_content_rhel_enable_rhel8 + +- name: "Create activation key '{{ foreman_convert2rhel_key_oracle7 }}'" # noqa: args[module] + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_oracle7 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_content_view }}" + subscriptions: "{{ foreman_convert2rhel_org_info['organization']['simple_content_access'] | ternary(omit, foreman_convert2rhel_ol7_subs) }}" + when: foreman_convert2rhel_enable_oracle7 + +- name: "Create activation key '{{ foreman_convert2rhel_key_oracle8 }}'" # noqa: args[module] + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_oracle8 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_content_view }}" + subscriptions: "{{ foreman_convert2rhel_org_info['organization']['simple_content_access'] | ternary(omit, foreman_convert2rhel_ol8_subs) }}" + when: foreman_convert2rhel_enable_oracle8 + +- name: "Create activation key '{{ foreman_convert2rhel_key_rhel7 }}'" + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_rhel7 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_content_view }}" + auto_attach: false + when: foreman_content_rhel_enable_rhel7 + +- name: "Create activation key '{{ foreman_convert2rhel_key_rhel8 }}'" + theforeman.foreman.activation_key: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_rhel8 }}" + lifecycle_environment: "{{ foreman_convert2rhel_lifecycle_env }}" + content_view: "{{ foreman_convert2rhel_content_view }}" + auto_attach: false + when: foreman_content_rhel_enable_rhel8 + +- name: "Add subscriptions to '{{ foreman_convert2rhel_key_rhel7 }}'" + ansible.builtin.debug: + msg: + - "Simple content access is disabled, please add subscriptions to '{{ foreman_convert2rhel_key_rhel7 }}' activation key manually" + when: not foreman_convert2rhel_org_info['organization']['simple_content_access'] and foreman_content_rhel_enable_rhel7 + +- name: "Add subscriptions to '{{ foreman_convert2rhel_key_rhel8 }}'" + ansible.builtin.debug: + msg: + - "Simple content access is disabled, please add subscriptions to '{{ foreman_convert2rhel_key_rhel8 }}' activation key manually" + when: not foreman_convert2rhel_org_info['organization']['simple_content_access'] and foreman_content_rhel_enable_rhel8 diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/content_views.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/content_views.yml new file mode 100644 index 00000000..d638464b --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/content_views.yml @@ -0,0 +1,52 @@ +--- +- name: "Create content view '{{ foreman_convert2rhel_key_centos7 }}'" + theforeman.foreman.content_view: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_centos7 }}" + repositories: + - name: '{{ foreman_convert2rhel_rhel7_repo }}' + product: '{{ foreman_convert2rhel_rhel7_product }}' + when: foreman_content_rhel_enable_rhel7 + +- name: "Publish content view '{{ foreman_convert2rhel_key_centos7 }}'" + theforeman.foreman.content_view_version: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + content_view: "{{ foreman_convert2rhel_key_centos7 }}" + version: "1.0" + lifecycle_environments: + - "{{ foreman_convert2rhel_lifecycle_env }}" + when: foreman_content_rhel_enable_rhel7 + +- name: "Create content view '{{ foreman_convert2rhel_key_centos8 }}'" + theforeman.foreman.content_view: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_key_centos8 }}" + repositories: + - name: '{{ foreman_convert2rhel_rhel8_repo }}' + product: '{{ foreman_convert2rhel_rhel8_product }}' + when: foreman_content_rhel_enable_rhel8 + +- name: "Publish content view '{{ foreman_convert2rhel_key_centos8 }}'" + theforeman.foreman.content_view_version: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + content_view: "{{ foreman_convert2rhel_key_centos8 }}" + version: "1.0" + lifecycle_environments: + - "{{ foreman_convert2rhel_lifecycle_env }}" + when: foreman_content_rhel_enable_rhel8 diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/host_groups.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/host_groups.yml new file mode 100644 index 00000000..173ea36c --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/host_groups.yml @@ -0,0 +1,44 @@ +--- +- name: "Create host group '{{ foreman_convert2rhel_hostgroup7 }}'" + theforeman.foreman.hostgroup: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_hostgroup7 }}" + activation_keys: "{{ foreman_convert2rhel_key_centos7 }}" + when: foreman_content_rhel_enable_rhel7 + +- name: "Create host group '{{ foreman_convert2rhel_hostgroup8 }}'" + theforeman.foreman.hostgroup: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_hostgroup8 }}" + activation_keys: "{{ foreman_convert2rhel_key_centos8 }}" + when: foreman_content_rhel_enable_rhel8 + +- name: "Create host group '{{ foreman_convert2rhel_hostgroup_oracle7 }}'" + theforeman.foreman.hostgroup: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_hostgroup_oracle7 }}" + activation_keys: "{{ foreman_convert2rhel_key_oracle7 }}" + when: foreman_convert2rhel_enable_oracle7 + +- name: "Create host group '{{ foreman_convert2rhel_hostgroup_oracle8 }}'" + theforeman.foreman.hostgroup: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ foreman_convert2rhel_hostgroup_oracle8 }}" + activation_keys: "{{ foreman_convert2rhel_key_oracle8 }}" + when: foreman_convert2rhel_enable_oracle8 diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/main.yml new file mode 100644 index 00000000..c50dc777 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: "Upload Subscription Manifest and sync RHEL repository" + ansible.builtin.include_role: + name: theforeman.foreman.content_rhel + when: foreman_convert2rhel_manage_subscription +- name: "Create Producs and Repositories" + ansible.builtin.import_tasks: products_and_repos.yml +- name: "Create Content Views" + ansible.builtin.import_tasks: content_views.yml +- name: "Create Activation Keys" + ansible.builtin.import_tasks: activation_keys.yml +- name: "Create Hostgroups" + ansible.builtin.import_tasks: host_groups.yml +- name: "Sync Content" + ansible.builtin.import_tasks: sync.yml diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/products_and_repos.