# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.​0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- # This role will not group the devices if user provides invalid credentials - name: Create inventory in awx hosts: device_inventory connection: local gather_facts: false tasks: - name: Include collect_device_info vars include_vars: "{{ playbook_dir }}/../vars/main.yml" run_once: true - name: Include variable file base_vars.yml include_vars: "{{ base_vars_file }}" run_once: true - name: Check if tower_config_file file is encrypted command: cat "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" changed_when: false no_log: true register: tower_config_content run_once: true - name: Decrypt tower_config_file command: >- ansible-vault decrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" --vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key" changed_when: false when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout" run_once: true - name: Change file permissions file: path: "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" mode: "{{ file_perm }}" run_once: true - name: Fetch awx host command: grep "host:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" register: fetch_awx_host changed_when: false run_once: true - name: Fetch awx username command: grep "username:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" register: fetch_awx_username changed_when: false run_once: true no_log: true - name: Fetch awx password command: grep "password:" "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" register: fetch_awx_password changed_when: false run_once: true no_log: true - name: Set awx variables set_fact: awx_host: "{{ fetch_awx_host.stdout | regex_replace('host: ','') }}" awx_username: "{{ fetch_awx_username.stdout | regex_replace('username: ','') }}" awx_password: "{{ fetch_awx_password.stdout | regex_replace('password: ','') }}" no_log: true - name: Encrypt tower_config_file command: >- ansible-vault encrypt "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" --vault-password-file "{{ playbook_dir }}/../../webui_awx/files/.tower_vault_key" changed_when: false when: "'$ANSIBLE_VAULT;' in tower_config_content.stdout" run_once: true - name: Change file permissions file: path: "{{ playbook_dir }}/../../webui_awx/files/.tower_cli.cfg" mode: "{{ file_perm }}" run_once: true - name: Check if {{ login_vars_file }} file is encrypted command: cat {{ login_vars_file }} changed_when: false no_log: true register: config_content run_once: true - name: Decrpyt {{ login_vars_file }} command: >- ansible-vault decrypt {{ login_vars_file }} --vault-password-file {{ login_vault_file }} when: "'$ANSIBLE_VAULT;' in config_content.stdout" changed_when: false run_once: true - name: Include variable file {{ login_vars_file }} include_vars: "{{ login_vars_file }}" no_log: true run_once: true - name: Encrypt {{ login_vars_file }} command: >- ansible-vault encrypt {{ login_vars_file }} --vault-password-file {{ login_vault_file }} changed_when: false when: "'$ANSIBLE_VAULT;' in config_content.stdout" run_once: true - name: Install paramiko command: pip3 install paramiko -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com delegate_to: localhost run_once: true changed_when: false - name: Initialize variables set_fact: idrac_inventory_status: false ethernet_inventory_status: false ib_inventory_status: false powervault_me4_status: false - name: idrac_inventory validation tasks block: - name: Fetch the hosts in idrac_inventory command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts list --inventory idrac_inventory -f human --filter "name" changed_when: false no_log: true run_once: true register: idrac_hosts - name: Assert idrac IP dellemc.openmanage.idrac_system_info: idrac_ip: "{{ inventory_hostname }}" idrac_user: "{{ idrac_username }}" idrac_password: "{{ idrac_password }}" register: idrac_info when: inventory_hostname not in idrac_hosts.stdout - name: Set idrac_inventory_status set_fact: idrac_inventory_status: true when: - inventory_hostname not in idrac_hosts.stdout - idrac_search_key in idrac_info.system_info.iDRAC[0].ProductInfo rescue: - name: Failed while adding device to idrac_inventory debug: msg: "{{ idrac_inventory_fail_msg }}" when: not idrac_inventory_status - name: Add host to awx idrac_inventory block: - name: Add the host to awx idrac_inventory if not present command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts create --name {{ inventory_hostname }} --inventory idrac_inventory changed_when: true no_log: true rescue: - name: Failed while adding device to idrac_inventory debug: msg: "{{ idrac_inventory_fail_msg }}" when: idrac_inventory_status - name: ethernet_inventory validation tasks block: - name: Fetch the hosts in ethernet inventory command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts list --inventory ethernet_inventory -f human --filter "name" changed_when: false no_log: true register: ethernet_switches - name: Assert ethernet switch dellos10_command: provider: host: "{{ inventory_hostname }}" username: "{{ ethernet_switch_username }}" password: "{{ ethernet_switch_password }}" commands: ['show version'] when: inventory_hostname not in ethernet_switches.stdout register: dellswitch_info no_log: true - name: Set ethernet_inventory_status set_fact: ethernet_inventory_status: true when: - inventory_hostname not in ethernet_switches.stdout - dellswitch_info.stdout | regex_search(ethernet_search_key) rescue: - name: Failed while adding device to ethernet_inventory debug: msg: "{{ ethernet_inventory_fail_msg }}" when: - not idrac_inventory_status - not ethernet_inventory_status - inventory_hostname not in idrac_hosts.stdout - name: Add the host to awx ethernet inventory block: - name: Add the host to awx ethernet inventory if not present command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts create --name {{ inventory_hostname }} --inventory ethernet_inventory changed_when: true no_log: true rescue: - name: Failed while adding device to ethernet_inventory debug: msg: "{{ ethernet_inventory_fail_msg }}" when: ethernet_inventory_status - name: ib_inventory validation tasks block: - name: Fetch the hosts in infiniband inventory command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts list --inventory infiniband_inventory -f human --filter "name" changed_when: false no_log: true register: infiniband_switches - name: Authenticate infiniband Switch uri: url: http://{{ inventory_hostname }}/admin/launch?script=rh&template=login&action=login method: POST body_format: form-urlencoded body: f_user_id: "{{ ib_username }}" f_password: "{{ ib_password }}" enter: Sign in status_code: "{{ infiniband_status_code }}" no_log: true register: login when: inventory_hostname not in infiniband_switches.stdout - name: Assert infiniband switch uri: url: http://{{ inventory_hostname }}/admin/launch?script=json method: POST body_format: json headers: Cookie: "{{ login.set_cookie.split(';')[0] }}" body: { "commands": [ "show version" ] } register: infinibandswitch_info when: - inventory_hostname not in infiniband_switches.stdout - not login.failed - name: Set ib_inventory_status set_fact: ib_inventory_status: true when: - inventory_hostname not in infiniband_switches.stdout - not login.failed - infinibandswitch_info.json.data['Product name'] == infiniband_search_key rescue: - name: Failed while adding device to ib_inventory debug: msg: "{{ ib_inventory_fail_msg }}" when: - not idrac_inventory_status - not ethernet_inventory_status - not ib_inventory_status - inventory_hostname not in idrac_hosts.stdout - name: Add the host to awx infiniband_inventory block: - name: Add the host to awx infiniband_inventory if not present command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts create --name {{ inventory_hostname }} --inventory infiniband_inventory changed_when: true no_log: true rescue: - name: Failed while adding device to ib_inventory debug: msg: "{{ ib_inventory_fail_msg }}" when: ib_inventory_status - name: powervault_me4_inventory validation tasks block: - name: Fetch the hosts in powervault me4 inventory command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts list --inventory powervault_me4_inventory -f human --filter "name" changed_when: false no_log: true register: me4_storage - name: Get auth string for powervault shell: echo -n {{ powervault_me4_username }}_{{ powervault_me4_password }} | sha256sum changed_when: false register: auth_string no_log: true when: inventory_hostname not in me4_storage.stdout - name: Get session key for powervault uri: url: https://{{ inventory_hostname }}/api/login/{{ auth_string.stdout | replace(" -", "") }} method: GET headers: {'datatype': 'json'} validate_certs: no register: session_key when: inventory_hostname not in me4_storage.stdout - name: Assert me4_powervault uri: url: https://{{ inventory_hostname }}/api/show/system method: GET body_format: json validate_certs: no use_proxy: no headers: {'sessionKey': "{{ session_key.json.status[0].response }}", 'datatype':'json'} register: system_info when: inventory_hostname not in me4_storage.stdout - name: Set powervault_me4_status set_fact: powervault_me4_status: true when: - inventory_hostname not in me4_storage.stdout - me4_powervault_search_key in system_info.json.system[0]['scsi-product-id'] rescue: - name: Failed while adding device to powervault_me4_inventory debug: msg: "{{ powervault_me4_fail_msg }}" when: - not idrac_inventory_status - not ethernet_inventory_status - not ib_inventory_status - not powervault_me4_status - inventory_hostname not in idrac_hosts.stdout - name: Add the host to awx powervault_me4_inventory block: - name: Add the host to awx powervault_me4_inventory if not present command: >- awx --conf.host {{ awx_host }} --conf.username {{ awx_username }} --conf.password {{ awx_password }} --conf.insecure hosts create --name {{ inventory_hostname }} --inventory powervault_me4_inventory changed_when: true no_log: true rescue: - name: Failed while adding device to powervault_me4_inventory debug: msg: "{{ powervault_me4_fail_msg }}" when: powervault_me4_status