Automate your automation
Don’t let manually configured tooling undermine your automation — instead configure your automation controller.
by Eric Spencer, Network Architect, Automation & Innovation
Imagine you are an engineer, writing automation at one of the most recognizable brands in the world. You just created the most powerful workflow using Ansible Playbooks; you will save thousands of hours of manual process work for your teammates. And now, imagine that you configure the tool to use the automation by clicking around an admin portal.
Sounds wrong, don’t you think?
Now consider that your repository has multiple branches plus releases, and you are doing all these configurations manually in automation controller, part of Red Hat Ansible Platform. It’s not hard to realize that you are undermining your automation with manually configured tooling.
The solution: Automate your automation, of course!
An Ansible Playbook is the perfect way to configure automation controller. I used the ansible.tower and the awx.awx collections to achieve my goal of configuring projects, templates, and schedules.
Who is running this playbook?
GitHub Actions is the perfect place to run this playbook. You’ll notice that several of my variables in the above playbook are environmental vars, including credentials for automation controller, injected by GitHub Actions into the runner.
After the Github Actions
When you log in to automation controller, you’ll see your project, a template, and team permissions applied (and optionally a schedule and tower survey). The project and template will be named to match your GitHub branch.
Take a look at the jobs
Did you notice the Source Control Update job that ran during your GitHub actions, even though you didn’t explicitly run a source update? What is happening? The answer lies in the awx.awx.project task:
Automation controller will run a source control update when configuring a new project or when changing the scm_branch variable. And in our case, every commit has a new sha that gets written (or rewritten) to the project configuration in automation controller. This is another little trick that speeds you up later. You don’t have to manually do a project update or set “project update on launch” in your template, therefore reducing execution time.
This is great until I create a bunch of feature branches
Automatically creating projects and templates is nice, but in the course of Gitflow, you will be pushing many feature branches, each getting their own projects and templates, thus cluttering up your automation controller with a ton of old entries:
To clear out old projects and templates, add delete to your GitHub actions.
Then add a few tasks at the end of your tower_conf.yml playbooks.
Delete your branch in GitHub and in a short time your automation controller is cleared of unwanted projects and templates.
*Note, I added some conditionals in my playbook so it never deletes the main or develop branch project from automation controller.
Raise the bar
Next time you write a playbook, raise the bar and let automation configure your automation tool. And start imaging the power to add fully automated testing of playbooks in your continuous improvement, continuous development!
