First, if you want extra clarification, let me know, I’m about to dump some code
You can find all of the code in GitHub - Thulium-Drake/ansible-role-foreman: Ansible toolkit for Foreman/Satellite
The task I use to make the AKs with the content overrides currently require the full label of the repository, like so:
- name: "Create Activation Keys for {{ key_lifecycle['os'] }} - {{ key_lifecycle['lifecycle'] }}" # noqa name[template]
theforeman.foreman.activation_key:
username: "{{ foreman_admin_user }}"
password: "{{ foreman_admin_password }}"
server_url: "{{ foreman_url }}"
validate_certs: "{{ foreman_validate_certs }}"
organization: "{{ foreman_organization }}"
name: "{{ key['name'] }}-{{ key_lifecycle['lifecycle'] }}"
description: 'Managed by Ansible, your changes will be lost'
lifecycle_environment: "{{ key_lifecycle['lifecycle'] }}"
content_view: "{{ key['content_view'] }}"
subscriptions: "{{ (foreman_simple_content_mode) | ternary(omit, key['subscriptions']) | default(omit) }}"
content_overrides: "{{ key['content_overrides'] | default(omit) }}"
host_collections: >-
{{ key_lifecycle['host_collection'] +
[key['name'] | lower] +
[key['os'] | lower] }}
release_version: "{{ key['release_version'] | default(omit) }}"
loop: "{{ foreman_activation_keys }}"
when:
- key['os'] == key_lifecycle['os']
- key['host_collections'] is not defined
loop_control:
loop_var: 'key'
label: "{{ key['name'] }}"
The relevant part of the input variables currently looks like this:
- name: 'RedHat8-Base'
os: 'redhat8'
content_view: 'COV RedHat8-Base'
release_version: '8'
auto_attach: true
content_overrides:
- label: 'satellite-client-6-for-rhel-8-x86_64-rpms'
override: 'enabled'
- label: "{{ foreman_organization}}_Zabbix-EL8_Zabbix-EL8-Zabbix-{{ zabbix_version | replace('.', '_') }}"
override: 'enabled'
- label: "{{ foreman_organization}}_Zabbix-EL8_Zabbix-EL8-Zabbix-Non-supported-packages"
override: 'enabled'
The main issue I see is that the content overrides require labels, which are different for each organization. product etc. However, it’s not possible to retrieve them from the WebUI (I must admin, I didn’t try with Hammer yet…) without inspecting the requests going out to the server.
It would already be a massive help if the content override input could either be the Repository name, or use the same ‘fuzzy’ matching that subscription-manager
uses, e.g. the Zabbix repo would be *-Zabbix-6_4
The solution you mention also would be a very interesting addition, that’d make the picture complete. The fuzzy matching makes adding overrides easier, and having the ability to search and change all related repos for an AK eliminates the need for it in the usecase we have.
Thanks for sharing your thoughts!