| $ tree my-work -L 2 my-work |-- README.md |-- roles | |-- sudo | |-- logging | |-- cron | |-- your-role-example |-- test | |-- create-rm-stack-compute.yml | |-- delete-compute-rm-stack.yml | |-- inventory-localhost | |-- inventory.oci.yml | |-- readme | |-- test-role.py | |-- test-role.yml | |-- vars | | |-- main.yml | |-- tf-files | |-- core.tf | |-- core-vars.tf | |-- provider.tf | |-- provider-vars.tf | 
| --- # Help # https://github.com/oracle/oci-ansible-collection/blob/master/plugins/inventory/oci.py # https://oci-ansible-collection.readthedocs.io/en/latest/collections/oracle/oci/oci_inventory.html # https://docs.oracle.com/en/learn/olae-dyninv/#introduction # Oracle dynamic inventory plugin comes with OCI Ansible Collection plugin: oracle.oci.oci # ------------------------ # OCI Config information # ------------------------ # config_file: /my-home/.oci/config # config_profile: PHX # ------------------------ # Specify regio, do not use conf file # ------------------------ # One region regions: ap-phoenix-1 # Multiple regions, list type # regions: # - us-ashburn-1 # - us-phoenix-1 # Enable threads to speedup lookup enable_parallel_processing: true # default # ----------------------- # How to display hosts # ----------------------- hostname_format: "fqdn" # hostname_format: "display_name" # hostname_format: "private_ip" # --------------------- # Compartment # --------------------- compartments: - compartment_ocid: ocid-your-test-compartment # fetch_compute_hosts: true # default fetch_hosts_from_subcompartments: false ... | 
| 
variable "tenancy" {
  default     = "ocid1.tenancy.oc1.."
  description = "your tenancy"
}
variable "region" {
  default = "xx-xxx-1"
  description = "Your Region"
}
variable "user" {
  default     = "ocid1.user.oc1.."
  description = "your account"
  sensitive = true
}
variable "fingerprint" {
  default     = "xx:xx:xx:xx:xx"
  description = "your fingerprint"
  sensitive = true
}
variable "private_key" {
  default     = "/home/some-key.pem"
  description = "your private key"
  sensitive = true
}
 | 
| 
provider "oci" {
  tenancy_ocid     = var.tenancy
  region           = var.region
  user_ocid        = var.user
  fingerprint      = var.fingerprint
  private_key_path = var.private_key
}
 | 
| 
variable "ad" {
  default = "DSdu:xx-xxxx-1-AD-1"
  description = "your region"
}
variable "compartment" {
  default = "ocid1.compartment.oc1."
  description = "your compartment"
}
variable "shape" {
  default = "VM.Standard.E4.Flex"
  description = "Core shape"
}
variable "image_ol8" {
  default = "ocid1.image.oc1."
  description = "OL 8 image"
}
variable "subnet" {
  default = "ocid1.subnet.oc1."
  description = "your subet"
}
variable "ssh_key" {
  default = "ssh-rsa AAAAxxxxx-some-ssh-public-key"
  description = "ssh public key for default opc user"
}
 | 
| 
resource "oci_core_instance" "play_test_compute" {
  count = 1  # you can create more computes
  agent_config {
    are_all_plugins_disabled = "true"
    is_management_disabled = "true"
    is_monitoring_disabled = "true"
  }
  compartment_id = var.compartment
  availability_domain = var.ad
  create_vnic_details {
    subnet_id = var.subnet
    assign_public_ip = "false"
  }
  shape = var.shape
  shape_config {
    # baseline_ocpu_utilization = "BASELINE_1_1"
    memory_in_gbs = "8"
    ocpus = "1"
  }
  source_details {
    source_type = "image"
    source_id = var.image_ol8
  }
  metadata = {
    ssh_authorized_keys  = var.ssh_key
  }
}
 | 
| --- # your compartment name or description compartment: "ocid1.compartment.oc1." ... | 
| 
---
- name: Create RM stack and resources
  connection: local
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Load vars
      ansible.builtin.include_vars: "vars/main.yml"
    - name: Zip archive terraform files
      community.general.archive:
        path: tf-files/*.tf
        dest: /tmp/core-stack.zip
        format: zip
      register: stack_zip
    - name: Read the contents of the zip file
      ansible.builtin.set_fact:
        zip_content: "{{ lookup('file', \"{{ stack_zip.dest }}\") }}"
    - name: Create stack
      oracle.oci.oci_resource_manager_stack:
        state: present
        compartment_id: "{{ compartment }}"
        description: "RM stack for OL compute to test Ansible role"
        config_source:
          config_source_type: ZIP_UPLOAD
          zip_file_base64_encoded: "{{ zip_content | b64encode }}"
      register: _stack
    - name: Show stack ID
      ansible.builtin.debug:
        msg:
          - "Stack ID: {{ _stack.stack.id }}"
    - name: Save RM stack ID, to be used by delete play
      ansible.builtin.copy:
        content: "{{ _stack.stack.id }}"
        dest: "/tmp/deleteme-stack-id"
    - name: Plan Stack
      oracle.oci.oci_resource_manager_job:
        stack_id: "{{ _stack.stack.id }}"
        job_operation_details: "{'operation': 'PLAN'}"
      register: _plan
    - name: List stack plan info
      ansible.builtin.debug:
        msg:
          - "Plan Stack: {{ _plan }}"
    - name: Apply Stack
      oracle.oci.oci_resource_manager_job:
        stack_id: "{{ _stack.stack.id }}"
        job_operation_details:
          "{
            'operation': 'APPLY',
            'execution_plan_strategy': 'FROM_PLAN_JOB_ID',
            'execution_plan_job_id': '{{ _plan.job.id }}'
          }"
      register: _apply
    - name: List stack apply info
      ansible.builtin.debug:
        msg:
          - "Plan Stack: {{ _apply }}"
    - name: Delete Zip terraform archive
      ansible.builtin.file:
        path: "/tmp/core-stack.zip"
        state: absent
    - name: Wait 30 sec
      ansible.builtin.pause:
        seconds: 30
    - name: Get resources (computes) in stack
      oracle.oci.oci_resource_manager_stack_associated_resource_facts:
        stack_id: "{{ _stack.stack.id }}"
      register: _resources
    - name: List resources (computes) in stack
      ansible.builtin.debug:
        msg:
          - "{{ _resources.stack_associated_resources | json_query('[*].resource_id') }}"
...
