diff --git a/playbooks/inventory/linode.yaml b/playbooks/inventory/linode.yaml index 3606002..c9c1883 100644 --- a/playbooks/inventory/linode.yaml +++ b/playbooks/inventory/linode.yaml @@ -11,6 +11,15 @@ awx_integration: true cleanup_temp_files: false + # Git integration settings + push_to_git: true + + # AWX API integration (optional - for automatic project sync) + awx_api_integration: false # Set to true if you want automatic project refresh + # awx_host: "https://your-awx-host" + # awx_project_id: "8" # Your project ID in AWX + # awx_token: "{{ lookup('env', 'AWX_TOKEN') }}" # Set via credential or env var + # Optional filters include_only_running: false specific_regions: [] # e.g., ['us-east', 'us-west'] @@ -42,17 +51,24 @@ msg: | Inventory update complete! - Next steps for AWX integration: - 1. Copy the inventory script to your SCM repository - 2. Create a custom inventory source in AWX - 3. Point it to the linode_inventory.py script - 4. Set up the Linode API credential + ✅ Inventory file created: /runner/project/inventory/linode_hosts.json + ✅ Changes committed to Git: {{ 'Yes' if git_commit_result.rc == 0 else 'Failed - check logs' }} + ✅ Repository: git@git.ewnix.net:phlux/ewnix-automation.git - Files created: - - JSON inventory: {{ linode_inventory_output_dir }}/{{ linode_inventory_output_file }} - {% if inventory_format == "ini" %} - - INI inventory: {{ linode_inventory_output_dir }}/linode_static_inventory.ini - {% endif %} + Next steps: + 1. {% if not awx_api_integration %}Manually sync your AWX project to pull the latest inventory{% else %}Project sync triggered automatically{% endif %} + 2. Create a new inventory source in AWX: + - Source: "Sourced from a Project" + - Inventory File: "inventory/linode_hosts.json" + - No credential needed (it's a static file) + 3. Sync the inventory source to import your Linode hosts + + Your {{ linode_inventory_data._meta.hostvars | length }} Linode hosts will be available in groups: + - tag_k3s (k3s cluster nodes) + - tag_control_plane ({{ hostvars[groups['localhost'][0]]['linode_inventory_data']._meta.hostvars | selectattr('is_control_plane', 'equalto', true) | list | length }} control plane nodes) + - tag_worker_node ({{ hostvars[groups['localhost'][0]]['linode_inventory_data']._meta.hostvars | selectattr('is_worker_node', 'equalto', true) | list | length }} worker nodes) + - region_us_southeast (regional grouping) + - type_* (by instance type) # Optional: Run against discovered Linode hosts - name: Debug and use discovered Linode hosts diff --git a/playbooks/inventory/linode_workflow.yml b/playbooks/inventory/linode_workflow.yml new file mode 100644 index 0000000..07f47a9 --- /dev/null +++ b/playbooks/inventory/linode_workflow.yml @@ -0,0 +1,54 @@ +--- +# Example workflow that updates inventory and then uses it +- name: Step 1 - Update Linode Inventory + hosts: localhost + gather_facts: true + connection: local + + vars: + push_to_git: true + awx_api_integration: true + awx_host: "{{ lookup('env', 'TOWER_HOST') | default('https://localhost') }}" + awx_project_id: "{{ lookup('env', 'AWX_PROJECT_ID') | default('') }}" + awx_token: "{{ lookup('env', 'AWX_TOKEN') | default('') }}" + + roles: + - role: linode_inventory + +- name: Step 2 - Wait for project sync (if using API) + hosts: localhost + gather_facts: false + tasks: + - name: Wait for project sync to complete + ansible.builtin.pause: + seconds: 30 + when: awx_api_integration | default(false) + + - name: Manual sync reminder + ansible.builtin.debug: + msg: | + ⚠️ MANUAL ACTION REQUIRED ⚠️ + + Please manually sync your AWX project now to pull the updated inventory file. + Then create/sync an inventory source pointing to: inventory/linode_hosts.json + + After that, you can run jobs against your discovered Linode hosts! + when: not (awx_api_integration | default(false)) + +# This play would run in a separate job template after inventory is synced +- name: Step 3 - Example task using discovered hosts + hosts: localhost + gather_facts: false + tasks: + - name: Instructions for next job template + ansible.builtin.debug: + msg: | + This would be a separate job template that runs after inventory sync. + It would target groups like: + - tag_k3s + - tag_control_plane + - tag_worker_node + - region_us_southeast + + Example: Create a job template with inventory pointing to the Linode hosts + and limit it to specific groups like 'tag_k3s' to run tasks on k3s nodes only. diff --git a/roles/inventory/linode/tasks/main.yml b/roles/inventory/linode/tasks/main.yml index 7a65541..8788c68 100644 --- a/roles/inventory/linode/tasks/main.yml +++ b/roles/inventory/linode/tasks/main.yml @@ -123,14 +123,96 @@ label: "{{ item.key }}" when: linode_inventory_data._meta.hostvars | length > 0 -- name: Create JSON inventory file for AWX - ansible.builtin.template: - src: linode_hosts.json.j2 - dest: "{{ linode_inventory_output_dir }}/linode_hosts.json" +- name: Create inventory directory in project + ansible.builtin.file: + path: "/runner/project/inventory" + state: directory + mode: '0755' + delegate_to: localhost + +- name: Create JSON inventory file in project + ansible.builtin.copy: + content: "{{ linode_inventory_data | to_nice_json }}" + dest: "/runner/project/inventory/linode_hosts.json" mode: '0644' delegate_to: localhost when: linode_inventory_data is defined +- name: Configure Git user for commits + ansible.builtin.shell: | + cd /runner/project + git config --local user.email "awx@ewnix.net" + git config --local user.name "AWX Automation" + # Ensure we're using SSH for the remote + git remote set-url origin git@git.ewnix.net:phlux/ewnix-automation.git + delegate_to: localhost + ignore_errors: true + +- name: Ensure SSH key is available for Git operations + ansible.builtin.shell: | + # Add git.ewnix.net to known hosts to avoid interactive prompts + ssh-keyscan -t rsa git.ewnix.net >> ~/.ssh/known_hosts 2>/dev/null || true + # Test SSH connection + ssh -T git@git.ewnix.net -o StrictHostKeyChecking=no -o ConnectTimeout=10 2>&1 || echo "SSH test completed" + delegate_to: localhost + ignore_errors: true + +- name: Commit inventory back to Git + ansible.builtin.shell: | + cd /runner/project + git add inventory/linode_hosts.json + if git diff --staged --quiet; then + echo "No changes to commit" + exit 0 + else + git commit -m "Update Linode inventory - $(date '+%Y-%m-%d %H:%M:%S') [AWX]" + # Use SSH to push + GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no -o ConnectTimeout=30" git push origin HEAD + echo "Inventory committed and pushed to git@git.ewnix.net:phlux/ewnix-automation" + fi + register: git_commit_result + delegate_to: localhost + ignore_errors: true + when: + - linode_inventory_data is defined + - push_to_git | default(true) + +- name: Display Git operation result + ansible.builtin.debug: + msg: | + Git operation result: + Return code: {{ git_commit_result.rc }} + Output: {{ git_commit_result.stdout }} + Error: {{ git_commit_result.stderr | default('None') }} + when: git_commit_result is defined + +- name: Trigger AWX project sync (if AWX API available) + ansible.builtin.uri: + url: "{{ awx_host | default('https://localhost') }}/api/v2/projects/{{ awx_project_id }}/update/" + method: POST + headers: + Authorization: "Bearer {{ awx_token }}" + Content-Type: "application/json" + body_format: json + body: {} + status_code: [200, 201, 202] + validate_certs: false + register: project_sync_result + delegate_to: localhost + ignore_errors: true + when: + - awx_api_integration | default(false) + - awx_token is defined + - awx_project_id is defined + +- name: Display project sync result + ansible.builtin.debug: + msg: | + AWX Project sync triggered: + Status: {{ project_sync_result.status | default('Not attempted') }} + Response: {{ project_sync_result.json | default('No response') }} + when: project_sync_result is defined + - name: Clean up temporary script ansible.builtin.file: path: "{{ linode_inventory_output_dir }}/linode_inventory.py"