From 068001540848f7c9088b91ab3a749f89e583c68f Mon Sep 17 00:00:00 2001 From: Kevin Velarde Date: Wed, 7 Jan 2026 23:54:35 -0700 Subject: [PATCH 1/3] Change offline install method to use pip wheel/download --- roles/gateway/tasks/download-build-rpms.yml | 17 - .../tasks/download-dependency-wheels.yml | 58 ++- roles/gateway/tasks/main.yml | 61 --- roles/gateway/templates/properties.4.2.yml.j2 | 452 ++++++++++++++++++ roles/gateway/vars/gateway-release-4.2.yml | 66 +++ roles/gateway/vars/gateway-release-4.3.yml | 29 +- roles/python/tasks/install-dependencies.yml | 4 + 7 files changed, 571 insertions(+), 116 deletions(-) create mode 100644 roles/gateway/templates/properties.4.2.yml.j2 create mode 100644 roles/gateway/vars/gateway-release-4.2.yml diff --git a/roles/gateway/tasks/download-build-rpms.yml b/roles/gateway/tasks/download-build-rpms.yml index 8addf3f9..dce977fa 100644 --- a/roles/gateway/tasks/download-build-rpms.yml +++ b/roles/gateway/tasks/download-build-rpms.yml @@ -1,23 +1,6 @@ # Copyright (c) 2024, Itential, Inc # GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) --- -- name: Download Gateway build RPMs - ansible.builtin.import_role: - name: offline - tasks_from: download-rpms - vars: - offline_download_method: yum_module - offline_download_packages: "{{ gateway_build_packages }}" - offline_download_dir: "{{ gateway_offline_target_node_rpms_dir }}/build" - -- name: Copy Gateway build RPMs to control node - ansible.builtin.import_role: - name: offline - tasks_from: fetch-packages - vars: - offline_src_dir: "{{ gateway_offline_target_node_rpms_dir }}/build" - offline_dest_dir: "{{ gateway_offline_control_node_rpms_dir }}/build" - - name: Install Gateway build packages ansible.builtin.dnf: name: "{{ item }}" diff --git a/roles/gateway/tasks/download-dependency-wheels.yml b/roles/gateway/tasks/download-dependency-wheels.yml index 9b8781cd..d9e5b264 100644 --- a/roles/gateway/tasks/download-dependency-wheels.yml +++ b/roles/gateway/tasks/download-dependency-wheels.yml @@ -38,34 +38,36 @@ - name: Setup Python virtual environment ansible.builtin.command: chdir: "{{ gateway_pkgs_temp_dir.path }}" - cmd: "{{ gateway_python_executable }} -m venv offline_install" + cmd: "{{ gateway_python_executable }} -m venv offline_download" changed_when: true -- name: Install base Python Dependencies +- name: Install base Python dependencies ansible.builtin.pip: name: "{{ gateway_python_base_dependencies }}" state: present - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" + virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_download" extra_args: --log /var/log/pip.log when: - gateway_python_base_dependencies is defined + - gateway_python_base_dependencies is iterable - gateway_python_base_dependencies | length > 0 -- name: Install IAG Python Dependencies +- name: Install IAG Python dependencies ansible.builtin.pip: name: "{{ gateway_python_app_dependencies }}" state: present - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" + virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_download" extra_args: --log /var/log/pip.log when: - gateway_python_app_dependencies is defined + - gateway_python_app_dependencies is iterable - gateway_python_app_dependencies | length > 0 - name: Install Ansible ansible.builtin.pip: name: "{{ gateway_ansible_version }}" state: present - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" + virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_download" extra_args: --log /var/log/pip.log when: gateway_enable_ansible | bool @@ -77,33 +79,39 @@ - gateway_ansible_collections is iterable - gateway_ansible_collections | length > 0 -- name: Install IAG - ansible.builtin.pip: - name: "{{ gateway_wheel_download.files[0].path }}" - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" - extra_args: --log /var/log/pip.log - -- name: Uninstall IAG - ansible.builtin.pip: - name: "{{ gateway_wheel_download.files[0].path }}" - state: absent - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" - extra_args: --log /var/log/pip.log - -- name: Create requirements file - ansible.builtin.shell: +- name: Build wheels from source distributions + ansible.builtin.command: + cmd: > + offline_download/bin/pip3 wheel + {{ item }} + -w {{ gateway_offline_target_node_wheels_dir }}/app + --no-deps + args: chdir: "{{ gateway_pkgs_temp_dir.path }}" - cmd: offline_install/bin/pip3 freeze > requirements.txt + loop: "{{ gateway_python_wheel_build_dependencies }}" changed_when: true -- name: Download wheel files +- name: Download automation-gateway and remaining dependencies ansible.builtin.command: - cmd: "offline_install/bin/pip3 download -r requirements.txt - -d {{ gateway_offline_target_node_wheels_dir }}/app" + cmd: > + offline_download/bin/pip3 download {{ gateway_wheel_download.files[0].path }} + -d {{ gateway_offline_target_node_wheels_dir }}/app args: chdir: "{{ gateway_pkgs_temp_dir.path }}" changed_when: true +- name: Find source distributions after building wheels + ansible.builtin.find: + paths: "{{ gateway_offline_target_node_wheels_dir }}/app" + patterns: "*.tar.gz" + register: gateway_source_dists + +- name: Delete source distributions + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ gateway_source_dists.files }}" + - name: Copy IAG Python dependencies to control node ansible.builtin.import_role: name: offline diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml index 77e398ff..7c2e304e 100644 --- a/roles/gateway/tasks/main.yml +++ b/roles/gateway/tasks/main.yml @@ -124,39 +124,6 @@ - gateway_build_packages is iterable - gateway_build_packages | length > 0 - - name: Install Gateway build packages (offline) - when: offline_install_enabled | bool - block: - - name: Install Gateway build packages (offline) - ansible.builtin.import_role: - name: offline - tasks_from: install-rpms - vars: - offline_rpms_path: "{{ gateway_offline_control_node_rpms_dir }}/build" - - # Build a list of installed build packages. The rpm_list variable is registered in the - # offline install-rpms. - - name: Set Gateway build package list - ansible.builtin.set_fact: - gateway_installed_build_package_list: - "{{ gateway_installed_build_package_list | default([]) + - [item | basename | split('.el') | first] }}" - with_items: "{{ rpm_list.files | map(attribute='path') | list | sort }}" - when: - - rpm_list is defined - - rpm_list is iterable - - rpm_list | length > 0 - - # Build a list of build packages that need to be removed later. We don't want to remove - # all of the installed build packages, only the ones that are in the gateway_build_packages - # and gateway_installed_build_package_list. - - name: Set Gateway build package remove list - ansible.builtin.set_fact: - gateway_build_package_remove_list: - "{{ gateway_build_package_remove_list | default([]) + [item] }}" - with_items: "{{ gateway_build_packages }}" - when: gateway_installed_build_package_list | select('search', item | regex_escape) | list | length > 0 - - name: Install Python dependencies tags: install_python_dependencies block: @@ -279,15 +246,6 @@ virtualenv: "{{ gateway_install_dir }}/venv" when: not offline_install_enabled | bool - - name: Install IAG (offline) - ansible.builtin.include_role: - name: offline - tasks_from: install-wheels - vars: - offline_wheels_dir: "{{ gateway_offline_control_node_wheels_dir }}/gateway" - offline_python_venv: "{{ gateway_python_venv }}" - when: offline_install_enabled | bool - - name: Set ownership/permissions and create properties.yml when: not gateway_installed.stat.exists block: @@ -423,25 +381,6 @@ - gateway_build_packages_result.results is iterable - gateway_build_packages_result.results | length > 0 - - name: Uninstall Gateway build packages (offline) - when: offline_install_enabled | bool - block: - - name: Get list of yum repos (to disable temporarily) # noqa command-instead-of-module - ansible.builtin.command: yum -q repolist - register: gateway_repolist_result - changed_when: false - - - name: Uninstall Gateway build packages (offline) - ansible.builtin.dnf: - name: "{{ gateway_build_package_remove_list }}" - state: absent - enablerepo: [] - disablerepo: "{{ gateway_repolist_result.stdout_lines[1:] | map('split', ' ') - | map('first') | list }}" - when: - - gateway_build_package_remove_list is defined - - gateway_build_package_remove_list | length > 0 - - name: Assert that Gateway is running ansible.builtin.systemd: name: automation-gateway diff --git a/roles/gateway/templates/properties.4.2.yml.j2 b/roles/gateway/templates/properties.4.2.yml.j2 new file mode 100644 index 00000000..d5b7e4c7 --- /dev/null +++ b/roles/gateway/templates/properties.4.2.yml.j2 @@ -0,0 +1,452 @@ +--- +# Notes: +# +# While many customizations can be made based on your environment and which integrations you +# would like enabled, this file is meant to mimic the installation process found at +# https://docs.itential.io/ as closely as possible so the user can use as many defaults as possible. +# +# This configuration file accepts any valid YAML syntax including the bash-like syntax for lists, +# etc. + +########## +# System # +########## + +# INVENTORY ENCRYPTION +# Set the Fernet encryption key to have IAG encrypt device variables['password'] +# ANYONE THAT HAS THIS KEY CAN DECRYPT YOUR PASSWORDS - PROTECT IT! +# WHICH ALSO MEANS PROTECT YOUR properties.yml file `chmod 600 properties.yml` +# and validate the file's ownership. +#fernet_key: "" + +# The port on which Automation Gateway server will listen for requests. +# Mutually exclusive with bind_list +{% if gateway_https %} +port: {{ gateway_https_port }} +{% else %} +port: {{ gateway_port }} +{% endif %} + +# The gunicorn bind_address string.. +# For ipv4 only use "0.0.0.0", for ipv6 and ipv4 use "[::]" +# Mutually exclusive with bind_list +# +# You can also bind to a linux socket using "unix://" +# if you want to front-end automation-gateway with nginx or another proxy server. +# +# bind_address: "unix:///tmp/gunicorn.sock" +# bind_address: "[::]" +bind_address: {{ inventory_hostname }} + +# List of addresses and ports to bind to. +# This setting will override both 'port' and 'bind_address' +#bind_list: +# - "{{ inventory_hostname }}:{{ gateway_port }}" + +# Base of url for external proxy, used for generating redirects: +# external_address: 'http://automation-gateway.example.com:8080' + +# The number of http server threads for handling requests. +# It is recommended to set this to 4 x NUM_CORES. +# E.g. for a 16 core machine, the value should be set to 64. +http_server_threads: {{ gateway_http_server_threads }} + +# A flag that determines whether authentication is disabled or not. +# Warning: only disable authentication for temporary, non production testing. +authentication_disabled: false + +# The maximum number of concurrent sessions allowed. +authentication_max_sessions: 5000 + +# The idle timeout of each session (in seconds). +authentication_idle_timeout: 600 + +# A boolean flag that enables password reset support (default=false if