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/products_and_repos.yml new file mode 100644 index 00000000..698b3964 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/products_and_repos.yml @@ -0,0 +1,88 @@ +--- +- name: Check /etc/rhsm/ca/redhat-uep.pem + ansible.builtin.stat: + path: "/etc/rhsm/ca/redhat-uep.pem" + register: ct + +- name: "Create 'Convert2RHEL' credentials" + theforeman.foreman.content_credential: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "Convert2RHEL CA" + content_type: cert + content: "{{ ct.stat.exists | ternary(lookup('file', '/etc/rhsm/ca/redhat-uep.pem', errors='ignore', rstrip=False), + lookup('url', 'https://ftp.redhat.com/redhat/convert2rhel/redhat-uep.pem', split_lines=False)) }}" + state: present + +- name: "Create product and repositories '{{ foreman_convert2rhel_rhel7_product }}'" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: "{{ foreman_convert2rhel_rhel7_product }}" + repositories: + - name: "{{ foreman_convert2rhel_rhel7_repo }}" + content_type: "yum" + product: "{{ foreman_convert2rhel_rhel7_product }}" + url: "https://cdn.redhat.com/content/public/convert2rhel/7/x86_64/os/" + mirror_on_sync: true + verify_ssl_on_sync: true + download_policy: immediate + ssl_ca_cert: "Convert2RHEL CA" + state: present + when: foreman_content_rhel_enable_rhel7 + +- name: "Create product and repositories '{{ foreman_convert2rhel_rhel8_product }}'" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: "{{ foreman_convert2rhel_rhel8_product }}" + repositories: + - name: "{{ foreman_convert2rhel_rhel8_repo }}" + content_type: "yum" + product: "{{ foreman_convert2rhel_rhel8_product }}" + url: "https://cdn.redhat.com/content/public/convert2rhel/8/x86_64/os/" + mirror_on_sync: true + verify_ssl_on_sync: true + download_policy: immediate + ssl_ca_cert: "Convert2RHEL CA" + state: present + when: foreman_content_rhel_enable_rhel8 + +- name: "Create product and repositories '{{ foreman_convert2rhel_oracle7_product }}'" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: "{{ foreman_convert2rhel_oracle7_product }}" + repositories: + - name: "{{ foreman_convert2rhel_oracle7_repo }}" + content_type: "yum" + product: "{{ foreman_convert2rhel_oracle7_product }}" + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi/server/7/7Server/x86_64/os" + mirror_on_sync: true + verify_ssl_on_sync: true + download_policy: immediate + state: present + when: foreman_convert2rhel_enable_oracle7 + +- name: "Create product and repositories '{{ foreman_convert2rhel_oracle8_product }}'" + ansible.builtin.include_role: + name: theforeman.foreman.repositories + vars: + foreman_products: + - name: "{{ foreman_convert2rhel_oracle8_product }}" + repositories: + - name: "{{ foreman_convert2rhel_oracle8_repo }}" + content_type: "yum" + product: "{{ foreman_convert2rhel_oracle8_product }}" + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/" + mirror_on_sync: true + verify_ssl_on_sync: true + download_policy: immediate + state: present + when: foreman_convert2rhel_enable_oracle8 diff --git a/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/sync.yml b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/sync.yml new file mode 100644 index 00000000..1dae6479 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/convert2rhel/tasks/sync.yml @@ -0,0 +1,44 @@ +--- +- name: "Synchronize repository '{{ foreman_convert2rhel_rhel7_repo }}'" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + repository: "{{ foreman_convert2rhel_rhel7_repo }}" + product: "{{ foreman_convert2rhel_rhel7_product }}" + when: foreman_content_rhel_enable_rhel7 + +- name: "Synchronize repository '{{ foreman_convert2rhel_rhel8_repo }}'" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + repository: "{{ foreman_convert2rhel_rhel8_repo }}" + product: "{{ foreman_convert2rhel_rhel8_product }}" + when: foreman_content_rhel_enable_rhel8 + +- name: "Synchronize repository '{{ foreman_convert2rhel_oracle7_repo }}'" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + repository: "{{ foreman_convert2rhel_oracle7_repo }}" + product: "{{ foreman_convert2rhel_oracle7_product }}" + when: foreman_convert2rhel_enable_oracle7 + +- name: "Synchronize repository '{{ foreman_convert2rhel_oracle8_repo }}'" + theforeman.foreman.repository_sync: + username: "{{ foreman_username }}" + password: "{{ foreman_password }}" + server_url: "{{ foreman_server_url }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + repository: "{{ foreman_convert2rhel_oracle8_repo }}" + product: "{{ foreman_convert2rhel_oracle8_product }}" + when: foreman_convert2rhel_enable_oracle8 diff --git a/ansible_collections/theforeman/foreman/roles/domains/README.md b/ansible_collections/theforeman/foreman/roles/domains/README.md new file mode 100644 index 00000000..4998b37f --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/domains/README.md @@ -0,0 +1,41 @@ +theforeman.foreman.domains +========================== + +This role creates and manages Domains. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_domains`. Each `domain` requires the following fields: + +- `name`: The name of the domain. + +The following fields are optional and will be omitted by default: + +- `description`: Description of the domain. +- `dns_proxy`: DNS proxy to use within this domain for managing A records. +- `parameters`: Domain specific host parameters. + +Example Playbook +---------------- + +Create a domain `example.org`. