Add Cloud Workflow (#72)

* fix up cloud stuff

* add vpc playbook

* fix var name

* add deploy workflow

* stupid spaces

* unsafe vars

* unsafe vars

* wrong var

* move var

* fix wf

* fix wf

* fix wf

* fix wf

cloud/create_infra.yml

@@ -1,11 +0,0 @@
----
-- name: Create Cloud Infra
-  hosts: localhost
-  gather_facts: no
-  vars:
-    infra_provider: undef
-    aws_public_key: undef
-  tasks:
-  - include_role:
-      name: "demo.cloud.{{ infra_provider }}"
-      tasks_from: create_infra

cloud/create_vpc.yml

@@ -0,0 +1,125 @@
+---
+- name: Create Cloud Infra
+  hosts: localhost
+  gather_facts: false
+  vars:
+    aws_vpc_name: aws-test-vpc
+    aws_owner_tag: default
+    aws_purpose_tag: ansible_demo
+    aws_tenancy: default
+    aws_vpc_cidr_block: 10.0.0.0/16
+    aws_subnet_cidr: 10.0.1.0/24
+    aws_region: us-east-1
+    aws_sg_name: aws-test-sg
+    aws_subnet_name: aws-test-subnet
+    aws_rt_name: aws-test-rt
+
+  tasks:
+    - name: Create VPC
+      amazon.aws.ec2_vpc_net:
+        state: present
+        name: "{{ aws_vpc_name }}"
+        cidr_block: "{{ aws_vpc_cidr_block }}"
+        tenancy: "{{ aws_tenancy }}"
+        region: "{{ aws_region }}"
+        tags:
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_vpc
+
+    - name: Create internet gateway
+      amazon.aws.ec2_vpc_igw:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        region: "{{ aws_region }}"
+        tags:
+          Name: "{{ aws_vpc_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_gateway
+
+    - name: Create security group internal
+      amazon.aws.ec2_security_group:
+        state: present
+        name: "{{ aws_sg_name }}"
+        region: "{{ aws_region }}"
+        description: Inbound WinRM and RDP, http for demo servers and internal AD ports
+        rules:
+          - proto: tcp
+            ports:
+              - 80 # HTTP
+              - 443 # HTTPS
+              - 22 # SSH
+              - 5986 # WinRM
+              - 3389 # RDP
+              - 9090 # Cockpit
+            cidr_ip: 0.0.0.0/0
+          - proto: icmp
+            to_port: -1
+            from_port: -1
+            cidr_ip: 0.0.0.0/0
+          - proto: tcp
+            ports:
+              - 80 # HTTP
+              - 5986 # WinRM
+              - 3389 # RDP
+              - 53 # DNS
+              - 88 # Kerberos Authentication
+              - 135 # RPC
+              - 139 # Netlogon
+              - 389 # LDAP
+              - 445 # SMB
+              - 464 # Kerberos Authentication
+              - 5432 # PostgreSQL
+              - 636 # LDAPS (LDAP over TLS)
+              - 873 # Rsync
+              - 3268-3269 # Global Catalog
+              - 1024-65535 # Ephemeral RPC ports
+            cidr_ip: "{{ aws_vpc_cidr_block }}"
+          - proto: udp
+            ports:
+              - 53 # DNS
+              - 88 # Kerberos Authentication
+              - 123 # NTP
+              - 137-138 # Netlogon
+              - 389 # LDAP
+              - 445 # SMB
+              - 464 # Kerberos Authentication
+              - 1024-65535 # Ephemeral RPC ports
+            cidr_ip: "{{ aws_vpc_cidr_block }}"
+        rules_egress:
+          - proto: -1
+            cidr_ip: 0.0.0.0/0
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        tags:
+          Name: "{{ aws_sg_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+
+    - name: Create a subnet on the VPC
+      amazon.aws.ec2_vpc_subnet:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        cidr: "{{ aws_subnet_cidr }}"
+        region: "{{ aws_region }}"
+        map_public: true
+        tags:
+          Name: "{{ aws_subnet_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_subnet
+
+    - name: Create a subnet route table
+      amazon.aws.ec2_vpc_route_table:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        region: "{{ aws_region }}"
+        subnets:
+          - "{{ aws_subnet.subnet.id }}"
+        routes:
+          - dest: 0.0.0.0/0
+            gateway_id: "{{ aws_gateway.gateway_id }}"
+        tags:
+          Name: "{{ aws_rt_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"

cloud/setup.yml

@@ -8,6 +8,7 @@ controller_components:
   - inventory_sources
   - groups
   - job_templates
+  - workflow_job_templates
 
 controller_execution_environments:
   - name: Cloud Services Execution Environment
@@ -146,36 +147,28 @@ controller_templates:
     extra_vars:
       aws_region: us-east-1
 
-  - name: Cloud / Create Infra
+  - name: Cloud / AWS / Create VPC
     job_type: run
     organization: Default
     credentials:
      - AWS
-     #- Azure
     project: Ansible official demo project
-    playbook: cloud/create_infra.yml
+    playbook: cloud/create_vpc.yml
     inventory: Workshop Inventory
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
     survey_enabled: true
     extra_vars:
-      aws_region: us-east-2
+      aws_region: us-east-1
     survey:
       name: ''
       description: ''
       spec:
-        - question_name: Infra Provider
+        - question_name: Owner
-          type: multiplechoice
+          type: text
-          variable: infra_provider
+          variable: aws_owner_tag
           required: true
-          choices:
-            - aws
-            #- azure
-        - question_name: AWS Public Key (only required for aws provider)
-          type: textarea
-          required: false
-          variable: aws_public_key
 
   - name: Cloud / AWS / Create VM
     job_type: run
@@ -190,6 +183,7 @@ controller_templates:
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
     survey_enabled: true
+    allow_simultaneous: true
     extra_vars:
       aws_region: us-east-1
       aws_keypair_name: aws-test-key
@@ -231,12 +225,12 @@ controller_templates:
           type: text
           variable: aws_vpc_subnet_name
           required: true
-          default: dmz-subnet
+          default: aws-test-subnet
         - question_name: Security Group
           type: text
           variable: aws_securitygroup_name
           required: true
-          default: dmz-sg
+          default: aws-test-sg
 
   - name: Cloud / AWS / Delete VM
     job_type: run
@@ -323,3 +317,108 @@ controller_templates:
           type: text
           variable: aws_keypair_owner
           required: true
+
+controller_workflows:
+  - name: Deploy Cloud Stack in AWS
+    description: A workflow to deploy a cloud stack
+    organization: Default
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      vm_deployment: cloud_stack
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Owner
+          type: text
+          variable: aws_owner_tag
+          required: true
+        - question_name: Environment
+          type: multiplechoice
+          variable: vm_environment
+          required: true
+          choices:
+            - Dev
+            - QA
+            - Prod
+        - question_name: Keypair Public Key
+          type: textarea
+          variable: aws_public_key
+          required: true
+        - question_name: Email
+          type: text
+          variable: email
+          required: true
+    simplified_workflow_nodes:
+      - identifier: Create Keypair
+        unified_job_template: Cloud / AWS / Create Keypair
+        extra_data:
+          aws_keypair_owner: !unsafe "{{ aws_owner_tag }}"
+        success_nodes:
+          - VPC Report
+        failure_nodes:
+          - Ticket - Keypair Failed
+      - identifier: Create VPC
+        unified_job_template: Cloud / AWS / Create VPC
+        success_nodes:
+          - VPC Report
+        failure_nodes:
+          - Ticket - VPC Failed
+      - identifier: Ticket - Keypair Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS keypair
+      - identifier: VPC Report
+        unified_job_template: Cloud / AWS / VPC Report
+        all_parents_must_converge: true
+        success_nodes:
+          - Deploy Windows Blueprint
+          - Deploy RHEL8 Blueprint
+          - Deploy RHEL9 Blueprint
+      - identifier: Deploy Windows Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          vm_name: aws_win
+          vm_blueprint: windows_full
+          vm_owner: !unsafe "{{ aws_owner_tag }}"
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Deploy RHEL8 Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          vm_name: aws_rhel8
+          vm_blueprint: rhel8
+          vm_owner: !unsafe "{{ aws_owner_tag }}"
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Deploy RHEL9 Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          vm_name: aws_rhel9
+          vm_blueprint: rhel9
+          vm_owner: !unsafe "{{ aws_owner_tag }}"
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Ticket - VPC Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS VPC
+      - identifier: Update Inventory
+        unified_job_template: AWS Inventory
+        success_nodes:
+          - Tag Report
+      - identifier: Ticket - Instance Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS instance
+      - identifier: Tag Report
+        unified_job_template: Cloud / AWS / Tags Report