diff --git a/utils/credential_utility/get_config_credentials.yml b/utils/credential_utility/get_config_credentials.yml new file mode 100644 index 000000000..48c2815dd --- /dev/null +++ b/utils/credential_utility/get_config_credentials.yml @@ -0,0 +1,42 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Include input project directory + when: not project_dir_status | default(false) | bool + ansible.builtin.import_playbook: ../include_input_dir.yml + tags: always + +- name: Include validation include_tasks + hosts: localhost + connection: local + roles: + - validation + tags: always + +- name: Create omnia_credential_config + hosts: localhost + connection: local + roles: + - role: create_config + when: not cred_file_status + tags: always + + +- name: Fetch and update credentials in config file + hosts: localhost + connection: local + roles: + - update_config + tags: always diff --git a/utils/credential_utility/roles/create_config/tasks/main.yml b/utils/credential_utility/roles/create_config/tasks/main.yml new file mode 100644 index 000000000..fde4c1f51 --- /dev/null +++ b/utils/credential_utility/roles/create_config/tasks/main.yml @@ -0,0 +1,25 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Create Omnia Credentials file + ansible.builtin.template: + src: "{{ omnia_credential_template }}" + dest: "{{ omnia_credential_file }}" + mode: "{{ omnia_credential_file_mode }}" + +- name: Include omnia_credentials.yml + ansible.builtin.include_vars: "{{ omnia_credential_file }}" + register: include_omnia_credentials + no_log: true diff --git a/utils/credential_utility/roles/create_config/templates/omnia_credential.j2 b/utils/credential_utility/roles/create_config/templates/omnia_credential.j2 new file mode 100644 index 000000000..c2ae538df --- /dev/null +++ b/utils/credential_utility/roles/create_config/templates/omnia_credential.j2 @@ -0,0 +1,26 @@ +--- + +# Provision credentials +provision_password: "" +bmc_username: "" +bmc_password: "" +switch_snmp3_username: "" +switch_snmp3_password: "" + +# Prepare_oim credentials +postgresdb_password: "" +pulp_password: "" +docker_username: "" +docker_password: "" + +#Omnia credentials +mariadb_password: "password" + +# Security credentials +openldap_db_username: "admin" +openldap_db_password: "" +openldap_config_username: "admin" +openldap_config_password: "" +openldap_monitor_password: "" +kerberos_admin_password: "" +directory_manager_password: "" diff --git a/utils/credential_utility/roles/create_config/vars/main.yml b/utils/credential_utility/roles/create_config/vars/main.yml new file mode 100644 index 000000000..a91c1c88f --- /dev/null +++ b/utils/credential_utility/roles/create_config/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +omnia_credential_template: "{{ role_path }}/templates/omnia_credential.j2" +omnia_credential_file: "{{ input_project_dir }}/omnia_config_credentials.yml" +omnia_credential_file_mode: 600 diff --git a/utils/credential_utility/roles/update_config/tasks/encrypt_credentials_file.yml b/utils/credential_utility/roles/update_config/tasks/encrypt_credentials_file.yml new file mode 100644 index 000000000..8f13e92f2 --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/encrypt_credentials_file.yml @@ -0,0 +1,22 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Encrypt credentials file + block: + - name: Encrypt provision_config_credentials.yml + ansible.builtin.command: >- + ansible-vault encrypt {{ omnia_credential_file }} + --vault-password-file {{ omnia_credential_vault_path }} + changed_when: false diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_credentials.yml b/utils/credential_utility/roles/update_config/tasks/fetch_credentials.yml new file mode 100644 index 000000000..5a1d1d659 --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_credentials.yml @@ -0,0 +1,28 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Initialize mandatory credentials status + ansible.builtin.set_fact: + mandatory_credentials_status: false + +- name: Prompt to fetch Omnia credentials + ansible.builtin.include_tasks: "fetch_{{ type.key }}_credentials.yml" + loop: "{{ service.value | dict2items }}" + loop_control: + loop_var: type + when: + - service.key in software_names or service.key in ["provision", "prepare_oim","local_repo"] + - (omnia_run_tags | default([]) | difference(['all']) | length == 0) + or service.key in (omnia_run_tags | default([])) diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_default_credentials.yml b/utils/credential_utility/roles/update_config/tasks/fetch_default_credentials.yml new file mode 100644 index 000000000..c446ae34b --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_default_credentials.yml @@ -0,0 +1,24 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Notify user about default inputs + ansible.builtin.debug: + msg: "{{ default_warning_msg }}" + +- name: Fetch default credentials + ansible.builtin.include_tasks: prompt_credentials.yml + loop: "{{ type.value | dict2items }}" + loop_control: + loop_var: field diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_mandatory_credentials.yml b/utils/credential_utility/roles/update_config/tasks/fetch_mandatory_credentials.yml new file mode 100644 index 000000000..0cedb3a8b --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_mandatory_credentials.yml @@ -0,0 +1,32 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Set mandatory credentials status + ansible.builtin.set_fact: + mandatory_credentials_status: true + +- name: Notify user about mandatory inputs + ansible.builtin.debug: + msg: "{{ mandatory_warning_msg }}" + +- name: Fetch mandatory credentials + ansible.builtin.include_tasks: prompt_credentials.yml + loop: "{{ type.value | dict2items }}" + loop_control: + loop_var: field + +- name: Reset mandatory credentials status + ansible.builtin.set_fact: + mandatory_credentials_status: false diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_optional_credentials.yml b/utils/credential_utility/roles/update_config/tasks/fetch_optional_credentials.yml new file mode 100644 index 000000000..500aa909d --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_optional_credentials.yml @@ -0,0 +1,24 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Notify user about optional inputs + ansible.builtin.debug: + msg: "{{ optional_warning_msg }}" + +- name: Fetch optional credentials + ansible.builtin.include_tasks: prompt_credentials.yml + loop: "{{ type.value | dict2items }}" + loop_control: + loop_var: field diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_password.yml b/utils/credential_utility/roles/update_config/tasks/fetch_password.yml new file mode 100644 index 000000000..b0361b904 --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_password.yml @@ -0,0 +1,61 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Fetch "{{ password }}" if empty # noqa name[template] + when: + - vars[password] is defined + - (vars[password] | length == 0) or (type.key == "default") + block: + - name: Prompt user for Password + ansible.builtin.pause: + prompt: "Enter [{{ type.key }}] - {{ password }}" + echo: false + register: password_input + + - name: Validate mandatory password not empty + ansible.builtin.fail: + msg: "{{ mandatory_password_fail_msg }}" + when: + - mandatory_credentials_status + - password_input.user_input | length == 0 + + - name: Prompt user to confirm password + ansible.builtin.pause: + prompt: "Confirm [{{ type.key }}] - {{ password }}" + echo: false + register: confirm_password + when: password_input.user_input | length != 0 + + - name: Ensure passwords match + ansible.builtin.fail: + msg: "{{ password_match_fail_msg }}" + when: + - password_input.user_input | length != 0 + - password_input.user_input != confirm_password.user_input + + - name: Update vars file with entered password + ansible.builtin.lineinfile: + path: "{{ omnia_credential_file }}" + regexp: '^{{ password }}:' + line: "{{ password }}: \"{{ password_input.user_input }}\"" + no_log: true + when: password_input.user_input | length != 0 + rescue: + - name: Invalid Password provided + ansible.builtin.include_tasks: encrypt_credentials_file.yml + + - name: Failed to credentials with entered password + ansible.builtin.fail: + msg: "{{ password_fail_msg }}" diff --git a/utils/credential_utility/roles/update_config/tasks/fetch_username.yml b/utils/credential_utility/roles/update_config/tasks/fetch_username.yml new file mode 100644 index 000000000..668701703 --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/fetch_username.yml @@ -0,0 +1,47 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Fetch "{{ username }}" if empty # noqa name[template] + when: + - vars[username] is defined + - (vars[username] | length == 0) or (type.key == "default") + block: + - name: Prompt user for Username + ansible.builtin.pause: + prompt: "Enter the [{{ type.key }}] - {{ username }}:" + register: username_input + + - name: Validate mandatory username not empty + ansible.builtin.fail: + msg: "{{ mandatory_credentials_msg }}" + when: + - mandatory_credentials_status + - password_input.user_input | length == 0 + + - name: Update vars file with entered username + ansible.builtin.lineinfile: + path: "{{ omnia_credential_file }}" + regexp: '^{{ username }}:' + line: "{{ username }}: \"{{ username_input.user_input }}\"" + no_log: true + when: username_input.user_input | length != 0 + + rescue: + - name: Invalid Username provided + ansible.builtin.include_tasks: encrypt_credentials_file.yml + + - name: Failed to credentials with entered username + ansible.builtin.fail: + msg: "{{ username_fail_msg }}" diff --git a/utils/credential_utility/roles/update_config/tasks/main.yml b/utils/credential_utility/roles/update_config/tasks/main.yml new file mode 100644 index 000000000..f364f6afd --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/main.yml @@ -0,0 +1,32 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Initialize list of tags + ansible.builtin.set_fact: + omnia_run_tags: "{{ ansible_run_tags | default([]) }}" + when: omnia_run_tags is not defined + +- name: Fetch omnia credentials + ansible.builtin.include_tasks: fetch_credentials.yml + loop: "{{ omnia_credentials | dict2items }}" + loop_control: + loop_var: service + +- name: Include updated credentials + ansible.builtin.include_vars: "{{ omnia_credential_file }}" + no_log: true + +- name: Encrypt omnia credentials config + ansible.builtin.include_tasks: encrypt_credentials_file.yml diff --git a/utils/credential_utility/roles/update_config/tasks/prompt_credentials.yml b/utils/credential_utility/roles/update_config/tasks/prompt_credentials.yml new file mode 100644 index 000000000..5d416dd16 --- /dev/null +++ b/utils/credential_utility/roles/update_config/tasks/prompt_credentials.yml @@ -0,0 +1,20 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Prompt to fetch Omnia credentials + ansible.builtin.include_tasks: "fetch_{{ field.key }}.yml" + loop: "{{ field.value }}" + loop_control: + loop_var: "{{ field.key }}" diff --git a/utils/credential_utility/roles/update_config/vars/main.yml b/utils/credential_utility/roles/update_config/vars/main.yml new file mode 100644 index 000000000..e27735c02 --- /dev/null +++ b/utils/credential_utility/roles/update_config/vars/main.yml @@ -0,0 +1,83 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +omnia_credential_file: "{{ input_project_dir }}/omnia_config_credentials.yml" +omnia_credential_vault_path: "{{ input_project_dir }}/.omnia_credentials_key" + +# Usage: fetch_default_credentials.yml +default_warning_msg: "WARNING: The following are default credentials. If left empty default credentials will be used. Please enter valid inputs." + +# Usage: fetch_optional_credentials.yml +optional_warning_msg: "WARNING: The following are optional default. If left empty these credentials will be skipped. Please enter valid inputs." + +# Usage: fetch_mandatory_credentials.yml +mandatory_warning_msg: "WARNING: The following are mandatory credentials and cannot be left them empty. Please enter valid inputs." + +# Usage: fetch_password.yml +mandatory_password_fail_msg: "Failed. Please provide valid password for mandatory credential." +password_match_fail_msg: "Failed. Passwords do not match. Please try again." +password_fail_msg: "Failed. Please provide valid password." + +# Usage: fetch_username.yml +mandatory_credentials_msg: "Failed. Please provide valid username for mandatory credential." +username_fail_msg: "Failed. Please provide valid username." + +omnia_credentials: + provision: + mandatory: + password: + - provision_password + optional: + username: + - bmc_username + - switch_snmp3_username + password: + - bmc_password + - switch_snmp3_password + prepare_oim: + mandatory: + password: + - postgresdb_password + - pulp_password + optional: + username: + - docker_username + password: + - docker_password + local_repo: + optional: + username: + - docker_username + password: + - docker_password + slurm: + default: + password: + - mariadb_password + openldap: + mandatory: + password: + - openldap_db_password + - openldap_config_password + - openldap_monitor_password + default: + username: + - openldap_db_username + - openldap_config_username + freeipa: + mandatory: + password: + - kerberos_admin_password + - directory_manager_password diff --git a/utils/credential_utility/roles/validation/tasks/main.yml b/utils/credential_utility/roles/validation/tasks/main.yml new file mode 100644 index 000000000..6d29f3f41 --- /dev/null +++ b/utils/credential_utility/roles/validation/tasks/main.yml @@ -0,0 +1,20 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Validate if Omnia Credential file exists + ansible.builtin.include_tasks: validate_omnia_credential_file.yml + +- name: Include pre_requisite.yml + ansible.builtin.include_tasks: pre_requisite.yml diff --git a/utils/credential_utility/roles/validation/tasks/pre_requisite.yml b/utils/credential_utility/roles/validation/tasks/pre_requisite.yml new file mode 100644 index 000000000..1151219d4 --- /dev/null +++ b/utils/credential_utility/roles/validation/tasks/pre_requisite.yml @@ -0,0 +1,66 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Include omnia_credentials if it exists + when: cred_file_status + block: + - name: Check omnia_credentials.yml file is encrypted + ansible.builtin.command: cat {{ omnia_credential_file }} + changed_when: false + register: omnia_credentials_content + no_log: true + + - name: Decrpyt omnia_credentials.yml + ansible.builtin.command: >- + ansible-vault decrypt {{ omnia_credential_file }} + --vault-password-file {{ omnia_credential_vault_path }} + changed_when: false + when: ansible_vault_search_key in omnia_credentials_content.stdout + + - name: Include omnia_credentials.yml + ansible.builtin.include_vars: "{{ omnia_credential_file }}" + no_log: true + +- name: Create vault key for omnia_credential_file + when: not cred_file_status + block: + - name: Create ansible vault key + ansible.builtin.set_fact: + omnia_credentials_vault_key: "{{ lookup('password', '/dev/null chars=ascii_letters') }}" + + - name: Save vault key to omnia_credential_vault_path + ansible.builtin.lineinfile: + path: "{{ omnia_credential_vault_path }}" + line: "{{ omnia_credentials_vault_key }}" + mode: "{{ conf_file_mode }}" + owner: root + create: true + +- name: Load software_config.json as software_config + block: + - name: Load software_config.json as user_config + ansible.builtin.include_vars: + file: "{{ software_config_file }}" + name: software_config + register: include_software_config + no_log: true + rescue: + - name: Failed to load software_config.json as user_config + ansible.builtin.fail: + msg: "{{ software_config_syntax_fail_msg }} Error: {{ include_software_config.message }}" + +- name: Generate software JSON file names + ansible.builtin.set_fact: + software_names: "{{ software_config.softwares | map(attribute='name') | select('defined') | list }}" diff --git a/utils/credential_utility/roles/validation/tasks/validate_omnia_credential_file.yml b/utils/credential_utility/roles/validation/tasks/validate_omnia_credential_file.yml new file mode 100644 index 000000000..07cec384a --- /dev/null +++ b/utils/credential_utility/roles/validation/tasks/validate_omnia_credential_file.yml @@ -0,0 +1,27 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Initialize Omnia Credential file status + ansible.builtin.set_fact: + cred_file_status: false + +- name: Check if omnia_credential_file exists + ansible.builtin.stat: + path: "{{ omnia_credential_file }}" + register: file_status + +- name: Set status based on file existence + ansible.builtin.set_fact: + cred_file_status: "{{ file_status.stat.exists }}" diff --git a/utils/credential_utility/roles/validation/vars/main.yml b/utils/credential_utility/roles/validation/vars/main.yml new file mode 100644 index 000000000..69579b375 --- /dev/null +++ b/utils/credential_utility/roles/validation/vars/main.yml @@ -0,0 +1,26 @@ +# Copyright 2025 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +# Usage: validate_omnia_credential_file.yml +omnia_credential_file: "{{ input_project_dir }}/omnia_credentials.yml" + +# Usage: pre_requisite.yml +ansible_vault_search_key: "$ANSIBLE_VAULT;" +omnia_credential_vault_path: "{{ input_project_dir }}/.omnia_config_credentials_key" +conf_file_mode: "0600" +software_config_file: "{{ input_project_dir }}/software_config.json" +invalid_software_config_fail_msg: "Failed. Please provide valid software_config.json file with cluster_os_type, cluster_os_version, repo_config +and repo_config values." +software_config_syntax_fail_msg: "Failed. Syntax errors present in software_config.json. Fix errors and re-run playbook again."