diff --git a/create-database.yml b/create-database.yml index 2f77c8f..2620eef 100644 --- a/create-database.yml +++ b/create-database.yml @@ -28,8 +28,8 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -38,6 +38,7 @@ - ansible_version.major >= 2 - ansible_version.minor >= 10 msg: "The ansible version has to be at least ({{ ansible_version.full }})" + - set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -73,6 +74,7 @@ pre_tasks: - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml + - name: "Parsing cluster_services_str into cluster_services" set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -96,11 +98,11 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/create-realm.yml b/create-realm.yml index 23ca81a..9db81e5 100644 --- a/create-realm.yml +++ b/create-realm.yml @@ -23,8 +23,8 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -33,6 +33,7 @@ - ansible_version.major >= 2 - ansible_version.minor >= 10 msg: "The ansible version has to be at least ({{ ansible_version.full }})" + - set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -51,7 +52,6 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" gather_facts: false - become: false collections: - hetzner.hcloud @@ -60,6 +60,7 @@ pre_tasks: - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml + - name: "Parsing cluster_services_str into cluster_services" set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -74,11 +75,11 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/create-server.yml b/create-server.yml index e7c7ebc..e20485a 100644 --- a/create-server.yml +++ b/create-server.yml @@ -17,8 +17,8 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -106,6 +106,7 @@ ] state: 'absent' when: ansible_distribution == "Ubuntu" + - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml @@ -135,7 +136,7 @@ gather_facts: false run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/create-service.yml b/create-service.yml index e19feff..79e47d2 100644 --- a/create-service.yml +++ b/create-service.yml @@ -17,8 +17,8 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -27,6 +27,7 @@ - ansible_version.major >= 2 - ansible_version.minor >= 10 msg: "The ansible version has to be at least ({{ ansible_version.full }})" + - name: "Parsing cluster_services_str into cluster_services" set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -69,6 +70,7 @@ pre_tasks: - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml + - name: "Parsing cluster_services_str into cluster_services" set_fact: cluster_services: "{{ cluster_services_str | split(',') }}" @@ -86,11 +88,11 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/remove-realm.yml b/remove-realm.yml index 5c814d1..a87051c 100644 --- a/remove-realm.yml +++ b/remove-realm.yml @@ -23,11 +23,11 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - - name: "REMOVE REALM / Check if ansible version is at least 2.10.x" + - name: "Check if ansible version is at least 2.10.x" assert: that: - ansible_version.major >= 2 @@ -51,22 +51,23 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" gather_facts: false - become: false collections: - hetzner.hcloud - community.general pre_tasks: - - name: "REMOVE REALM / Import autodiscover pre-tasks" + - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml - - name: "REMOVE REALM / Parsing cluster_services_str into cluster_services" - set_fact: - cluster_services: "{{ cluster_services_str | split(',') }}" - - name: "REMOVE REALM / Delete client in realm <{{ current_realm_name }}>" + + tasks: + - name: "Delete client in realm <{{ current_realm_name }}>" include_role: name: keycloak tasks_from: _delete_client + vars: + realm_name: "{{ current_realm_name }}" + client_name: "{{ cluster_name }}" ############################################################# # Sending smardigo management message to process @@ -74,11 +75,11 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/remove-server.yml b/remove-server.yml index 0d5e7a1..a4fa38e 100644 --- a/remove-server.yml +++ b/remove-server.yml @@ -17,15 +17,13 @@ # Falls der Server gelöscht werden soll wird die variable in Playbook auf "absent" gesetzt # Der Task "_set_server_state" prüft den Status und fährt den Server runter oder hoch anhand dem Wert der variable "server_state" - - ############################################################# # Creating inventory dynamically for given parameters ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -53,32 +51,31 @@ serial: "{{ serial_number | default(5) }}" gather_facts: false - pre_tasks: + tasks: - name: "Delete server <{{ inventory_hostname }}>" include_role: name: hcloud tasks_from: _set_server_state vars: - server_state: "absent" - - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: name: _digitalocean tasks_from: _remove_dns vars: record_to_remove: '{{ inventory_hostname }}' - + ############################################################# # Sending smardigo management message to process ############################################################# - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/remove-service.yml b/remove-service.yml index a13fecc..a8983a1 100644 --- a/remove-service.yml +++ b/remove-service.yml @@ -17,8 +17,8 @@ ############################################################# - hosts: localhost - connection: local gather_facts: false + connection: local pre_tasks: - name: "Check if ansible version is at least 2.10.x" @@ -42,7 +42,6 @@ changed_when: False with_items: "{{ cluster_services }}" when: item in ['connect'] - - name: Add hosts add_host: name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-01" @@ -60,11 +59,13 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - remote_user: root + gather_facts: false pre_tasks: - name: "Import autodiscover pre-tasks" include_tasks: tasks/autodiscover_pre_tasks.yml + + tasks: - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: name: _digitalocean @@ -78,11 +79,11 @@ - hosts: "stage_{{ stage }}" serial: "{{ serial_number | default(1) }}" - connection: local gather_facts: false + connection: local run_once: true - post_tasks: + tasks: - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" uri: url: "{{ smardigo_management_url }}" diff --git a/roles/_digitalocean/tasks/_remove_dns.yml b/roles/_digitalocean/tasks/_remove_dns.yml index 2b80c42..6b7b324 100644 --- a/roles/_digitalocean/tasks/_remove_dns.yml +++ b/roles/_digitalocean/tasks/_remove_dns.yml @@ -10,16 +10,12 @@ register: domain_records_response delegate_to: 127.0.0.1 become: false - tags: - - update_dns - name: "Save DNS entry as variable (fact)" set_fact: domain_records_response_json: "{{ domain_records_response.json }}" delegate_to: 127.0.0.1 become: false - tags: - - update_dns - name: "Parse DNS entry for <{{ record_to_remove }}.{{ domain }}>" set_fact: @@ -28,16 +24,12 @@ jmesquery: '[*].{id: id, name: name, ip: data}' delegate_to: 127.0.0.1 become: false - tags: - - update_dns -- name: Print DNS entry for <{{ record_to_remove }}.{{ domain }}> +- name: "Print DNS entry for <{{ record_to_remove }}.{{ domain }}>" debug: msg: "{{ domain_record }}" delegate_to: 127.0.0.1 become: false - tags: - - update_dns - name: "Delete DNS entry <{{ record_to_remove }}> for <{{ domain }}>" uri: @@ -52,5 +44,3 @@ and record_to_remove != domain_record.ip delegate_to: 127.0.0.1 become: false - tags: - - update_dns diff --git a/roles/keycloak/tasks/_delete_client.yml b/roles/keycloak/tasks/_delete_client.yml index cb38ce6..697fd9e 100644 --- a/roles/keycloak/tasks/_delete_client.yml +++ b/roles/keycloak/tasks/_delete_client.yml @@ -1,5 +1,11 @@ --- -- name: "KEYCLOAK: DELETE clients | Authenticate with Keycloak server" + +# Parameters: +# playbook inventory +# realm_name := name of the realm to delete the client from +# client_name := client name to delete + +- name: "Authenticate with Keycloak server" uri: url: "{{ keycloak_server_url }}/auth/realms/master/protocol/openid-connect/token" method: POST @@ -11,9 +17,9 @@ delegate_to: 127.0.0.1 become: false -- name: "KEYCLOAK: DELETE clients | Read clients from realm {{ current_realm_name }}" +- name: "Read clients from realm {{ realm_name }}" uri: - url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/clients" + url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients" method: GET headers: Authorization: "Bearer {{ keycloak_authentication.json.access_token }}" @@ -22,35 +28,38 @@ delegate_to: 127.0.0.1 become: false -- name: "KEYCLOAK: DELETE clients | Save clients from realm as variable (fact)" +- name: "Save clients from realm as variable (fact)" set_fact: realm_clients_json: "{{ realm_clients.json }}" delegate_to: 127.0.0.1 become: false -- name: "KEYCLOAK: DELETE clients | Save client ids from realm <{{ current_realm_name }}>" +- name: "Saving client <{{ client_name }}> from realm <{{ realm_name }}>" set_fact: - realm_client_ids: "{{ realm_clients_json | json_query(jmesquery) }}" + realm_client_id: "{{ realm_clients_json | json_query(jmesquery) | first | default('-') }}" vars: - jmesquery: '[*].{id: id, clientId: clientId}' + jmesquery: '[?clientId==`{{ client_name }}`].id' delegate_to: 127.0.0.1 become: false -- set_fact: - realm_client_id: '{{ realm_client_ids | selectattr("clientId", "equalto", cluster_name) }}' +- name: "Printing client <{{ client_name }}> from realm <{{ realm_name }}>" + debug: + msg: "{{ realm_client_id }}" delegate_to: 127.0.0.1 + become: false + when: + - debug -- assert: - that: 'realm_client_id | length == 1 ' - -- name: "KEYCLOAK: DELETE client <{{ client_id }}> for realm <{{ current_realm_name }}>" +- name: "Deleting client <{{ client_name }}> for realm <{{ realm_name }}>" uri: - url: "{{ keycloak_server_url }}/auth/admin/realms/{{ current_realm_name }}/clients/{{ realm_client_id[0].id }}" + url: "{{ keycloak_server_url }}/auth/admin/realms/{{ realm_name }}/clients/{{ realm_client_id }}" method: DELETE body_format: json headers: Authorization: "Bearer {{ keycloak_authentication.json.access_token }} " status_code: [204] + when: + realm_client_id != '-' changed_when: True delegate_to: 127.0.0.1 become: false diff --git a/send-message.yml b/send-message.yml deleted file mode 100644 index 9625fcf..0000000 --- a/send-message.yml +++ /dev/null @@ -1,64 +0,0 @@ ---- - -# Parameters: -# playbook inventory -# stage := the type of the stage (e.g. dev, int, qa, prod) -# tenant_id := (unique key for the tenant, e.g. customer) -# cluster_name := (business name for the cluster, e.g. product, department ) -# cluster_size := (WIP node count for the cluster) -# cluster_services := (services to setup, e.g. ['connect', 'wordpress', ...]) -# smardigo message callback -# scope_id := (scope id of the management process) -# process_instance_id := (process instance id of the management process) -# smardigo_management_action := (smardigo management action anme of the management process) - -############################################################# -# Creating inventory dynamically for given parameters -############################################################# - -- hosts: localhost - connection: local - gather_facts: false - - pre_tasks: - - name: "Check if ansible version is at least 2.10.x" - assert: - that: - - ansible_version.major >= 2 - - ansible_version.minor >= 10 - msg: "The ansible version has to be at least ({{ ansible_version.full }})" - - tasks: - - name: Add hosts - add_host: - name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-{{ '%02d' | format(item|int) }}" - groups: - - "stage_{{ stage }}" - - "{{ cluster_service }}" - with_sequence: start=1 end={{ cluster_count | default(1) }} - changed_when: False - -############################################################# -# Sending smardigo management message to process -############################################################# - -- hosts: "stage_{{ stage }}" - serial: "{{ serial_number | default(5) }}" - connection: local - gather_facts: false - - post_tasks: - - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>" - uri: - url: "{{ smardigo_management_url }}" - method: POST - body_format: json - body: "{{ lookup('template','smardigo-process-approved-message.json.j2') }}" - headers: - accept: "*/*" - Content-Type: "application/json" - Smardigo-User-Token: "{{ smardigo_management_token }}" - status_code: [200] - retries: 5 - delay: 5 - delegate_to: 127.0.0.1