Add agnosticd_user_info for ocp4_workshop (#1320)

Johnathan Kupferer

2020-03-16 4663a06ee72eadd3be41cddbeb539ef3f462ee8a

 ansible/configs/ocp4-workshop/software.yml

@@ -25,10 +25,10 @@
            remote_src: yes

        - name: Install awscli
          become: yes
          command: /tmp/awscli-bundle/install -i /usr/local/aws -b /bin/aws
          args:
            creates: /usr/local/aws
          become: yes

        - name: cleanup archive and tmp files
          file:
@@ -51,35 +51,27 @@
              aws_access_key_id = {{ hostvars.localhost.student_access_key_id }}
              aws_secret_access_key = {{ hostvars.localhost.student_secret_access_key }}

        - name: Install Packages
          become: yes
          package:
            name:
              - golang
              - python2-boto3
              - unzip

        - name: Get OS (var)
          shell: "/usr/bin/go env GOOS"
          register: GOOS_VAR

        - name: Get Arch (var)
          shell: "/usr/bin/go env GOARCH"
          register: GOARCH_VAR
        # For GA Releases 
        - name: Set URLs for OpenShift GA releases
          when: not ocp4_installer_use_dev_preview | d(False) | bool
          set_fact:
            ocp4_installer_url: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_installer_version }}/openshift-install-linux-{{ ocp4_installer_version }}.tar.gz"
            ocp4_client_url: "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{{ ocp4_installer_version }}/openshift-client-linux-{{ ocp4_installer_version }}.tar.gz"

        - name: Get the OpenShift Installer
          become: yes
          get_url:
            url: "https://github.com/openshift/installer/releases/download/{{ ocp4_installer_version }}/openshift-install-{{ GOOS_VAR.stdout }}-{{ GOARCH_VAR.stdout }}"
            dest: /usr/bin/openshift-install
            mode: 0775
          unarchive:
            src: "{{ ocp4_installer_url}} "
            remote_src: yes
            dest: /usr/bin
            mode: 0755
            owner: root
            group: root

        - name: Get the OpenShift CLI
          become: yes
          unarchive:
            src: "https://mirror.openshift.com/pub/openshift-v3/clients/{{ oc_client_version }}/linux/oc.tar.gz"
            src: "{{ ocp4_client_url }}"
            remote_src: yes
            dest: /usr/bin
            mode: 0775
@@ -106,7 +98,8 @@
            path: /home/{{ ansible_user }}/{{ cluster_name }}
            state: directory

        - stat:
        - name: Check if version specific install-config.j2 exists
          stat:
            path: files/install-config.yaml.{{ ocp4_installer_version }}.j2
          register: rconfig
          delegate_to: localhost
@@ -130,6 +123,7 @@
          tags:
          - run_installer
          command: openshift-install create cluster --dir=/home/{{ ansible_user }}/{{ cluster_name }}
          async: "{{ 2 * 60 * 60 }}"

        - name: Fetch kube config
          fetch:
@@ -182,57 +176,73 @@
          delay: 30
          until: routeconsole is succeeded
          ignore_errors: yes
#          tags: post_flight_check

        # Adjust for clusters with just one worker. Default is two routers with antiAffinity rules.
        # Which means that one router is pending. This doesn't work with Certificates
        - name: Set number of Ingress Controller replicas to 1 if only one worker node deployed
          when: worker_instance_count == 1
          environment:
            KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig
          shell: "oc patch ingresscontroller default --type=merge --patch='{\"spec\": { \"replicas\": 1 }}' -n openshift-ingress-operator"
          ignore_errors: yes

        - name: Set webconsole address
          set_fact:
            webconsole: "http://{{ routeconsole.stdout | from_json | json_query('spec.host') }}"
          when: routeconsole is succeeded
#          tags: post_flight_check

        # sometimes the route is not ready, guess it
        - name: Guess webconsole address
          set_fact:
            webconsole: "http://console-openshift-console.apps.{{ cluster_name }}.{{ guid }}.{{ subdomain_base }}"
          when: routeconsole is failed
#          tags: post_flight_check

        - name: Get API for command line
          environment:
            KUBECONFIG: /home/{{ ansible_user }}/{{ cluster_name }}/auth/kubeconfig
          command: oc whoami --show-server
          register: showserver
#          tags: post_flight_check

          register: r_showserver

        - name: Print Overview
          debug:
          agnosticd_user_info:
            msg: "{{ item }}"
          with_items:
            - "user.info: Openshift Master Console: {{ webconsole }}"
            - "user.info: Openshift API for command line 'oc' client: {{ showserver.stdout | trim }}"
            - "user.info: Download oc client from https://mirror.openshift.com/pub/openshift-v3/clients/{{ oc_client_version }}"
          loop:
            - "Openshift Master Console: {{ webconsole }}"
            - "Openshift API for command line 'oc' client: {{ r_showserver.stdout | trim }}"
            - "Download oc client from {{ ocp4_client_url }}"

