Giter VIP home page Giter VIP logo

ansible's Introduction

Skeleton

Objects

Task:

{
    'app': str, # lu-ai [MANDATORY]
    'module': str, # balance-api [MANDATORY]
    'server': str, # vtluuxapi11 [MANDATORY]
    'profile': str, # /prod/dl/ref/java/lu-ai/balance-api/.profile [MANDATORY]
    'npa_list': List[Npa],
    'restart_command': str, # perl /prod/dl/ref/bin/jluai_balance_api.pl vl=action=restart [OPTIONAL]
    'mail': str, # [email protected] [MANDATORY]
}

Npa:

{
    'name': str, # name in the .profile
    'c0': str, # cyberark code
    'encoding': str, # MD5 / SHA512
}

Structure

main.yml:

process_task:

  • Initialize change flag to False (will be evaluated to know if notif should be sent)
  • Get NPAs passwords from cyberark (role get_npa_password)
  • Update NPAs in .profile if needed (role update_npa_file)
  • Restart module if restart command provided and .profile was updated (role restart_module)
  • Send mail notification if restart command provided and restart successful, or if .profile changed (role send_mail)
  • Send error mail if any part failed (role send_mail)

fetch_config:

  • Cleanup old directories
  • Fetch configurations on server
  • Transform them into a list of tasks using generate_tasks.py

get_npa_password:

  • TO BE DONE ! -> should add the (new) cyberark password in the npa object so that it can then be processed

restart_module:

  • use the provided command (if any) to restart the module

send_mail:

  • TO BE DONE ! -> send a mail

update_npa_file:

  • TO BE DONE ! -> get NPA pass from .profile and compare them to the cyberark pass. If any changes, backup the .profile and rewrite it with the new values

TODO

  • main.yml -> should be ok
  • fetch_config -> adapt to go on remote server + send mail if config parsing error occurred
  • get_npa_password -> everything !
    • Need to call cyberark to check if NPA pass should be changed
    • If expires soon, update it
    • Return the NPA password
  • restart_module -> adapt to run on remote server
  • send_mail -> adapt to correctly send the mail
  • update_npa_file -> everything !
    • Need to get the .profile
    • parse it to match its values to the NPA
    • decode its values using the right jasypt encoding
    • compare it to those of the NPA
    • if there is a change between cyberark and .profile for any NPA
      • backup .profile on remote server
      • rewrite it with the correct new values

ansible's People

Contributors

schnikonos avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.