| | |
|---|
| | | debug: |
|---|
| | | msg: "Setting up workload for user ocp_username = {{ ocp_username }}" |
|---|
| | | |
|---|
| | | - name: Get ClusterVersion |
|---|
| | | k8s_facts: |
|---|
| | | api_version: config.openshift.io/v1 |
|---|
| | | kind: ClusterVersion |
|---|
| | | name: version |
|---|
| | | register: r_cluster_version |
|---|
| | | - name: Set ocp4_workload_quay_operator_cluster_version fact |
|---|
| | | set_fact: |
|---|
| | | ocp4_workload_quay_operator_cluster_version: "{{ r_cluster_version.resources[0].status.history[0].version }}" |
|---|
| | | - name: Print OpenShift version |
|---|
| | | debug: |
|---|
| | | msg: "Installing Quay Operator for OpenShift Version: {{ ocp4_workload_quay_operator_cluster_version }}" |
|---|
| | | |
|---|
| | | - name: Generate Quay Superuser Password |
|---|
| | | when: |
|---|
| | | - ocp4_workload_quay_operator.superuser_password is not defined or ocp4_workload_quay_operator.superuser_password|length == 0 |
|---|
| | |
|---|
| | | definition: "{{ lookup('template', item ) | from_yaml }}" |
|---|
| | | loop: |
|---|
| | | - ./templates/project.j2 |
|---|
| | | - ./templates/pull_secret.j2 |
|---|
| | | - ./templates/quay_superuser_secret.j2 |
|---|
| | | - ./templates/quay_config_secret.j2 |
|---|
| | | - ./templates/catalogsourceconfig.j2 |
|---|
| | | - ./templates/operatorgroup.j2 |
|---|
| | | - ./templates/subscription.j2 |
|---|
| | | - ./templates/pull_secret.j2 |
|---|
| | | - ./templates/quay_superuser_secret.j2 |
|---|
| | | - ./templates/quay_config_secret.j2 |
|---|
| | | |
|---|
| | | - name: Create OpenShift Objects for Red Hat Quay Registry Certificates |
|---|
| | | when: |
|---|
| | | - ocp4_workload_quay_operator_ssl_certificate | length > 0 |
|---|
| | | - ocp4_workload_quay_operator_ssl_key | length > 0 |
|---|
| | | k8s: |
|---|
| | | state: present |
|---|
| | | definition: "{{ lookup('template', item ) | from_yaml }}" |
|---|
| | | loop: |
|---|
| | | - ./templates/quay_ssl_certificate_secret.j2 |
|---|
| | | |
|---|
| | | - name: Wait for ClusterServiceVersion to appear |
|---|
| | | k8s_facts: |
|---|
| | |
|---|
| | | retries: 30 |
|---|
| | | delay: 10 |
|---|
| | | |
|---|
| | | - name: Wait for operator to be installed |
|---|
| | | - name: Wait for Quay operator to be ready |
|---|
| | | k8s_facts: |
|---|
| | | api_version: operators.coreos.com/v1alpha1 |
|---|
| | | kind: ClusterServiceVersion |
|---|
| | | api_version: v1 |
|---|
| | | kind: Deployment |
|---|
| | | namespace: "{{ ocp4_workload_quay_operator.project }}" |
|---|
| | | name: "{{ ocp4_workload_quay_operator.starting_csv }}" |
|---|
| | | field_selectors: |
|---|
| | | - status.phase=Succeeded |
|---|
| | | register: r_csv |
|---|
| | | until: r_csv.resources[0] and r_csv.resources[0].get('status') and r_csv.resources[0].status.phase == 'Succeeded' |
|---|
| | | name: "quay-operator" |
|---|
| | | register: r_qo_deployment |
|---|
| | | retries: 30 |
|---|
| | | delay: 10 |
|---|
| | | until: |
|---|
| | | - r_qo_deployment.resources | length | int > 0 |
|---|
| | | - r_qo_deployment.resources[0].status.availableReplicas is defined |
|---|
| | | - r_qo_deployment.resources[0].status.availableReplicas | int == r_qo_deployment.resources[0].spec.replicas | int |
|---|
| | | |
|---|
| | | - name: Create OpenShift Objects for Red Hat Quay Registry Certificates |
|---|
| | | when: |
|---|
| | | - ocp4_workload_quay_operator_ssl_certificate | length > 0 |
|---|
| | | - ocp4_workload_quay_operator_ssl_key | length > 0 |
|---|
| | | k8s: |
|---|
| | | state: present |
|---|
| | | definition: "{{ lookup('template', item ) | from_yaml }}" |
|---|
| | | loop: |
|---|
| | | - ./templates/quay_ssl_certificate_secret.j2 |
|---|
| | | |
|---|
| | | - name: Create OpenShift Objects for Red Hat Quay Registry |
|---|
| | | - name: Create Red Hat Quay Registry |
|---|
| | | k8s: |
|---|
| | | state: present |
|---|
| | | definition: "{{ lookup('template', item ) | from_yaml }}" |
|---|
| | | loop: |
|---|
| | | - ./templates/quay.j2 |
|---|
| | | |
|---|
| | | - name: Verify successful rollout (and fix crash looping Quay pod if necessary) |
|---|
| | | - name: Verify successful rollout |
|---|
| | | when: ocp4_workload_quay_operator.verify_deployment | bool |
|---|
| | | block: |
|---|
| | | - name: Wait for Quay App Pod to appear |
|---|
| | |
|---|
| | | retries: 15 |
|---|
| | | delay: 5 |
|---|
| | | |
|---|
| | | # - name: Delete crashing Pod to pick up SCC |
|---|
| | | # when: |
|---|
| | | # - not r_running_quay_pod.resources[0].status.containerStatuses[0].ready | bool |
|---|
| | | # - r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("CrashLoopBackOff") |
|---|
| | | # or r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("Error") |
|---|
| | | # shell: "oc delete pod {{ r_running_quay_pod.resources[0].metadata.name }} -n {{ ocp4_workload_quay_operator.project }}" |
|---|
| | | |
|---|
| | | # - name: Restart crashing Pod to pick up SCC |
|---|
| | | # when: |
|---|
| | | # - not r_running_quay_pod.resources[0].status.containerStatuses[0].ready | bool |
|---|
| | |
|---|
| | | debug: |
|---|
| | | msg: "{{ item }}" |
|---|
| | | with_items: |
|---|
| | | - "user.info: Quay is available at https://{{r_quay.resources[0].status.hostname }}. It may take 5 to 10 minutes for this route to respond." |
|---|
| | | - "user.info: The Quay Super User is {{ ocp4_workload_quay_operator.superuser_username }} with password {{ ocp4_workload_quay_operator_superuser_password }}" |
|---|
| | | - "user.info: Red Hat Quay is available at https://{{r_quay.resources[0].status.hostname }}." |
|---|
| | | - "user.info: The Red Hat Quay Super User is {{ ocp4_workload_quay_operator.superuser_username }} with password {{ ocp4_workload_quay_operator_superuser_password }}" |
|---|
| | | |
|---|
| | | # Leave this as the last task in the playbook. |
|---|
| | | - name: workload tasks complete |
|---|
