Add subscription-manager support for Hosted or Satellite

roles/subscription-manager/README.md

@@ -0,0 +1,95 @@
+# Red Hat Subscription Manager Ansible Role
+
+## Parameters
+
+This role depends on user specified variables. These can be set in the inventory file, group_vars or passed to the playbook from the CLI. The variables are:
+
+### rhsm_method
+
+Subscription Manager method to use for registration. Valid values are:
+
+* **satellite** - Use a Satellite server. Additional variables required include **rhsm_server**, **rhsm_org** and either (**rhsm_username** and **rhsm_password**) or **rhsm_activationkey**
+* **hosted** - Use Red Hat's CDN. Additional variables required are **rhsm_server** (defaults to RHSM CDN) and **rhsm_username** and **rhsm_password**
+* none/false/blank will disable any subscription manager activities (this is the default if no parameters are set)
+
+Default: none
+
+### rhsm_server
+
+Subscription Manager server hostname. If using a Satellite server set the FQDN here. If using RHSM Hosted this value is ignored.
+
+Default: none
+
+### rhsm_username
+
+Subscription Manager username. Required for RHSM Hosted. Can be optionally used for Satellite, but it may be better to use **rhsm_activationkey** for this.
+
+Default: none
+
+### rhsm_password
+
+Subscription Manager password. Required for RHSM Hosted. Can be optionally used for Satellite, but it may be better to use **rhsm_activationkey** for this.
+
+Default: none
+
+### rhsm_org
+
+Optional Satellite Subscription Manager Organization. Required for Satellite, ignored if using RHSM Hosted.
+
+Default: none
+
+### rhsm_activationkey
+
+Optional Satellite Subscription Manager Activation Key, use this instead of **rhsm_username** and **rhsm_password** if using Satellite to provide repositories and authentication in a key instead.
+
+Default: none
+
+### rhsm_pool
+
+Optional Subscription Manager pool, determine this by running **subscription-manager list --available** on a registered system. Valid for RHSM Hosted or Satellite. Specifying **rhsm_activationkey** will ignore this option.
+
+Default: none
+
+### rhsm_repos
+
+Optional Repositories to enable, this can also be specified in the **rhsm_activationkey**. Valid for RHSM Hosted or Satellite. Specifying **rhsm_activationkey** will ignore this option.
+
+NOTE: If specifying this value in an inventory file as opposed to group_vars, be sure to define it as a proper list as such:
+
+rhsm_repos='["rhel-7-server-rpms", "rhel-7-server-ose-3.1-rpms", "rhel-7-server-extras-rpms"]'
+
+Default: none
+
+## Pre-tasks
+
+A number of variable checks are performed before any tasks to ensure the proper parameters are set. To include these checks call the pre_task yaml before any roles:
+
+```
+  pre_tasks:
+  - include: roles/subscription-manager/pre_tasks/pre_tasks.yml 
+```
+
+## Tasks
+
+The bulk of the work is performed in the main.yml for this role. The pre-task play will set a variable which can be checked to contitionally include this role as such:
+
+```
+  roles:
+    - { role: subscription-manager, when: not hostvars.localhost.rhsm_skip, tags: 'subscription-manager' }
+```
+
+## Running the Playbook
+ 
+To register to RHSM Hosted with username and password:
+
+```
+ansible-playbook -i inventory/ose-provision ose-provision.yml -e "rhsm_method='hosted' rhsm_username=vvaldez rhsm_password='hunter2' openstack_key_name='vvaldez'"
+```
+
+To register to a Satellite server with an activation key:
+
+```
+ansible-playbook -i inventory/ose-provision ose-provision.yml -e "rhsm_server='10.12.32.1' rhsm_org='cloud_practice' rhsm_activationkey='rhel-7-ose-3-1' openstack_key_name='vvaldez' rhsm_method='satellite'"
+```
+
+To ignore any Subscription Manager activities, simple do not set any parameters or explicitly set **rhsm_method** to false.

