DO467 - ch08s04

Configure a job template that runs when a Git server triggers a webhook to notify your automation controller that a new commit has been applied to the repository for the job template’s project.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command ensures that automation controller is installed. The command creates a Git repository that provides the required files for the exercise, and also set up the configuration needed in GitLab to allow webhooks from controller. Finally, the command creates the following automation controller resources: a project, an inventory (with an inventory source), a Vault credential, and two job templates that use the Vault credential.

[student@workstation ~]$ lab start code-webhooks

Procedure 8.2. Instructions

On your automation controller, configure an existing job template named Add Teams to use a webhook.
1. Navigate to https://controller.lab.example.com and log in as the admin user with redhat as the password.
2. Navigate to Resources → Templates and click the Edit Template icon for the Add Teams job template.
3. Scroll down to the Options section and select Enable Webhook.
4. In the Webhook details section, choose GitLab from the Webhook Service list.
5. Click Save.
6. On the Details tab, take note of the Webhook URL and Webhook Key values needed to configure the webhook in GitLab in the next step.
  Figure 8.9: Webhook configuration in job template
On your GitLab server, create a webhook for the Code Collection Git repository that notifies your automation controller about push events.
Important
The lab start code-webhooks script has run as an administrator on your GitLab server to allow its users to create webhooks, so you do not need to do that part of the configuration.
1. Navigate to https://git.lab.example.com and log in as the student user using Student@123 as the password.
2. Navigate to Projects → Your projects → Code Collection, and then navigate to Settings → Webhooks in the left panel.
3. On the webhook configuration page, create the webhook by adding the Webhook URL and Webhook Key values, obtained from automation controller in the previous step, to the URL and Secret token fields, respectively.
  Figure 8.10: Webhook configuration in GitLab
  Important
  The preceding screen capture is only an illustration. Use the URL and Secret token values for your own environment. Use the Webhook URL and Webhook Key values that you generated in your automation controller UI for your URL and Secret token fields.
4. Select Push events and clear Enable SSL verification.
  Note
  Normally, you would not disable SSL verification. You would instead ensure that both automation controller and GitLab could validate each other’s TLS/SSL certificates.
5. Click Add webhook to save the webhook.
6. Scroll down to the bottom of the page. In the Project Hooks section, notice that you now have one webhook configured. Click Test and choose Push events to test the webhook. You should see the Hook executed successfully message.

Test the webhook by making a change to the code-collection Git repository.

As the student user on the workstation machine, create the /home/student/git-repos directory if it does not already exist, and then change into it.
```
[student@workstation ~]$ mkdir -p ~/git-repos/
[student@workstation ~]$ cd ~/git-repos/
```

Clone the code-collection.git repository and then change into the cloned repository:

[student@workstation git-repos]$ git clone \
> https://git.lab.example.com/git/code-collection.git
Cloning into 'code-collection'...
...output omitted...
[student@workstation git-repos]$ cd code-collection

Edit the add_teams.yml file and add the '{{ team_operations }}' variable to the team_array variable. The content of the add_teams.yml file should contain the following.

---
- name: Add team
  hosts: localhost
  gather_facts: False
  vars_files:
    - vars/auth.yml
    - vars/users_teams.yml
  vars:
    team_array:
      - '{{ team1 }}'
      - '{{ team2 }}'
      - '{{ team3 }}'
      - '{{ team_developers }}'
      - '{{ team_operations }}'

Commit and push the changes to the remote Git repository.

[student@workstation code-collection]$ git add add_teams.yml
[student@workstation code-collection]$ git commit -m "Added Operations team"
[main d164229] Added Operations team
 1 file changed, 1 deletion(-)
[student@workstation code-collection]$ git push -u origin main
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 4 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 298 bytes | 298.00 KiB/s, done.
Total 3 (delta 2), reused 0 (delta 0), pack-reused 0
To https://git.lab.example.com/git/code-collection.git
   c967656..d164229  main -> main
Branch 'main' set up to track remote branch 'main' from 'origin'.

In the automation controller web UI, navigate to View → Jobs.
Your git push command launched the Add Teams job template and started the jobs Source Control Update, Inventory Sync, and Playbook Run.
After the Playbook Run job is successful, navigate to Access → Teams and verify that all the teams now exist in automation controller.

(Optional) Display the content of the vars/users_teams.yml file to verify the team_operations definition. Use redhat123 as a Vault password.

[student@workstation code-collection]$ ansible-vault view vars/users_teams.yml
Vault password: redhat123
...output omitted...
team_operations:
  name: Operations
  description: Ops Team
  organization: Default
  users:
    - username: oliver
      first_name: Oliver
      last_name: Stone
      email: oliver@lab.example.com
      password: redhat123
      update_secrets: false
      is_superuser: false
      is_system_auditor: false
...output omitted...

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish code-webhooks

This concludes the section.

Discuss Managing Enterprise Automation with Red Hat Ansible Automation Platform

Go to community

Welcome to the Managing Enterprise Automation with Red Hat Ansible Automation Platform group!

Syed

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Managing Enterprise Automation with Red Hat Ansible Automation Platform! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO467.Read more about Managing Enterprise Automation with Red Hat Ansible Automation Platform here.

312

Revision: do467-2.2-08877c1

Managing Enterprise Automation with Red Hat Ansible Automation Platform

Guided Exercise: Automating Configuration Updates with Git Webhooks

Important

Important

Note