Open rlopez133 opened 1 year ago
rooftopcellist
commented
1 year ago Fixing that may be as simple as adding:
watchDependentResources: TrueHere:
That way when you modify a JobTemplate resource, it will kick off the reconciliation lop again, which will run the awx.awx.job_template task to update the JobTemplate.
We just have to make sure that there aren't other knock-on effects to this change that are unwanted.
cooktheryan
commented
1 year ago /assign
rooftopcellist
commented
1 year ago I think that if we do this, we should make it possible to configure whether the state described in the CR for resources should be maintained or just created once. This could be an environment variable set on the operator deployment (for all resources) or it could be configurable on each resource.
Maybe we could call it create_only: true ? That was just the first think I thought of, I'm definitely open to other param names.
This would allow users to either: A) Create the resources once when deploying AWX, then modify them further using the AWX UI B) OR, Create the resources and re-run the reconciliation loop if any changes are made to the resources, which will update those resources accordingly. (Ideally with a strategic merge so that changes made from the UI that don't conflict would not be overwritten).
@cooktheryan Another thing is that we may want to make it possible to optionally configure a custom reconciliation interval, this way an AWX admin could enforce that changes made by users in the AWX UI were overwritten regularly if that is the desired behavior. That is how many configuration as code Jenkins instances are set up.
cooktheryan
commented
1 year ago @rooftopcellist so all of the items except jobtemplate and workflowtemplate I have working. The problem seems to exist that with the field @rlopez133 specified the underlying ansible playbook does not attempt to remediate those values. For example
apiVersion: tower.ansible.com/v1alpha1
kind: JobTemplate
metadata:
name: rocketchat-volsync-template
spec:
job_template_inventory: Demo Inventory
job_template_name: RocketChatVolSync
job_template_playbook: hello_world.yml
job_template_project: Demo Project
tower_auth_secret: awxaccessChanging the value of the playbook causes the underlying playbook to make the change
apiVersion: tower.ansible.com/v1alpha1
kind: JobTemplate
metadata:
name: rocketchat-volsync-template
spec:
job_template_inventory: Demo Inventory
job_template_name: RocketChatVolSync
job_template_playbook: hello_world2.yml
job_template_project: Demo Project
tower_auth_secret: awxaccessSo I'm wondering if this is something that would need to happen in the job_template official playbook rather than this operator. Unless we wanted to remove objects if they already exist. I can modify the job_template_playbook as well as the job_template_project and the underlying playbook will make the change.
PR #129
Currently if I created a Job Template as such on the first attempt this would create as expected.
If I wanted to make a change and say remove the job_template_credentials from the Job Template if I went ahead removed this piece and gave another unique metadata.name , when you apply, you don't see the changes to the Job Template where the template credential is removed. It's exactly the same as the initial creation.