From 0d1c1486aaddc8261e129bd47f9461ca573a3396 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Danny=20B=C3=A9dard?= Date: Thu, 6 Mar 2025 11:33:04 -0500 Subject: [PATCH 1/2] ci: create release on workflow_dispatch --- .github/workflows/galaxy_publish.yml | 46 ++++++++++++++++++++++++---- README.md | 20 ++++++------ galaxy.yml | 11 ++++--- 3 files changed, 56 insertions(+), 21 deletions(-) diff --git a/.github/workflows/galaxy_publish.yml b/.github/workflows/galaxy_publish.yml index f630ea8..42f08ee 100644 --- a/.github/workflows/galaxy_publish.yml +++ b/.github/workflows/galaxy_publish.yml @@ -1,27 +1,61 @@ name: Publish to Ansible Galaxy on: - release: - types: published workflow_dispatch: jobs: publish: environment: publish runs-on: ubuntu-latest + outputs: + version: ${{ steps.build.outputs.version }} steps: - name: Checkout code uses: actions/checkout@v4 - name: Build - run: ansible-galaxy collection build + id: build + run: | + OUTPUT=$(ansible-galaxy collection build) + echo "$OUTPUT" + COLLECTION_PATH=$(echo "$OUTPUT" | grep -o '/[^ ]*\.tar\.gz') + VERSION=$(echo "$COLLECTION_PATH" | grep -o -E '[0-9]+\.[0-9]+\.[0-9]+\.tar\.gz' | sed 's/\.tar\.gz//') + echo "collection_path=$COLLECTION_PATH" >> $GITHUB_OUTPUT + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Collection path: $COLLECTION_PATH" + echo "Collection version: $VERSION" - - name: Publish to Ansible Galaxy - run: ansible-galaxy collection publish *.tar.gz --api-key ${{ secrets.ANSIBLE_GALAXY_TOKEN }} + # - name: Publish to Ansible Galaxy + # run: ansible-galaxy collection publish ${{ steps.build.outputs.collection_path }} --api-key ${{ secrets.ANSIBLE_GALAXY_TOKEN }} - name: Upload Artifact uses: actions/upload-artifact@v4.3.6 with: name: ansible-dvls-collection - path: '*.tar.gz' + path: ${{ steps.build.outputs.collection_path }} + + create-release: + name: Create release + runs-on: ubuntu-latest + needs: publish + + steps: + - name: Check out ${{ github.repository }} + uses: actions/checkout@v4 + with: + fetch-depth: 0 # fetch all tags for the set version step + + - name: Check out Devolutions/actions + uses: actions/checkout@v4 + with: + repository: Devolutions/actions + ref: v1 + token: ${{ secrets.DEVOLUTIONSBOT_TOKEN }} + path: ./.github/workflows + + - name: Create release + uses: ./.github/workflows/create-release + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + tag: v${{ needs.publish.outputs.version }} diff --git a/README.md b/README.md index ad1d095..0f0c77d 100644 --- a/README.md +++ b/README.md @@ -45,15 +45,15 @@ Use the following playbook to authenticate with DVLS and fetch the secrets defin app_secret: "{{ lookup('env', 'DVLS_APP_SECRET') }}" vault_id: "00000000-0000-0000-0000-000000000000" secrets: "{{ secrets }}" - register: secrets + register: value - name: Dump secrets debug: - msg: "{{ secrets }}" + msg: "{{ value }}" - name: Dump a secret debug: - msg: "{{ secrets['name-or-id'].value }}" + msg: "{{ value['name-or-id'].value }}" ``` ## Usage fetching all secrets @@ -69,15 +69,15 @@ Use the following playbook to authenticate with DVLS and fetch every secrets fro app_key: "{{ lookup('env', 'DVLS_APP_KEY') }}" app_secret: "{{ lookup('env', 'DVLS_APP_SECRET') }}" vault_id: "00000000-0000-0000-0000-000000000000" - register: secrets + register: value - name: Dump secrets debug: - msg: "{{ secrets }}" + msg: "{{ value }}" - name: Dump a secret debug: - msg: "{{ secrets['name-or-id'].value }}" + msg: "{{ value['name-or-id'].value }}" ``` ## Usage fetching server info and vaults list @@ -89,15 +89,15 @@ Use the following playbook to authenticate with DVLS and fetch every secrets fro server_base_url: "https://example.yourcompany.com" app_key: "{{ lookup('env', 'DVLS_APP_KEY') }}" app_secret: "{{ lookup('env', 'DVLS_APP_SECRET') }}" - register: server + register: value - name: Fetch URI debug: - msg: "{{ server.accessURI }}" + msg: "{{ value.accessURI }}" - name: Fetch a vault from the list debug: - msg: "{{ server.vaults[1].id }}" + msg: "{{ value.vaults[1].id }}" ``` Example response @@ -163,7 +163,6 @@ When a new secret was created or updated, the module will return the entry ID. secret: secret_name: "my_secret_1" value: "p@ssw0rd1" - register: secrets ``` Example with additional available options (Currently only the "Credential" type and "Default" subtype are supported): @@ -182,5 +181,4 @@ Example with additional available options (Currently only the "Credential" type secret_type: "Credentials" secret_subtype: "Default" secret_description: "a description for the secret" - register: secrets ``` diff --git a/galaxy.yml b/galaxy.yml index 17317ee..f2fa37c 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,12 +1,15 @@ namespace: devolutions name: dvls -version: 1.1.1 +version: 1.2.1 readme: README.md authors: - Danny Bédard -description: This Ansible module allows you to authenticate with DVLS and fetch server information, vaults and secrets by name or ID. -license: MIT -license_file: '' +description: > + Ansible collection for interacting with Devolutions Server (DVLS). It provides modules for authentication, + retrieving server information and vaults, and performing create, read and update operations on secrets. + Enables automation of common Devolutions Password Server tasks within Ansible workflows. +license: + - MIT tags: [dvls, secrets, devolutions, password] dependencies: {} repository: https://github.com/Devolutions/ansible-dvls From 83395e6973711bb56f3c40e058f99f8a8bb9c195 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Danny=20B=C3=A9dard?= Date: Thu, 6 Mar 2025 11:45:29 -0500 Subject: [PATCH 2/2] fix: update create_secret tests to use new variables --- .github/workflows/galaxy_publish.yml | 4 ++-- tests/integration/secrets.yml | 2 +- tests/integration/test_get_secret.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/galaxy_publish.yml b/.github/workflows/galaxy_publish.yml index 42f08ee..9131723 100644 --- a/.github/workflows/galaxy_publish.yml +++ b/.github/workflows/galaxy_publish.yml @@ -26,8 +26,8 @@ jobs: echo "Collection path: $COLLECTION_PATH" echo "Collection version: $VERSION" - # - name: Publish to Ansible Galaxy - # run: ansible-galaxy collection publish ${{ steps.build.outputs.collection_path }} --api-key ${{ secrets.ANSIBLE_GALAXY_TOKEN }} + - name: Publish to Ansible Galaxy + run: ansible-galaxy collection publish ${{ steps.build.outputs.collection_path }} --api-key ${{ secrets.ANSIBLE_GALAXY_TOKEN }} - name: Upload Artifact uses: actions/upload-artifact@v4.3.6 diff --git a/tests/integration/secrets.yml b/tests/integration/secrets.yml index 69aabe3..57f78b6 100644 --- a/tests/integration/secrets.yml +++ b/tests/integration/secrets.yml @@ -1,3 +1,3 @@ secrets: - secret_name: "secret" - - secret_id: "890cbb54-7078-4d0c-925f-e89a33ee3e46" + - secret_id: "717ff96a-d835-4ac5-9cdd-3a2a0a93fe7f" diff --git a/tests/integration/test_get_secret.yml b/tests/integration/test_get_secret.yml index 51ea538..fb0682f 100644 --- a/tests/integration/test_get_secret.yml +++ b/tests/integration/test_get_secret.yml @@ -26,7 +26,7 @@ app_secret: "{{ lookup('env', 'DVLS_APP_SECRET') }}" vault_id: "{{ lookup('env', 'DVLS_VAULT_ID') }}" secrets: - - secret_id: 08a6526d-1f86-40e2-aef1-a74cc31a548d + - secret_id: 717ff96a-d835-4ac5-9cdd-3a2a0a93fe7f - name: Get secret from name devolutions.dvls.fetch_secrets: @@ -35,7 +35,7 @@ app_secret: "{{ lookup('env', 'DVLS_APP_SECRET') }}" vault_id: "{{ lookup('env', 'DVLS_VAULT_ID') }}" secrets: - - secret_name: AzureSP + - secret_name: secret - name: Get secret from Folder devolutions.dvls.fetch_secrets: