Currently the tools_cv.py does not accept environment variables when calling the connect method of the CvpClient class from cvprac.cvp_client. In AAPv2 (Ansible Tower) it is not possible to vault values in a sourced inventory. While you can move the token to host or group vars, this leaves the FQDN hardcoded into the inventory.
This change allows support for setting the host target or host delegation to localhost instead of to a CVP host, such that CVP and any associated vars can be removed from the inventory. A custom credential type in Ansible Tower can be created and the injector config can contain all of the environment variables required which can then be associated with a template.
The custom credential can be associated with a sourced inventory as well, however, the environment variables will be ignored by tools_cv.py if the CVP server is provided in inventory and referenced in the playbook.
README and CVP_Authentication were also updated to reflect this change.
Related Issue(s)
N/A
Component(s) name
affect all plugins
Proposed changes
The following environment variables will be accepted by tools_cv.py if CVP is omitted from inventory and is replaced with localhost in the playbook:
Keep CVP in inventory as is in your project and add all of the environment variables with their appropriate values above and you will see that the values in the inventory are still used.
Remove CVP from inventory and change reference to it in the playbook in question to localhost, environment variables will now be required instead.
CVP in inventory and playbook, and no environment variables.
All 3 cases tested successfully on multiple modules.
Checklist
User Checklist
1) Delete CVP from inventory
2) Update playbooks to reference locahost instead of cvp in host targeting and delegation
3) Set environment variables on executing system (or leverage custom credential types and inject them into a template via credential association)
4) Run the project
Repository Checklist
[x] My code has been rebased from devel before I start
Change Summary
Currently the tools_cv.py does not accept environment variables when calling the connect method of the CvpClient class from cvprac.cvp_client. In AAPv2 (Ansible Tower) it is not possible to vault values in a sourced inventory. While you can move the token to host or group vars, this leaves the FQDN hardcoded into the inventory.
This change allows support for setting the host target or host delegation to localhost instead of to a CVP host, such that CVP and any associated vars can be removed from the inventory. A custom credential type in Ansible Tower can be created and the injector config can contain all of the environment variables required which can then be associated with a template.
The custom credential can be associated with a sourced inventory as well, however, the environment variables will be ignored by tools_cv.py if the CVP server is provided in inventory and referenced in the playbook.
README and CVP_Authentication were also updated to reflect this change.
Related Issue(s)
N/A
Component(s) name
affect all plugins
Proposed changes
The following environment variables will be accepted by tools_cv.py if CVP is omitted from inventory and is replaced with localhost in the playbook:
CVP_HOST CVP_PORT CVP_USER CVP_PASS CVP_TOKEN CVP_CERT_VALIDATE (True / False) CVP_CMD_TIMEOUT CVP_CON_TIMEOUT
How to test
Keep CVP in inventory as is in your project and add all of the environment variables with their appropriate values above and you will see that the values in the inventory are still used.
Remove CVP from inventory and change reference to it in the playbook in question to localhost, environment variables will now be required instead.
CVP in inventory and playbook, and no environment variables.
All 3 cases tested successfully on multiple modules.
Checklist
User Checklist
1) Delete CVP from inventory 2) Update playbooks to reference locahost instead of cvp in host targeting and delegation 3) Set environment variables on executing system (or leverage custom credential types and inject them into a template via credential association) 4) Run the project
Repository Checklist