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.domains + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_domains: + - name: "example.org" + description: "Example Domain" + locations: + - "Uppsala" + organizations: + - "ACME" +``` diff --git a/ansible_collections/theforeman/foreman/roles/domains/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/domains/tasks/main.yml new file mode 100644 index 00000000..8957db86 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/domains/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: 'Create Domains' # noqa: args[module] + theforeman.foreman.domain: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + locations: "{{ item.locations | default(omit) }}" + organizations: "{{ item.organizations | default(omit) }}" + parameters: "{{ item.parameters | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_domains }}" diff --git a/ansible_collections/theforeman/foreman/roles/hostgroups/README.md b/ansible_collections/theforeman/foreman/roles/hostgroups/README.md new file mode 100644 index 00000000..3b1af611 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/hostgroups/README.md @@ -0,0 +1,75 @@ +theforeman.foreman.hostgroups +============================= + +This role creates and manages Hostgroups. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +- `foreman_hostgroups`: List of hostgroups to manage that are each represented as a dictionary. See module documentation for a list of available options for each hostgroup. + Hostgroups may have any set of fields defined on them and may optionally define a `parent` for nested hostgroups. + A variety of examples are demonstrated in the data structure below: + +```yaml +foreman_hostgroups: + - name: "Basic example" + architecture: "x86_64" + operatingsystem: "CentOS" + medium: "media_name" + ptable: "partition_table_name" + - name: "Proxies hostgroup" + environment: production + puppet_proxy: puppet-proxy.example.com + puppet_ca_proxy: puppet-proxy.example.com + openscap_proxy: openscap-proxy.example.com + - name: "CentOS 7" + organization: "Default Organization" + lifecycle_environment: "Production" + content_view: "CentOS 7" + activation_keys: centos-7 + - name: "Webserver" + parent: "CentOS 7" + environment: production + puppet_proxy: puppet-proxy.example.com + puppet_ca_proxy: puppet-proxy.example.com + openscap_proxy: openscap-proxy.example.com +``` + +Example Playbooks +----------------- + +This example creates several hostgroups with some nested examples. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.hostgroups + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_hostgroups: + - name: "Basic example" + architecture: "x86_64" + operatingsystem: "CentOS" + medium: "media_name" + ptable: "partition_table_name" + - name: "Proxies hostgroup" + environment: production + puppet_proxy: puppet-proxy.example.com + puppet_ca_proxy: puppet-proxy.example.com + openscap_proxy: openscap-proxy.example.com + - name: "CentOS 7" + organization: "Default Organization" + lifecycle_environment: "Production" + content_view: "CentOS 7" + activation_keys: centos-7 + - name: "Webserver" + parent: "CentOS 7" + environment: production + puppet_proxy: puppet-proxy.example.com + puppet_ca_proxy: puppet-proxy.example.com + openscap_proxy: openscap-proxy.example.com +``` diff --git a/ansible_collections/theforeman/foreman/roles/hostgroups/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/hostgroups/tasks/main.yml new file mode 100644 index 00000000..18627a4f --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/hostgroups/tasks/main.yml @@ -0,0 +1,42 @@ +--- +- name: 'Create Hostgroups' # noqa: args[module] + theforeman.foreman.hostgroup: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + updated_name: "{{ item.updated_name | default(omit) }}" + description: "{{ item.description | default(omit) }}" + parent: "{{ item.parent | default(omit) }}" + organization: "{{ item.organization | default(omit) }}" + organizations: "{{ item.organizations | default(omit) }}" + locations: "{{ item.locations | default(omit) }}" + architecture: "{{ item.architecture | default(omit) }}" + operatingsystem: "{{ item.operatingsystem | default(omit) }}" + medium: "{{ item.medium | default(omit) }}" + ptable: "{{ item.ptable | default(omit) }}" + parameters: "{{ item.parameters | default(omit) }}" + ansible_roles: "{{ item.ansible_roles | default(omit) }}" + compute_resource: "{{ item.compute_resource | default(omit) }}" + compute_profile: "{{ item.compute_profile | default(omit) }}" + domain: "{{ item.domain | default(omit) }}" + subnet: "{{ item.subnet | default(omit) }}" + subnet6: "{{ item.subnet6 | default(omit) }}" + root_pass: "{{ item.root_pass | default(omit) }}" + realm: "{{ item.realm | default(omit) }}" + pxe_loader: "{{ item.pxe_loader | default(omit) }}" + environment: "{{ item.environment | default(omit) }}" + puppetclasses: "{{ item.puppetclasses | default(omit) }}" + config_groups: "{{ item.config_groups | default(omit) }}" + puppet_proxy: "{{ item.puppet_proxy | default(omit) }}" + puppet_ca_proxy: "{{ item.puppet_ca_proxy | default(omit) }}" + openscap_proxy: "{{ item.openscap_proxy | default(omit) }}" + content_source: "{{ item.content_source | default(omit) }}" + lifecycle_environment: "{{ item.lifecycle_environment | default(omit) }}" + kickstart_repository: "{{ item.kickstart_repository | default(omit) }}" + content_view: "{{ item.content_view | default(omit) }}" + activation_keys: "{{ item.activation_keys | default(omit) }}" + state: "{{ item.state | default(omit) }}" + with_items: + - "{{ foreman_hostgroups }}" diff --git a/ansible_collections/theforeman/foreman/roles/lifecycle_environments/README.md b/ansible_collections/theforeman/foreman/roles/lifecycle_environments/README.md new file mode 100644 index 00000000..f3424927 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/lifecycle_environments/README.md @@ -0,0 +1,75 @@ +theforeman.foreman.lifecycle_environments +========================================= + +This role creates and manages Lifecycle Environments. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_lifecycle_environments`. Each `lifecycle_environment` requires the following fields: + +- `name`: The name of the lifecycle environment. +- `prior`: The name of the previous lifecycle environment to attach to in + sequence. For the first lifecycle environment in a new path, set the prior + lifecycle environment to Library. The order of definition matters, ensure that + the environments are listed in the order the path would exist. It can't be + changed after the lifecycle environment has been created. + +The following fields are optional and will be omitted by default: + +- `description`: Description of the lifecycle environment +- `label`: A permanent label for identifying the lifecycle environment to tools + such as subscription-manager. This is created by the server if omitted. It + can't be changed after the lifecycle environment has been created. + +Example Playbooks +----------------- + +Create a lifecycle environment path with three environments: Library -> Dev -> Test -> Prod + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.lifecycle_environments + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_lifecycle_environments: + - name: "Dev" + prior: "Library" + - name: "Test" + prior: "Dev" + - name: "Prod" + prior: "Test" +``` + +Create two lifecycle environment paths: Library -> Dev -> Test -> Prod and Library -> QA -> Stage -> Prod + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.lifecycle_environments + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_lifecycle_environments: + - name: "Dev" + prior: "Library" + - name: "Test" + prior: "Dev" + - name: "Prod" + prior: "Test" + + - name: "QA" + prior: "Library" + - name: "Stage" + prior: "QA" + - name: "Prod" + prior: "Stage" +``` diff --git a/ansible_collections/theforeman/foreman/roles/lifecycle_environments/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/lifecycle_environments/tasks/main.yml new file mode 100644 index 00000000..f6f0ea1b --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/lifecycle_environments/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: 'Create Lifecycle Environments' + theforeman.foreman.lifecycle_environment: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + description: "{{ item.description | default(omit) }}" + prior: "{{ item.prior }}" + label: "{{ item.label | default(omit) }}" + state: present + with_items: + - "{{ foreman_lifecycle_environments }}" diff --git a/ansible_collections/theforeman/foreman/roles/manifest/README.md b/ansible_collections/theforeman/foreman/roles/manifest/README.md new file mode 100644 index 00000000..ecda345e --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/manifest/README.md @@ -0,0 +1,50 @@ +theforeman.foreman.manifest +=========================== + +Upload Subscription Manifest + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +- `foreman_manifest_path`: Path to subscription Manifest file on Ansible target host. When using `manifest_download`, it is first downloaded to this location from the Red Hat Customer Portal before being uploaded to the Foreman server. +- `foreman_manifest_download`: Whether to first download the Manifest from the Red Hat Customer Portal. Defaults to `False`. +- `foreman_manifest_uuid`: UUID of the Manifest to download, corresponding to a [Subscription Allocation](https://access.redhat.com/management/subscription_allocations) defined on your Red Hat account. Required when `manifest_download` is `True`. +- `foreman_rhsm_username`: Your username for the Red Hat Customer Portal. Required when `foreman_manifest_download` is `true`. +- `foreman_rhsm_password`: Your password for the Red Hat Customer Portal. Required when `foreman_manifest_download` is `true`. + +Example Playbooks +----------------- + +Use a Subscription Manifest which has already been downloaded on localhost at `~/manifest.zip`: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.manifest + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_manifest_path: "~/manifest.zip" +``` + +Download the Subscription Manifest from the Red Hat Customer Portal to localhost before uploading to Foreman server: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.manifest + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_manifest_path: "~/manifest.zip" + foreman_manifest_download: True + foreman_rhsm_username: "happycustomer" + foreman_rhsm_password: "$ecur3p4$$w0rd" + foreman_manifest_uuid: "01234567-89ab-cdef-0123-456789abcdef" +``` diff --git a/ansible_collections/theforeman/foreman/roles/manifest/defaults/main.yml b/ansible_collections/theforeman/foreman/roles/manifest/defaults/main.yml new file mode 100644 index 00000000..373f40b2 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/manifest/defaults/main.yml @@ -0,0 +1,2 @@ +--- +foreman_manifest_download: false diff --git a/ansible_collections/theforeman/foreman/roles/manifest/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/manifest/tasks/main.yml new file mode 100644 index 00000000..01ab15cc --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/manifest/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: Download Subscription Manifest from Red Hat Customer Portal + theforeman.foreman.redhat_manifest: + uuid: "{{ foreman_manifest_uuid }}" + username: "{{ foreman_rhsm_username }}" + password: "{{ foreman_rhsm_password }}" + path: "{{ foreman_manifest_path }}" + when: foreman_manifest_download + +- name: Upload Subscription Manifest to Foreman + theforeman.foreman.subscription_manifest: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + manifest_path: "{{ foreman_manifest_path }}" + state: "{{ foreman_manifest_state | default('present') }}" diff --git a/ansible_collections/theforeman/foreman/roles/operatingsystems/README.md b/ansible_collections/theforeman/foreman/roles/operatingsystems/README.md new file mode 100644 index 00000000..1f4ff182 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/operatingsystems/README.md @@ -0,0 +1,43 @@ +theforeman.foreman.operatingsystems +=================================== + +This role creates and manages Operatingsystems. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_operatingsystems`. Each `operatingsystem` requires the following fields: + +- `name`: The name of the operatingsystem. + +For all other fields see the `operatingsystem` module. The field `default_templates` can also be used to assign +default provisioning templates for the operatingsystem where each `template` consists of the fields from the module +`os_default_template`. + +Example Playbook +---------------- + +Create operating system `RedHat 8.5` and assign it templates for provisioning using `cloud-init` and `open-vm-tools`: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.operatingsystems + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_operatingsystems: + - name: "RedHat" + major: "8" + minor: "5" + os_family: "Redhat" + password_hash: "SHA256" + default_templates: + - template_kind: "cloud-init" + provisioning_template: "CloudInit default" + - template_kind: "user_data" + provisioning_template: "UserData open-vm-tools" +``` diff --git a/ansible_collections/theforeman/foreman/roles/operatingsystems/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/operatingsystems/tasks/main.yml new file mode 100644 index 00000000..49b447b2 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/operatingsystems/tasks/main.yml @@ -0,0 +1,35 @@ +--- +- name: 'Create Operatingsystems' # noqa: args[module] + theforeman.foreman.operatingsystem: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + architectures: "{{ item.architectures | default(omit) }}" + description: "{{ item.description | default(omit) }}" + major: "{{ item.major | default(omit) }}" + media: "{{ item.media | default(omit) }}" + minor: "{{ item.minor | default(omit) }}" + os_family: "{{ item.os_family | default(omit) }}" + parameters: "{{ item.parameters | default(omit) }}" + password_hash: "{{ item.password_hash | default(omit) }}" + provisioning_templates: "{{ item.provisioning_templates | default(omit) }}" + ptables: "{{ item.ptables | default(omit) }}" + release_name: "{{ item.release_name | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_operatingsystems }}" + +- name: 'Set default templates for Operatingsystems' + vars: + default_os_name: "{{ item.0.name }} {{ item.0.major }}.{{ item.0.minor | default('0') }}" + theforeman.foreman.os_default_template: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + operatingsystem: "{{ item.0.description | default(default_os_name) }}" + provisioning_template: "{{ item.1.provisioning_template | default(omit) }}" + template_kind: "{{ item.1.template_kind }}" + state: "{{ item.1.state | default('present') }}" + loop: "{{ foreman_operatingsystems | subelements('default_templates', {'skip_missing': True}) }}" diff --git a/ansible_collections/theforeman/foreman/roles/organizations/README.md b/ansible_collections/theforeman/foreman/roles/organizations/README.md new file mode 100644 index 00000000..e5d87ebf --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/organizations/README.md @@ -0,0 +1,44 @@ +theforeman.foreman.organizations +================================ + +This role creates and manages organizations. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_organizations`. Each `organization` requires the following fields: + +- `name`: The name of the organization. + +The following fields are optional in the sense that the server will use default values when they are omitted: + +- `label`: The label of the organization. +- `description`: The description of the organization. +- `state`: The state of the organization. Can be `present` or `absent`. + +Example Playbooks +----------------- + +```yaml +--- +- name: add organizations to foreman + hosts: localhost + gather_facts: false + roles: + - role: theforeman.foreman.organizations + vars: + foreman_server_url: https://foreman.example.com + foreman_username: admin + foreman_password: changeme + foreman_organizations: + - name: raleigh + label: rdu + state: present + - name: default + label: boring + state: absent + - name: lanai + description: pacific datacenter +``` diff --git a/ansible_collections/theforeman/foreman/roles/organizations/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/organizations/tasks/main.yml new file mode 100644 index 00000000..c130b0d3 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/organizations/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- name: Add organizations + theforeman.foreman.organization: + name: "{{ foreman_organizations_item.name }}" + description: "{{ foreman_organizations_item.description | default(omit) }}" + label: "{{ foreman_organizations_item.label | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + state: "{{ foreman_organizations_item.state | default(omit) }}" + loop: "{{ foreman_organizations | default([]) }}" + loop_control: + loop_var: foreman_organizations_item diff --git a/ansible_collections/theforeman/foreman/roles/provisioning_templates/README.md b/ansible_collections/theforeman/foreman/roles/provisioning_templates/README.md new file mode 100644 index 00000000..1cdc9538 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/provisioning_templates/README.md @@ -0,0 +1,33 @@ +theforeman.foreman.provisioning_templates +========================================= + +This role creates and manages Provisioning Templates. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_provisioning_templates`. Each `provisioning_template` accepts fields according to the module `provisioning_template`. + +Example Playbook +---------------- + +Create a custom template `CloudInit vSphere` using the file `files/cloudinit_vsphere.erb` and assign it to the +operating systems `RedHat 7.9` and `RedHat 8.5`: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.provisioning_templates + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_provisioning_templates: + - name: CloudInit vSphere + template: "{{ lookup('file', 'cloudinit_vsphere.erb') }}" + operatingsystems: + - RedHat 7.9 + - RedHat 8.5 +``` diff --git a/ansible_collections/theforeman/foreman/roles/provisioning_templates/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/provisioning_templates/tasks/main.yml new file mode 100644 index 00000000..0111a9bf --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/provisioning_templates/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: 'Create Provisioning Templates' # noqa: args[module] + theforeman.foreman.provisioning_template: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + audit_comment: "{{ item.audit_comment | default(omit) }}" + file_name: "{{ item.file_name | default(omit) }}" + kind: "{{ item.kind | default(omit) }}" + locations: "{{ item.locations | default(omit) }}" + locked: "{{ item.locked | default(omit) }}" + operatingsystems: "{{ item.operatingsystems | default(omit) }}" + organizations: "{{ item.organizations | default(omit) }}" + template: "{{ item.template | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_provisioning_templates }}" diff --git a/ansible_collections/theforeman/foreman/roles/repositories/README.md b/ansible_collections/theforeman/foreman/roles/repositories/README.md new file mode 100644 index 00000000..fd224e8d --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/repositories/README.md @@ -0,0 +1,117 @@ +theforeman.foreman.repositories +=============================== + +This role defines Products and Custom Repositories and enables Red Hat Repositories. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +- `foreman_products`: List of products to manage. + Each product is represented as a dictionary and can include `repository_sets` which represent Red Hat Repositories and should be used when the product name matches an existing Red Hat Product. + Each element of `repository_sets` must have a `name` and should specify the `basearch` and/or `releasever` only when multiple versions are available for that Product. + All repository sets for a Red Hat Product can be enabled by omitting `repository_sets` and instead specifying that the Product has `all_repositories: True`. When using this option it is also necessary to specify a list of repository `label`s for the Product (e.g. rhel-7-server-rpms). Be wary that this option can result in enabling a large number of unused repositories that, if added to sync plans, can greatly increase sync times and rapidly fill disk space. + Custom (i.e. non Red Hat) Products can also be defined, with associated `repositories` which represent custom repositories, and are required to have a `name`, `url`, and `content_type`; they may require additional fields and can take any parameter supported by [theforeman.foreman.repository](https://theforeman.github.io/foreman-ansible-modules/develop/plugins/repository_module.html). + A variety of examples are demonstrated in the data structure below: + +```yaml +foreman_products: + - name: Red Hat Enterprise Linux Server + repository_sets: + - name: Red Hat Enterprise Linux 7 Server (RPMs) + basearch: x86_64 + releasever: 7Server + - name: Red Hat Enterprise Linux 6 Server (RPMs) + basearch: x86_64 + releasever: 6Server + - name: Red Hat Enterprise Linux 7 Server - Extras (RPMs) + basearch: x86_64 + - name: Red Hat Enterprise Linux 7 Server - Optional (RPMs) + basearch: x86_64 + releasever: 7Server + - name: Red Hat Software Collections (for RHEL Server) + repository_sets: + - name: Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server + basearch: x86_64 + releasever: 7Server + - name: Red Hat Software Collections RPMs for Red Hat Enterprise Linux 6 Server + basearch: x86_64 + releasever: 6Server + - name: Red Hat Enterprise Linux for x86_64 + repository_sets: + - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) + releasever: 8 + - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) + releasever: 8 + - name: Red Hat Software Collections (for RHEL Server) + all_repositories: True + labels: + - rhel-server-rhscl-7-rpms + - name: CentOS Stream 8 + repositories: + - name: BaseOS x86_64 + content_type: yum + url: http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/ + - name: AppStream x86_64 + content_type: yum + url: http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os/ + - name: Debian 10 + repositories: + - name: Debian 10 main + content_type: deb + url: http://deb.debian.org/debian + deb_components: main + deb_architectures: amd64 + deb_releases: buster + - name: Foreman Client + repositories: + - name: Foreman Client Debian 10 + url: https://apt.atix.de/debian + content_type: deb + deb_components: main + deb_architectures: amd64 + deb_releases: stable + - name: Foreman Client CentOS 7 + url: https://yum.theforeman.org/client/latest/el7/x86_64/ + content_type: yum +``` + +Example Playbooks +----------------- + +This example enables several Red Hat Repositories. There are a few important points to note about the structure of the data in the example: +- RHEL 8 repos have a different product name than previous RHEL versions. +- The RHEL 8 product already contains the `basearch` so it should not be specified on the RHEL 8 `repository_sets`, and the naming convention for `releasever` changed with RHEL 8 since system purpose removes the need for separate distributions like `Server` and `Workstation`. +- The optional and extras repositories do not have point releases so `releasever` should be omitted. + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.repositories + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_products: + - name: Red Hat Enterprise Linux Server + repository_sets: + - name: Red Hat Enterprise Linux 7 Server (RPMs) + basearch: x86_64 + releasever: 7Server + - name: Red Hat Enterprise Linux 6 Server (RPMs) + basearch: x86_64 + releasever: 6Server + - name: Red Hat Enterprise Linux 7 Server - Extras (RPMs) + basearch: x86_64 + - name: Red Hat Enterprise Linux 7 Server - Optional (RPMs) + basearch: x86_64 + releasever: 7Server + - name: Red Hat Enterprise Linux for x86_64 + repository_sets: + - name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) + releasever: 8 + - name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) + releasever: 8 +``` diff --git a/ansible_collections/theforeman/foreman/roles/repositories/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/repositories/tasks/main.yml new file mode 100644 index 00000000..b73ca27c --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/repositories/tasks/main.yml @@ -0,0 +1,92 @@ +--- +- name: 'Enable Red Hat Repositories' + theforeman.foreman.repository_set: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + product: "{{ item.0.name }}" + name: "{{ item.1.name }}" + all_repositories: false + state: enabled + repositories: + - releasever: "{{ item.1.releasever | default(omit) }}" + basearch: "{{ item.1.basearch | default(omit) }}" + with_subelements: + - "{{ foreman_products | selectattr('repository_sets', 