absent/misconfigured). +password_reset_enabled: false + +# Directory to write global log files to +global_log_directory: '{{ gateway_log_dir }}' + +# Maximum log files kept in rotation +# Valid range of values is 1-100. If value is set to 1, log file will not be limited in size. +max_log_files: 5 + +# NOTE: Log levels for Automation Gateway Server are as follows. +# In order of ascending severity: DEBUG, INFO, WARNING, ERROR, or CRITICAL. +# Log messages of equal and greater severity will be displayed in the relevant log. +# Example: logging_level INFO will display log messages with a severity of INFO -> CRITICAL. +# (default=INFO if absent/misconfigured) + +# Automation Gateway Server Logging Level +logging_level: INFO + +# Automation Gateway HTTP Server Logging Level +# NOTE: request details are DEBUG level log messages, it may be useful to set this to DEBUG +http_logging_level: INFO + +# A flag that enables/disables parameter schema validation for content decorations. +# Generally enabled when using multiple types per parameter, or when testing decorations. +# Example: "commands" could be a literal list of commands, or a string representing a jinja +# variable from your host's variables "{% raw %}{{commands}}{% endraw %}", etc. +strict_args: true + +################ +# SSL Settings # +################ + +# To start the server using SSL/TLS please fill out the following properties. +{% if gateway_https %} +server_certfile: "{{ gateway_ssl_cert_dest }}" + +# Note: gunicorn does not currently support encrypted key files. +server_keyfile: "{{ gateway_ssl_key_dest }}" + +server_cabundle: "{{ gateway_ssl_rootca_dest }}" +{% else %} +#server_certfile: "{{ gateway_ssl_cert_dest }}" + +# Note: gunicorn does not currently support encrypted key files. +#server_keyfile: "{{ gateway_ssl_key_dest }}" + +# server_cabundle: "{{ gateway_ssl_rootca_dest }}" +{% endif %} + +# TLSv1_2 +{% if gateway_https and gateway_tlsv1_2 %} +server_ssl_version: "TLSv1_2" +{% else %} +#server_ssl_version: "TLSv1_2" +{% endif %} + +# You may also set custom SSL Ciphers. +# +# https://docs.gunicorn.org/en/20.x/settings.html#ciphers +# +{% if server_ssl_ciphers is defined %} +server_ssl_ciphers: "{{ server_ssl_ciphers }}" +{% else %} +# server_ssl_ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:..."" +{% endif %} + +############# +# Databases # +############# + +# Path to the main Automation Gateway sqlite database file. +data_file: 'sqlite:///{{ gateway_data_dir }}/automation-gateway.db' + +# A flag which determines whether or not audit logging is enabled. (default=true if +# absent/misconfigured) +audit: true + +# The number of days (days >= 0) worth of data to retain in the audit log database +# Records earlier than the specified days will be deleted. (default=None if absent/misconfigured) +audit_retention_days: 30 + +# Path to the auxiliary Automation Gateway sqlite database file for audit logs. +audit_db_file: 'sqlite:///{{ gateway_data_dir }}/automation-gateway_audit.db' + +# Path to the auxiliary Automation Gateway sqlite database file for execution logs. +exec_history_db_file: 'sqlite:///{{ gateway_data_dir }}/automation-gateway_exec_history.db' + +####################### +# LDAP Authentication # +####################### + +# +# LDAP Basic SETTINGS +# + +# Enable LDAP authentication globally +ldap_auth_enabled: false + +# LDAP server hostname or IP address +ldap_server: 'ldap.example.com' + +# LDAP BASE DN +ldap_base_dn: 'DC=example,DC=com' + +# LDAP BIND Username +ldap_bind_user_dn: 'CN=admin,CN=users,DC=example,DC=com' + +# LDAP BIND Password +ldap_bind_user_password: '' + +# +# LDAP Security +# + +# Enable LDAPS +ldap_secure_enabled: false + +# Validate the servers TLS certificate +ldap_secure_validation_enabled: true + +# TLS version to use when connection to LDAP server (default: TLSv1.2) +# Options ["1", "1.1", "1.2"] +ldap_secure_validation_tls_version: '1.2' + +# Location of local CA certificate file for server validation +ldap_ca_certs_file: '/etc/ssl/certs/ca.crt' + +# +# LDAP User Search +# CN=SvcLveINA,OU=Service Accounts,OU=Protected Accounts,OU=SEC,DC=mid,DC=dom + +# Search LDAP for the username before doing a bind +ldap_always_search_bind: true + +# LDAP user search filter +ldap_user_search_filter: '(objectclass=person)' + +# LDAP user search scope +# Options "LEVEL" or "SUBTREE" +ldap_user_search_scope: 'SUBTREE' + +# User login attribute +ldap_user_login_attr: 'sAMAccountName' + +# User login RDN (relative directory name) attribute +# uid=testuser,ou=users,dc=example,dc=com = 'uid' +# cn=testuser,ou=users,dc=example,dc=com = 'cn' +ldap_user_rdn_attr: 'cn' + +# LDAP user DN used to be prepended to the base DN to limit the scope when searching for users +ldap_user_dn : '' # OU=users + +# +# LDAP GROUP OPTIONS +# + +# Group search filter +ldap_group_search_filter: '(objectClass=group)' + +# Group search scope +# Options "LEVEL" or "SUBTREE" +ldap_group_search_scope: 'SUBTREE' + +# Group members attribute +ldap_group_members_attr: 'member' + +# LDAP group DN used to be prepended to the base DN to limit the scope when searching for groups +ldap_group_dn : '' # OU=groups + +########### +# Ansible # +########### + +# A boolean flag that enables Ansible support (default=true if absent/misconfigured). +ansible_enabled: {{ gateway_enable_ansible }} + +# A boolean which logs additional debug messages when executing Ansible modules, roles, or +# playbooks. Set the ansible_debug property to true to log additional debug messages when +# executing Ansible modules, roles, or playbooks. (default=false if absent/misconfigured) +ansible_debug: false + +# A flag to prevent deletion of the temporary files generated by executing +# Ansible content (modules, collections, roles, playbooks). (default=false if absent/misconfigured) +no_cleanup: false + +# Path of the file that contains a password used by ansible-vault to encrypt sensitive data. +# Uncomment this property if you will be using Ansible vault encrypted variables. +# Be sure to secure this file with permissions of 0200 or 0400. +#vault_password_file: "/opt/automation-gateway/conf/.vault_password_file" + +# Path to the Ansible external inventory file (folders not valid). +# A valid file will disable Ansible Internal inventory and instead use only this Ansible External +# inventory. +inventory_file: '{{ gateway_install_dir }}/ansible/inventory/hosts' + +# Path(s) to the Ansible modules that should be discovered by Automation Gateway and appended to +# Ansible's execution environment. All non-collection paths (see Ansible 2.10 notes below) known to +# Ansible are already included and do not need to be specified. # Additionally, this parameter needs +# to be configured if the path reported by 'ansible --version' is incorrect or you would like to +# customize/trim down the set of Ansible modules that will be discovered (see Ansible<=2.9 notes +# below). +# Trim example for ansible 2.9: "/usr/local/lib/python3.9/site-packages/ansible/modules/network" +# NOTE: Use only the site-packages paths you need for your installation to avoid +# cross environment issues in the case where multiple of these paths exist +module_path: + - "{{ gateway_install_dir }}/venv/lib/python{{ gateway_python_version }}/site-packages/ansible/modules" + - "{{ gateway_install_dir }}/ansible/modules" + +# Path(s) to the Ansible collections that should be discovered by Automation Gateway and +# exclusively used in Ansible's execution environment. Due to differences in collections +# before/after Ansible 2.9, these will be the only paths relevant during discovery AND execution. +collection_path: + - "{{ gateway_install_dir }}/ansible/collections" + +# Path(s) to the Ansible roles that should be discovered by Automation Gateway and appended to +# Ansible's execution environment. +role_path: + - "{{ gateway_install_dir }}/venv/lib/python{{ gateway_python_version }}/site-packages/automation_gateway/integrations/roles" + - "{{ gateway_install_dir }}/ansible/roles" + +# Path(s) to customized roles that extend device support of the Itential roles found in the release, +# i.e., itential_cli, itential_get_config. +extended_device_role_path: + # This path will enable connecting to devices that use Netmiko + - "{{ gateway_install_dir }}/venv/lib/python{{ gateway_python_version }}/site-packages/automation_gateway/integrations/extensible_device_roles/ansible_netmiko" + +# Discovery behavior for Ansible playbooks. Determines whether or not to +# recursively search the directories found in the 'playbook_path' parameter, or +# to only search those directories and no deeper. (default=true if absent/misconfigured) +playbook_recursive: true + +# Path(s) to the Ansible playbooks that should be discovered by Automation Gateway and appended to +# Ansible's execution environment. +playbook_path: + - "{{ gateway_install_dir }}/venv/lib/python{{ gateway_python_version }}/site-packages/automation_gateway/integrations/playbooks" + - "{{ gateway_install_dir }}/ansible/playbooks" + +################# +# HTTP_Requests # +################# + +# A boolean flag that enables HTTP_Requests support (default=true if absent/misconfigured). +http_requests_enabled: {{ gateway_enable_httpreq }} + +########### +# NETCONF # +########### + +# A boolean flag that enables Netconf support (default=false if absent/misconfigured). +netconf_enabled: {{ gateway_enable_netconf }} + +########### +# Netmiko # +########### + +# A boolean flag that enables Netmiko support (default=false if absent/misconfigured). +netmiko_enabled: {{ gateway_enable_netmiko }} + +########## +# Nornir # +########## + +# A boolean flag that enables Nornir support (default=false if absent/misconfigured). +nornir_enabled: {{ gateway_enable_nornir }} + +# Path to the Nornir configuration file. +# A valid file will allows the use of Nornir External inventory. +nornir_config_file: '{{ gateway_install_dir }}/nornir/config.yml' + +# Discovery behavior for Nornir modules. Determines whether or not to +# recursively search the directories found in the 'nornir_module_path' parameter, or +# to only search those directories and no deeper. (default=true if absent/misconfigured) +nornir_module_recursive: true + +# Path(s) to the Nornir modules that should be discovered by Automation Gateway. +nornir_module_path: + # Default location for custom content per the setup script + - '{{ gateway_install_dir }}/nornir/modules' + +########### +# Scripts # +########### + +# A boolean flag that enables Scripts support (default=true if absent/misconfigured). +scripts_enabled: {{ gateway_enable_scripts }} + +# Discovery behavior for standalone scripts. Determines whether or not to +# recursively search the directories found in the 'script_path' parameter, or +# to only search those directories and no deeper. (default=true if absent/misconfigured) +script_recursive: true + +# Path(s) to the standalone scripts that should be discovered by Automation Gateway. +script_path: + - "{{ gateway_install_dir }}/scripts" + +################ +# Python Venvs # +################ + +# Enable python venv support +python_venv_enabled: {{ gateway_enable_python_venv }} + +# Paths to python venvs for use in scripts +python_venv_paths: + - "{{ gateway_install_dir }}/venvs/" + +################## +# GRPC gNMI/gNOI # +################## + +# Grpc requires grpcio and pygnmi to be installed +grpc_enabled: {{ gateway_enable_grpc }} + +############# +# Terraform # +############# + +# A boolean flag that enables Terraform support (default=false if absent/misconfigured). +terraform_enabled: false + +# Discovery behavior for Terraform modules. Determines whether or not to +# recursively search the directories found in the 'terraform_path' parameter, or +# to only search those directories and no deeper. (default=true if absent/misconfigured) +terraform_recursive: true + +# Path(s) to the Terraform modules that should be discovered by Automation Gateway. +terraform_path: + # Default location for custom content per the setup script + - '/usr/share/automation-gateway/terraform' + # Legacy path for backwards compatibility + - '/usr/share/automation-gateway/terraform/scripts' + +################### +# Hashicorp Vault # +################### + +# A flag that enables Hashicorp Vault support. (default=false if absent/misconfigured) +vault_enabled: false + +# The URL to the Hashicorp Vault server. +#vault_server: "https://localhost:8200" + +# The mount point on which the Hashicorp Vault KV-V2 secret engine is enabled. +#vault_mount_point: secret + +# The path to a file containing the vault access token used by the AG Server for +# Hashicorp Vault operations. The file should be secured with 0400 permissions. +#vault_access_token: "{{ gateway_install_dir }}/conf/.vault_token_file" + +# A flag that enables TLS certificate verification when sending requests to the Hashicorp +# Vault Server. (default=false if absent/misconfigured) +#vault_cert_verification: false + +# The path to a CA (Certificate Authority) file. This file is used to perform TLS certificate +# verification when sending requests to a Hashicorp Vault Server configured with a self-signed +# certificate. This parameter is not required when sending requests to a Hashicorp Vault Server +# configured with a certificate signed by a trusted authority. +#vault_ca_file: "{{ gateway_install_dir }}/conf/certs/cert.pem" + +# The path to a client certificate PEM file used for performing TLS authentication of the AG +# vault client with the Hashicorp Vault Server. Both a client certificate file and a key file +# must be configured for TLS authentication to be utilized. +#vault_client_cert_file: "{{ gateway_install_dir }}/conf/certs/cert.pem" + +# The path to a client key PEM file used for performing TLS authentication of the AG vault +# client with the Hashicorp Vault Server. Both a client certificate file and a key file +# must be configured for TLS authentication to be utilized. +#vault_client_key_file: "{{ gateway_install_dir }}/conf/certs/key.pem" + +################### +# Git Integration # +################### + +git_enabled: {{ gateway_enable_git }} + +# The parent folder to use for ssh key storage. +git_key_path: {{ gateway_install_dir }}/ssh/ + +# The parent path for all git repositories added via Git Integration +git_repo_path: {{ gateway_install_dir }}/repos/ + +# If you do not specify a git_exec path we will look for the first +# git executable in the environment. +# git_exec: /usr/local/bin/git + +# Strict host key checking +# +git_strict_host_check: false \ No newline at end of file diff --git a/roles/gateway/vars/gateway-release-4.2.yml b/roles/gateway/vars/gateway-release-4.2.yml new file mode 100644 index 00000000..c75c7d6a --- /dev/null +++ b/roles/gateway/vars/gateway-release-4.2.yml @@ -0,0 +1,66 @@ +# Copyright (c) 2024, Itential, Inc +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +--- +gateway_packages: + - selinux-policy + - selinux-policy-targeted + +gateway_build_packages_map: + "8": + - gcc-c++ + - libssh-devel + - make + - pkgconf-pkg-config + - python39-devel + "9": + - gcc-c++ + - libssh-devel + - make + - pkgconf-pkg-config + - python3-devel + "2023": + - gcc-c++ + - libssh-devel + - make + - pkgconf-pkg-config + - python3-devel + +# Backwards compatible variable name references the appropriate list from the map +gateway_build_packages: "{{ gateway_build_packages_map[ansible_distribution_major_version] }}" + +gateway_python_version: 3.9 +gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" +gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" + +gateway_python_packages_map: + "8": + - python39 + - python39-pip + "9": + - python3 + - python3-pip + "2023": + - python3 + - python3-pip + +# Backwards compatible variable name references the appropriate list from the map +gateway_python_packages: "{{ gateway_python_packages_map[ansible_distribution_major_version] }}" + +gateway_python_base_dependencies: + - pip==24.0 + - setuptools==69.0.3 + - wheel==0.42.0 + +# Python modules that require a build. For offline installs, these will be built using 'pip wheel'. +gateway_python_wheel_build_dependencies: + - ansible-pylibssh==1.3.0 + - mypy_extensions==0.4.4 + - ncclient==0.6.10 + - netifaces==0.10.9 + - pygnmi==0.8.9 + +# These Python modules are pinned here because we are using 'pip download' and not 'pip install' +# for offline installs. +gateway_python_app_dependencies: + +gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/gateway-release-4.3.yml b/roles/gateway/vars/gateway-release-4.3.yml index c214bee2..8ed491b1 100644 --- a/roles/gateway/vars/gateway-release-4.3.yml +++ b/roles/gateway/vars/gateway-release-4.3.yml @@ -8,16 +8,19 @@ gateway_packages: gateway_build_packages_map: "8": - gcc-c++ + - libssh-devel - make - pkgconf-pkg-config - python39-devel "9": - gcc-c++ + - libssh-devel - make - pkgconf-pkg-config - python3-devel "2023": - gcc-c++ + - libssh-devel - make - pkgconf-pkg-config - python3-devel @@ -45,20 +48,20 @@ gateway_python_packages: "{{ gateway_python_packages_map[ansible_distribution_ma gateway_python_base_dependencies: - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 + - setuptools==78.1.1 + - wheel==0.43.0 -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 +# Python modules that require a build. For offline installs, these will be built using 'pip wheel' +gateway_python_wheel_build_dependencies: + - ansible-pylibssh==1.3.0 + - mypy_extensions==0.4.4 + - ncclient==0.6.19 + - netifaces==0.10.9 - pygnmi==0.8.9 +# These Python modules are pinned here because we are using 'pip download' and not 'pip install' +gateway_python_app_dependencies: + - importlib-metadata==4.13.0 + - grpcio-tools==1.53.0 + gateway_ansible_version: ansible==8.7.0 diff --git a/roles/python/tasks/install-dependencies.yml b/roles/python/tasks/install-dependencies.yml index feb06c48..886ad496 100644 --- a/roles/python/tasks/install-dependencies.yml +++ b/roles/python/tasks/install-dependencies.yml @@ -15,6 +15,7 @@ virtualenv: "{{ python_venv }}" when: - python_base_dependencies is defined + - python_base_dependencies is iterable - python_base_dependencies | length > 0 - name: Install application Python dependencies in virtual env @@ -23,6 +24,7 @@ virtualenv: "{{ python_venv }}" when: - python_app_dependencies is defined + - python_app_dependencies is iterable - python_app_dependencies | length > 0 - name: Use Python executable @@ -37,6 +39,7 @@ umask: "0022" when: - python_base_dependencies is defined + - python_base_dependencies is iterable - python_base_dependencies | length > 0 - name: Install application Python dependencies using pip executable @@ -46,4 +49,5 @@ umask: "0022" when: - python_app_dependencies is defined + - python_app_dependencies is iterable - python_app_dependencies | length > 0 From 7da6691af386f47bc386f8fe19493c278db5d470 Mon Sep 17 00:00:00 2001 From: Kevin Velarde Date: Thu, 8 Jan 2026 09:26:13 -0700 Subject: [PATCH 2/3] Update docs --- README.md | 24 ++++++++++++------------ docs/itential_gateway_guide.md | 6 +++--- docs/patch_itential_gateway_guide.md | 8 ++++---- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index f1e8f884..dcd5b1b8 100644 --- a/README.md +++ b/README.md @@ -571,8 +571,8 @@ all: hosts: example2.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ### Run the Itential Deployer @@ -733,8 +733,8 @@ all: hosts: example2.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ### Minimal Architecture Inventory @@ -773,8 +773,8 @@ all: hosts: automation-gateway.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ### Highly Available Architecture Inventory @@ -827,8 +827,8 @@ all: hosts: automation-gateway1.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ### Highly Available Architecture Inventory leveraging external dependencies @@ -869,8 +869,8 @@ all: hosts: automation-gateway1.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ### Active/Standby Architecture Inventory @@ -962,8 +962,8 @@ all: hosts: datacenter2.automation-gateway1.host.com: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: automation_gateway-4.3.56-py3-none-any.whl ``` ## Component Guides diff --git a/docs/itential_gateway_guide.md b/docs/itential_gateway_guide.md index 1b600488..71b019ec 100644 --- a/docs/itential_gateway_guide.md +++ b/docs/itential_gateway_guide.md @@ -134,7 +134,7 @@ all: : ansible_host: vars: - gateway_release: 2023.1 + gateway_release: 4.3 gateway_whl_file: ``` @@ -151,7 +151,7 @@ all: : ansible_host: vars: - gateway_release: 2023.1 + gateway_release: 4.3 gateway_whl_file: gateway_https: true ``` @@ -169,7 +169,7 @@ all: : ansible_host: vars: - gateway_release: 2023.1 + gateway_release: 4.3 gateway_whl_file: gateway_haproxy_enabled: true ``` diff --git a/docs/patch_itential_gateway_guide.md b/docs/patch_itential_gateway_guide.md index 0e138500..ab0018ec 100644 --- a/docs/patch_itential_gateway_guide.md +++ b/docs/patch_itential_gateway_guide.md @@ -33,8 +33,8 @@ all: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.9-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: ``` #### Example: Patch Upgrade Inventory @@ -47,8 +47,8 @@ all: vars: - gateway_release: 2023.1 - gateway_whl_file: automation_gateway-3.227.0+2023.1.52-py3-none-any.whl + gateway_release: 4.3 + gateway_whl_file: ``` ### Run Patch IAG Playbook From 0c4966c8da1d78dd8bd8176d71ef0f4a2594d0b8 Mon Sep 17 00:00:00 2001 From: Kevin Velarde Date: Thu, 8 Jan 2026 15:01:08 -0700 Subject: [PATCH 3/3] Drop support for old Gateway versions Remove separate Gateway Ansible install tasks since Ansible is installed automatically when installing the Gateway wheel --- .../gateway/tasks/create-gateway-archive.yml | 7 --- .../tasks/download-dependency-wheels.yml | 8 ---- roles/gateway/tasks/main.yml | 11 ++--- roles/gateway/tasks/update-release-file.yml | 24 +++++++--- roles/gateway/vars/2022.1-redhat-8.yml | 31 ------------- roles/gateway/vars/2022.1-rocky-8.yml | 31 ------------- roles/gateway/vars/2023.1-redhat-8.yml | 34 -------------- roles/gateway/vars/2023.1-redhat-9.yml | 32 -------------- roles/gateway/vars/2023.1-rocky-8.yml | 34 -------------- roles/gateway/vars/2023.1-rocky-9.yml | 32 -------------- roles/gateway/vars/2023.2-redhat-8.yml | 44 ------------------- roles/gateway/vars/2023.2-redhat-9.yml | 39 ---------------- roles/gateway/vars/2023.2-rocky-8.yml | 44 ------------------- roles/gateway/vars/2023.2-rocky-9.yml | 39 ---------------- roles/gateway/vars/2023.3-amazon-2023.yml | 39 ---------------- roles/gateway/vars/2023.3-redhat-8.yml | 44 ------------------- roles/gateway/vars/2023.3-redhat-9.yml | 40 ----------------- roles/gateway/vars/2023.3-rocky-8.yml | 44 ------------------- roles/gateway/vars/2023.3-rocky-9.yml | 40 ----------------- roles/gateway/vars/gateway-release-4.2.yml | 2 - roles/gateway/vars/gateway-release-4.3.yml | 2 - 21 files changed, 21 insertions(+), 600 deletions(-) delete mode 100644 roles/gateway/vars/2022.1-redhat-8.yml delete mode 100644 roles/gateway/vars/2022.1-rocky-8.yml delete mode 100644 roles/gateway/vars/2023.1-redhat-8.yml delete mode 100644 roles/gateway/vars/2023.1-redhat-9.yml delete mode 100644 roles/gateway/vars/2023.1-rocky-8.yml delete mode 100644 roles/gateway/vars/2023.1-rocky-9.yml delete mode 100644 roles/gateway/vars/2023.2-redhat-8.yml delete mode 100644 roles/gateway/vars/2023.2-redhat-9.yml delete mode 100644 roles/gateway/vars/2023.2-rocky-8.yml delete mode 100644 roles/gateway/vars/2023.2-rocky-9.yml delete mode 100644 roles/gateway/vars/2023.3-amazon-2023.yml delete mode 100644 roles/gateway/vars/2023.3-redhat-8.yml delete mode 100644 roles/gateway/vars/2023.3-redhat-9.yml delete mode 100644 roles/gateway/vars/2023.3-rocky-8.yml delete mode 100644 roles/gateway/vars/2023.3-rocky-9.yml diff --git a/roles/gateway/tasks/create-gateway-archive.yml b/roles/gateway/tasks/create-gateway-archive.yml index 5db5eeed..e10aa6b7 100644 --- a/roles/gateway/tasks/create-gateway-archive.yml +++ b/roles/gateway/tasks/create-gateway-archive.yml @@ -27,13 +27,6 @@ state: present virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" -- name: Install Ansible - ansible.builtin.pip: - name: "{{ gateway_ansible_version }}" - state: present - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_install" - when: gateway_enable_ansible | bool - - name: Copy IAG wheel file to target node ansible.builtin.copy: src: "{{ gateway_whl_file }}" diff --git a/roles/gateway/tasks/download-dependency-wheels.yml b/roles/gateway/tasks/download-dependency-wheels.yml index d9e5b264..bc23ff40 100644 --- a/roles/gateway/tasks/download-dependency-wheels.yml +++ b/roles/gateway/tasks/download-dependency-wheels.yml @@ -63,14 +63,6 @@ - gateway_python_app_dependencies is iterable - gateway_python_app_dependencies | length > 0 -- name: Install Ansible - ansible.builtin.pip: - name: "{{ gateway_ansible_version }}" - state: present - virtualenv: "{{ gateway_pkgs_temp_dir.path }}/offline_download" - extra_args: --log /var/log/pip.log - when: gateway_enable_ansible | bool - - name: Download Ansible collections ansible.builtin.include_tasks: file: download-ansible-collections.yml diff --git a/roles/gateway/tasks/main.yml b/roles/gateway/tasks/main.yml index 7c2e304e..63124809 100644 --- a/roles/gateway/tasks/main.yml +++ b/roles/gateway/tasks/main.yml @@ -132,18 +132,13 @@ file: install-python-dependencies.yml # Need to install ansible within the virtual environment - - name: Install Ansible - tags: install_ansible + - name: Configure Ansible + tags: configure_ansible when: gateway_enable_ansible | bool block: - - name: Install Ansible and Ansible collections + - name: Install Ansible collections when: not offline_install_enabled | bool block: - - name: Install Ansible into the python virtual environment - ansible.builtin.pip: - name: "{{ gateway_ansible_version }}" - virtualenv: "{{ gateway_install_dir }}/venv" - - name: Install collections ansible.builtin.command: argv: diff --git a/roles/gateway/tasks/update-release-file.yml b/roles/gateway/tasks/update-release-file.yml index b9f374c8..c387bb6b 100644 --- a/roles/gateway/tasks/update-release-file.yml +++ b/roles/gateway/tasks/update-release-file.yml @@ -38,13 +38,25 @@ changed_when: true - name: Update release file with Ansible version - ansible.builtin.lineinfile: - path: "{{ common_itential_release_file }}" - line: "ANSIBLE={{ gateway_ansible_version }}" - mode: "0666" - create: true when: gateway_enable_ansible | bool - changed_when: true + block: + - name: Get Ansible version from automation-gateway venv + ansible.builtin.command: + cmd: "{{ gateway_python_venv }}/bin/ansible --version" + register: gateway_ansible_venv_version + changed_when: false + + - name: Extract version + ansible.builtin.set_fact: + gateway_ansible_version: "{{ gateway_ansible_venv_version.stdout_lines[0] | regex_search('\\d+\\.\\d+\\.\\d+') }}" + + - name: Update release file with Ansible version + ansible.builtin.lineinfile: + path: "{{ common_itential_release_file }}" + line: "ANSIBLE={{ gateway_ansible_version }}" + mode: "0666" + create: true + changed_when: true - name: Update release file with Nornir version ansible.builtin.lineinfile: diff --git a/roles/gateway/vars/2022.1-redhat-8.yml b/roles/gateway/vars/2022.1-redhat-8.yml deleted file mode 100644 index ba9c3ec9..00000000 --- a/roles/gateway/vars/2022.1-redhat-8.yml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_ansible_version: ansible==2.10.7 diff --git a/roles/gateway/vars/2022.1-rocky-8.yml b/roles/gateway/vars/2022.1-rocky-8.yml deleted file mode 100644 index ba9c3ec9..00000000 --- a/roles/gateway/vars/2022.1-rocky-8.yml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_ansible_version: ansible==2.10.7 diff --git a/roles/gateway/vars/2023.1-redhat-8.yml b/roles/gateway/vars/2023.1-redhat-8.yml deleted file mode 100644 index 58e59937..00000000 --- a/roles/gateway/vars/2023.1-redhat-8.yml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_ansible_version: ansible==7.7.0 - -gateway_ansible_collections: - - ansible.netcommon:5.1.0 diff --git a/roles/gateway/vars/2023.1-redhat-9.yml b/roles/gateway/vars/2023.1-redhat-9.yml deleted file mode 100644 index 8bc0357c..00000000 --- a/roles/gateway/vars/2023.1-redhat-9.yml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh - -gateway_ansible_version: ansible==7.7.0 - -gateway_ansible_collections: - - ansible.netcommon:5.1.0 diff --git a/roles/gateway/vars/2023.1-rocky-8.yml b/roles/gateway/vars/2023.1-rocky-8.yml deleted file mode 100644 index 58e59937..00000000 --- a/roles/gateway/vars/2023.1-rocky-8.yml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_ansible_version: ansible==7.7.0 - -gateway_ansible_collections: - - ansible.netcommon:5.1.0 diff --git a/roles/gateway/vars/2023.1-rocky-9.yml b/roles/gateway/vars/2023.1-rocky-9.yml deleted file mode 100644 index 8bc0357c..00000000 --- a/roles/gateway/vars/2023.1-rocky-9.yml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh - -gateway_ansible_version: ansible==7.7.0 - -gateway_ansible_collections: - - ansible.netcommon:5.1.0 diff --git a/roles/gateway/vars/2023.2-redhat-8.yml b/roles/gateway/vars/2023.2-redhat-8.yml deleted file mode 100644 index 41ed91a3..00000000 --- a/roles/gateway/vars/2023.2-redhat-8.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.2-redhat-9.yml b/roles/gateway/vars/2023.2-redhat-9.yml deleted file mode 100644 index bf91f541..00000000 --- a/roles/gateway/vars/2023.2-redhat-9.yml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.2-rocky-8.yml b/roles/gateway/vars/2023.2-rocky-8.yml deleted file mode 100644 index 41ed91a3..00000000 --- a/roles/gateway/vars/2023.2-rocky-8.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.2-rocky-9.yml b/roles/gateway/vars/2023.2-rocky-9.yml deleted file mode 100644 index bf91f541..00000000 --- a/roles/gateway/vars/2023.2-rocky-9.yml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.3-amazon-2023.yml b/roles/gateway/vars/2023.3-amazon-2023.yml deleted file mode 100644 index bf91f541..00000000 --- a/roles/gateway/vars/2023.3-amazon-2023.yml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.3-redhat-8.yml b/roles/gateway/vars/2023.3-redhat-8.yml deleted file mode 100644 index 41ed91a3..00000000 --- a/roles/gateway/vars/2023.3-redhat-8.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.3-redhat-9.yml b/roles/gateway/vars/2023.3-redhat-9.yml deleted file mode 100644 index 2ebedf43..00000000 --- a/roles/gateway/vars/2023.3-redhat-9.yml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - pkgconf-pkg-config - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.3-rocky-8.yml b/roles/gateway/vars/2023.3-rocky-8.yml deleted file mode 100644 index 41ed91a3..00000000 --- a/roles/gateway/vars/2023.3-rocky-8.yml +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - sqlite-devel - - python39-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python39 - - python39-pip - - python-rpm-macros - - python3-pyparsing - - python3-rpm-generators - - python3-rpm-macros - -gateway_python_base_dependencies: - - pip==23.3.2 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/2023.3-rocky-9.yml b/roles/gateway/vars/2023.3-rocky-9.yml deleted file mode 100644 index 2ebedf43..00000000 --- a/roles/gateway/vars/2023.3-rocky-9.yml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright (c) 2024, Itential, Inc -# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) ---- -gateway_packages: - - selinux-policy - - selinux-policy-targeted - -gateway_build_packages: - - gcc-c++ - - make - - pkgconf-pkg-config - - python3-devel - -gateway_python_version: 3.9 -gateway_python_executable: "/usr/bin/python{{ gateway_python_version }}" -gateway_pip_executable: "/usr/bin/pip{{ gateway_python_version }}" - -gateway_python_packages: - - python3 - - python3-pip - -gateway_python_base_dependencies: - - pip==24.0 - - setuptools==69.0.3 - - wheel==0.42.0 - -gateway_python_app_dependencies: - - ansible-pylibssh==1.1.0 - - flask-ldap3-login==0.9.18 - - grpcio==1.53.0 - - hvac==1.0.2 - - ldap3==2.9.1 - - ncclient==0.6.10 - - netmiko==4.1.2 - - nornir==3.3.0 - - nornir-netmiko==0.2.0 - - nornir-utils==0.2.0 - - pygnmi==0.8.9 - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/gateway-release-4.2.yml b/roles/gateway/vars/gateway-release-4.2.yml index c75c7d6a..dbf49e11 100644 --- a/roles/gateway/vars/gateway-release-4.2.yml +++ b/roles/gateway/vars/gateway-release-4.2.yml @@ -62,5 +62,3 @@ gateway_python_wheel_build_dependencies: # These Python modules are pinned here because we are using 'pip download' and not 'pip install' # for offline installs. gateway_python_app_dependencies: - -gateway_ansible_version: ansible==8.7.0 diff --git a/roles/gateway/vars/gateway-release-4.3.yml b/roles/gateway/vars/gateway-release-4.3.yml index 8ed491b1..40884e61 100644 --- a/roles/gateway/vars/gateway-release-4.3.yml +++ b/roles/gateway/vars/gateway-release-4.3.yml @@ -63,5 +63,3 @@ gateway_python_wheel_build_dependencies: gateway_python_app_dependencies: - importlib-metadata==4.13.0 - grpcio-tools==1.53.0 - -gateway_ansible_version: ansible==8.7.0