        - name: Print Overview
          agnosticd_user_info:
            data:
              openshift_console_url: "{{ webconsole }}"
              openshift_api_url: "{{ r_showserver.stdout | trim }}"
              openshift_client_download_url: "{{ ocp4_client_url }}"

        - name: Output htpasswd
          debug:
            msg: "user.info: This cluster has authentication enabled. You can use '{{ admin_user }}' with password '{{ admin_password }}' to access your cluster"
          agnosticd_user_info:
            msg: "This cluster has authentication enabled. You can use '{{ admin_user }}' with password '{{ admin_password }}' to access your cluster"
            data:
              openshift_admin_user: "{{ admin_user }}"
              openshift_admin_password: "{{ admin_password }}"
          when:
            - admin_password is defined
            - install_idm == "htpasswd"

        - name: Output kubeadmin
          debug:
            msg: "user.info: Kubeadmin user / password: kubeadmin / {{ kubeadminr.content | b64decode }}"
          agnosticd_user_info:
            msg: "Kubeadmin user / password: kubeadmin / {{ kubeadminr.content | b64decode }}"
            data:
              openshift_kubeadmin_password: "{{ kubeadminr.content | b64decode }}"
          when: >-
            install_idm is not defined
            or install_idm != "htpasswd"

        - name: Print SSH warning
          debug:
          agnosticd_user_info:
            msg: "{{ item }}"
          with_items:
            - "user.info: "
            - "user.info: You *CANNOT* SSH into this environment"
          loop:
            - ""
            - "You *CANNOT* SSH into this environment"
          when: not install_student_user | bool

      always:
@@ -246,35 +256,51 @@
  gather_facts: false
  become: false
  tasks:
    # NOT Pre-installed 
    - name: Print Student aws access as user.info
      debug:
        msg: "{{ item }}"
      with_items:
        - "user.info: Top level domain: {{ subdomain_base_suffix }}"
        - "user.info: "
        - "user.info: WARNING: with great power comes great responsibility. We monitor usage."
        - "user.info: Your AWS programmatic access:"
        - "user.info: aws_access_key_id = {{ student_access_key_id }}"
        - "user.info: aws_secret_access_key = {{ student_secret_access_key }}"
      when:
    # NOT Pre-installed
    - when:
        - not install_ocp4 | bool
        - student_access_key_id is defined
        - student_secret_access_key is defined
      block:
        - name: Print Student aws access as user.info
          agnosticd_user_info:
            msg: "{{ item }}"
          loop:
            - "Top level domain: {{ subdomain_base_suffix }}"
            - ""
            - "WARNING: with great power comes great responsibility. We monitor usage."
            - "Your AWS programmatic access:"
            - "aws_access_key_id = {{ student_access_key_id }}"
            - "aws_secret_access_key = {{ student_secret_access_key }}"

        - name: Set aws access user data
          agnosticd_user_info:
            data:
              subdomain_base_suffix: "{{ subdomain_base_suffix }}"
              aws_access_key_id: "{{ student_access_key_id }}"
              aws_secret_access_key: "{{ student_secret_access_key }}"

    - when:
        - install_student_user | bool
        - student_name is defined
        - student_password is defined
        - student_password is defined or hostvars[groups.bastions.0].student_password is defined
      block:
        - name: Print Student SSH access as user.info
          debug:
          agnosticd_user_info:
            msg: "{{ item }}"
          with_items:
            - "user.info: "
            - "user.info: SSH Access: ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}"
            data:
              student_ssh_command: >-
                ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}
          loop:
            - ""
            - "SSH Access: ssh {{ student_name }}@bastion.{{ guid }}{{ subdomain_base_suffix }}"

        - name: Print Student SSH password as user.info
          debug:
            msg: "user.info: SSH password: {{ student_password }}"
          agnosticd_user_info:
            msg: "SSH password: {{ student_ssh_password }}"
            data:
              student_ssh_password: "{{ student_ssh_password }}"
          vars:
            student_ssh_password: >-
              {{ student_password | default(hostvars[groups.bastions.0].student_password) }}
          when: print_student_password | default(true) | bool