From 4fd8464af1702e4647cbfce5648e1da87d7e5902 Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 13:29:21 +0100 Subject: [PATCH 1/5] Add request_timeout option to all modules and roles --- changelogs/fragments/request_timeout.yml | 7 +++ plugins/doc_fragments/auth.py | 5 ++ plugins/doc_fragments/auth_plugin.py | 7 +++ plugins/doc_fragments/auth_ui.py | 5 ++ plugins/module_utils/ah_api_module.py | 13 ++++- plugins/module_utils/ah_module.py | 12 +++- roles/collection/README.md | 11 ++++ roles/collection/meta/argument_specs.yml | 5 ++ roles/collection/tasks/main.yml | 1 + roles/dispatch/meta/argument_specs.yml | 5 ++ roles/ee_image/README.md | 3 +- roles/ee_image/meta/argument_specs.yml | 5 ++ roles/ee_image/tasks/main.yml | 1 + roles/ee_namespace/README.md | 3 +- roles/ee_namespace/meta/argument_specs.yml | 5 ++ roles/ee_namespace/tasks/main.yml | 1 + roles/ee_registry/README.md | 3 +- roles/ee_registry/meta/argument_specs.yml | 5 ++ roles/ee_registry/tasks/main.yml | 1 + roles/ee_registry_index/README.md | 3 +- .../ee_registry_index/meta/argument_specs.yml | 5 ++ roles/ee_registry_index/tasks/main.yml | 1 + roles/ee_registry_sync/README.md | 3 +- .../ee_registry_sync/meta/argument_specs.yml | 5 ++ roles/ee_registry_sync/tasks/main.yml | 1 + roles/ee_repository/README.md | 3 +- roles/ee_repository/meta/argument_specs.yml | 5 ++ roles/ee_repository/tasks/main.yml | 1 + roles/ee_repository_sync/README.md | 3 +- .../meta/argument_specs.yml | 5 ++ roles/ee_repository_sync/tasks/main.yml | 1 + roles/group/README.md | 3 +- roles/group/meta/argument_specs.yml | 5 ++ roles/group/tasks/main.yml | 1 + roles/namespace/README.md | 3 +- roles/namespace/meta/argument_specs.yml | 5 ++ roles/namespace/tasks/main.yml | 1 + roles/publish/README.md | 12 ++-- roles/publish/meta/argument_specs.yml | 5 ++ roles/publish/tasks/main.yml | 20 ++++--- roles/repository/README.md | 58 ++++++++++++------- roles/repository/meta/argument_specs.yml | 5 ++ roles/repository/tasks/main.yml | 55 +++++++++--------- roles/repository_sync/README.md | 22 +++++-- roles/repository_sync/meta/argument_specs.yml | 5 ++ roles/repository_sync/tasks/main.yml | 21 +++---- roles/role/README.md | 5 +- roles/role/meta/argument_specs.yml | 5 ++ roles/role/tasks/main.yml | 1 + roles/user/README.md | 3 +- roles/user/meta/argument_specs.yml | 5 ++ roles/user/tasks/main.yml | 1 + .../testing_collections_playbook.yml | 13 +++++ 53 files changed, 296 insertions(+), 92 deletions(-) create mode 100644 changelogs/fragments/request_timeout.yml diff --git a/changelogs/fragments/request_timeout.yml b/changelogs/fragments/request_timeout.yml new file mode 100644 index 00000000..f83f9f2a --- /dev/null +++ b/changelogs/fragments/request_timeout.yml @@ -0,0 +1,7 @@ +--- +minor_changes: + - Added request_timeout option for plugins and roles in the collection + +bugfixes: + - Fixed role readme errors and standardised variable section of role readmes +... diff --git a/plugins/doc_fragments/auth.py b/plugins/doc_fragments/auth.py index 221ee351..bf871798 100644 --- a/plugins/doc_fragments/auth.py +++ b/plugins/doc_fragments/auth.py @@ -46,6 +46,11 @@ class ModuleDocFragment(object): - If value not set, will try environment variable C(AH_VERIFY_SSL) type: bool aliases: [ ah_verify_ssl ] + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10s, but this is handled by the shared module_utils code + type: float ah_path_prefix: description: - API path used to access the api. diff --git a/plugins/doc_fragments/auth_plugin.py b/plugins/doc_fragments/auth_plugin.py index 6ec0754e..29210d67 100644 --- a/plugins/doc_fragments/auth_plugin.py +++ b/plugins/doc_fragments/auth_plugin.py @@ -30,6 +30,13 @@ class ModuleDocFragment(object): - API path used to access the api. - For galaxy_ng this is either 'automation-hub' or the custom prefix used on install with GALAXY_API_PATH_PREFIX - For Automation Hub this is 'galaxy' + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10 seconds + type: float + env: + - name: AH_REQUEST_TIMEOUT verify_ssl: description: - Specify whether Ansible should verify the SSL certificate of the AH host. diff --git a/plugins/doc_fragments/auth_ui.py b/plugins/doc_fragments/auth_ui.py index 2959f2be..0f3cb3a1 100644 --- a/plugins/doc_fragments/auth_ui.py +++ b/plugins/doc_fragments/auth_ui.py @@ -38,6 +38,11 @@ class ModuleDocFragment(object): - If value not set, will try environment variable C(AH_VERIFY_SSL) type: bool aliases: [ ah_verify_ssl ] + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10s, but this is handled by the shared module_utils code + type: float ah_path_prefix: description: - API path used to access the api. diff --git a/plugins/module_utils/ah_api_module.py b/plugins/module_utils/ah_api_module.py index 65e2733e..1f8c8ca3 100644 --- a/plugins/module_utils/ah_api_module.py +++ b/plugins/module_utils/ah_api_module.py @@ -63,12 +63,18 @@ class AHAPIModule(AnsibleModule): required=False, fallback=(env_fallback, ["AH_VERIFY_SSL"]), ), + request_timeout=dict( + type="float", + required=False, + fallback=(env_fallback, ["AH_REQUEST_TIMEOUT"]) + ), ) short_params = { "host": "ah_host", "username": "ah_username", "password": "ah_password", "verify_ssl": "validate_certs", + "request_timeout": "request_timeout", "path_prefix": "ah_path_prefix", } @@ -76,6 +82,7 @@ class AHAPIModule(AnsibleModule): username = None password = None verify_ssl = True + request_timeout = 10 path_prefix = "galaxy" authenticated = False @@ -117,7 +124,7 @@ def __init__(self, argument_spec, direct_params=None, **kwargs): "Content-Type": "application/json", "Accept": "application/json", } - self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, follow_redirects=True) + self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, follow_redirects=True, timeout=self.request_timeout) # Define the API paths self.galaxy_path_prefix = "/api/{prefix}".format(prefix=self.path_prefix.strip("/")) @@ -215,7 +222,7 @@ def make_request_raw_reponse(self, method, url, **kwargs): response = {} try: - response = self.session.open(method, url.geturl(), headers=headers, data=data) + response = self.session.open(method, url.geturl(), headers=headers, data=data, timeout=self.request_timeout) except SSLValidationError as ssl_err: raise AHAPIModuleError("Could not establish a secure connection to {host}: {error}.".format(host=url.netloc, error=ssl_err)) except ConnectionError as con_err: @@ -460,7 +467,7 @@ def logout(self): "Content-Type": "application/json", "Accept": "application/json", } - self.session = Request(validate_certs=self.verify_ssl, headers=self.headers) + self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, timeout=self.request_timeout) self.authenticated = False def fail_json(self, **kwargs): diff --git a/plugins/module_utils/ah_module.py b/plugins/module_utils/ah_module.py index bff23988..3da93d35 100644 --- a/plugins/module_utils/ah_module.py +++ b/plugins/module_utils/ah_module.py @@ -58,6 +58,11 @@ class AHModule(AnsibleModule): required=False, fallback=(env_fallback, ["AH_API_TOKEN"]), ), + request_timeout=dict( + type="float", + required=False, + fallback=(env_fallback, ["AH_REQUEST_TIMEOUT"]) + ), ) ENCRYPTED_STRING = "$encrypted$" short_params = { @@ -66,6 +71,7 @@ class AHModule(AnsibleModule): "password": "ah_password", "verify_ssl": "validate_certs", "path_prefix": "ah_path_prefix", + "request_timeout": "request_timeout", "oauth_token": "ah_token", } IDENTITY_FIELDS = {} @@ -75,6 +81,7 @@ class AHModule(AnsibleModule): username = None password = None verify_ssl = True + request_timeout = 10 oauth_token = None basic_auth = False authenticated = False @@ -97,7 +104,7 @@ def __init__(self, argument_spec=None, direct_params=None, error_callback=None, self.params = direct_params # else: super(AHModule, self).__init__(argument_spec=full_argspec, **kwargs) - self.session = Request(cookies=CookieJar(), validate_certs=self.verify_ssl) + self.session = Request(cookies=CookieJar(), validate_certs=self.verify_ssl, timeout=self.request_timeout) # Parameters specified on command line will override settings in any config for short_param, long_param in self.short_params.items(): @@ -219,6 +226,7 @@ def make_request(self, method, endpoint, *args, **kwargs): url.geturl(), headers=headers, validate_certs=self.verify_ssl, + timeout=self.request_timeout, follow_redirects=True, data=data, ) @@ -373,6 +381,7 @@ def authenticate(self, **kwargs): "POST", api_token_url, validate_certs=self.verify_ssl, + timeout=self.request_timeout, follow_redirects=True, force_basic_auth=True, url_username=self.username, @@ -387,6 +396,7 @@ def authenticate(self, **kwargs): "GET", test_url, validate_certs=self.verify_ssl, + timeout=self.request_timeout, headers={ "Content-Type": "application/json", "Authorization": "Basic {0}".format(basic_str.decode("ascii")), diff --git a/roles/collection/README.md b/roles/collection/README.md index f91db3f2..7f0b7887 100644 --- a/roles/collection/README.md +++ b/roles/collection/README.md @@ -6,6 +6,17 @@ An Ansible Role to update, or destroy Automation Hub Collections. ## Variables +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_collections`|`null`|`no`|`see below`|yes|Data structure describing your collections, described below.|| + These are the sub options for the vars `ah_collections` which are dictionaries with the options you want. See examples for details. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| diff --git a/roles/collection/meta/argument_specs.yml b/roles/collection/meta/argument_specs.yml index ec650988..5af37bc2 100644 --- a/roles/collection/meta/argument_specs.yml +++ b/roles/collection/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/collection/tasks/main.yml b/roles/collection/tasks/main.yml index b5474792..bd670e80 100644 --- a/roles/collection/tasks/main.yml +++ b/roles/collection/tasks/main.yml @@ -18,6 +18,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collections }}" loop_control: loop_var: "__collection" diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index bf6453dd..8e5a5535 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -62,6 +62,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_image/README.md b/roles/ee_image/README.md index 442560e7..52b00ddc 100644 --- a/roles/ee_image/README.md +++ b/roles/ee_image/README.md @@ -12,9 +12,10 @@ An Ansible Role to create execution environment images in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_images`|`see below`|yes|Data structure describing your execution environment images, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_images`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables diff --git a/roles/ee_image/meta/argument_specs.yml b/roles/ee_image/meta/argument_specs.yml index f4432729..51b44b2c 100644 --- a/roles/ee_image/meta/argument_specs.yml +++ b/roles/ee_image/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_image/tasks/main.yml b/roles/ee_image/tasks/main.yml index 8280a7be..735c9656 100644 --- a/roles/ee_image/tasks/main.yml +++ b/roles/ee_image/tasks/main.yml @@ -13,6 +13,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_images }}" loop_control: loop_var: "__ee_image_item" diff --git a/roles/ee_namespace/README.md b/roles/ee_namespace/README.md index f8454c11..dae6ab47 100644 --- a/roles/ee_namespace/README.md +++ b/roles/ee_namespace/README.md @@ -13,9 +13,10 @@ This was depreciated with AAP 2.4 and Galaxy NG 4.6.3+, and removed from the API |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_namespaces`|`see below`|yes|Data structure describing your ee_namespaces, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_namespaces`|`see below`|yes|Data structure describing your ee_namespaces, described below.|| ### Secure Logging Variables diff --git a/roles/ee_namespace/meta/argument_specs.yml b/roles/ee_namespace/meta/argument_specs.yml index d550abfb..6324b1d9 100644 --- a/roles/ee_namespace/meta/argument_specs.yml +++ b/roles/ee_namespace/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_namespace/tasks/main.yml b/roles/ee_namespace/tasks/main.yml index 6bc0e73c..11a3fb4b 100644 --- a/roles/ee_namespace/tasks/main.yml +++ b/roles/ee_namespace/tasks/main.yml @@ -13,6 +13,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_namespaces }}" loop_control: loop_var: "__ee_namespace_item" diff --git a/roles/ee_registry/README.md b/roles/ee_registry/README.md index 9cfc8a50..27894d35 100644 --- a/roles/ee_registry/README.md +++ b/roles/ee_registry/README.md @@ -12,12 +12,13 @@ An Ansible Role to create EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`proxy_url`|""|no|str|The URL for the proxy. Defaults to global `proxy_url` variable.| |`proxy_username`|""|no|str|The username for the proxy authentication. Defaults to global `proxy_username` variable.| |`proxy_password`|""|no|str|The password for the proxy authentication. Defaults to global `proxy_password` variable.| |`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below.|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| ### Secure Logging Variables diff --git a/roles/ee_registry/meta/argument_specs.yml b/roles/ee_registry/meta/argument_specs.yml index eb2866c8..22642d5e 100644 --- a/roles/ee_registry/meta/argument_specs.yml +++ b/roles/ee_registry/meta/argument_specs.yml @@ -69,6 +69,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry/tasks/main.yml b/roles/ee_registry/tasks/main.yml index 90469dc3..e36c7469 100644 --- a/roles/ee_registry/tasks/main.yml +++ b/roles/ee_registry/tasks/main.yml @@ -16,6 +16,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" proxy_url: "{{ __ee_registry_item.proxy_url | default(proxy_url | default(omit)) }}" proxy_username: "{{ __ee_registry_item.proxy_username | default(proxy_username | default(omit)) }}" proxy_password: "{{ __ee_registry_item.proxy_password | default(proxy_password | default(omit)) }}" diff --git a/roles/ee_registry_index/README.md b/roles/ee_registry_index/README.md index 5f6875ea..29308dba 100644 --- a/roles/ee_registry_index/README.md +++ b/roles/ee_registry_index/README.md @@ -12,9 +12,10 @@ An Ansible Role to index EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined). Note that this role will only do anything if the `index` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined). Note that this role will only do anything if the `index` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_registry_index/meta/argument_specs.yml b/roles/ee_registry_index/meta/argument_specs.yml index 7c2a37e0..dd10df70 100644 --- a/roles/ee_registry_index/meta/argument_specs.yml +++ b/roles/ee_registry_index/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry_index/tasks/main.yml b/roles/ee_registry_index/tasks/main.yml index 6c4e0bdd..f24950c7 100644 --- a/roles/ee_registry_index/tasks/main.yml +++ b/roles/ee_registry_index/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" diff --git a/roles/ee_registry_sync/README.md b/roles/ee_registry_sync/README.md index bf25985e..8087fca5 100644 --- a/roles/ee_registry_sync/README.md +++ b/roles/ee_registry_sync/README.md @@ -12,9 +12,10 @@ An Ansible Role to sync EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_registry_sync/meta/argument_specs.yml b/roles/ee_registry_sync/meta/argument_specs.yml index 66bcc659..e6bba918 100644 --- a/roles/ee_registry_sync/meta/argument_specs.yml +++ b/roles/ee_registry_sync/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry_sync/tasks/main.yml b/roles/ee_registry_sync/tasks/main.yml index bf39c525..66370e33 100644 --- a/roles/ee_registry_sync/tasks/main.yml +++ b/roles/ee_registry_sync/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" diff --git a/roles/ee_repository/README.md b/roles/ee_repository/README.md index 60f84b8c..1172a4b9 100644 --- a/roles/ee_repository/README.md +++ b/roles/ee_repository/README.md @@ -12,9 +12,10 @@ An Ansible Role to create Repositories in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below.|| ### Secure Logging Variables diff --git a/roles/ee_repository/meta/argument_specs.yml b/roles/ee_repository/meta/argument_specs.yml index 963d4f7f..5c480cea 100644 --- a/roles/ee_repository/meta/argument_specs.yml +++ b/roles/ee_repository/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_repository/tasks/main.yml b/roles/ee_repository/tasks/main.yml index 13e2889d..3ce7ac24 100644 --- a/roles/ee_repository/tasks/main.yml +++ b/roles/ee_repository/tasks/main.yml @@ -17,6 +17,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" diff --git a/roles/ee_repository_sync/README.md b/roles/ee_repository_sync/README.md index 40e86f2a..35404dea 100644 --- a/roles/ee_repository_sync/README.md +++ b/roles/ee_repository_sync/README.md @@ -12,9 +12,10 @@ An Ansible Role to sync EE Repositories in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below. (Note this is the same as for the `ee_repository` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below. (Note this is the same as for the `ee_repository` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_repository_sync/meta/argument_specs.yml b/roles/ee_repository_sync/meta/argument_specs.yml index 5b942cbd..e2f9d4d4 100644 --- a/roles/ee_repository_sync/meta/argument_specs.yml +++ b/roles/ee_repository_sync/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_repository_sync/tasks/main.yml b/roles/ee_repository_sync/tasks/main.yml index e85ae3ed..91da5de7 100644 --- a/roles/ee_repository_sync/tasks/main.yml +++ b/roles/ee_repository_sync/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" diff --git a/roles/group/README.md b/roles/group/README.md index 53b06349..d7a79dca 100644 --- a/roles/group/README.md +++ b/roles/group/README.md @@ -12,9 +12,10 @@ An Ansible Role to create groups in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_groups`|`see below`|yes|Data structure describing your groups, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_groups`|`see below`|yes|Data structure describing your groups, described below.|| ### Secure Logging Variables diff --git a/roles/group/meta/argument_specs.yml b/roles/group/meta/argument_specs.yml index 5c72dc48..e07c71ba 100644 --- a/roles/group/meta/argument_specs.yml +++ b/roles/group/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/group/tasks/main.yml b/roles/group/tasks/main.yml index 801c4c4c..74f38de0 100644 --- a/roles/group/tasks/main.yml +++ b/roles/group/tasks/main.yml @@ -12,6 +12,7 @@ # ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_groups }}" loop_control: loop_var: "__group" diff --git a/roles/namespace/README.md b/roles/namespace/README.md index 29f55e2f..acde05cd 100644 --- a/roles/namespace/README.md +++ b/roles/namespace/README.md @@ -13,9 +13,10 @@ An Ansible Role to create Namespaces in Automation Hub. |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_namespaces`|`see below`|yes|Data structure describing your namespaces, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_namespaces`|`see below`|yes|Data structure describing your namespaces, described below.|| ### Secure Logging Variables diff --git a/roles/namespace/meta/argument_specs.yml b/roles/namespace/meta/argument_specs.yml index 38150b65..646de796 100644 --- a/roles/namespace/meta/argument_specs.yml +++ b/roles/namespace/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/namespace/tasks/main.yml b/roles/namespace/tasks/main.yml index c9f25c2c..f9c1d2b2 100644 --- a/roles/namespace/tasks/main.yml +++ b/roles/namespace/tasks/main.yml @@ -19,6 +19,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_namespaces }}" loop_control: loop_var: "__namespace_item" diff --git a/roles/publish/README.md b/roles/publish/README.md index d23b5434..29d93864 100644 --- a/roles/publish/README.md +++ b/roles/publish/README.md @@ -9,14 +9,18 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Tower Server's SSL certificate.|| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|no|Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`ah_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| -|`ah_collection_list`|`list`|no|Data structure file paths to pre built collections, mutually exclusive with ah_collections.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_configuration_working_dir`|`/var/tmp`|no|The working directory where the built artifacts live, or where the artifacts will be built.|| |`ah_auto_approve`|`False`|no|Whether the collection will be automatically approved in Automation Hub. This will only work if the account being used has correct privileges.|| |`ah_overwrite_existing`|`False`|no|Whether the collection will be automatically overwrite an existing collection in Automation Hub. This will only work if the account being used has correct privileges.|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| +|`ah_collection_list`|`list`|no|Data structure file paths to pre built collections, mutually exclusive with ah_collections.|| ### Secure Logging Variables diff --git a/roles/publish/meta/argument_specs.yml b/roles/publish/meta/argument_specs.yml index 1875c6fb..8e433796 100644 --- a/roles/publish/meta/argument_specs.yml +++ b/roles/publish/meta/argument_specs.yml @@ -78,6 +78,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/publish/tasks/main.yml b/roles/publish/tasks/main.yml index d7c7f5e5..a0356656 100644 --- a/roles/publish/tasks/main.yml +++ b/roles/publish/tasks/main.yml @@ -82,6 +82,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" @@ -110,15 +111,16 @@ - name: Approve Collections ah_approval: - namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" - name: "{{ (__ah_collection_file | basename).split('-')[1] }}" - version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" + namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" + name: "{{ (__ah_collection_file | basename).split('-')[1] }}" + version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" diff --git a/roles/repository/README.md b/roles/repository/README.md index 00f2df95..7a76857a 100644 --- a/roles/repository/README.md +++ b/roles/repository/README.md @@ -8,29 +8,15 @@ An Ansible Role to create Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified|| -|`url`|`https://cloud.redhat.com/api/automation-hub/`|no|(`ah_repository_certified`)Remote URL for the repository.|`https://console.redhat.com/api/automation-hub/content/`| -|`url`|`https://galaxy.ansible.com/api/`|no|(`ah_repository_community`)Remote URL for the repository.|| -|`auth_url`|`https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`|no|(`ah_repository_certified`)Remote URL for the repository authentication if separate.|| -|`token`|""|no|Token to authenticate to the remote repository.|| -|`username`|""|no|Username to authenticate to the remote repository.|| -|`password`|""|no|Password to authenticate to the remote repository.|| -|`requirements`|""|no|(`ah_repository_community`)Requirements to download from remote.|| -|`requirements_file`|""|no|(`ah_repository_community`)A yaml requirements file to download from remote.|| -|`proxy_url`|""|no|The URL for the proxy. Defaults to global `proxy_url` variable.|| -|`proxy_username`|""|no|The username for the proxy authentication. Defaults to global `proxy_username` variable.|| -|`proxy_password`|""|no|The password for the proxy authentication. Defaults to global `proxy_password` variable.|| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`download_concurrency`|"10"|no| Number of concurrent collections to download.|| -|`rate_limit`|"8"|no|Limits total download rate in requests per second|| -|`signed_only`|"False"|no|Only download signed collections|True| -|`tls_validation`|"True"|no|Whether to use TLS validation against the remote repository|False| -|`client_key`|""|no|A PEM encoded private key file used for authentication|| -|`client_cert`|""|no|A PEM encoded client certificate used for authentication|| -|`ca_cert`|""|no|A PEM encoded CA certificate used for authentication|| -|`client_key_path`|""|no|Path to a PEM encoded private key file used for authentication|| -|`client_cert_path`|""|no|Path to a PEM encoded client certificate used for authentication|| -|`ca_cert_path`|""|no|Path to a PEM encoded CA certificate used for authentication|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_repositories`|`see below`|yes|Data structure describing your namespaces, described below.|| The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -63,6 +49,34 @@ This also speeds up the overall role. ## Data Structure +### Repository Variables + +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified|| +|`url`|`https://cloud.redhat.com/api/automation-hub/`|no|(`ah_repository_certified`)Remote URL for the repository.|`https://console.redhat.com/api/automation-hub/content/`| +|`url`|`https://galaxy.ansible.com/api/`|no|(`ah_repository_community`)Remote URL for the repository.|| +|`auth_url`|`https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`|no|(`ah_repository_certified`)Remote URL for the repository authentication if separate.|| +|`token`|""|no|Token to authenticate to the remote repository.|| +|`username`|""|no|Username to authenticate to the remote repository.|| +|`password`|""|no|Password to authenticate to the remote repository.|| +|`requirements`|""|no|(`ah_repository_community`)Requirements to download from remote.|| +|`requirements_file`|""|no|(`ah_repository_community`)A yaml requirements file to download from remote.|| +|`proxy_url`|""|no|The URL for the proxy. Defaults to global `proxy_url` variable.|| +|`proxy_username`|""|no|The username for the proxy authentication. Defaults to global `proxy_username` variable.|| +|`proxy_password`|""|no|The password for the proxy authentication. Defaults to global `proxy_password` variable.|| +|`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| +|`download_concurrency`|"10"|no| Number of concurrent collections to download.|| +|`rate_limit`|"8"|no|Limits total download rate in requests per second|| +|`signed_only`|"False"|no|Only download signed collections|True| +|`tls_validation`|"True"|no|Whether to use TLS validation against the remote repository|False| +|`client_key`|""|no|A PEM encoded private key file used for authentication|| +|`client_cert`|""|no|A PEM encoded client certificate used for authentication|| +|`ca_cert`|""|no|A PEM encoded CA certificate used for authentication|| +|`client_key_path`|""|no|Path to a PEM encoded private key file used for authentication|| +|`client_cert_path`|""|no|Path to a PEM encoded client certificate used for authentication|| +|`ca_cert_path`|""|no|Path to a PEM encoded CA certificate used for authentication|| + ### Standard Project Data Structure #### Yaml Example diff --git a/roles/repository/meta/argument_specs.yml b/roles/repository/meta/argument_specs.yml index 7bd086c7..8286dc50 100644 --- a/roles/repository/meta/argument_specs.yml +++ b/roles/repository/meta/argument_specs.yml @@ -55,6 +55,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/repository/tasks/main.yml b/roles/repository/tasks/main.yml index 09133646..5b35640a 100644 --- a/roles/repository/tasks/main.yml +++ b/roles/repository/tasks/main.yml @@ -2,33 +2,34 @@ # Create AH repository - name: Add Automation Hub repository ah_repository: - name: "{{ __repository_item['name'] }}" - url: "{{ __repository_item['url'] }}" - auth_url: "{{ __repository_item['auth_url'] | default(omit) }}" - token: "{{ __repository_item['token'] | default(omit) }}" - username: "{{ __repository_item['username'] | default(omit) }}" - password: "{{ __repository_item['password'] | default(omit) }}" - requirements: "{{ __repository_item['requirements'] | default(omit) }}" - requirements_file: "{{ __repository_item['requirements_file'] | default(omit) }}" - download_concurrency: "{{ __repository_item['download_concurrency'] | default(10) }}" - rate_limit: "{{ __repository_item['rate_limit'] | default(8) }}" - signed_only: "{{ __repository_item['signed_only'] | default(omit) }}" - tls_validation: "{{ __repository_item['tls_validation'] | default(true) }}" - client_key: "{{ __repository_item['client_key'] | default(omit) }}" - client_cert: "{{ __repository_item['client_cert'] | default(omit) }}" - ca_cert: "{{ __repository_item['ca_cert'] | default(omit) }}" - client_key_path: "{{ __repository_item['client_key_path'] | default(omit) }}" - client_cert_path: "{{ __repository_item['client_cert_path'] | default(omit) }}" - ca_cert_path: "{{ __repository_item['ca_cert_path'] | default(omit) }}" - proxy_url: "{{ __repository_item.proxy_url | default(proxy_url | default(omit)) }}" - proxy_username: "{{ __repository_item.proxy_username | default(proxy_username | default(omit)) }}" - proxy_password: "{{ __repository_item.proxy_password | default(proxy_password | default(omit)) }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" + name: "{{ __repository_item['name'] }}" + url: "{{ __repository_item['url'] }}" + auth_url: "{{ __repository_item['auth_url'] | default(omit) }}" + token: "{{ __repository_item['token'] | default(omit) }}" + username: "{{ __repository_item['username'] | default(omit) }}" + password: "{{ __repository_item['password'] | default(omit) }}" + requirements: "{{ __repository_item['requirements'] | default(omit) }}" + requirements_file: "{{ __repository_item['requirements_file'] | default(omit) }}" + download_concurrency: "{{ __repository_item['download_concurrency'] | default(10) }}" + rate_limit: "{{ __repository_item['rate_limit'] | default(8) }}" + signed_only: "{{ __repository_item['signed_only'] | default(omit) }}" + tls_validation: "{{ __repository_item['tls_validation'] | default(true) }}" + client_key: "{{ __repository_item['client_key'] | default(omit) }}" + client_cert: "{{ __repository_item['client_cert'] | default(omit) }}" + ca_cert: "{{ __repository_item['ca_cert'] | default(omit) }}" + client_key_path: "{{ __repository_item['client_key_path'] | default(omit) }}" + client_cert_path: "{{ __repository_item['client_cert_path'] | default(omit) }}" + ca_cert_path: "{{ __repository_item['ca_cert_path'] | default(omit) }}" + proxy_url: "{{ __repository_item.proxy_url | default(proxy_url | default(omit)) }}" + proxy_username: "{{ __repository_item.proxy_username | default(proxy_username | default(omit)) }}" + proxy_password: "{{ __repository_item.proxy_password | default(proxy_password | default(omit)) }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_repositories }}" loop_control: loop_var: "__repository_item" diff --git a/roles/repository_sync/README.md b/roles/repository_sync/README.md index 3a074559..80f8f56f 100644 --- a/roles/repository_sync/README.md +++ b/roles/repository_sync/README.md @@ -8,10 +8,15 @@ An Ansible Role to sync Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified.|| -|`wait`|"false"|no|Wait for the repository to finish syncing before returning.|| -|`interval`|"1"|no|The interval to request an update from Automation Hub.|| -|`timeout`|""|no|If waiting for the project to update this will abort after this amount of seconds.|| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_repositories`|`see below`|yes|Data structure describing your namespaces, described below.|| The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -44,6 +49,15 @@ This also speeds up the overall role. ## Data Structure +### Repository Variables + +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified.|| +|`wait`|"false"|no|Wait for the repository to finish syncing before returning.|| +|`interval`|"1"|no|The interval to request an update from Automation Hub.|| +|`timeout`|""|no|If waiting for the project to update this will abort after this amount of seconds.|| + ### Standard Project Data Structure #### Yaml Example diff --git a/roles/repository_sync/meta/argument_specs.yml b/roles/repository_sync/meta/argument_specs.yml index c40caff6..b7f7e15a 100644 --- a/roles/repository_sync/meta/argument_specs.yml +++ b/roles/repository_sync/meta/argument_specs.yml @@ -43,6 +43,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/repository_sync/tasks/main.yml b/roles/repository_sync/tasks/main.yml index 01babf0e..d41aec3b 100644 --- a/roles/repository_sync/tasks/main.yml +++ b/roles/repository_sync/tasks/main.yml @@ -1,16 +1,17 @@ --- - name: Sync Automation Hub repository ah_repository_sync: - name: "{{ __repository_item.name }}" - wait: "{{ __repository_item.wait | default(omit) }}" - interval: "{{ __repository_item.interval | default(1) }}" - timeout: "{{ __repository_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - ah_verify_ssl: "{{ ah_validate_certs | default(omit) }}" + name: "{{ __repository_item.name }}" + wait: "{{ __repository_item.wait | default(omit) }}" + interval: "{{ __repository_item.interval | default(1) }}" + timeout: "{{ __repository_item.timeout | default(omit) }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + ah_verify_ssl: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_repositories }}" loop_control: loop_var: "__repository_item" diff --git a/roles/role/README.md b/roles/role/README.md index c9a8f09c..b6136423 100644 --- a/roles/role/README.md +++ b/roles/role/README.md @@ -12,9 +12,10 @@ An Ansible Role to create role permisions in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_roles`|`see below`|yes|Data structure describing your role permisions, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_roles`|`see below`|yes|Data structure describing your role permissions, described below.|| ### Secure Logging Variables @@ -44,7 +45,7 @@ This also speeds up the overall role. ## Data Structure -### Group Variables +### Role Variables |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| diff --git a/roles/role/meta/argument_specs.yml b/roles/role/meta/argument_specs.yml index 0702dace..f667c536 100644 --- a/roles/role/meta/argument_specs.yml +++ b/roles/role/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/role/tasks/main.yml b/roles/role/tasks/main.yml index 1932e8e6..df199aa1 100644 --- a/roles/role/tasks/main.yml +++ b/roles/role/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_roles }}" loop_control: loop_var: "__role" diff --git a/roles/user/README.md b/roles/user/README.md index 1a915108..3405ce9c 100644 --- a/roles/user/README.md +++ b/roles/user/README.md @@ -12,9 +12,10 @@ An Ansible Role to create execution environment images in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables diff --git a/roles/user/meta/argument_specs.yml b/roles/user/meta/argument_specs.yml index 88c9e6d1..90238947 100644 --- a/roles/user/meta/argument_specs.yml +++ b/roles/user/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/user/tasks/main.yml b/roles/user/tasks/main.yml index a7d47a6d..e6cf53dc 100644 --- a/roles/user/tasks/main.yml +++ b/roles/user/tasks/main.yml @@ -18,6 +18,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_users }}" loop_control: loop_var: "__user" diff --git a/tests/playbooks/testing_collections_playbook.yml b/tests/playbooks/testing_collections_playbook.yml index 83057590..1b587b8c 100644 --- a/tests/playbooks/testing_collections_playbook.yml +++ b/tests/playbooks/testing_collections_playbook.yml @@ -104,6 +104,19 @@ ah_path_prefix: "{{ ah_path_prefix }}" validate_certs: "{{ ah_validate_certs }}" + - name: Verify setting request_timeout to very low will fail + ah_namespace: + name: to_not_work + request_timeout: 0.001 + register: request_timout_test + ignore_errors: true + + - name: Assert previous failed + ansible.builtin.assert: + that: + - request_timout_test is failed + - "'timed out' in request_timout_test.msg" + - name: Deauthenticate ah_token: ah_host: "{{ ah_hostname }}" From b935acafc9dc772bd614515c37f9e508237130bc Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 13:29:21 +0100 Subject: [PATCH 2/5] Add request_timeout option to all modules and roles --- changelogs/fragments/request_timeout.yml | 7 +++ plugins/doc_fragments/auth.py | 5 ++ plugins/doc_fragments/auth_plugin.py | 7 +++ plugins/doc_fragments/auth_ui.py | 5 ++ plugins/module_utils/ah_api_module.py | 13 ++++- plugins/module_utils/ah_module.py | 12 +++- roles/collection/README.md | 11 ++++ roles/collection/meta/argument_specs.yml | 5 ++ roles/collection/tasks/main.yml | 1 + roles/dispatch/meta/argument_specs.yml | 5 ++ roles/ee_image/README.md | 3 +- roles/ee_image/meta/argument_specs.yml | 5 ++ roles/ee_image/tasks/main.yml | 1 + roles/ee_namespace/README.md | 3 +- roles/ee_namespace/meta/argument_specs.yml | 5 ++ roles/ee_namespace/tasks/main.yml | 1 + roles/ee_registry/README.md | 3 +- roles/ee_registry/meta/argument_specs.yml | 5 ++ roles/ee_registry/tasks/main.yml | 1 + roles/ee_registry_index/README.md | 3 +- .../ee_registry_index/meta/argument_specs.yml | 5 ++ roles/ee_registry_index/tasks/main.yml | 1 + roles/ee_registry_sync/README.md | 3 +- .../ee_registry_sync/meta/argument_specs.yml | 5 ++ roles/ee_registry_sync/tasks/main.yml | 1 + roles/ee_repository/README.md | 3 +- roles/ee_repository/meta/argument_specs.yml | 5 ++ roles/ee_repository/tasks/main.yml | 1 + roles/ee_repository_sync/README.md | 3 +- .../meta/argument_specs.yml | 5 ++ roles/ee_repository_sync/tasks/main.yml | 1 + roles/group/README.md | 3 +- roles/group/meta/argument_specs.yml | 5 ++ roles/group/tasks/main.yml | 1 + roles/namespace/README.md | 3 +- roles/namespace/meta/argument_specs.yml | 5 ++ roles/namespace/tasks/main.yml | 1 + roles/publish/README.md | 12 ++-- roles/publish/meta/argument_specs.yml | 5 ++ roles/publish/tasks/main.yml | 20 ++++--- roles/repository/README.md | 58 ++++++++++++------- roles/repository/meta/argument_specs.yml | 5 ++ roles/repository/tasks/main.yml | 55 +++++++++--------- roles/repository_sync/README.md | 22 +++++-- roles/repository_sync/meta/argument_specs.yml | 5 ++ roles/repository_sync/tasks/main.yml | 21 +++---- roles/role/README.md | 5 +- roles/role/meta/argument_specs.yml | 5 ++ roles/role/tasks/main.yml | 1 + roles/user/README.md | 3 +- roles/user/meta/argument_specs.yml | 5 ++ roles/user/tasks/main.yml | 1 + .../testing_collections_playbook.yml | 13 +++++ 53 files changed, 296 insertions(+), 92 deletions(-) create mode 100644 changelogs/fragments/request_timeout.yml diff --git a/changelogs/fragments/request_timeout.yml b/changelogs/fragments/request_timeout.yml new file mode 100644 index 00000000..f83f9f2a --- /dev/null +++ b/changelogs/fragments/request_timeout.yml @@ -0,0 +1,7 @@ +--- +minor_changes: + - Added request_timeout option for plugins and roles in the collection + +bugfixes: + - Fixed role readme errors and standardised variable section of role readmes +... diff --git a/plugins/doc_fragments/auth.py b/plugins/doc_fragments/auth.py index 221ee351..bf871798 100644 --- a/plugins/doc_fragments/auth.py +++ b/plugins/doc_fragments/auth.py @@ -46,6 +46,11 @@ class ModuleDocFragment(object): - If value not set, will try environment variable C(AH_VERIFY_SSL) type: bool aliases: [ ah_verify_ssl ] + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10s, but this is handled by the shared module_utils code + type: float ah_path_prefix: description: - API path used to access the api. diff --git a/plugins/doc_fragments/auth_plugin.py b/plugins/doc_fragments/auth_plugin.py index 6ec0754e..29210d67 100644 --- a/plugins/doc_fragments/auth_plugin.py +++ b/plugins/doc_fragments/auth_plugin.py @@ -30,6 +30,13 @@ class ModuleDocFragment(object): - API path used to access the api. - For galaxy_ng this is either 'automation-hub' or the custom prefix used on install with GALAXY_API_PATH_PREFIX - For Automation Hub this is 'galaxy' + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10 seconds + type: float + env: + - name: AH_REQUEST_TIMEOUT verify_ssl: description: - Specify whether Ansible should verify the SSL certificate of the AH host. diff --git a/plugins/doc_fragments/auth_ui.py b/plugins/doc_fragments/auth_ui.py index 2959f2be..0f3cb3a1 100644 --- a/plugins/doc_fragments/auth_ui.py +++ b/plugins/doc_fragments/auth_ui.py @@ -38,6 +38,11 @@ class ModuleDocFragment(object): - If value not set, will try environment variable C(AH_VERIFY_SSL) type: bool aliases: [ ah_verify_ssl ] + request_timeout: + description: + - Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + - Defaults to 10s, but this is handled by the shared module_utils code + type: float ah_path_prefix: description: - API path used to access the api. diff --git a/plugins/module_utils/ah_api_module.py b/plugins/module_utils/ah_api_module.py index 65e2733e..1f8c8ca3 100644 --- a/plugins/module_utils/ah_api_module.py +++ b/plugins/module_utils/ah_api_module.py @@ -63,12 +63,18 @@ class AHAPIModule(AnsibleModule): required=False, fallback=(env_fallback, ["AH_VERIFY_SSL"]), ), + request_timeout=dict( + type="float", + required=False, + fallback=(env_fallback, ["AH_REQUEST_TIMEOUT"]) + ), ) short_params = { "host": "ah_host", "username": "ah_username", "password": "ah_password", "verify_ssl": "validate_certs", + "request_timeout": "request_timeout", "path_prefix": "ah_path_prefix", } @@ -76,6 +82,7 @@ class AHAPIModule(AnsibleModule): username = None password = None verify_ssl = True + request_timeout = 10 path_prefix = "galaxy" authenticated = False @@ -117,7 +124,7 @@ def __init__(self, argument_spec, direct_params=None, **kwargs): "Content-Type": "application/json", "Accept": "application/json", } - self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, follow_redirects=True) + self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, follow_redirects=True, timeout=self.request_timeout) # Define the API paths self.galaxy_path_prefix = "/api/{prefix}".format(prefix=self.path_prefix.strip("/")) @@ -215,7 +222,7 @@ def make_request_raw_reponse(self, method, url, **kwargs): response = {} try: - response = self.session.open(method, url.geturl(), headers=headers, data=data) + response = self.session.open(method, url.geturl(), headers=headers, data=data, timeout=self.request_timeout) except SSLValidationError as ssl_err: raise AHAPIModuleError("Could not establish a secure connection to {host}: {error}.".format(host=url.netloc, error=ssl_err)) except ConnectionError as con_err: @@ -460,7 +467,7 @@ def logout(self): "Content-Type": "application/json", "Accept": "application/json", } - self.session = Request(validate_certs=self.verify_ssl, headers=self.headers) + self.session = Request(validate_certs=self.verify_ssl, headers=self.headers, timeout=self.request_timeout) self.authenticated = False def fail_json(self, **kwargs): diff --git a/plugins/module_utils/ah_module.py b/plugins/module_utils/ah_module.py index bff23988..3da93d35 100644 --- a/plugins/module_utils/ah_module.py +++ b/plugins/module_utils/ah_module.py @@ -58,6 +58,11 @@ class AHModule(AnsibleModule): required=False, fallback=(env_fallback, ["AH_API_TOKEN"]), ), + request_timeout=dict( + type="float", + required=False, + fallback=(env_fallback, ["AH_REQUEST_TIMEOUT"]) + ), ) ENCRYPTED_STRING = "$encrypted$" short_params = { @@ -66,6 +71,7 @@ class AHModule(AnsibleModule): "password": "ah_password", "verify_ssl": "validate_certs", "path_prefix": "ah_path_prefix", + "request_timeout": "request_timeout", "oauth_token": "ah_token", } IDENTITY_FIELDS = {} @@ -75,6 +81,7 @@ class AHModule(AnsibleModule): username = None password = None verify_ssl = True + request_timeout = 10 oauth_token = None basic_auth = False authenticated = False @@ -97,7 +104,7 @@ def __init__(self, argument_spec=None, direct_params=None, error_callback=None, self.params = direct_params # else: super(AHModule, self).__init__(argument_spec=full_argspec, **kwargs) - self.session = Request(cookies=CookieJar(), validate_certs=self.verify_ssl) + self.session = Request(cookies=CookieJar(), validate_certs=self.verify_ssl, timeout=self.request_timeout) # Parameters specified on command line will override settings in any config for short_param, long_param in self.short_params.items(): @@ -219,6 +226,7 @@ def make_request(self, method, endpoint, *args, **kwargs): url.geturl(), headers=headers, validate_certs=self.verify_ssl, + timeout=self.request_timeout, follow_redirects=True, data=data, ) @@ -373,6 +381,7 @@ def authenticate(self, **kwargs): "POST", api_token_url, validate_certs=self.verify_ssl, + timeout=self.request_timeout, follow_redirects=True, force_basic_auth=True, url_username=self.username, @@ -387,6 +396,7 @@ def authenticate(self, **kwargs): "GET", test_url, validate_certs=self.verify_ssl, + timeout=self.request_timeout, headers={ "Content-Type": "application/json", "Authorization": "Basic {0}".format(basic_str.decode("ascii")), diff --git a/roles/collection/README.md b/roles/collection/README.md index f91db3f2..7f0b7887 100644 --- a/roles/collection/README.md +++ b/roles/collection/README.md @@ -6,6 +6,17 @@ An Ansible Role to update, or destroy Automation Hub Collections. ## Variables +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_collections`|`null`|`no`|`see below`|yes|Data structure describing your collections, described below.|| + These are the sub options for the vars `ah_collections` which are dictionaries with the options you want. See examples for details. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| diff --git a/roles/collection/meta/argument_specs.yml b/roles/collection/meta/argument_specs.yml index ec650988..5af37bc2 100644 --- a/roles/collection/meta/argument_specs.yml +++ b/roles/collection/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/collection/tasks/main.yml b/roles/collection/tasks/main.yml index b5474792..bd670e80 100644 --- a/roles/collection/tasks/main.yml +++ b/roles/collection/tasks/main.yml @@ -18,6 +18,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collections }}" loop_control: loop_var: "__collection" diff --git a/roles/dispatch/meta/argument_specs.yml b/roles/dispatch/meta/argument_specs.yml index bf6453dd..8e5a5535 100644 --- a/roles/dispatch/meta/argument_specs.yml +++ b/roles/dispatch/meta/argument_specs.yml @@ -62,6 +62,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_image/README.md b/roles/ee_image/README.md index 442560e7..52b00ddc 100644 --- a/roles/ee_image/README.md +++ b/roles/ee_image/README.md @@ -12,9 +12,10 @@ An Ansible Role to create execution environment images in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_images`|`see below`|yes|Data structure describing your execution environment images, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_images`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables diff --git a/roles/ee_image/meta/argument_specs.yml b/roles/ee_image/meta/argument_specs.yml index f4432729..51b44b2c 100644 --- a/roles/ee_image/meta/argument_specs.yml +++ b/roles/ee_image/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_image/tasks/main.yml b/roles/ee_image/tasks/main.yml index 8280a7be..735c9656 100644 --- a/roles/ee_image/tasks/main.yml +++ b/roles/ee_image/tasks/main.yml @@ -13,6 +13,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_images }}" loop_control: loop_var: "__ee_image_item" diff --git a/roles/ee_namespace/README.md b/roles/ee_namespace/README.md index f8454c11..dae6ab47 100644 --- a/roles/ee_namespace/README.md +++ b/roles/ee_namespace/README.md @@ -13,9 +13,10 @@ This was depreciated with AAP 2.4 and Galaxy NG 4.6.3+, and removed from the API |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_namespaces`|`see below`|yes|Data structure describing your ee_namespaces, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_namespaces`|`see below`|yes|Data structure describing your ee_namespaces, described below.|| ### Secure Logging Variables diff --git a/roles/ee_namespace/meta/argument_specs.yml b/roles/ee_namespace/meta/argument_specs.yml index d550abfb..6324b1d9 100644 --- a/roles/ee_namespace/meta/argument_specs.yml +++ b/roles/ee_namespace/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_namespace/tasks/main.yml b/roles/ee_namespace/tasks/main.yml index 6bc0e73c..11a3fb4b 100644 --- a/roles/ee_namespace/tasks/main.yml +++ b/roles/ee_namespace/tasks/main.yml @@ -13,6 +13,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_namespaces }}" loop_control: loop_var: "__ee_namespace_item" diff --git a/roles/ee_registry/README.md b/roles/ee_registry/README.md index 9cfc8a50..27894d35 100644 --- a/roles/ee_registry/README.md +++ b/roles/ee_registry/README.md @@ -12,12 +12,13 @@ An Ansible Role to create EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`proxy_url`|""|no|str|The URL for the proxy. Defaults to global `proxy_url` variable.| |`proxy_username`|""|no|str|The username for the proxy authentication. Defaults to global `proxy_username` variable.| |`proxy_password`|""|no|str|The password for the proxy authentication. Defaults to global `proxy_password` variable.| |`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below.|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| ### Secure Logging Variables diff --git a/roles/ee_registry/meta/argument_specs.yml b/roles/ee_registry/meta/argument_specs.yml index eb2866c8..22642d5e 100644 --- a/roles/ee_registry/meta/argument_specs.yml +++ b/roles/ee_registry/meta/argument_specs.yml @@ -69,6 +69,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry/tasks/main.yml b/roles/ee_registry/tasks/main.yml index 90469dc3..e36c7469 100644 --- a/roles/ee_registry/tasks/main.yml +++ b/roles/ee_registry/tasks/main.yml @@ -16,6 +16,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" proxy_url: "{{ __ee_registry_item.proxy_url | default(proxy_url | default(omit)) }}" proxy_username: "{{ __ee_registry_item.proxy_username | default(proxy_username | default(omit)) }}" proxy_password: "{{ __ee_registry_item.proxy_password | default(proxy_password | default(omit)) }}" diff --git a/roles/ee_registry_index/README.md b/roles/ee_registry_index/README.md index 5f6875ea..29308dba 100644 --- a/roles/ee_registry_index/README.md +++ b/roles/ee_registry_index/README.md @@ -12,9 +12,10 @@ An Ansible Role to index EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined). Note that this role will only do anything if the `index` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined). Note that this role will only do anything if the `index` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_registry_index/meta/argument_specs.yml b/roles/ee_registry_index/meta/argument_specs.yml index 7c2a37e0..dd10df70 100644 --- a/roles/ee_registry_index/meta/argument_specs.yml +++ b/roles/ee_registry_index/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry_index/tasks/main.yml b/roles/ee_registry_index/tasks/main.yml index 6c4e0bdd..f24950c7 100644 --- a/roles/ee_registry_index/tasks/main.yml +++ b/roles/ee_registry_index/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" diff --git a/roles/ee_registry_sync/README.md b/roles/ee_registry_sync/README.md index bf25985e..8087fca5 100644 --- a/roles/ee_registry_sync/README.md +++ b/roles/ee_registry_sync/README.md @@ -12,9 +12,10 @@ An Ansible Role to sync EE Registries in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_registries`|`see below`|yes|Data structure describing your ee_registries, described below. (Note this is the same as for the `ee_registries` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_registry_sync/meta/argument_specs.yml b/roles/ee_registry_sync/meta/argument_specs.yml index 66bcc659..e6bba918 100644 --- a/roles/ee_registry_sync/meta/argument_specs.yml +++ b/roles/ee_registry_sync/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_registry_sync/tasks/main.yml b/roles/ee_registry_sync/tasks/main.yml index bf39c525..66370e33 100644 --- a/roles/ee_registry_sync/tasks/main.yml +++ b/roles/ee_registry_sync/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_registries }}" loop_control: loop_var: "__ee_registry_item" diff --git a/roles/ee_repository/README.md b/roles/ee_repository/README.md index 60f84b8c..1172a4b9 100644 --- a/roles/ee_repository/README.md +++ b/roles/ee_repository/README.md @@ -12,9 +12,10 @@ An Ansible Role to create Repositories in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below.|| ### Secure Logging Variables diff --git a/roles/ee_repository/meta/argument_specs.yml b/roles/ee_repository/meta/argument_specs.yml index 963d4f7f..5c480cea 100644 --- a/roles/ee_repository/meta/argument_specs.yml +++ b/roles/ee_repository/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_repository/tasks/main.yml b/roles/ee_repository/tasks/main.yml index 13e2889d..3ce7ac24 100644 --- a/roles/ee_repository/tasks/main.yml +++ b/roles/ee_repository/tasks/main.yml @@ -17,6 +17,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" diff --git a/roles/ee_repository_sync/README.md b/roles/ee_repository_sync/README.md index 40e86f2a..35404dea 100644 --- a/roles/ee_repository_sync/README.md +++ b/roles/ee_repository_sync/README.md @@ -12,9 +12,10 @@ An Ansible Role to sync EE Repositories in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below. (Note this is the same as for the `ee_repository` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_ee_repositories`|`see below`|yes|Data structure describing your ee_repositories, described below. (Note this is the same as for the `ee_repository` role and the variable can be combined. Note that this role will only do anything if the `sync` suboption of this variable is set to true.|| ### Secure Logging Variables diff --git a/roles/ee_repository_sync/meta/argument_specs.yml b/roles/ee_repository_sync/meta/argument_specs.yml index 5b942cbd..e2f9d4d4 100644 --- a/roles/ee_repository_sync/meta/argument_specs.yml +++ b/roles/ee_repository_sync/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/ee_repository_sync/tasks/main.yml b/roles/ee_repository_sync/tasks/main.yml index e85ae3ed..91da5de7 100644 --- a/roles/ee_repository_sync/tasks/main.yml +++ b/roles/ee_repository_sync/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_ee_repositories }}" loop_control: loop_var: "__ee_repository_item" diff --git a/roles/group/README.md b/roles/group/README.md index 53b06349..d7a79dca 100644 --- a/roles/group/README.md +++ b/roles/group/README.md @@ -12,9 +12,10 @@ An Ansible Role to create groups in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_groups`|`see below`|yes|Data structure describing your groups, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_groups`|`see below`|yes|Data structure describing your groups, described below.|| ### Secure Logging Variables diff --git a/roles/group/meta/argument_specs.yml b/roles/group/meta/argument_specs.yml index 5c72dc48..e07c71ba 100644 --- a/roles/group/meta/argument_specs.yml +++ b/roles/group/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/group/tasks/main.yml b/roles/group/tasks/main.yml index 801c4c4c..74f38de0 100644 --- a/roles/group/tasks/main.yml +++ b/roles/group/tasks/main.yml @@ -12,6 +12,7 @@ # ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_groups }}" loop_control: loop_var: "__group" diff --git a/roles/namespace/README.md b/roles/namespace/README.md index 29f55e2f..acde05cd 100644 --- a/roles/namespace/README.md +++ b/roles/namespace/README.md @@ -13,9 +13,10 @@ An Ansible Role to create Namespaces in Automation Hub. |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_namespaces`|`see below`|yes|Data structure describing your namespaces, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_namespaces`|`see below`|yes|Data structure describing your namespaces, described below.|| ### Secure Logging Variables diff --git a/roles/namespace/meta/argument_specs.yml b/roles/namespace/meta/argument_specs.yml index 38150b65..646de796 100644 --- a/roles/namespace/meta/argument_specs.yml +++ b/roles/namespace/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/namespace/tasks/main.yml b/roles/namespace/tasks/main.yml index c9f25c2c..f9c1d2b2 100644 --- a/roles/namespace/tasks/main.yml +++ b/roles/namespace/tasks/main.yml @@ -19,6 +19,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_namespaces }}" loop_control: loop_var: "__namespace_item" diff --git a/roles/publish/README.md b/roles/publish/README.md index d23b5434..29d93864 100644 --- a/roles/publish/README.md +++ b/roles/publish/README.md @@ -9,14 +9,18 @@ An Ansible Role to publish collections to Automation Hub or Galaxies. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| |`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| -|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Tower Server's SSL certificate.|| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|no|Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`ah_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| -|`ah_collection_list`|`list`|no|Data structure file paths to pre built collections, mutually exclusive with ah_collections.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| |`ah_configuration_working_dir`|`/var/tmp`|no|The working directory where the built artifacts live, or where the artifacts will be built.|| |`ah_auto_approve`|`False`|no|Whether the collection will be automatically approved in Automation Hub. This will only work if the account being used has correct privileges.|| |`ah_overwrite_existing`|`False`|no|Whether the collection will be automatically overwrite an existing collection in Automation Hub. This will only work if the account being used has correct privileges.|| -|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_collections`|`see below`|no|Data structure describing your collections, mutually exclusive to ah_collection_list, described below.|| +|`ah_collection_list`|`list`|no|Data structure file paths to pre built collections, mutually exclusive with ah_collections.|| ### Secure Logging Variables diff --git a/roles/publish/meta/argument_specs.yml b/roles/publish/meta/argument_specs.yml index 1875c6fb..8e433796 100644 --- a/roles/publish/meta/argument_specs.yml +++ b/roles/publish/meta/argument_specs.yml @@ -78,6 +78,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/publish/tasks/main.yml b/roles/publish/tasks/main.yml index d7c7f5e5..a0356656 100644 --- a/roles/publish/tasks/main.yml +++ b/roles/publish/tasks/main.yml @@ -82,6 +82,7 @@ ah_token: "{{ ah_token | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" @@ -110,15 +111,16 @@ - name: Approve Collections ah_approval: - namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" - name: "{{ (__ah_collection_file | basename).split('-')[1] }}" - version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" + namespace: "{{ (__ah_collection_file | basename).split('-')[0] }}" + name: "{{ (__ah_collection_file | basename).split('-')[1] }}" + version: "{{ (__ah_collection_file | basename).split('-')[2:] | join('-') | splitext | first | splitext | first }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_collection_list }}" loop_control: loop_var: "__ah_collection_file" diff --git a/roles/repository/README.md b/roles/repository/README.md index 00f2df95..7a76857a 100644 --- a/roles/repository/README.md +++ b/roles/repository/README.md @@ -8,29 +8,15 @@ An Ansible Role to create Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified|| -|`url`|`https://cloud.redhat.com/api/automation-hub/`|no|(`ah_repository_certified`)Remote URL for the repository.