Revert "renamed config sap-hana to sap-hana-rhel9, restored sap-hana (#…

…8798)" (#8800)

This reverts commit b4c528a.

ansible/configs/sap-hana-rhel9/post_infra.yml → ansible/configs/sap-hana-dist/post_infra.yml

@@ -1,7 +1,4 @@
-- name: Step 002 - Post Infrastructure
-  #
-  # Creates/Updates inventory for deployment in deploy Satellite
-  #
+- name: Step 002 Post Infrastructure
   hosts: localhost
   connection: local
   become: false
@@ -11,18 +8,18 @@
     - post_infrastructure
   tasks:
     - name: Job Template to launch a Job Template with update on launch inventory set
-      ansible.builtin.uri:
+      uri:
         url: "https://{{ ansible_tower_ip }}/api/v1/job_templates/{{ job_template_id }}/launch/"
         method: POST
-        user: "{{ tower_admin }}"
-        password: "{{ tower_admin_password }}"
+        user: "{{tower_admin}}"
+        password: "{{tower_admin_password}}"
         body:
           extra_vars:
-            guid: "{{ guid }}"
-            ipa_host_password: "{{ ipa_host_password }}"
+            guid: "{{guid}}"
+            ipa_host_password: "{{ipa_host_password}}"
 
         body_format: json
-        validate_certs: false
+        validate_certs: False
         HEADER_Content-Type: "application/json"
         status_code: 200, 201
       when: tower_run == 'true'

ansible/configs/sap-hana-dist/post_software.yml

@@ -0,0 +1,228 @@
+- name: Step 00xxxxx post software
+  hosts: support
+  gather_facts: False
+  become: yes
+  tasks:
+    - debug:
+        msg: "Post-Software tasks Started"
+
+#- name: Make Ansible Tower License file available
+#  hosts: localhost
+#  gather_facts: False
+#  become: false
+#  tasks:
+
+#    - name: Dump Ansible Tower License to a file
+#      copy:
+#        content: "{{ tower_license }}"
+#        dest: /tmp/license.json
+#      when: tower_instance_count > 0
+
+- name: Make Ansible Tower License file available
+  hosts: localhost
+  gather_facts: False
+  become: false
+  tasks:
+
+    - debug:
+        msg: "Post-Software tasks Started"
+
+    - name: downloading tower manifest from OpenTLC
+      get_url:
+        url: "{{ tower_manifest.url }}"
+        dest: "{{ ansible_tower.install.manifest_file }}"
+        username: "{{ tower_manifest.username | default(omit) }}"
+        password: "{{ tower_manifest.password | default(omit) }}"
+
+
+- name: Configure Ansible Tower
+  hosts: towers
+  gather_facts: False
+  become: yes
+  tasks:
+
+    - block:
+
+      - name: Ensure dependencies for tower-cli are installed
+        dnf:
+          name: python3-pip
+          state: latest
+
+      - name: Ensure tower-cli is installed
+        pip:
+          name: ansible-tower-cli
+          state: latest
+          executable: pip3
+
+      - name: Dump tower-cli config
+        copy:
+          content: "{{ tower_cli_config }}"
+          dest: /etc/tower/tower_cli.cfg
+
+      - name: Dump Ansible Tower Workflow Schema HA to a file
+        copy:
+          content: "{{ workflow_schema_ha }}"
+          dest: /tmp/schema_ha.yml
+
+      - name: Dump Ansible Tower Workflow Schema non-HA to a file
+        copy:
+          content: "{{ workflow_schema_non_ha }}"
+          dest: /tmp/schema_non_ha.yml
+
+      - name: Create symlink to support internal infra-ansible role includes
+        file:
+          src: infra-ansible/roles/ansible
+          dest: "{{ __agnosticd_roles_install_path }}/ansible"
+          state: link
+        delegate_to: localhost
+        become: false
+        run_once: true
+        vars:
+          __agnosticd_roles_install_path: >-
+            {%- if requirements_content is defined and requirements_content | length > 0 -%}
+            {{ playbook_dir }}/dynamic-roles
+            {%- else -%}
+            {{ ANSIBLE_REPO_PATH | default(playbook_dir) }}/roles
+            {%- endif -%}
+
+      - name: Ensure Tower License is configured
+        include_role:
+          name: infra-ansible/roles/ansible/tower/config-ansible-tower-subscription-manifest
+
+      - name: Ensure required Credentials are added to Tower
+        include_role:
+          name: infra-ansible/roles/ansible/tower/manage-credentials
+
+      - name: Ensure required inventories are added to Tower
+        include_role:
+          name: infra-ansible/roles/ansible/tower/manage-inventories
+
+      - name: Ensure required Projects are added to Tower
+        include_role:
+          name: infra-ansible/roles/ansible/tower/manage-projects
+
+      - name: Ensure required Job Templates are added to Tower
+        include_role:
+          name: infra-ansible/roles/ansible/tower/manage-job-templates
+
+      - name: Ensure required WorkFlow Templates are added to Tower
+        shell: "{{ item }}"
+        loop:
+          - /usr/local/bin/tower-cli workflow create --name="SAP HANA and S/4HANA E2E deployment"
+          - /usr/local/bin/tower-cli workflow create --name="SAP HANA and S/4HANA E2E deployment - HA Mode"
+
+      - name: Populate new WorkFlows with specified schemas
+        shell: "{{ item }}"
+        loop:
+          - /usr/local/bin/tower-cli workflow schema "SAP HANA and S/4HANA E2E deployment" @/tmp/schema_non_ha.yml
+          - /usr/local/bin/tower-cli workflow schema "SAP HANA and S/4HANA E2E deployment - HA Mode" @/tmp/schema_ha.yml
+
+      - name: Copy letsencrypt cert
+        copy:
+          src: "/etc/letsencrypt/live/tower-{{ guid }}.{{ guid }}.{{ sandbox_openshift_apps_domain }}/fullchain.pem"
+          dest: "/etc/tower/tower.cert"
+          remote_src: true
+        when: cloud_provider == "openshift_cnv"
+
+      - name: Copy letsencrypt key
+        copy:
+          src: "/etc/letsencrypt/live/tower-{{ guid }}.{{ guid }}.{{ sandbox_openshift_apps_domain }}/privkey.pem"
+          dest: "/etc/tower/tower.key"
+          remote_src: true
+        when: cloud_provider == "openshift_cnv"
+
+      - name: restart-tower
+        command: ansible-tower-service restart
+        become: true
+        when: cloud_provider == "openshift_cnv"
+
+#      when: 
+#       - tower_instance_count > 0
+#       - __run_aap_deployment
+
+
+- name: Print out information for the user to consume the lab
+  hosts: localhost
+  gather_facts: False
+  become: false
+  tasks:
+    - name: Print Student Information
+      when:
+        - install_student_user | bool
+        - cloud_provider != "openshift_cnv"
+      block:
+      - name: Store bastion hostname as a fact
+        set_fact:
+          bastion_hostname: "{{groups['bastions'].0 }}"
+      - name: Report user info
+        agnosticd_user_info:
+          msg: "{{ item }}"
+        loop:
+        - "You can access your bastion via SSH:"
+        - "ssh {{ student_name }}@bastion-{{ guid }}.{{ guid }}.{{ osp_cluster_dns_zone }}"
+        - ""
+        - "Make sure you use the username '{{ student_name }}' and the password '{{ hostvars[bastion_hostname]['student_password'] }}' when prompted."
+        - ""
+        - "You can access your Tower:"
+        - "https://{{ tower_public_dns_chomped }}"
+        - "Make sure you are using the following credentials:"
+        - ""
+        - "Username: admin"
+        - "Password: {{ tower_password }}"
+
+    - name: Print Student Information
+      when:
+        - install_student_user | bool
+        - cloud_provider == "openshift_cnv"
+      block:
+      - name: Store bastion hostname as a fact
+        set_fact:
+          bastion_hostname: "{{groups['bastions'].0 }}"
+      - name: Report user info
+        agnosticd_user_info:
+          msg: "{{ item }}"
+        loop:
+        - "You can access your bastion via SSH:"
+        - "ssh {{ student_name }}@{{ openshift_cnv_ssh_address }} -p {{ hostvars[groups['bastions'][0]].bastion_ssh_port }}"
+        - ""
+        - "Make sure you use the username '{{ student_name }}' and the password '{{ hostvars[bastion_hostname]['student_password'] }}' when prompted."
+        - ""
+        - "You can access your Tower:"
+        - "https://{{ tower_public_dns_chomped }}"
+        - "Make sure you are using the following credentials:"
+        - ""
+        - "Username: admin"
+        - "Password: {{ tower_password }}"
+
+    - name: Set agnosticd user info data for tower
+      when:
+        - tower_instance_count > 0
+        - cloud_provider != "openshift_cnv"
+      agnosticd_user_info:
+        data:
+          tower_url: "https://tower-{{ guid }}.{{ guid }}.{{ osp_cluster_dns_zone }}"
+          tower_username: "admin"
+          tower_password: "{{ tower_password }}"
+
+    - name: Set agnosticd user info data for tower
+      when:
+        - tower_instance_count > 0
+        - cloud_provider == "openshift_cnv"
+      agnosticd_user_info:
+        data:
+          tower_url: "https://tower-{{ guid }}.{{ guid }}.{{ sandbox_openshift_apps_domain }}"
+          tower_username: "admin"
+          tower_password: "{{ tower_password }}"
+
+
+
+- name: PostSoftware flight-check
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  become: false
+  tags:
+    - post_flight_check
+  tasks:
+    - debug:
+        msg: "Post-Software checks completed successfully"

ansible/configs/sap-hana-dist/pre_infra.yml

@@ -0,0 +1,34 @@
+- name: Step 000 Pre Infrastructure
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  become: false
+  tags:
+    - step001
+    - pre_infrastructure
+    - generate_env_keys
+  tasks:
+    - debug:
+        msg: "Step 000 Pre Infrastructure"
+
+    - name: Generate SSH keys
+      shell: ssh-keygen -b 2048 -t rsa -f "{{output_dir}}/{{env_authorized_key}}" -q -N ""
+      args:
+        creates: "{{output_dir}}/{{env_authorized_key}}"
+      when: set_env_authorized_key | bool
+
+    - name: fix permission
+      file:
+        path: "{{output_dir}}/{{env_authorized_key}}"
+        mode: 0400
+      when: set_env_authorized_key | bool
+
+    - name: Generate SSH pub key
+      shell: ssh-keygen -y -f "{{output_dir}}/{{env_authorized_key}}" > "{{output_dir}}/{{env_authorized_key}}.pub"
+      args:
+        creates: "{{output_dir}}/{{env_authorized_key}}.pub"
+      when: set_env_authorized_key | bool
+
+    - name: Include tasks to find snapshot in AWS
+      when: cloud_provider == 'ec2'
+      include_tasks: find_snapshot.yml