Add an option to remove existing keys that are not declared in ansible

author: Ismaël Bouya <ismael.bouya@fretlink.com> 2022-02-25 18:14:29 +0100
committer: Ismaël Bouya <ismael.bouya@fretlink.com> 2022-02-25 18:39:20 +0100
commit: d58fd11546cd378ff4eba6227adc10f8c06c386a (patch)
tree: f21120bf0a6e7bee5d2e7a3aebdf14f29538e0f7 /tasks
parent: 30a577fc43ef49e5e9925bc82116a2bd47f9a842 (diff)
download: ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.tar.gz
ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.tar.zst
ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.zip
3 files changed, 53 insertions, 23 deletions
diff --git a/tasks/key.yml b/tasks/key.yml
new file mode 100644
index 0000000..aa2b2d9
--- /dev/null
+++ b/tasks/key.yml
@@ -0,0 +1,30 @@
+---
+- name: Build scoped path
+  set_fact:
+    rundeck_key_full_path: "{{ rundeck_keys_base_path }}/{{ item.path }}"
+- name: Check key existence
+  uri:
+    url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
+    method: GET
+    headers:
+      Accept: application/json
+      X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
+    status_code: [200, 404]
+  register: rundeck_existing_key
+- name: Set method
+  set_fact:
+    rundeck_key_uri_method: "{{ (rundeck_existing_key.status == 404) | ternary('POST', 'PUT') }}"
+- name: Import key
+  uri:
+    url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
+    method: "{{ rundeck_key_uri_method }}"
+    headers:
+      Accept: application/json
+      Content-Type: "{{ item.type }}"
+      X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
+    status_code: [200, 201]
+    body: "{{ item.value }}"
+    body_format: raw
diff --git a/tasks/keys.yml b/tasks/keys.yml
index 98c6136..7ca0904 100644
--- a/tasks/keys.yml
+++ b/tasks/keys.yml
@@ -1,33 +1,34 @@
 ---
- name: Build scoped path
+- name: Set scope variables
  set_fact:
-    rundeck_key_full_path: "{{ rundeck_keys_scoped_by_project | default(true) | ternary('project/' + rundeck_project + '/' + key_group_path, key_group_path) }}"
+    rundeck_keys_base_path: "{{ rundeck_keys_scoped_by_project | default(true) | ternary('project/' + rundeck_project + '/' + rundeck_keys_group_path, rundeck_keys_group_path) }}"
  vars:
    group_name: "{{ rundeck_jobs_group | default('') }}"
-    key_group_path: "{{ rundeck_keys_scoped_by_group | default((group_name|length) > 0) | ternary(group_name + '/' + item.path, item.path) }}"
+    rundeck_keys_group_path: "{{ rundeck_keys_scoped_by_group | default((group_name|length) > 0) | ternary(group_name, '') }}"
- name: Check key existence
+- name: Include rundeck key
-  uri:
+  include_tasks: key.yml
-    url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
+  with_items: "{{ rundeck_jobs_keys }}"
-    method: GET
-    headers:
+- name: Get all stored keys
-      Accept: application/json
+  script:
-      X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
+    cmd: "{{ role_path }}/files/fetch_keys.sh {{ rundeck_api_url }}/{{ rundeck_api_version }} {{ rundeck_api_token }} keys/{{ rundeck_keys_base_path }}"
-    status_code: [200, 404]
+  register: rundeck_existing_keys
-  register: rundeck_existing_key
+  when: rundeck_remove_missing_keys
- name: Set method
+- name: "Prepare list of keys to remove"
  set_fact:
-    rundeck_key_uri_method: "{{ (rundeck_existing_key.status == 404) | ternary('POST', 'PUT') }}"
+    rundeck_existing_keys: "{{ rundeck_existing_keys.stdout_lines | list }}"
+    rundeck_known_keys: "{{ rundeck_jobs_keys | map(attribute='path') | list }}"
+  when: rundeck_remove_missing_keys
- name: Import key
+- name: "Remove jobs not declared"
  uri:
-    url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
+    url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_keys_base_path }}/{{ item }}"
-    method: "{{ rundeck_key_uri_method }}"
+    method: DELETE
    headers:
      Accept: application/json
-      Content-Type: "{{ item.type }}"
      X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
-    status_code: [200, 201]
+    status_code: [204, 404]
-    body: "{{ item.value }}"
+  with_items: "{{ rundeck_existing_keys | difference(rundeck_known_keys) }}"
-    body_format: raw
+  when: rundeck_remove_missing_keys
diff --git a/tasks/main.yml b/tasks/main.yml
index 644fef0..955d0a9 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -4,7 +4,6 @@
  tags:
    - rundeck-jobs
 - name: Include rundeck keys
-  include_tasks: keys.yml
  tags:
    - rundeck-keys
-  with_items: "{{ rundeck_jobs_keys }}"
+  include_tasks: keys.yml
author	Ismaël Bouya <ismael.bouya@fretlink.com>	2022-02-25 18:14:29 +0100
committer	Ismaël Bouya <ismael.bouya@fretlink.com>	2022-02-25 18:39:20 +0100
commit	d58fd11546cd378ff4eba6227adc10f8c06c386a (patch)
tree	f21120bf0a6e7bee5d2e7a3aebdf14f29538e0f7 /tasks
parent	30a577fc43ef49e5e9925bc82116a2bd47f9a842 (diff)
download	ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.tar.gz ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.tar.zst ansible-rundeck-jobs-d58fd11546cd378ff4eba6227adc10f8c06c386a.zip

diff --git a/tasks/key.yml b/tasks/key.yml new file mode 100644 index 0000000..aa2b2d9 --- /dev/null +++ b/tasks/key.yml
@@ -0,0 +1,30 @@
		1	---
		2	- name: Build scoped path
		3	set_fact:
		4	rundeck_key_full_path: "{{ rundeck_keys_base_path }}/{{ item.path }}"
		5
		6	- name: Check key existence
		7	uri:
		8	url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
		9	method: GET
		10	headers:
		11	Accept: application/json
		12	X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
		13	status_code: [200, 404]
		14	register: rundeck_existing_key
		15
		16	- name: Set method
		17	set_fact:
		18	rundeck_key_uri_method: "{{ (rundeck_existing_key.status == 404) \| ternary('POST', 'PUT') }}"
		19
		20	- name: Import key
		21	uri:
		22	url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
		23	method: "{{ rundeck_key_uri_method }}"
		24	headers:
		25	Accept: application/json
		26	Content-Type: "{{ item.type }}"
		27	X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
		28	status_code: [200, 201]
		29	body: "{{ item.value }}"
		30	body_format: raw


diff --git a/tasks/keys.yml b/tasks/keys.yml index 98c6136..7ca0904 100644 --- a/tasks/keys.yml +++ b/tasks/keys.yml
@@ -1,33 +1,34 @@
1	---	1	---
2	- name: Build scoped path	2	- name: Set scope variables
3	set_fact:	3	set_fact:
4	rundeck_key_full_path: "{{ rundeck_keys_scoped_by_project \| default(true) \| ternary('project/' + rundeck_project + '/' + key_group_path, key_group_path) }}"	4	rundeck_keys_base_path: "{{ rundeck_keys_scoped_by_project \| default(true) \| ternary('project/' + rundeck_project + '/' + rundeck_keys_group_path, rundeck_keys_group_path) }}"
5	vars:	5	vars:
6	group_name: "{{ rundeck_jobs_group \| default('') }}"	6	group_name: "{{ rundeck_jobs_group \| default('') }}"
7	key_group_path: "{{ rundeck_keys_scoped_by_group \| default((group_name\|length) > 0) \| ternary(group_name + '/' + item.path, item.path) }}"	7	rundeck_keys_group_path: "{{ rundeck_keys_scoped_by_group \| default((group_name\|length) > 0) \| ternary(group_name, '') }}"
8		8
9	- name: Check key existence	9	- name: Include rundeck key
10	uri:	10	include_tasks: key.yml
11	url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"	11	with_items: "{{ rundeck_jobs_keys }}"
12	method: GET	12
13	headers:	13	- name: Get all stored keys
14	Accept: application/json	14	script:
15	X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"	15	cmd: "{{ role_path }}/files/fetch_keys.sh {{ rundeck_api_url }}/{{ rundeck_api_version }} {{ rundeck_api_token }} keys/{{ rundeck_keys_base_path }}"
16	status_code: [200, 404]	16	register: rundeck_existing_keys
17	register: rundeck_existing_key	17	when: rundeck_remove_missing_keys
18		18
19	- name: Set method	19	- name: "Prepare list of keys to remove"
20	set_fact:	20	set_fact:
21	rundeck_key_uri_method: "{{ (rundeck_existing_key.status == 404) \| ternary('POST', 'PUT') }}"	21	rundeck_existing_keys: "{{ rundeck_existing_keys.stdout_lines \| list }}"
		22	rundeck_known_keys: "{{ rundeck_jobs_keys \| map(attribute='path') \| list }}"
		23	when: rundeck_remove_missing_keys
22		24
23	- name: Import key	25	- name: "Remove jobs not declared"
24	uri:	26	uri:
25	url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"	27	url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_keys_base_path }}/{{ item }}"
26	method: "{{ rundeck_key_uri_method }}"	28	method: DELETE
27	headers:	29	headers:
28	Accept: application/json	30	Accept: application/json
29	Content-Type: "{{ item.type }}"
30	X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"	31	X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
31	status_code: [200, 201]	32	status_code: [204, 404]
32	body: "{{ item.value }}"	33	with_items: "{{ rundeck_existing_keys \| difference(rundeck_known_keys) }}"
33	body_format: raw	34	when: rundeck_remove_missing_keys


diff --git a/tasks/main.yml b/tasks/main.yml index 644fef0..955d0a9 100644 --- a/tasks/main.yml +++ b/tasks/main.yml
@@ -4,7 +4,6 @@
4	tags:	4	tags:
5	- rundeck-jobs	5	- rundeck-jobs
6	- name: Include rundeck keys	6	- name: Include rundeck keys
7	include_tasks: keys.yml
8	tags:	7	tags:
9	- rundeck-keys	8	- rundeck-keys
10	with_items: "{{ rundeck_jobs_keys }}"	9	include_tasks: keys.yml