ara | File #5821: /home/ssh-gateway/ansible/kuly/find_snowflakes

/home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml

Execution

Date 11 Sep 2025 13:41:33 +0100

Duration 00:00:03.96

Controller ssh-gw-4.layershift.com

User root

Versions

Ansible 2.16.11

ara 1.7.3 / 1.7.3

Python 3.10.10

Summary

2 Hosts

6 Tasks

6 Results

1 Plays

1 Files

0 Records

remote_user:root check:False tags:all subset:friendly-pelican.man-1.solus.stage.town

Date
11 Sep 2025 13:41:33 +0100
Path
/home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml

Argument	Value
version	None
verbosity	1
private_key_file	/home/ssh-gateway/.ssh/id_rsa
remote_user	root
connection	ssh
timeout	None
ssh_common_args	None
sftp_extra_args	None
scp_extra_args	None
ssh_extra_args	None
ask_pass	False
connection_password_file	None
force_handlers	False
flush_cache	False
become	False
become_method	sudo
become_user	None
become_ask_pass	False
become_password_file	None
tags	['all']
skip_tags	[]
check	False
diff	False
inventory	['/home/ssh-gateway/ansible/kuly/bash-kvm-inventory-dev.sh']
listhosts	False
subset	friendly-pelican.man-1.solus.stage.town
extra_vars	Not saved by ARA as configured by 'ignored_arguments'
vault_ids	[]
ask_vault_pass	False
vault_password_files	[]
forks	20
module_path	None
syntax	False
listtasks	False
listtags	False
step	False
start_at_task	None
args	['find_snowflakes_repos.yaml']

File: /home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml

---
- name: Check for 3rd-party enabled repositories (Pure Ansible)
  hosts: all
  become: true
  strategy: linear
  vars:
    allowed_repos:
      - baseos
      - appstream
      - extras
      - powertools
      - devel
      - ha
      - resilientstorage
      - sap
      - sap-hana
      - epel
      - epel-modular
    ignore_patterns:
      - "imunify360*"
      - "cloudlinux-rollout*"

  tasks:
    - name: Get list of enabled repos
      ansible.builtin.command: dnf repolist --enabled --quiet
      register: repolist
      changed_when: false

    - name: Parse enabled repo IDs
      ansible.builtin.set_fact:
        enabled_repos: >-
          {{
            repolist.stdout_lines[1:]
            | map('regex_replace', '^([^ ]+).*', '\1')
            | list
            | map('trim')
            | reject('eq', '')
            | list
          }}

    - name: Convert ignore patterns to regex and filter repos
      ansible.builtin.set_fact:
        filtered_repos: >-
          {% set ignore_regex = ignore_patterns | map('regex_replace', '\\*', '.*') | map('regex_replace', '(.*)', '^\\1$') | join('|') %}
          {% set result = [] %}
          {% for repo in (enabled_repos | difference(allowed_repos)) %}
          {%   if not ignore_regex or not (repo | regex_search(ignore_regex)) %}
          {%     set _ = result.append(repo) %}
          {%   endif %}
          {% endfor %}
          {{ result }}

    - name: Register report data
      ansible.builtin.set_fact:
        snowflake_report_item:
          host: "{{ inventory_hostname }}"
          thirdparty_repos: "{{ filtered_repos }}"

    - name: Aggregate all reports (run once on first host)
      ansible.builtin.set_fact:
        snowflake_reports: >-
          {{
            (snowflake_reports | default([])) + [hostvars[item].snowflake_report_item]
          }}
      delegate_to: localhost
      run_once: true
      when: inventory_hostname == ansible_play_hosts_all[0]
      loop: "{{ ansible_play_hosts_all }}"

    - name: Display clean JSON report
      ansible.builtin.debug:
        msg: "{{ snowflake_reports | to_nice_json(indent=2) }}"
      changed_when: >-
        snowflake_reports is defined and
        snowflake_reports | selectattr('thirdparty_repos', '!=', []) | list | length > 0
      delegate_to: localhost
      run_once: true
      when: inventory_hostname == ansible_play_hosts_all[0]

Playbook #3701

File: /home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml