Skip to content

Commit

Permalink
feat(playbooks): migration of centurion playbooks to github
Browse files Browse the repository at this point in the history 
gh pr checkout 17
  • Loading branch information
@jasonpagetas
jasonpagetas committed Aug 14, 2024
1 parent 5cc1dcb commit 0e24782
Show file tree
Hide file tree
Showing 2 changed files with 415 additions and 0 deletions.
244 changes: 244 additions & 0 deletions playbooks/centurion_teams.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,244 @@
- name: Centurion ERP Teams Setup
hosts: |-
{%- if nfc_pb_host is defined -%}
{{ nfc_pb_host }}
{%- else -%}
all
{%- endif %}
become: false
gather_facts: false
connection: local # Play uses HTTP requests ONLY!!


tasks:


- name: Confirm required vars exist
ansible.builtin.assert:
that:
- centurion_erp.teams is defined
- |
centurion_erp.teams is not mapping
and
centurion_erp.teams is iterable
and
centurion_erp.teams is not string
msg: "Missing required variable or it's of the incorrect type[list]"
run_once: true
delegate_to: localhost


- name: Collect organizations from centurion ERP
ansible.builtin.uri:
url: |-
{{ lookup('env', 'CENTURION_API') }}/api/organization/
method: GET
body_format: json
headers:
authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
return_content: true
status_code:
- 200
register: api_get_organizations
run_once: true
delegate_to: localhost
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Collect teams from centurion ERP
ansible.builtin.uri:
url: "{{ item }}"
method: GET
body_format: json
headers:
authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
return_content: true
status_code:
- 200
loop: "{{ api_get_organizations.json.results | map(attribute='url') | list }}"
register: api_get_permissions
run_once: true
delegate_to: localhost
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Create list of Teams
ansible.builtin.set_fact:
team_permissions: |
[
{% for config_organisation in centurion_erp.teams %}
{% set ns = namespace(added_teams = []) %}
{% for config_team in config_organisation.teams %}
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
{% for team in organization.json.teams %}
{% if team.team_name == config_team.name %}
{
"organization_id": "{{ organization.json.id }}",
"team_name": "{{ team.team_name }}",
"url": "{{ team.url }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endfor %}
{% endif %}
{% endfor %}
{% if config_team.name not in ns.added_teams %}
{
"organization_id":
{% for organization in api_get_permissions.results %}
{% if organization.json.name == config_organisation.name %}
"{{ organization.json.id }}",
{% endif %}
{% endfor %}
"team_name": "{{ config_team.name }}",
"notes": "{{ config_team.notes }}",
"permissions":
{{ config_team.permissions }}
},
{% set ns.added_teams = ns.added_teams + [ config_team.name ] %}
{% endif %}
{% endfor %}
{% endfor %}
]
delegate_to: localhost
run_once: true
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Create new teams in centurion_ERP
ansible.builtin.uri:
url: |-
{{ lookup('env', 'CENTURION_API') }}/api/organization/{{ item.organization_id }}/team
method: POST
body_format: json
body: |-
{
"team_name": "{{ item.team_name }}"
}
headers:
Authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
status_code:
- 201
when: >
item.url is not defined
loop: "{{ team_permissions | list }}"
register: api_post_teams
delegate_to: localhost
run_once: true
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: update permissions to include newly created teams
ansible.builtin.set_fact:
team_permissions: |
[
{% for team in team_permissions %}
{
"organization_id": "{{ team.organization_id }}",
"team_name": "{{ team.team_name }}",
"notes": "{{ team.notes }}",
"permissions":
{{ team.permissions }},
"url":
{% if team.url is defined %}
"{{ team.url }}",
{% elif team.url is not defined %}
{% for api_values in api_post_teams.results %}
{% if api_values.item.organization_id == team.organization_id %}
{% if api_values.json.team_name == team.team_name %}
"{{ api_values.json.url }}",
{% endif %}
{% endif %}
{% endfor %}
{% endif %}
},
{% endfor %}
]
delegate_to: localhost
run_once: true
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Patch team permissions
ansible.builtin.uri:
url: |-
{{ item.url }}permissions
method: PATCH
body_format: json
body: "{{ item.permissions }}"
headers:
Authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
status_code:
- 200
when: >
item.url is defined
loop: "{{ team_permissions | list }}"
delegate_to: localhost
run_once: true
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
- name: Patch team notes
ansible.builtin.uri:
url: |-
{{ item.url }}
method: PATCH
body_format: json
body: |-
{
"model_notes": "{{ item.notes }}"
}
headers:
Authorization: Token {{ lookup('env', 'CENTURION_TOKEN') }}
validate_certs: "{{ lookup('env', 'VALIDATE_CENTURION_CERTS') | default(true) | bool }}"
status_code:
- 200
when: >
item.url is defined
loop: "{{ team_permissions | list }}"
delegate_to: localhost
run_once: true
no_log: > # Contains a secret that logging shows
{{ nfc_pb_disable_log | default(true) }}
Loading

0 comments on commit 0e24782

Please sign in to comment.