'defined') | list }}" + - repository_sets + +- name: 'Enable Red Hat Repository Sets' + theforeman.foreman.repository_set: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + label: "{{ item.1 }}" + all_repositories: true + state: enabled + with_subelements: + - "{{ foreman_products | selectattr('all_repositories', 'defined') | selectattr('all_repositories', 'equalto', True) | list }}" + - labels + +- name: 'Create Products' + theforeman.foreman.product: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + label: "{{ item.label | default(omit) }}" + gpg_key: "{{ item.gpg_key | default(omit) }}" + state: present + with_items: + - "{{ foreman_products | selectattr('repositories', 'defined') | list }}" + +- name: 'Create Repositories' # noqa: args[module] + theforeman.foreman.repository: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.1.name }}" + url: "{{ item.1.url | default(omit) }}" + product: "{{ item.0.name }}" + arch: "{{ item.1.arch | default(omit) }}" + auto_enabled: "{{ item.1.auto_enabled | default(omit) }}" + checksum_type: "{{ item.1.checksum_type | default(omit) }}" + content_type: "{{ item.1.content_type }}" + deb_architectures: "{{ item.1.deb_architectures | default(omit) }}" + deb_components: "{{ item.1.deb_components | default(omit) }}" + deb_errata_url: "{{ item.1.deb_errata_url | default(omit) }}" + deb_releases: "{{ item.1.deb_releases | default(omit) }}" + description: "{{ item.1.description | default(omit) }}" + docker_tags_whitelist: "{{ item.1.docker_tags_whitelist | default(omit) }}" + docker_upstream_name: "{{ item.1.docker_upstream_name | default(omit) }}" + include_tags: "{{ item.1.include_tags | default(omit) }}" + exclude_tags: "{{ item.1.exclude_tags | default(omit) }}" + download_policy: "{{ item.1.download_policy | default(omit) }}" + gpg_key: "{{ item.1.gpg_key | default(omit) }}" + http_proxy: "{{ item.1.http_proxy | default(omit) }}" + http_proxy_policy: "{{ item.1.http_proxy_policy | default(omit) }}" + ignorable_content: "{{ item.1.ignorable_content | default(omit) }}" + ignore_global_proxy: "{{ item.1.ignore_global_proxy | default(omit) }}" + label: "{{ item.1.label | default(omit) }}" + mirror_on_sync: "{{ item.1.mirror_on_sync | default(omit) }}" + mirroring_policy: "{{ item.1.mirroring_policy | default(omit) }}" + os_versions: "{{ item.1.os_versions | default(omit) }}" + ssl_ca_cert: "{{ item.1.ssl_ca_cert | default(omit) }}" + ssl_client_cert: "{{ item.1.ssl_client_cert | default(omit) }}" + ssl_client_key: "{{ item.1.ssl_client_key | default(omit) }}" + state: present + unprotected: "{{ item.1.unprotected | default(omit) }}" + upstream_password: "{{ item.1.upstream_password | default(omit) }}" + upstream_username: "{{ item.1.upstream_username | default(omit) }}" + verify_ssl_on_sync: "{{ item.1.verify_ssl_on_sync | default(omit) }}" + ansible_collection_requirements: "{{ item.1.ansible_collection_requirements | default(omit) }}" + with_subelements: + - "{{ foreman_products | selectattr('repositories', 'defined') | list }}" + - repositories diff --git a/ansible_collections/theforeman/foreman/roles/settings/README.md b/ansible_collections/theforeman/foreman/roles/settings/README.md new file mode 100644 index 00000000..742804d7 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/settings/README.md @@ -0,0 +1,31 @@ +theforeman.foreman.settings +=========================== + +This role creates and manages Settings. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_settings`. Each `setting` must contain the field `name` and may contain the optional field `value` which if empty will reset the setting to the default value. + +Example Playbook +---------------- + +Enable *Destroy associated VM on host delete* and disable *Clean up failed deployment*: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.settings + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_settings: + - name: destroy_vm_on_host_delete + value: true + - name: clean_up_failed_deployment + value: false +``` diff --git a/ansible_collections/theforeman/foreman/roles/settings/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/settings/tasks/main.yml new file mode 100644 index 00000000..f5a26bc9 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/settings/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: 'Create Settings' + theforeman.foreman.setting: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + value: "{{ item.value | default(omit) }}" + loop: "{{ foreman_settings }}" diff --git a/ansible_collections/theforeman/foreman/roles/subnets/README.md b/ansible_collections/theforeman/foreman/roles/subnets/README.md new file mode 100644 index 00000000..2a6f3fd1 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/subnets/README.md @@ -0,0 +1,53 @@ +theforeman.foreman.subnets +========================== + +This role creates and manages Subnets. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +The main data structure for this role is the list of `foreman_subnets`. Each `subnet` requires the following fields: + +- `name`: The name of the subnet. +- `network`: Subnet IP address. + +For all other fields see the `subnet` module. + +Example Playbook +---------------- + +Create subnet `192.168.0.0/26`: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.subnets + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_subnets: + - name: "My subnet" + description: "My description" + network: "192.168.0.0" + mask: "255.255.255.192" + gateway: "192.168.0.1" + from_ip: "192.168.0.2" + to_ip: "192.168.0.42" + boot_mode: "Static" + dhcp_proxy: "smart-proxy1.foo.example.com" + tftp_proxy: "smart-proxy1.foo.example.com" + dns_proxy: "smart-proxy2.foo.example.com" + template_proxy: "smart-proxy2.foo.example.com" + vlanid: 452 + mtu: 9000 + domains: + - "foo.example.com" + - "bar.example.com" + organizations: + - "Example Org" + locations: + - "Uppsala" +``` diff --git a/ansible_collections/theforeman/foreman/roles/subnets/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/subnets/tasks/main.yml new file mode 100644 index 00000000..7bb50ff5 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/subnets/tasks/main.yml @@ -0,0 +1,38 @@ +--- +- name: 'Create Subnets' # noqa: args[module] + theforeman.foreman.subnet: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + name: "{{ item.name }}" + bmc_proxy: "{{ item.bmc_proxy | default(omit) }}" + boot_mode: "{{ item.boot_mode | default(omit) }}" + cidr: "{{ item.cidr | default(omit) }}" + description: "{{ item.description | default(omit) }}" + dhcp_proxy: "{{ item.dhcp_proxy | default(omit) }}" + discovery_proxy: "{{ item.discovery_proxy | default(omit) }}" + dns_primary: "{{ item.dns_primary | default(omit) }}" + dns_proxy: "{{ item.dns_proxy | default(omit) }}" + dns_secondary: "{{ item.dns_secondary | default(omit) }}" + domains: "{{ item.domains | default(omit) }}" + externalipam_group: "{{ item.externalipam_group | default(omit) }}" + externalipam_proxy: "{{ item.externalipam_proxy | default(omit) }}" + from_ip: "{{ item.from_ip | default(omit) }}" + gateway: "{{ item.gateway | default(omit) }}" + httpboot_proxy: "{{ item.httpboot_proxy | default(omit) }}" + ipam: "{{ item.ipam | default(omit) }}" + locations: "{{ item.locations | default(omit) }}" + mask: "{{ item.mask | default(omit) }}" + mtu: "{{ item.mtu | default(omit) }}" + network: "{{ item.network | default(omit) }}" + network_type: "{{ item.network_type | default(omit) }}" + organizations: "{{ item.organizations | default(omit) }}" + parameters: "{{ item.parameters | default(omit) }}" + remote_execution_proxies: "{{ item.remote_execution_proxies | default(omit) }}" + template_proxy: "{{ item.template_proxy | default(omit) }}" + tftp_proxy: "{{ item.tftp_proxy | default(omit) }}" + to_ip: "{{ item.to_ip | default(omit) }}" + vlanid: "{{ item.vlanid | default(omit) }}" + state: "{{ item.state | default('present') }}" + loop: "{{ foreman_subnets }}" diff --git a/ansible_collections/theforeman/foreman/roles/sync_plans/README.md b/ansible_collections/theforeman/foreman/roles/sync_plans/README.md new file mode 100644 index 00000000..179d8591 --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/sync_plans/README.md @@ -0,0 +1,84 @@ +theforeman.foreman.sync_plans +============================= + +This role defines Sync Plans. + +Role Variables +-------------- + +This role supports the [Common Role Variables](https://github.com/theforeman/foreman-ansible-modules/blob/develop/README.md#common-role-variables). + +- `foreman_sync_plans`: List of sync plans to create. Each sync plan is represented as a dictionary which specifies the `name` of the sync plan and the `products` assigned to the sync plan. It also specifies the `interval` which can be 'hourly', 'daily', 'weekly', or 'custom cron'. In case the 'custom cron' `interval` is used, it should also specify the `cron_expression`. Finally the sync plan should have a `sync_date` which specifies the first time that the sync plan will run. Optionally the sync plan can be enabled and disabled using the `enabled` parameter, and its state can be managed using `state`. + +```yaml +foreman_sync_plans: + - name: Weekly Sync + interval: weekly + sync_date: 2020-11-07 00:00:00 UTC + products: + - Red Hat Enterprise Linux Server + - Red Hat Software Collections (for RHEL Server) + - Red Hat Enterprise Linux for x86_64 + - CentOS 8 + - Debian 10 + - name: Monthly Foreman Client Sync + interval: custom cron + cron_expression: 0 6 8 * * + sync_date: 2020-11-08 00:06:00 UTC + products: + - Foreman Client + - name: Weeky Ubuntu Sync (disabled) + interval: weekly + sync_date: 2020-11-07 00:00:00 UTC + products: + - Ubuntu 22.04 + enabled: false +``` + +Example Playbooks +----------------- + +Create two sync plans: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.sync_plans + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_sync_plans: + - name: Weekly Sync + interval: weekly + sync_date: 2020-11-07 00:00:00 UTC + products: + - Red Hat Enterprise Linux Server + - Red Hat Enterprise Linux for x86_64 + - name: Daily Sync + interval: daily + sync_date: 2020-11-08 00:00:00 UTC + products: + - Red Hat Software Collections (for RHEL Server) +``` + +Create a single sync plan which has all defined products (those defined in the `foreman_products` dictionary in ansible vars, for example as defined in the role documentation for [theforeman.foreman.repositories](https://github.com/theforeman/foreman-ansible-modules/tree/develop/roles/repositories#role-variables)) assigned to it: + +```yaml +- hosts: localhost + roles: + - role: theforeman.foreman.sync_plans + vars: + foreman_server_url: https://foreman.example.com + foreman_username: "admin" + foreman_password: "changeme" + foreman_organization: "Default Organization" + foreman_sync_plans: + - name: Weekly Sync + interval: weekly + sync_date: 2020-11-07 00:00:00 UTC + products: "{{ foreman_products | map(attribute='name') | list }}" +``` + +The above example assumes that a yaml dictionary `foreman_products` is already defined in Ansible variables. It uses yaml methods to select the name of each product from that dictionary, convert them all to a list, and pass that list to the definition of the sync plan. diff --git a/ansible_collections/theforeman/foreman/roles/sync_plans/tasks/main.yml b/ansible_collections/theforeman/foreman/roles/sync_plans/tasks/main.yml new file mode 100644 index 00000000..a98d613e --- /dev/null +++ b/ansible_collections/theforeman/foreman/roles/sync_plans/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: 'Create Sync Plans' + theforeman.foreman.sync_plan: + username: "{{ foreman_username | default(omit) }}" + password: "{{ foreman_password | default(omit) }}" + server_url: "{{ foreman_server_url | default(omit) }}" + validate_certs: "{{ foreman_validate_certs | default(omit) }}" + organization: "{{ foreman_organization }}" + name: "{{ item.name }}" + sync_date: "{{ item.sync_date }}" + interval: "{{ item.interval }}" + cron_expression: "{{ item.cron_expression | default(omit) }}" + enabled: "{{ item.enabled | default(true) }}" + products: "{{ item.products }}" + state: "{{ item.state | default(omit) }}" + with_items: "{{ foreman_sync_plans | default([]) }}" |