deleting an organization from rhaap
This playbook, removes a defined organization from rhaap.
It removes a organization using almost the same code as creating an organization, running in
reverse order.
It uses 6 phases to accomplish this:
1- Disable the pipeline on the config as code team repository
2- Remove the organization admin user from vault
3- Remove the namespace from the external vault
4- Remove the organization from rhaap
5- Cleanup the Config as code files for gateway, removing the now obsolete items
6- Cleanup stale items from controller, wich are not removed after removing the organization. And disable the organizations repository pipeline.
The survey will only ask for the short_team_name, this is all the play needs to function.
The pipelines are run against the development environment at this time, it has to run against all defined environments for each phase.
dependencies
This playbook depends on 4 credentials these must be added to the job_template.
- gitlab_mgt_automation
- aap_credential
- vault_token
- ansible
Phase 1
As we leave the config as code repository for later use, we disable the pipeline on it.
So it can't run anymore.
Phase 2
We remove the user/password combination from the vault, so the user is not recreated automaticly.
Phase 3
We remove the namespace for this organization from the vault, including all secrets in the namespace.
Phase 4
We use the infra.aap_configuration collection to remove the admin user from rhaap.
Phase 5
Checkout rhaap base configuration into temp directory.
Clean the yaml files in the rhaap base config as if the organization never existed.
Push the updated files into GIT.
Remove temp directory
Phase 6
Remove projects, workflow_templates and job_templates that remain after removing the organization.
Disable the pipeline on the CaC repository of the team.
The organization is now removed and no longer accessible.
Status
Completed
cleanup_controller.yml
get_gitlab_api_token.yml
env_vars.yml
main.yml
rhaap_absent_organization.yml
vault_delete_local_admin_user.tyml
vault_delete_namespace.yml