roles/subscription-manager/pre_tasks/pre_tasks.yml

@@ -0,0 +1,37 @@
+---
+- name: Initialize Subscription Manager fact
+  set_fact:
+    rhsm_skip: false
+
+- name: Determine if Subscription Manager should be skipped or not
+  set_fact:
+    rhsm_skip: true
+  when: rhsm_method is undefined or rhsm_method is none or rhsm_method|trim == ''
+
+- name: Determine Subscription Manager method
+  fail: msg="Value for 'rhsm_method' of '{{ rhsm_method }}' is not valid, it should be one of 'hosted', 'satellite', or false/none/blank"
+  when: 
+    - rhsm_method != 'hosted' and rhsm_method != 'satellite'
+    - not rhsm_skip
+
+- name: Validate Subscription Manager host is set
+  fail: msg="Cannot determine Subscription Manager server hostname without a value for 'rhsm_server'"
+  when: 
+    - rhsm_server is undefined or rhsm_server is none or rhsm_server|trim == ''
+    - not rhsm_method == 'hosted'
+    - not rhsm_skip
+
+- name: Validate Subscription Manager organization is set
+  fail: msg="Cannot register to a Satellite server without a value for the Organization via 'rhsm_org'"
+  when: 
+    - rhsm_org is undefined or rhsm_org is none or rhsm_org|trim == ''
+    - rhsm_method == 'satellite'
+    - not rhsm_skip
+
+- name: Validate Subscription Manager authentication is defined
+  fail: msg="Cannot register without ('rhsm_username' and 'rhsm_password') or 'rhsm_activationkey' variables set"
+  when:
+    - (rhsm_username is undefined or rhsm_username is none or rhsm_username|trim == '') or (rhsm_password is undefined or rhsm_password is none or rhsm_password|trim == '')
+    - rhsm_activationkey is undefined or rhsm_activationkey is none or rhsm_activationkey|trim == ''
+    - not rhsm_skip
+

roles/subscription-manager/tasks/main.yml

@@ -0,0 +1,93 @@
+---
+- name: Initializing Subscription Manager authenticaiton method
+  set_fact:
+    rhsm_authentication: false
+
+# 'rhsm_activationkey' will take precedence even if 'rhsm_username' and 'rhsm_password' are also set
+- name: Setting Subscription Manager Activation Key Fact
+  set_fact:
+    rhsm_authentication: "key"
+  when:
+    - rhsm_activationkey is defined
+    - rhsm_activationkey is not none
+    - rhsm_activationkey|trim != ''
+    - not rhsm_authentication
+
+# If 'rhsm_username' and 'rhsm_password' are set but not 'rhsm_activationkey', set 'rhsm_authentication' to password
+- name: Setting Subscription Manager Username and Password Fact
+  set_fact:
+    rhsm_authentication: "password"
+  when:
+    - rhsm_username is defined and rhsm_username is not none and rhsm_username|trim != ''
+    - rhsm_password is defined and rhsm_password is not none and rhsm_password|trim != ''
+    - not rhsm_authentication
+
+- name: Initializing registration status
+  set_fact:
+    registered: false
+
+- name: Checking subscription status (a failure means it is not registered and will be)
+  command: "/usr/bin/subscription-manager status"
+  ignore_errors: yes
+  changed_when: no
+  register: check_if_registered
+
+- name: Set registration fact
+  set_fact:
+    registered: true
+  when: check_if_registered.rc == 0
+
+- name: Cleaning any old subscriptions
+  command: "/usr/bin/subscription-manager clean"
+  when:
+    - not registered
+    - rhsm_authentication is defined
+
+- name: Install Satellite certificate
+  command: "rpm -Uvh --force http://{{ rhsm_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
+  when:
+    - not registered
+    - rhsm_method == 'satellite'
+
+- name: Register to Satellite using activation key
+  command: "/usr/bin/subscription-manager register --activationkey={{ rhsm_activationkey }} --org={{ rhsm_org }}"
+  when:
+    - not registered
+    - rhsm_authentication == 'key'
+    - rhsm_method == 'satellite'
+
+# This can apply to either Hosted or Satellite
+- name: Register using username and password
+  command: "/usr/bin/subscription-manager register --username={{ rhsm_username }} --password={{ rhsm_password }}"
+  when:
+    - not registered
+    - rhsm_authentication != "key"
+
+- name: Auto-attach to Subscription Manager Pool
+  command: "/usr/bin/subscription-manager attach --auto"
+  when:
+    - not registered
+    - rhsm_authentication != "key"
+
+- name: Attach to a specific pool
+  command: "/usr/bin/subscription-manager attach --pool={{ rhsm_pool }}"
+  when:
+    - rhsm_pool is defined and rhsm_pool is not none and rhsm_pool|trim != ''
+    - and not registered
+    - rhsm_authentication != "key"
+
+- name: Disable all repositories
+  command: "/usr/bin/subscription-manager repos --disable=*"
+  when:
+    - not registered
+    - not rhsm_authentication == "key"
+
+- name: Enable specified repositories
+  command: "/usr/bin/subscription-manager repos --enable={{ item }}"
+  with_items: rhsm_repos
+  when:
+    - not registered
+    - not rhsm_authentication == "key"
+
+- name: Cleaning yum repositories
+  command: "yum clean all"