 | 
| 
---
- name: Test play
  hosts: all
  become: true
  tasks:
    - name: Test role {{ role }}
      ansible.builtin.include_role:
        name: "../roles/{{ role }}"
...
 | 
| 
---
# https://docs.oracle.com/en-us/iaas/Content/ResourceManager/Tasks/create-job-destroy.htm
- name: Remove RM resources and stack
  connection: local
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Get exported stack id
      ansible.builtin.slurp:
        src: "/tmp/deleteme-stack-id"
      register: _stack_id
    - name: Show stack id to delete
      ansible.builtin.debug:
        msg: "Delete stack: {{ _stack_id['content'] | b64decode }}"
    - name: Destroy resources (computes) in stack
      oracle.oci.oci_resource_manager_job:
        stack_id: "{{ _stack_id['content'] | b64decode }}"
        job_operation_details:
          "{
            'operation': 'DESTROY',
            'execution_plan_strategy': 'AUTO_APPROVED'
          }"
    - name: Delete stack
      oracle.oci.oci_resource_manager_stack:
        state: absent
        stack_id: "{{ _stack_id['content'] | b64decode }}"
    - name: Delete RM stack ID
      ansible.builtin.file:
        path: "/tmp/deleteme-stack-id"
        state: absent
...
 | 
| 
#!/bin/python3
import os
import argparse
import ansible_runner
def mgmt_compute_play(playbook_path, inventory_path):
    r = ansible_runner.run(
        verbosity = 2,
        envvars = {'PATH': '/bin/:/sbin:/bin:/usr/sbin:/usr/bin'},
        playbook = playbook_path,
        inventory = inventory_path
    )
    print(r.stats)
def role_test(playbook_path, inventory_path, role, diff, check):
    if diff and not check:
        cmdline_opt = "--diff"
    elif check and not diff:
        cmdline_opt = "--check"
    elif check and diff:
        cmdline_opt = "--check --diff"
    else:
        cmdline_opt = ""
    r =ansible_runner.run(
        verbosity = 2,
        envvars = {'PATH': '/bin/:/sbin:/bin:/usr/sbin:/usr/bin'},
        playbook = playbook_path,
        inventory = inventory_path,
        extravars = {'role': role, 'ansible_ssh_user': 'opc',
                     'ansible_ssh_private_key_file': '/home/opc/.ssh/id_rsa_opc',
                     'ansible_ssh_common_args': '-o StrictHostKeyChecking=no'},
        cmdline = cmdline_opt
    )
    print(r.stats)
def main():
    parser = argparse.ArgumentParser(description="Test role using OCI Resource Manager - Stack - Compute.")
    parser.add_argument("-r", "--role", required=True, help="Role name")
    parser.add_argument("-d", "--diff", help="Diff mode", action="store_true")
    parser.add_argument("-c", "--check", help="Check mode", action="store_true")
    args = parser.parse_args()
    role = args.role
    diff = args.diff
    check = args.check
    # Absolute path to playbook, inventory
    work_dir = os.path.dirname(os.path.abspath(__file__))
    # create compute
    playbook_path_create_comp = os.path.join(work_dir, "create-rm-stack-compute.yml")
    playbook_path_delete_comp = os.path.join(work_dir, "delete-compute-rm-stack.yml")
    playbook_path_role_test = os.path.join(work_dir, "test-role.yml")
    inventory_localhost_path = os.path.join(work_dir, "inventory-localhost")
    dynamic_inventory_path = os.path.join(work_dir, "inventory.oci.yml")
    # create compute
    mgmt_compute_play(playbook_path_create_comp, inventory_localhost_path)
    # Role test
    role_test(playbook_path_role_test, dynamic_inventory_path, role, diff, check)
    # delete compute
    mgmt_compute_play(playbook_path_delete_comp, inventory_localhost_path)
if __name__ == "__main__":
    main()
 | 
| $ python3 test-role.py -h usage: test-role.py [-h] -r ROLE [-d] [-c] Test role using OCI Resource Manager - Stack - Compute. options: -h, --help show this help message and exit -r ROLE, --role ROLE Role name -d, --diff Diff mode -c, --check Check mode |