hub_collection_remotes
group_vars/all/hub_collection_remotes.yml
As the organization we create has chosen that every collection to be used in production has to be checked, we have no "ALL" configuration.
The configuration is fully in "dev"and "prod".
As you can see the cloud token is not in this configuration file, this is defined elsewhere.
---
hub_collection_remotes_all: []
# No extra config exists
...
But you can already see that the variable name used here has the "_all" extension, so the variable will not be overridden as this is not quite a inventory.
Why we do this, will become clear in a moment.
Even when its empty, the variable must exist.
group_vars/dev/hub_collection_remotes.yml
Here we configure the remotes per environment to have some control over which collection is availlable in which environment. This can be a demand from security, so why not be ahead of this and separate the environments this way.
---
hub_collection_remotes_dev:
- name: rh-certified
token: "{{ cloud_token }}"
url: 'https://console.redhat.com/api/automation-hub/content/published/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
requirements:
- ansible.posix
- ansible.controller
- ansible.eda
- ansible.hub
- ansible.platform
- ansible.windows
- redhat.insights
- redhat.satellite
- redhat.satellite_operations
- redhat.rhel_system_roles
wait: false
- name: validated
token: "{{ cloud_token }}"
url: 'https://console.redhat.com/api/automation-hub/content/validated/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
wait: false
- name: community
token: "{{ cloud_token }}"
url: 'https://galaxy.ansible.com/api/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
requirements:
- community.general
- community.vmware
- community.windows
- community.postgresql
- community.docker
- community.dns
- community.libvirt
- awx.awx
- infra.aap_configuration
- infra.controller_configuration
- infra.ah_configuration
- infra.aap_utilities
- infra.ee_utilities
wait: false
...
Here the variable has the "_dev" extension, so the variable will not be overridden.
group_vars/prod/hub_collection_remotes.yml
We have a lot less collection availlable in production.
By adding a collection into the list, it will be added to the hub in the environment.
---
hub_collection_remotes_prod: []
- name: rh-certified
token: "{{ cloud_token }}"
url: 'https://console.redhat.com/api/automation-hub/content/published/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
requirements:
- ansible.posix
- ansible.controller
- ansible.eda
- ansible.hub
- ansible.platform
- ansible.windows
- redhat.insights
- redhat.satellite
- redhat.satellite_operations
- redhat.rhel_system_roles
wait: false
- name: validated
token: "{{ cloud_token }}"
url: 'https://console.redhat.com/api/automation-hub/content/validated/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
wait: false
- name: community
token: "{{ cloud_token }}"
url: 'https://galaxy.ansible.com/api/'
auth_url: 'https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token'
requirements:
- community.general
- community.vmware
- infra.aap_configuration
- infra.controller_configuration
- infra.ah_configuration
- infra.aap_utilities
- infra.ee_utilities
wait: false
...
Here the variable has the "_prod" extension, so the variable will not be overridden.
When we run a pipeline for a certain environment, the inventory structure will provide us with 2 variables:
- hub_collection_remotes_all
- hub_collection_remotes_
We will merge these 2 variables into 1: hub_collection_remotes and feed this to the infra.aap_configuration.hub_collection_remotes role.
In main.yml the merge of the variables is done by this piece of code:
- name: Set the gateway vars
ansible.builtin.set_fact:
hub_collection_remotes: >
{{ hub_collection_remotes_all |
community.general.lists_mergeby(vars['hub_collection_remotes_' + branch_name],
'name', recursive=true, list_merge='append') }}
This results in the hub_collection_remotes variable the collection needs.