herve4m / herve4m.quay / 1.2.0 / module / quay_default_perm Manage Quay Container Registry default repository permissions | "added in version" 0.0.1 of herve4m.quay" Authors: Herve Quatremain (@herve4m)herve4m.quay.quay_default_perm (1.2.0) — module
Install with ansible-galaxy collection install herve4m.quay:==1.2.0
collections: - name: herve4m.quay version: 1.2.0
Create, delete, and update default repository permissions.
- name: Create default admin permission for user herve4m.quay.quay_default_perm: organization: production name: lvasquez type: user role: admin state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Create default write permission for robot herve4m.quay.quay_default_perm: organization: production name: production+automationrobot type: user role: write state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Create default read permission for team herve4m.quay.quay_default_perm: organization: production name: managers type: team role: read state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Grant read permission for the managers team when dwilde creates repo herve4m.quay.quay_default_perm: organization: production name: managers type: team role: read creator: dwilde state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure default permission for robot is removed herve4m.quay.quay_default_perm: organization: production name: production+automationrobot type: user state: absent quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
name: description: - Name of the user or team that gets permission to new created repositories in the organization. - For robot accounts use the C(namespace)+C(shortrobotname) format. required: true type: str role: choices: - read - write - admin description: - Permission that Quay automatically grants to the user or team on new created repositories in the organization. - If you do not provide that parameter, then the module uses C(read) by default. type: str type: choices: - user - team default: user description: - Type of the account defined in I(name). Choose C(user) for both user and robot accounts. type: str state: choices: - absent - present default: present description: - If C(absent), then the module deletes the default permission. - If C(present), then the module creates the default permission if it does not already exist. - If the default permission already exists, then the module updates its role parameter (C(read), C(write), or C(admin)). type: str creator: description: - Quay applies the default permission only when repositories are created by the user that you define in I(creator). - By default, if you do not provide that I(creator) parameter, then Quay applies the default permission to all new repositories, whoever creates them. - You cannot use robot accounts or teams for the I(creator) parameter. You can only use regular user accounts. type: str quay_host: default: http://127.0.0.1 description: - URL for accessing the API. U(https://quay.example.com:8443) for example. - If you do not set the parameter, then the module uses the C(QUAY_HOST) environment variable. - If you do no set the environment variable either, then the module uses the U(http://127.0.0.1) URL. type: str quay_token: description: - OAuth access token for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_TOKEN) environment variable. - Mutually exclusive with I(quay_username) and I(quay_password). type: str organization: description: - Name of the organization for the default permission. That organization must exist. required: true type: str quay_password: description: - The password to use for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_PASSWORD) environment variable. - If you set I(quay_password), then you also need to set I(quay_username). - Mutually exclusive with I(quay_token). type: str quay_username: description: - The username to use for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_USERNAME) environment variable. - If you set I(quay_username), then you also need to set I(quay_password). - Mutually exclusive with I(quay_token). type: str validate_certs: aliases: - verify_ssl default: true description: - Whether to allow insecure connections to the API. - If C(no), then the module does not validate SSL certificates. - If you do not set the parameter, then the module tries the C(QUAY_VERIFY_SSL) environment variable (C(yes), C(1), and C(True) mean yes, and C(no), C(0), C(False), and no value mean no). type: bool