Updating Base configuration for Automation Platform
When we upgrade automation platform from version 2.5 to 2.6, we need to change some things in the configuration as code files.
When you have 2.5 completely running with configuration as code, the update is fairly simple.
New files:
- gateway_role_team_assignments.yml
Changed files:
- gateway_role_user_assignmnets.yml
Removed files:
- hub_group_roles.yml
Changes to the files
As we said before, we will show you what the changes are towards the 2.5 version of the rhaap configuration shown here.
Now we will show you the content of each file:
group_vars/all/gateway_role_user_assignments.yml
In the 2.5 version, this file contained role mappings for teams as well as users. This has changed, the configuration of user roles is done in this file and role mappings to teams has a new file.
---
gateway_role_user_assignments_all:
- role_definition: Organization Member
user: wilco
object_ids: MGT
- role_definition: Organization Member
user: coll_upload
object_ids: MGT
- role_definition: Team Member
user: coll_upload
object_ids: hub_coll_team
- role_definition: Organization Member
user: coll_get
object_ids: MGT
- role_definition: Team Member
user: coll_get
object_ids: hub_coll_team
- role_definition: Organization Member
user: ee_upload
object_ids: MGT
- role_definition: Team Member
user: ee_upload
object_ids: hub_ee_team
- role_definition: Organization Member
user: ee_pull
object_ids: MGT
- role_definition: Team Member
user: ee_pull
oject_ids: hub_ee_team
- role_definition: Organization Admin
user: mgt
object_ids: MGT
- role_definition: Organization Admin
user: CaC_admin_MGT
object_ids: MGT
...
group_vars/all/gateway_role_team_assignments.yml
In this file the roles are mapped onto teams as opposed to user mapping.
This will probably change, in configuration, as the following is not working yet.
---
gateway_role_team_assignments_all:
- assignment_objects:
- name: community
type: repository
- name: rh-certified
type: repository
- name: validated
type: repository
- name: published
type: repository
- name: staging
type: repository
role_definition: galaxy.ansible_repository_owner
team: hub_coll
state: present
...
other yaml files
When you upgrade your automation platform instance, the nodename and other variables like secrets will probably stay the same. If this is the case, not many changes will have to be done. But if you install a new server, be sure to change all occurences of the name in all files (check them all!).
This wilprvent running into errors while loading the configuration.
workaround.yml
As we are near to configuring the first part of rhaap 2.6, we need to explain what we did to the collections to be able to map the user roles on organization name, istead of the object_id.
Read on here:
Hacking infra.aap_configuration.dispatch
the real code main.yml
The file main.yml is almost the same in every repository for configuration as code. Just the variables vary.
The only exeption is the one here, it must adapt for the workaround.
Almost all other code for rhaap 2.5 is reusable for rhaap 2.6. Just be sure to have the latest versions of the following collections in your pipeline:
- infra.aap_configuration
- ansible.platform
- ansible.hub
- ansible.eda
- ansible.controller
- community.general
At the moment of writing:
ansible.controller 4.7.1
ansible.eda 2.10.0
ansible.hub 1.0.2
ansible.platform 2.6.20250924
community.general 11.2.1
infra.aap_configuration 3.8.3