Merge pull request #20 from CloudKrafter/import-privileges-tasks

Manage privileges using the API

roles/config_api/defaults/main.yml

@@ -11,6 +11,7 @@ nexus_admin_password: changeme
 nexus_enable_pro_version: false
 
 nexus_config_dry_run: false
+nexus_enforce_desired_state: false
 
 nexus_ssl_truststore: []
 

roles/config_api/tasks/blobstore-tasks.yml

@@ -58,5 +58,5 @@
     method: DELETE
   with_items:
     - "{{ nxs_delete_blobstores | default([]) }}"
-  when: nxs_delete_blobstores | length > 0
+  when: nxs_delete_blobstores | length > 0 and nexus_enforce_desired_state | bool
   tags: blobstores

roles/config_api/tasks/cleanup-policies-tasks.yml

@@ -93,7 +93,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_cleanuppolicies | default([]) }}"
-      when: nxs_delete_cleanuppolicies | length > 0
+      when: nxs_delete_cleanuppolicies | length > 0 and nexus_enforce_desired_state | bool
       tags: cleanup-policies
   when: not nexus_config_dry_run
   tags: cleanup-policies

roles/config_api/tasks/content-selectors-tasks.yml

@@ -87,7 +87,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_content_selectors | default([]) }}"
-      when: nxs_delete_content_selectors | length > 0
+      when: nxs_delete_content_selectors | length > 0 and nexus_enforce_desired_state | bool
       tags: content-selectors
   when: not nexus_config_dry_run
   tags: content-selectors

roles/config_api/tasks/ldap-tasks.yml

@@ -130,7 +130,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_ldap_connetions | default([]) }}"
-      when: nxs_delete_ldap_connetions | length > 0
+      when: nxs_delete_ldap_connetions | length > 0 and nexus_enforce_desired_state | bool
       tags: ldap
   when: not nexus_config_dry_run
   tags: ldap

roles/config_api/tasks/license-api.yml

@@ -9,7 +9,7 @@
     force_basic_auth: true
     timeout: "{{ nexus_api_timeout }}"
     status_code: 204
-  when: not nexus_enable_pro_version
+  when: not nexus_enable_pro_version and nexus_enforce_desired_state | bool
   changed_when: true
   tags: license
 

roles/config_api/tasks/privileges-tasks.yml

@@ -314,7 +314,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_app_privileges | default([]) }}"
-      when: nxs_delete_app_privileges | length > 0
+      when: nxs_delete_app_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
     - name: Delete Script Privileges using Nexus API
       ansible.builtin.include_tasks: privileges-api.yml
@@ -324,7 +324,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_script_privileges | default([]) }}"
-      when: nxs_delete_script_privileges | length > 0
+      when: nxs_delete_script_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
     - name: Delete Wildcard Privileges using Nexus API
       ansible.builtin.include_tasks: privileges-api.yml
@@ -334,8 +334,9 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_wildcard_privileges | default([]) }}"
-      when: nxs_delete_wildcard_privileges | length > 0
+      when: nxs_delete_wildcard_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
+
     - name: Delete Repository Content Selector Privileges using Nexus API
       ansible.builtin.include_tasks: privileges-api.yml
       vars:
@@ -344,7 +345,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_repository_content_selector_privileges | default([]) }}"
-      when: nxs_delete_repository_content_selector_privileges | length > 0
+      when: nxs_delete_repository_content_selector_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
     - name: Delete Repository Admin Privileges using Nexus API
       ansible.builtin.include_tasks: privileges-api.yml
@@ -354,7 +355,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_repository_admin_privileges | default([]) }}"
-      when: nxs_delete_repository_admin_privileges | length > 0
+      when: nxs_delete_repository_admin_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
     - name: Delete Repository View Privileges using Nexus API
       ansible.builtin.include_tasks: privileges-api.yml
@@ -364,7 +365,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_repository_view_privileges | default([]) }}"
-      when: nxs_delete_repository_view_privileges | length > 0
+      when: nxs_delete_repository_view_privileges | length > 0 and nexus_enforce_desired_state | bool
       tags: privileges
   when: not nexus_config_dry_run
   tags: privileges