|`https://console.redhat.com/api/automation-hub/content/`| -|`url`|`https://galaxy.ansible.com/api/`|no|(`ah_repository_community`)Remote URL for the repository.|| -|`auth_url`|`https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`|no|(`ah_repository_certified`)Remote URL for the repository authentication if separate.|| -|`token`|""|no|Token to authenticate to the remote repository.|| -|`username`|""|no|Username to authenticate to the remote repository.|| -|`password`|""|no|Password to authenticate to the remote repository.|| -|`requirements`|""|no|(`ah_repository_community`)Requirements to download from remote.|| -|`requirements_file`|""|no|(`ah_repository_community`)A yaml requirements file to download from remote.|| -|`proxy_url`|""|no|The URL for the proxy. Defaults to global `proxy_url` variable.|| -|`proxy_username`|""|no|The username for the proxy authentication. Defaults to global `proxy_username` variable.|| -|`proxy_password`|""|no|The password for the proxy authentication. Defaults to global `proxy_password` variable.|| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| -|`download_concurrency`|"10"|no| Number of concurrent collections to download.|| -|`rate_limit`|"8"|no|Limits total download rate in requests per second|| -|`signed_only`|"False"|no|Only download signed collections|True| -|`tls_validation`|"True"|no|Whether to use TLS validation against the remote repository|False| -|`client_key`|""|no|A PEM encoded private key file used for authentication|| -|`client_cert`|""|no|A PEM encoded client certificate used for authentication|| -|`ca_cert`|""|no|A PEM encoded CA certificate used for authentication|| -|`client_key_path`|""|no|Path to a PEM encoded private key file used for authentication|| -|`client_cert_path`|""|no|Path to a PEM encoded client certificate used for authentication|| -|`ca_cert_path`|""|no|Path to a PEM encoded CA certificate used for authentication|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_repositories`|`see below`|yes|Data structure describing your namespaces, described below.|| The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -63,6 +49,34 @@ This also speeds up the overall role. ## Data Structure +### Repository Variables + +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified|| +|`url`|`https://cloud.redhat.com/api/automation-hub/`|no|(`ah_repository_certified`)Remote URL for the repository.|`https://console.redhat.com/api/automation-hub/content/`| +|`url`|`https://galaxy.ansible.com/api/`|no|(`ah_repository_community`)Remote URL for the repository.|| +|`auth_url`|`https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token`|no|(`ah_repository_certified`)Remote URL for the repository authentication if separate.|| +|`token`|""|no|Token to authenticate to the remote repository.|| +|`username`|""|no|Username to authenticate to the remote repository.|| +|`password`|""|no|Password to authenticate to the remote repository.|| +|`requirements`|""|no|(`ah_repository_community`)Requirements to download from remote.|| +|`requirements_file`|""|no|(`ah_repository_community`)A yaml requirements file to download from remote.|| +|`proxy_url`|""|no|The URL for the proxy. Defaults to global `proxy_url` variable.|| +|`proxy_username`|""|no|The username for the proxy authentication. Defaults to global `proxy_username` variable.|| +|`proxy_password`|""|no|The password for the proxy authentication. Defaults to global `proxy_password` variable.|| +|`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| +|`download_concurrency`|"10"|no| Number of concurrent collections to download.|| +|`rate_limit`|"8"|no|Limits total download rate in requests per second|| +|`signed_only`|"False"|no|Only download signed collections|True| +|`tls_validation`|"True"|no|Whether to use TLS validation against the remote repository|False| +|`client_key`|""|no|A PEM encoded private key file used for authentication|| +|`client_cert`|""|no|A PEM encoded client certificate used for authentication|| +|`ca_cert`|""|no|A PEM encoded CA certificate used for authentication|| +|`client_key_path`|""|no|Path to a PEM encoded private key file used for authentication|| +|`client_cert_path`|""|no|Path to a PEM encoded client certificate used for authentication|| +|`ca_cert_path`|""|no|Path to a PEM encoded CA certificate used for authentication|| + ### Standard Project Data Structure #### Yaml Example diff --git a/roles/repository/meta/argument_specs.yml b/roles/repository/meta/argument_specs.yml index 7bd086c7..8286dc50 100644 --- a/roles/repository/meta/argument_specs.yml +++ b/roles/repository/meta/argument_specs.yml @@ -55,6 +55,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/repository/tasks/main.yml b/roles/repository/tasks/main.yml index 09133646..5b35640a 100644 --- a/roles/repository/tasks/main.yml +++ b/roles/repository/tasks/main.yml @@ -2,33 +2,34 @@ # Create AH repository - name: Add Automation Hub repository ah_repository: - name: "{{ __repository_item['name'] }}" - url: "{{ __repository_item['url'] }}" - auth_url: "{{ __repository_item['auth_url'] | default(omit) }}" - token: "{{ __repository_item['token'] | default(omit) }}" - username: "{{ __repository_item['username'] | default(omit) }}" - password: "{{ __repository_item['password'] | default(omit) }}" - requirements: "{{ __repository_item['requirements'] | default(omit) }}" - requirements_file: "{{ __repository_item['requirements_file'] | default(omit) }}" - download_concurrency: "{{ __repository_item['download_concurrency'] | default(10) }}" - rate_limit: "{{ __repository_item['rate_limit'] | default(8) }}" - signed_only: "{{ __repository_item['signed_only'] | default(omit) }}" - tls_validation: "{{ __repository_item['tls_validation'] | default(true) }}" - client_key: "{{ __repository_item['client_key'] | default(omit) }}" - client_cert: "{{ __repository_item['client_cert'] | default(omit) }}" - ca_cert: "{{ __repository_item['ca_cert'] | default(omit) }}" - client_key_path: "{{ __repository_item['client_key_path'] | default(omit) }}" - client_cert_path: "{{ __repository_item['client_cert_path'] | default(omit) }}" - ca_cert_path: "{{ __repository_item['ca_cert_path'] | default(omit) }}" - proxy_url: "{{ __repository_item.proxy_url | default(proxy_url | default(omit)) }}" - proxy_username: "{{ __repository_item.proxy_username | default(proxy_username | default(omit)) }}" - proxy_password: "{{ __repository_item.proxy_password | default(proxy_password | default(omit)) }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - validate_certs: "{{ ah_validate_certs | default(omit) }}" + name: "{{ __repository_item['name'] }}" + url: "{{ __repository_item['url'] }}" + auth_url: "{{ __repository_item['auth_url'] | default(omit) }}" + token: "{{ __repository_item['token'] | default(omit) }}" + username: "{{ __repository_item['username'] | default(omit) }}" + password: "{{ __repository_item['password'] | default(omit) }}" + requirements: "{{ __repository_item['requirements'] | default(omit) }}" + requirements_file: "{{ __repository_item['requirements_file'] | default(omit) }}" + download_concurrency: "{{ __repository_item['download_concurrency'] | default(10) }}" + rate_limit: "{{ __repository_item['rate_limit'] | default(8) }}" + signed_only: "{{ __repository_item['signed_only'] | default(omit) }}" + tls_validation: "{{ __repository_item['tls_validation'] | default(true) }}" + client_key: "{{ __repository_item['client_key'] | default(omit) }}" + client_cert: "{{ __repository_item['client_cert'] | default(omit) }}" + ca_cert: "{{ __repository_item['ca_cert'] | default(omit) }}" + client_key_path: "{{ __repository_item['client_key_path'] | default(omit) }}" + client_cert_path: "{{ __repository_item['client_cert_path'] | default(omit) }}" + ca_cert_path: "{{ __repository_item['ca_cert_path'] | default(omit) }}" + proxy_url: "{{ __repository_item.proxy_url | default(proxy_url | default(omit)) }}" + proxy_username: "{{ __repository_item.proxy_username | default(proxy_username | default(omit)) }}" + proxy_password: "{{ __repository_item.proxy_password | default(proxy_password | default(omit)) }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_repositories }}" loop_control: loop_var: "__repository_item" diff --git a/roles/repository_sync/README.md b/roles/repository_sync/README.md index 3a074559..80f8f56f 100644 --- a/roles/repository_sync/README.md +++ b/roles/repository_sync/README.md @@ -8,10 +8,15 @@ An Ansible Role to sync Repositories in Automation Hub. |Variable Name|Default Value|Required|Description|Example| |:---:|:---:|:---:|:---:|:---:| -|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified.|| -|`wait`|"false"|no|Wait for the repository to finish syncing before returning.|| -|`interval`|"1"|no|The interval to request an update from Automation Hub.|| -|`timeout`|""|no|If waiting for the project to update this will abort after this amount of seconds.|| +|`ah_host`|""|yes|URL to the Automation Hub or Galaxy Server. (alias: `ah_hostname`)|127.0.0.1| +|`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| +|`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| +|`ah_token`|""|yes|Tower Admin User's token on the Automation Hub Server. This should be stored in an Ansible Vault at or elsewhere and called from a parent playbook.|| +|`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| +|`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| +|`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_repositories`|`see below`|yes|Data structure describing your namespaces, described below.|| The `ah_configuration_async_dir` variable sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`. @@ -44,6 +49,15 @@ This also speeds up the overall role. ## Data Structure +### Repository Variables + +|Variable Name|Default Value|Required|Description|Example| +|:---:|:---:|:---:|:---:|:---:| +|`name`|""|yes| Repository name. Probably one of community, validated, or rh-certified.|| +|`wait`|"false"|no|Wait for the repository to finish syncing before returning.|| +|`interval`|"1"|no|The interval to request an update from Automation Hub.|| +|`timeout`|""|no|If waiting for the project to update this will abort after this amount of seconds.|| + ### Standard Project Data Structure #### Yaml Example diff --git a/roles/repository_sync/meta/argument_specs.yml b/roles/repository_sync/meta/argument_specs.yml index c40caff6..b7f7e15a 100644 --- a/roles/repository_sync/meta/argument_specs.yml +++ b/roles/repository_sync/meta/argument_specs.yml @@ -43,6 +43,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/repository_sync/tasks/main.yml b/roles/repository_sync/tasks/main.yml index 01babf0e..d41aec3b 100644 --- a/roles/repository_sync/tasks/main.yml +++ b/roles/repository_sync/tasks/main.yml @@ -1,16 +1,17 @@ --- - name: Sync Automation Hub repository ah_repository_sync: - name: "{{ __repository_item.name }}" - wait: "{{ __repository_item.wait | default(omit) }}" - interval: "{{ __repository_item.interval | default(1) }}" - timeout: "{{ __repository_item.timeout | default(omit) }}" - ah_host: "{{ ah_host | default(ah_hostname) }}" - ah_username: "{{ ah_username | default(omit) }}" - ah_password: "{{ ah_password | default(omit) }}" - ah_token: "{{ ah_token | default(omit) }}" - ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" - ah_verify_ssl: "{{ ah_validate_certs | default(omit) }}" + name: "{{ __repository_item.name }}" + wait: "{{ __repository_item.wait | default(omit) }}" + interval: "{{ __repository_item.interval | default(1) }}" + timeout: "{{ __repository_item.timeout | default(omit) }}" + ah_host: "{{ ah_host | default(ah_hostname) }}" + ah_username: "{{ ah_username | default(omit) }}" + ah_password: "{{ ah_password | default(omit) }}" + ah_token: "{{ ah_token | default(omit) }}" + ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" + ah_verify_ssl: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_repositories }}" loop_control: loop_var: "__repository_item" diff --git a/roles/role/README.md b/roles/role/README.md index c9a8f09c..b6136423 100644 --- a/roles/role/README.md +++ b/roles/role/README.md @@ -12,9 +12,10 @@ An Ansible Role to create role permisions in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_roles`|`see below`|yes|Data structure describing your role permisions, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_roles`|`see below`|yes|Data structure describing your role permissions, described below.|| ### Secure Logging Variables @@ -44,7 +45,7 @@ This also speeds up the overall role. ## Data Structure -### Group Variables +### Role Variables |Variable Name|Default Value|Required|Type|Description| |:---:|:---:|:---:|:---:|:---:| diff --git a/roles/role/meta/argument_specs.yml b/roles/role/meta/argument_specs.yml index 0702dace..f667c536 100644 --- a/roles/role/meta/argument_specs.yml +++ b/roles/role/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/role/tasks/main.yml b/roles/role/tasks/main.yml index 1932e8e6..df199aa1 100644 --- a/roles/role/tasks/main.yml +++ b/roles/role/tasks/main.yml @@ -12,6 +12,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_roles }}" loop_control: loop_var: "__role" diff --git a/roles/user/README.md b/roles/user/README.md index 1a915108..3405ce9c 100644 --- a/roles/user/README.md +++ b/roles/user/README.md @@ -12,9 +12,10 @@ An Ansible Role to create execution environment images in Automation Hub. |`ah_username`|""|yes|Admin User on the Automation Hub or Galaxy Server.|| |`ah_password`|""|yes|Automation Hub Admin User's password on the Automation Hub Server. This should be stored in an Ansible Vault at vars/tower-secrets.yml or elsewhere and called from a parent playbook.|| |`ah_validate_certs`|`False`|no|Whether or not to validate the Ansible Automation Hub Server's SSL certificate.|| +|`ah_request_timeout`|`10`|no|Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host.|| |`ah_path_prefix`|""|no|API path used to access the api. Either galaxy, automation-hub, or custom|| -|`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| |`ah_configuration_async_dir`|`null`|no|Sets the directory to write the results file for async tasks. The default value is set to `null` which uses the Ansible Default of `/root/.ansible_async/`.|| +|`ah_users`|`see below`|yes|Data structure describing your execution environment images, described below.|| ### Secure Logging Variables diff --git a/roles/user/meta/argument_specs.yml b/roles/user/meta/argument_specs.yml index 88c9e6d1..90238947 100644 --- a/roles/user/meta/argument_specs.yml +++ b/roles/user/meta/argument_specs.yml @@ -57,6 +57,11 @@ argument_specs: required: false description: Whether or not to validate the Automation Hub Server's SSL certificate. type: str + ah_request_timeout: + default: 10 + required: false + description: Specify the timeout Ansible should use in requests to the Galaxy or Automation Hub host. + type: float ah_username: required: false description: User for authentication on Automation Hub diff --git a/roles/user/tasks/main.yml b/roles/user/tasks/main.yml index a7d47a6d..e6cf53dc 100644 --- a/roles/user/tasks/main.yml +++ b/roles/user/tasks/main.yml @@ -18,6 +18,7 @@ ah_password: "{{ ah_password | default(omit) }}" ah_path_prefix: "{{ ah_path_prefix | default(omit) }}" validate_certs: "{{ ah_validate_certs | default(omit) }}" + request_timeout: "{{ ah_request_timeout | default(omit) }}" loop: "{{ ah_users }}" loop_control: loop_var: "__user" diff --git a/tests/playbooks/testing_collections_playbook.yml b/tests/playbooks/testing_collections_playbook.yml index 83057590..1b587b8c 100644 --- a/tests/playbooks/testing_collections_playbook.yml +++ b/tests/playbooks/testing_collections_playbook.yml @@ -104,6 +104,19 @@ ah_path_prefix: "{{ ah_path_prefix }}" validate_certs: "{{ ah_validate_certs }}" + - name: Verify setting request_timeout to very low will fail + ah_namespace: + name: to_not_work + request_timeout: 0.001 + register: request_timout_test + ignore_errors: true + + - name: Assert previous failed + ansible.builtin.assert: + that: + - request_timout_test is failed + - "'timed out' in request_timout_test.msg" + - name: Deauthenticate ah_token: ah_host: "{{ ah_hostname }}" From fe10e0c549577263657b12019f6fcbb63c217b4b Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 15:51:47 +0100 Subject: [PATCH 3/5] Update tests --- tests/playbooks/testing_collections_playbook.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/playbooks/testing_collections_playbook.yml b/tests/playbooks/testing_collections_playbook.yml index 1b587b8c..c0806abc 100644 --- a/tests/playbooks/testing_collections_playbook.yml +++ b/tests/playbooks/testing_collections_playbook.yml @@ -104,10 +104,15 @@ ah_path_prefix: "{{ ah_path_prefix }}" validate_certs: "{{ ah_validate_certs }}" + - name: Verify setting request_timeout to high will work + ah_namespace: + name: to_not_work + request_timeout: 100 + - name: Verify setting request_timeout to very low will fail ah_namespace: name: to_not_work - request_timeout: 0.001 + request_timeout: 0.01 register: request_timout_test ignore_errors: true @@ -115,7 +120,6 @@ ansible.builtin.assert: that: - request_timout_test is failed - - "'timed out' in request_timout_test.msg" - name: Deauthenticate ah_token: From dfad44248b8d7a717268da46693a57a5d88dcb9d Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 16:22:19 +0100 Subject: [PATCH 4/5] Force current tests to be used --- .github/workflows/ci_standalone.yml | 1 + .github/workflows/ci_standalone_versioned.yml | 2 ++ 2 files changed, 3 insertions(+) diff --git a/.github/workflows/ci_standalone.yml b/.github/workflows/ci_standalone.yml index 8d3379b8..38909cf5 100644 --- a/.github/workflows/ci_standalone.yml +++ b/.github/workflows/ci_standalone.yml @@ -16,6 +16,7 @@ jobs: uses: "./.github/workflows/ci_standalone_versioned.yml" with: galaxy_ng_version: ${{ matrix.galaxy_ng_version }} + gh_ref: ${{ github.sha }} secrets: redhat_catalog_username: ${{ secrets.REDHAT_CATALOG_USERNAME }} redhat_catalog_password: ${{ secrets.REDHAT_CATALOG_PASSWORD }} diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index 508146b6..b1a5dbf7 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -22,6 +22,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + with: + ref: ${{ inputs.gh_ref }} - name: "Checkout galaxy_ng" uses: actions/checkout@v2 From d507905bdd21d0ad19e7829c22cf7e2afeca9ad3 Mon Sep 17 00:00:00 2001 From: "tompage1994@hotmail.co.uk" Date: Wed, 9 Aug 2023 16:26:21 +0100 Subject: [PATCH 5/5] Add as input --- .github/workflows/ci_standalone_versioned.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ci_standalone_versioned.yml b/.github/workflows/ci_standalone_versioned.yml index b1a5dbf7..6deba19d 100644 --- a/.github/workflows/ci_standalone_versioned.yml +++ b/.github/workflows/ci_standalone_versioned.yml @@ -8,6 +8,11 @@ on: description: The version to pull of galaxy_ng required: true type: string + gh_ref: + description: The ref in the repository to pull + required: false + default: devel + type: string secrets: redhat_catalog_username: description: Username for Red Hat Catalog