---
|
|
# Project and user administration
|
|
- name: "Create project for workload {{namespace}}"
|
shell: "oc new-project {{namespace}}"
|
|
- name: "Create 2nd project for brokered workload {{namespace}}"
|
shell: "oc new-project {{namespace}}-brokered"
|
|
- name: Make sure we go back to default project
|
shell: "oc project default"
|
|
|
|
# ############### enmasse specific ###############
|
|
- name: Ensure the following directory is refreshed in remote, /tmp/{{namespace}}/enmasse
|
file:
|
path: "/tmp/{{namespace}}/enmasse"
|
state: absent
|
- file:
|
path: "/tmp/{{namespace}}/enmasse"
|
state: directory
|
|
- name: Clone community enmasse
|
git:
|
repo: "{{enmasse_repo_url}}"
|
dest: "/tmp/{{namespace}}/enmasse"
|
depth: 1
|
version: "{{enmasse_repo_tag}}"
|
|
# templates/install/ansible/inventory/singletenant-standard.example
|
- name: execute ansible-playbook using shell to create standard deployment
|
shell: |
|
ansible-playbook -i enmasse /tmp/{{namespace}}/enmasse/templates/install/ansible/playbooks/openshift/{{enmasse_template_file}} \
|
-e namespace={{namespace}} \
|
-e multitenant=false \
|
-e address_space_type=standard \
|
-e address_space_plan=unlimited-standard \
|
-e keycloak_admin_password={{keycloak_admin_password}} \
|
-e authentication_services={{authentication_services}} \
|
> /tmp/{{namespace}}/enmasse_install_standard.log
|
|
|
|
# enmasse/ansible/inventory/singletenant-brokered.example
|
- name: execute ansible-playbook using shell to create brokered ST deployment
|
shell: |
|
ansible-playbook -i enmasse /tmp/{{namespace}}/enmasse/templates/install/ansible/playbooks/openshift/{{enmasse_template_file}} \
|
-e namespace={{namespace}}-brokered \
|
-e multitenant=false \
|
-e address_space_type=brokered \
|
-e address_space_plan=unlimited-brokered \
|
-e keycloak_admin_password={{keycloak_admin_password}} \
|
-e authentication_services={{authentication_services}} \
|
> /tmp/{{namespace}}/enmasse_install_brokered.log
|
|
# ###############################################
|
|
- name: annotate the project as requested by user
|
shell: "oc annotate namespace {{namespace}} openshift.io/requester={{ocp_username}} --overwrite"
|
|
- name: Give ocp_username access to ocp_project
|
shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{namespace}}"
|
|
- name: annotate the brokered project as requested by user
|
shell: "oc annotate namespace {{namespace}}-brokered openshift.io/requester={{ocp_username}} --overwrite"
|
|
- name: Give ocp_username access to ocp_project
|
shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{namespace}}-brokered"
|
|
- name: workload Tasks Complete
|
debug:
|
msg: workload Tasks Complete
|