add support for member managers

2024-11-24 22:21:26 +00:00 · 2021-01-05 15:51:17 -07:00 · 2021-01-05 15:51:17 -07:00 · 8686535611
commit 8686535611
parent 80a4efd099
4 changed files with 20 additions and 3 deletions
--- a/ansible/playbooks/adhoc-ipagroup.yml
+++ b/ansible/playbooks/adhoc-ipagroup.yml
@ -20,17 +20,19 @@
          - ipaadmin_password | mandatory
          - ipa_group | mandatory
          - ipa_description | mandatory
-          - ipa_posix | mandatory
+          - ipa_nonposix | mandatory
        success_msg: "Required variables provided"
        fail_msg: "We are missing group information or ipa admin password"

-    - name: "Creating Mandatory Groups"
+    - name: "Creating New Group"
      freeipa.ansible_freeipa.ipagroup:
        ipaadmin_principal: "{{ ipa_admin }}"
        ipaadmin_password: "{{ ipaadmin_password }}"
        name: "{{ ipa_group }}"
        description: "{{ ipa_description }}"
-        nonposix: "{{ ipa_posix }}"
+        nonposix: "{{ ipa_nonposix }}"
+        membermanager_user: "{{ ipa_group_manager_user | default(omit) }}"
+        membermanager_group: "{{ ipa_group_manager_group | default(omit) }}"
      tags:
        - groups

--- a/ansible/playbooks/import-rockygroups.yml
+++ b/ansible/playbooks/import-rockygroups.yml
@ -7,6 +7,8 @@
    description: "{{ item.description }}"
    nonposix: false
    user: "{{ item.user | default(none) }}"
+    membermanager_user: "{{ item.managers_users | default(omit) }}"
+    membermanager_group: "{{ item.managers_groups | default(omit) }}"
  loop: "{{ ipagroups }}"
  tags:
    - groups
--- a/ansible/playbooks/vars/ipa/agreements.yml
+++ b/ansible/playbooks/vars/ipa/agreements.yml
@ -0,0 +1,2 @@
+---
+# Vars for Agreements for the Rocky Linux Project
--- a/ansible/playbooks/vars/ipa/groups.yml
+++ b/ansible/playbooks/vars/ipa/groups.yml
@ -52,6 +52,13 @@ ipagroups:
      - tg
      - hbjy
      - rockyautomation
+    managers_users:
+      - label
+      - neil
+      - rlh
+      - rfelsburg
+      - tg
+      - hbjy
  - group: services
    description: Rocky Linux Service Accounts
    user:
@ -65,9 +72,13 @@ ipagroups:
    description: Rocky Linux Identity Management
    user:
      - label
+    managers_users:
+      - label
  - group: releng
    description: Rocky Linux Release Engineering
    user:
      - label
+    managers_users:
+      - label
  - group: mq_pub_readonly
    description: RabbitMQ ReadOnly