stackoom
  简体   繁体   中英

Validate Fault tolerance and Idempotency of Harbor Playbook

 原文  2021-10-19 10:37:43       ansible/ yaml/ fault-tolerance/ idempotent

Question

i am trying to create user, admin and common projects in harbor registry. before that i wanted to check the mentioned projects are already created or not. if created it should skip the task. i tried with this but it is not working. any ideas on this how to idempotent this ?

harbor-playbook.yaml

---
- hosts: localhost
  remote_user: root

  vars:
    - projects: [user, admin, common]


  tasks:
  - name: include password var
    include_vars:
      file: password.yml

  - name: creating harbor projects 
    uri:
      url: https://harbor.com/api/v2.0/projects
      method: POST
      headers:
        Content-Type: application/json
        X-Resource-Name-In-Location: "true"
        Authorization: "{{ passwd }}"
        Accept: application/json
      body_format: json
      body: 
        project_name: "{{ item }}"
        public: false  
        metadata: 
          public: "false"
          prevent_vul: "true"
          auto_scan: "true"
        storage_limit: -1 
      validate_certs: no
      status_code: 201
    loop: "{{ projects }}"
    register: project_result
    when: not project_result.name.exists

1 answers

solution1
 0  2021-10-19 15:30:19

You need to poll the API first to see if the project exists and store that in a variable that you can then test for in your create task. Something like this could work where you place a poll and create task in a separate file, and then you include the file once, for each item in the projects list:

(Disclaimer: untested and I am not familiar with the Harbor API)

manage_harbor_project.yml 

# This is partly psuedo code as I am not familiar with the Harbor API
- name: poll for project
  uri:
    url: "https://harbor.com/api/v2.0/projects/{{ item }}"
    method: HEAD
    headers:
      Content-Type: application/json
      X-Resource-Name-In-Location: "true"
      Authorization: "{{ passwd }}"
      Accept: application/json
  register: project_check


- name: creating harbor project if not exists 
  uri:
    url: https://harbor.com/api/v2.0/projects
    method: POST
    headers:
      Content-Type: application/json
      X-Resource-Name-In-Location: "true"
      Authorization: "{{ passwd }}"
      Accept: application/json
    body_format: json
    body: 
      project_name: "{{ item }}"
      public: false  
      metadata: 
        public: "false"
        prevent_vul: "true"
        auto_scan: "true"
      storage_limit: -1 
    validate_certs: no
    status_code: 201
  when: project_check.status == 404

harbor-playbook.yml

---
- hosts: localhost
  remote_user: root

  vars:
    - projects: [user, admin, common]


  tasks:
  - name: include password var
    include_vars:
      file: password.yml

  - name: creating harbor projects 
    include: manage_harbor_project.yml
    loop: "{{ projects }}"

You may need to play around with how you test reliably for the existence or otherwise of a project, but the basic approach should work.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Idempotency in ansible playbook How to validate Ansible playbook from azure yaml build file? How to validate if server has private interface in Ansible Playbook Is there any way to validate whether a file is passed as extra vars in ansible-playbook Including playbook into master playbook Installing PHP Pear packages via Ansible with idempotency Preparation playbook before other playbook playbook within playbook with return code Stop verbose in ansible.playbook.PlayBook Reuse playbook and pass host from master playbook
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM