# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- - block: - name: Get awx-service Cluster-IP command: "kubectl get svc awx-service -n {{ awx_namespace }} -o jsonpath='{.spec.clusterIP}'" register: awx_cluster_ip changed_when: false - name: Get AWX admin password shell: "kubectl get secret awx-admin-password -n {{ awx_namespace }} -o jsonpath='{.data.password}' | base64 --decode" register: awx_admin_password changed_when: false - name: Set IP and password set_fact: awx_ip: 'http://{{ awx_cluster_ip.stdout }}' admin_password: "{{ awx_admin_password.stdout }}" no_log: true - name: Check if {{ tower_config_file_path }} file is encrypted command: cat {{ tower_config_file_path }} changed_when: false no_log: true register: config_content run_once: true - name: Decrpyt {{ tower_config_file_path }} command: >- ansible-vault decrypt {{ tower_config_file_path }} --vault-password-file {{ tower_vault_file_path }} when: "'$ANSIBLE_VAULT;' in config_content.stdout" no_log: true changed_when: false run_once: true - name: Change tower_config file permissions file: path: "{{ tower_config_file_path }}" mode: "{{ file_perm }}" - name: Create an inventory tower_inventory: name: "{{ inventory_name }}" organization: "{{ organization_name }}" tower_config_file: "{{ tower_config_file_path }}" state: present - name: Create a host with inventory_hostname tower_host: name: "{{ inventory_hostname }}" inventory: "{{ inventory_name }}" state: present tower_config_file: "{{ tower_config_file_path }}" when: inventory_hostname is defined - name: Create a job template awx.awx.tower_job_template: name: "{{ job_template_name }}" job_type: "run" organization: "{{ organization_name }}" inventory: "{{ inventory_name }}" project: "{{ project_name }}" playbook: "{{ playbook_path }}" credentials: - "{{ item.credential }}" state: present tower_config_file: "{{ tower_config_file_path }}" loop: "{{ job_template_details }}" when: item.name == template_name - name: Change file permissions file: path: "../input_params/login_vars.yml" owner: root mode: "{{ file_perm }}" - name: Launch a job awx.awx.tower_job_launch: job_template: "{{ job_template_name }}" wait: yes tower_config_file: "{{ tower_config_file_path }}" failed_when: false register: job_status - name: Delete host created with inventory_hostname tower_host: name: "{{ inventory_hostname }}" inventory: "{{ inventory_name }}" state: absent tower_config_file: "{{ tower_config_file_path }}" when: inventory_hostname is defined - name: Delete an inventory tower_inventory: name: "{{ inventory_name }}" organization: "{{ organization_name }}" state: absent tower_config_file: "{{ tower_config_file_path }}" when: delete_status - name: Delete a job template awx.awx.tower_job_template: name: "{{ job_template_name }}" state: absent tower_config_file: "{{ tower_config_file_path }}" when: delete_status - name: Encrypt {{ tower_config_file_path }} command: >- ansible-vault encrypt {{ tower_config_file_path }} --vault-password-file {{ tower_vault_file_path }} changed_when: false - name: Change file permissions file: path: "{{ tower_config_file_path }}" owner: root mode: "{{ file_perm }}" rescue: - debug: msg: "{{ failed_msg }}"