roles/config_api/tasks/process_blobstores.yml

@@ -148,6 +148,6 @@
   loop: "{{ nxs_delete_blobstores }}"
   loop_control:
     loop_var: blobstore
-  when: nxs_delete_blobstores | length > 0
+  when: nxs_delete_blobstores | length > 0 and nexus_enforce_desired_state | bool
   changed_when: true
   tags: blobstores

roles/config_api/tasks/repositories-apt-tasks.yml

@@ -238,7 +238,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_apt_hosted_repos | default([]) }}"
-      when: nxs_delete_apt_hosted_repos | length > 0
+      when: nxs_delete_apt_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - apt
         - apt-hosted
@@ -252,7 +252,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_apt_proxy_repos | default([]) }}"
-      when: nxs_delete_apt_proxy_repos | length > 0
+      when: nxs_delete_apt_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - apt
         - apt-proxy

roles/config_api/tasks/repositories-cargo-tasks.yml

@@ -312,7 +312,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_cargo_hosted_repos | default([]) }}"
-      when: nxs_delete_cargo_hosted_repos | length > 0
+      when: nxs_delete_cargo_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - cargo
         - cargo-hosted
@@ -326,7 +326,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_cargo_proxy_repos | default([]) }}"
-      when: nxs_delete_cargo_proxy_repos | length > 0
+      when: nxs_delete_cargo_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - cargo
         - cargo-proxy
@@ -340,7 +340,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_cargo_group_repos | default([]) }}"
-      when: nxs_delete_cargo_group_repos | length > 0
+      when: nxs_delete_cargo_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: cargo
   when: not nexus_config_dry_run
   tags:

roles/config_api/tasks/repositories-cocoapods-tasks.yml

@@ -144,7 +144,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_cocoapods_proxy_repos | default([]) }}"
-      when: nxs_delete_cocoapods_proxy_repos | length > 0
+      when: nxs_delete_cocoapods_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - cocoapods
         - cocoapods-proxy

roles/config_api/tasks/repositories-composer-tasks.yml

@@ -144,7 +144,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_composer_proxy_repos | default([]) }}"
-      when: nxs_delete_composer_proxy_repos | length > 0
+      when: nxs_delete_composer_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - composer
         - composer-proxy

roles/config_api/tasks/repositories-conan-tasks.yml

@@ -235,7 +235,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_conan_hosted_repos | default([]) }}"
-      when: nxs_delete_conan_hosted_repos | length > 0
+      when: nxs_delete_conan_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - conan
         - conan-hosted
@@ -249,7 +249,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_conan_proxy_repos | default([]) }}"
-      when: nxs_delete_conan_proxy_repos | length > 0
+      when: nxs_delete_conan_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - conan
         - conan-proxy

roles/config_api/tasks/repositories-conda-tasks.yml

@@ -144,7 +144,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_conda_proxy_repos | default([]) }}"
-      when: nxs_delete_conda_proxy_repos | length > 0
+      when: nxs_delete_conda_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - conda
         - conda-proxy

roles/config_api/tasks/repositories-docker-tasks.yml

@@ -333,7 +333,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_docker_hosted_repos | default([]) }}"
-      when: nxs_delete_docker_hosted_repos | length > 0
+      when: nxs_delete_docker_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - docker
         - docker-hosted
@@ -347,7 +347,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_docker_proxy_repos | default([]) }}"
-      when: nxs_delete_docker_proxy_repos | length > 0
+      when: nxs_delete_docker_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - docker
         - docker-proxy
@@ -361,7 +361,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_docker_group_repos | default([]) }}"
-      when: nxs_delete_docker_group_repos | length > 0
+      when: nxs_delete_docker_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: docker
   when: not nexus_config_dry_run | bool
   tags:

roles/config_api/tasks/repositories-gitlfs-tasks.yml

@@ -113,7 +113,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_gitlfs_hosted_repos | default([]) }}"
-      when: nxs_delete_gitlfs_hosted_repos | length > 0
+      when: nxs_delete_gitlfs_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - gitlfs
         - gitlfs-hosted

roles/config_api/tasks/repositories-go-tasks.yml

@@ -221,7 +221,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_go_proxy_repos | default([]) }}"
-      when: nxs_delete_go_proxy_repos | length > 0
+      when: nxs_delete_go_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - go
         - go-proxy
@@ -235,7 +235,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_go_group_repos | default([]) }}"
-      when: nxs_delete_go_group_repos | length > 0
+      when: nxs_delete_go_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: go
   when: not nexus_config_dry_run
   tags:

roles/config_api/tasks/repositories-helm-tasks.yml

@@ -235,7 +235,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_helm_hosted_repos | default([]) }}"
-      when: nxs_delete_helm_hosted_repos | length > 0
+      when: nxs_delete_helm_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - helm
         - helm-hosted
@@ -249,7 +249,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_helm_proxy_repos | default([]) }}"
-      when: nxs_delete_helm_proxy_repos | length > 0
+      when: nxs_delete_helm_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - helm
         - helm-proxy

roles/config_api/tasks/repositories-maven-tasks.yml

@@ -317,7 +317,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_mvn_hosted_repos | default([]) }}"
-      when: nxs_delete_mvn_hosted_repos | length > 0
+      when: nxs_delete_mvn_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - maven
         - maven-hosted
@@ -331,7 +331,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_mvn_proxy_repos | default([]) }}"
-      when: nxs_delete_mvn_proxy_repos | length > 0
+      when: nxs_delete_mvn_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - maven
         - maven-proxy
@@ -345,7 +345,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_mvn_group_repos | default([]) }}"
-      when: nxs_delete_mvn_group_repos | length > 0
+      when: nxs_delete_mvn_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: maven
   when: not nexus_config_dry_run | bool
   tags:

roles/config_api/tasks/repositories-npm-tasks.yml

@@ -312,7 +312,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_npm_hosted_repos | default([]) }}"
-      when: nxs_delete_npm_hosted_repos | length > 0
+      when: nxs_delete_npm_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - npm
         - npm-hosted
@@ -326,7 +326,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_npm_proxy_repos | default([]) }}"
-      when: nxs_delete_npm_proxy_repos | length > 0
+      when: nxs_delete_npm_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - npm
         - npm-proxy
@@ -340,7 +340,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_npm_group_repos | default([]) }}"
-      when: nxs_delete_npm_group_repos | length > 0
+      when: nxs_delete_npm_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: npm
   when: not nexus_config_dry_run
   tags:

roles/config_api/tasks/repositories-nuget-tasks.yml

@@ -314,7 +314,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_nuget_hosted_repos | default([]) }}"
-      when: nxs_delete_nuget_hosted_repos | length > 0
+      when: nxs_delete_nuget_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - nuget
         - nuget-hosted
@@ -328,7 +328,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_nuget_proxy_repos | default([]) }}"
-      when: nxs_delete_nuget_proxy_repos | length > 0
+      when: nxs_delete_nuget_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - nuget
         - nuget-proxy
@@ -342,7 +342,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_nuget_group_repos | default([]) }}"
-      when: nxs_delete_nuget_group_repos | length > 0
+      when: nxs_delete_nuget_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: nuget
   when: not nexus_config_dry_run
   tags:

roles/config_api/tasks/repositories-p2-tasks.yml

@@ -144,7 +144,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_p2_proxy_repos | default([]) }}"
-      when: nxs_delete_p2_proxy_repos | length > 0
+      when: nxs_delete_p2_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - p2
         - p2-proxy

roles/config_api/tasks/repositories-pypi-tasks.yml

@@ -311,7 +311,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_pypi_hosted_repos | default([]) }}"
-      when: nxs_delete_pypi_hosted_repos | length > 0
+      when: nxs_delete_pypi_hosted_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - pypi
         - pypi-hosted
@@ -325,7 +325,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_pypi_proxy_repos | default([]) }}"
-      when: nxs_delete_pypi_proxy_repos | length > 0
+      when: nxs_delete_pypi_proxy_repos | length > 0 and nexus_enforce_desired_state | bool
       tags:
         - pypi
         - pypi-proxy
@@ -339,7 +339,7 @@
         method: DELETE
       with_items:
         - "{{ nxs_delete_pypi_group_repos | default([]) }}"
-      when: nxs_delete_pypi_group_repos | length > 0
+      when: nxs_delete_pypi_group_repos | length > 0 and nexus_enforce_desired_state | bool
       tags: pypi
   when: not nexus_config_dry_run
   tags: