ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml
@@ -8,4 +8,8 @@ _retry: 180 _delay: 10 _user_login_password: openshift _account_password: a123456 _user_login_password: openshift _kie_container_id: proactive-fraud-detection-case_1.0.0-SNAPSHOT ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/files/businessautomation/payload.xml
New file @@ -0,0 +1 @@ <org.kie.server.api.model.cases.CaseFile><data><entry><string>activity</string><com.demo.SuspiciousActivity><riskRanking>3</riskRanking><transactions><com.demo.Transaction><amount>350.0</amount><dateTimeExec>2020-02-18T12:31:02.447</dateTimeExec><authCode>543</authCode><merchantCode>456-654-1234</merchantCode><location>635 Sutter Street, Union Square, San Francisco, CA 94102, USA</location><cardType>secured credit</cardType></com.demo.Transaction><com.demo.Transaction><amount>550.0</amount><dateTimeExec>2020-02-18T12:31:02.448</dateTimeExec><authCode>567</authCode><merchantCode>456-654-1234</merchantCode><location>635 Sutter Street, Union Square, San Francisco, CA 94102, USA</location><cardType>secured credit</cardType></com.demo.Transaction></transactions></com.demo.SuspiciousActivity></entry></data><userAssignments/><groupAssignments/><accessRestrictions/></org.kie.server.api.model.cases.CaseFile> ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomation.yml
File was deleted ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml
New file @@ -0,0 +1,69 @@ --- - name: Check BusinessCentral is running command: > oc rollout status DeploymentConfig/rhpam-authoring-rhpamcentr --watch=true -n "{{ _namespace }}" - name: Check KieServer is running command: > oc rollout status DeploymentConfig/rhpam-authoring-kieserver --watch=true -n "{{ _namespace }}" - name: Get Business Central route host command: > oc get route/rhpam-authoring-rhpamcentr -o jsonpath='{.spec.host}' -n "{{ _namespace }}" register: businesscentral_host retries: "{{ _retry }}" delay: "{{ _delay }}" until: businesscentral_host.stdout != "" - name: Get Business Central route host command: > oc get route/rhpam-authoring-kieserver -o jsonpath='{.spec.host}' -n "{{ _namespace }}" register: kieserver_host retries: "{{ _retry }}" delay: "{{ _delay }}" until: kieserver_host.stdout != "" - name: Wait for Business Central route to respond with 200 uri: url: "https://{{ businesscentral_host.stdout }}" method: GET validate_certs: false follow_redirects: yes register: bizcentralresult retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralresult.status == 200 - name: Wait for Kie Server route to respond with 200 uri: url: "https://{{ kieserver_host.stdout }}/services/rest/server" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: kieserverresult retries: "{{ _retry }}" delay: "{{ _delay }}" until: kieserverresult.status == 200 - name: Check proactive-fraud-detection-case responds with 201 uri: url: "https://{{ kieserver_host.stdout }}/services/rest/server/containers/{{ _kie_container_id }}/cases/proactivefrauddetectioncase.fraud-case/instances" method: POST body: "{{ lookup('file', role_path ~ '/files/businessautomation/payload.xml') | string }}" validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 201 headers: Accept: application/xml Content-Type: application/xml X-KIE-ContentType: XSTREAM register: kiedeployresult retries: "{{ _retry }}" delay: "{{ _delay }}" until: kiedeployresult.status == 201 ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml
@@ -12,14 +12,14 @@ - name: DataGrid for {{ _namespace }} include_tasks: workload_per_project_datagrid.yml - name: Business Automation for {{ _namespace }} include_tasks: workload_per_project_businessautomation.yml - name: Prometheus for {{ _namespace }} include_tasks: workload_per_project_prometheus.yml - name: Grafana for {{ _namespace }} include_tasks: workload_per_project_grafana.yml - name: Business Automation workload for {{ _namespace }} include_tasks: workload_per_project_businessautomationworkload.yml - name: Fuse workdload for {{ _namespace }} include_tasks: workload_per_project_fuseworkload.yml ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml
@@ -20,4 +20,11 @@ _gitea_admin_name: gitadmin _account_password: a123456 _user_login_password: openshift _user_login_password: openshift _kie_server_id: rhpam-authoring-kieserver _kie_project_id: proactive-fraud-detection-case _kie_container_id: proactive-fraud-detection-case_1.0.0-SNAPSHOT _kjar_group_id: com.demo _kjar_artefact_id: proactive-fraud-detection-case _kjar_version: "1.0.0-SNAPSHOT" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/files/businessautomation/kie.yml
File was deleted ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/files/prometheus/servicemonitor.yml
@@ -1,13 +1,42 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor --- kind: List apiVersion: v1 metadata: name: fuse-monitor labels: k8s-app: fuse-monitor spec: selector: matchLabels: expose: "true" endpoints: - interval: 30s port: prom name: service-monitors items: - apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: fuse-monitor labels: k8s-app: fuse-monitor spec: selector: matchLabels: expose: "true" endpoints: - interval: 30s port: prom - apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: kie-monitor labels: k8s-app: kie-monitor spec: selector: matchLabels: app: rhpam-authoring application: rhpam-authoring service: rhpam-authoring-kieserver endpoints: - interval: 30s port: http path: services/rest/metrics basicAuth: username: name: kie-monitor-basicauth key: username password: name: kie-monitor-basicauth key: password ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomation.yml
@@ -26,4 +26,4 @@ k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('file', role_path ~ '/files/businessautomation/kie.yml' ) | from_yaml }}" definition: "{{ lookup('template', role_path ~ '/templates/businessautomation/kie.j2' ) | from_yaml }}" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml
New file @@ -0,0 +1,233 @@ --- - name: Check BusinessCentral is running command: > oc rollout status DeploymentConfig/rhpam-authoring-rhpamcentr --watch=true -n "{{ _namespace }}" - name: Get Business Central route host command: > oc get route/rhpam-authoring-rhpamcentr -o jsonpath='{.spec.host}' -n "{{ _namespace }}" register: businesscentral_host retries: "{{ _retry }}" delay: "{{ _delay }}" until: businesscentral_host.stdout != "" - name: Wait for Business Central route to respond with 200 uri: url: "https://{{ businesscentral_host.stdout }}" method: GET validate_certs: false follow_redirects: yes register: bizcentralresult retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralresult.status == 200 - name: Check space exists in Business Central (note; error can be ignored) uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: bizcentralspace ignore_errors: true - name: Create space in Business Central uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces" method: POST body: "{{ body }}" body_format: json validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 202 register: bizcentralclone retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralclone.status == 202 when: bizcentralspace.status == 404 vars: body: name: "workshop" description: "Proactive Fraud Management with Case Management, Kafka and DMN Services" owner: "admin" defaultGroupId: "com.demo" - name: Check project exists in Business Central (note; error can be ignored) uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/projects/{{ _kie_container_id }}" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: bizcentralproject ignore_errors: true ### todo: only clone if it doesnt exist - name: Clone case into Business Central uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/git/clone" method: POST body: "{{ body }}" body_format: json validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 202 register: bizcentralclone retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralclone.status == 202 when: bizcentralproject.status == 404 vars: body: name: "proactive-fraud-detection-case" description: "proactive-fraud-detection-case" gitURL: "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-case.git" - name: Check job status for clone case in Business Central uri: url: "https://{{ businesscentral_host.stdout }}/rest/jobs/{{ bizcentralclone.json.jobId }}" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: bizcentralclone_job retries: "{{ _retry }}" delay: "{{ _delay }}" until: - bizcentralclone_job is not failed - bizcentralclone_job.json is defined - bizcentralclone_job.json.status == "SUCCESS" when: bizcentralproject.status == 404 - name: Maven install for project proactive-fraud-detection-case uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/projects/{{ _kie_project_id }}/maven/install" method: POST validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 202 register: bizcentralinstall retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralinstall.status == 202 - name: Check job status for maven install for project proactive-fraud-detection-case uri: url: "https://{{ businesscentral_host.stdout }}/rest/jobs/{{ bizcentralinstall.json.jobId }}" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: bizcentralinstall_job retries: "{{ _retry }}" delay: "{{ _delay }}" until: - bizcentralinstall_job is not failed - bizcentralinstall_job.json is defined - bizcentralinstall_job.json.status == "SUCCESS" - name: Maven deploy for project proactive-fraud-detection-case uri: url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/projects/{{ _kie_project_id }}/maven/deploy" method: POST validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 202 register: bizcentraldeploy retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentraldeploy.status == 202 - name: Check job status for maven deplop for project proactive-fraud-detection-case uri: url: "https://{{ businesscentral_host.stdout }}/rest/jobs/{{ bizcentraldeploy.json.jobId }}" method: GET validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: bizcentraldeploy_job retries: "{{ _retry }}" delay: "{{ _delay }}" until: - bizcentraldeploy_job is not failed - bizcentraldeploy_job.json is defined - bizcentraldeploy_job.json.status == "SUCCESS" - name: Delete KIE Container proactive-fraud-detection-case (note; error can be ignored) uri: url: "https://{{ businesscentral_host.stdout }}/rest/controller/management/servers/{{ _kie_server_id }}/containers/{{ _kie_container_id }}" method: DELETE validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 200 register: bizcentraldelete_container ignore_errors: true retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentraldelete_container.status == 404 - name: Create KIE Container proactive-fraud-detection-case uri: url: "https://{{ businesscentral_host.stdout }}/rest/controller/management/servers/{{ _kie_server_id }}/containers/{{ _kie_container_id }}" method: PUT body: "{{ body }}" body_format: json validate_certs: false follow_redirects: yes user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true status_code: 201 register: bizcentralcreate_container retries: "{{ _retry }}" delay: "{{ _delay }}" until: bizcentralcreate_container.status == 201 vars: body: container-id: "{{ _kie_container_id }}" container-name: "{{ _kie_container_id }}" server-template-key : server-id: '{{ _kie_server_id }}' status: "STARTED" release-id: group-id: "{{ _kjar_group_id }}" artifact-id: "{{ _kjar_artefact_id }}" version: "{{ _kjar_version }}" configuration: 'RULE': 'org.kie.server.controller.api.model.spec.RuleConfig': 'pollInterval': null 'scannerStatus': "STOPPED" 'PROCESS': 'org.kie.server.controller.api.model.spec.ProcessConfig': 'runtimeStrategy': "SINGLETON" kbase: '' ksession: '' 'mergeMode': "MERGE_COLLECTIONS" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml
@@ -1,7 +1,7 @@ --- - name: Get Fuse template uri: url: "https://{{ gitea_route.stdout }}/{{ _namespace }}/pam-fraudmanagement/raw/branch/master/fuse/.openshiftio/application.yaml" url: "https://{{ gitea_route.stdout }}/{{ _namespace }}/proactive-fraud-detection-fuse/raw/branch/master/.openshiftio/application.yaml" method: GET body_format: json validate_certs: false @@ -10,7 +10,7 @@ - name: Process Fuse workload template command: > oc process -p SOURCE_REPOSITORY_URL=http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/pam-fraudmanagement.git -p KAFKA_BROKERS={{ _namespace }}-cluster-kafka-brokers:9092 -f - oc process -p SOURCE_REPOSITORY_URL=http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-fuse.git -p KAFKA_BROKERS={{ _namespace }}-cluster-kafka-brokers:9092 -f - args: stdin: "{{ fusetemplate.content | string }}" register: fusework ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_gitea.yml
@@ -30,15 +30,81 @@ source_id: 0 username: "{{ _namespace }}" - name: Check if gitea pam-fraudmanagement project already exists (note; error can be ignored) - name: Check if gitea proactive-fraud-detection-bucketrepo repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/pam-fraudmanagement" url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-bucketrepo" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_pam_project register: gitea_repo_bucketrepo ignore_errors: true - name: Check if gitea proactive-fraud-detection-doc repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-doc" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_doc ignore_errors: true - name: Check if gitea proactive-fraud-detection-fuse repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-fuse" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_fuse ignore_errors: true - name: Check if gitea proactive-fraud-detection-kafka repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-kafka" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_kafka ignore_errors: true - name: Check if gitea proactive-fraud-detection-dmn repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-dmn" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_dmn ignore_errors: true - name: Check if gitea proactive-fraud-detection-case repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-case" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_case ignore_errors: true - name: Check if gitea proactive-fraud-detection-kclient repo already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/proactive-fraud-detection-kclient" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_repo_kclient ignore_errors: true - name: Get gitea user info @@ -50,9 +116,8 @@ password: "{{ _account_password }}" force_basic_auth: true register: gitea_insystem_user when: gitea_pam_project.status == 404 - name: Deploy pam-fraudmanagement into gitea - name: Deploy proactive-fraud-detection-bucketrepo into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST @@ -63,11 +128,130 @@ user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_pam_project.status == 404 when: gitea_repo_bucketrepo.status == 404 vars: body: '{ "clone_addr": "https://github.com/RedHat-Consulting-UK/summit-2020-pam-fraudmanagement.git", "description": "Proactive Fraud Management with Case Management, Kafka and DMN Services", "repo_name": "pam-fraudmanagement", "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-bucketrepo.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-bucketrepo.git", "repo_name": "proactive-fraud-detection-bucketrepo", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-doc into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_doc.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-doc.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-doc.git", "repo_name": "proactive-fraud-detection-doc", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-fuse into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_fuse.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-fuse.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-fuse.git", "repo_name": "proactive-fraud-detection-fuse", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-kafka into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_kafka.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-kafka.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-kafka.git", "repo_name": "proactive-fraud-detection-kafka", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-dmn into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_dmn.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-dmn.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-dmn.git", "repo_name": "proactive-fraud-detection-dmn", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-case into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_case.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-case.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-case.git", "repo_name": "proactive-fraud-detection-case", "uid": {{ gitea_insystem_user.json.id | int }} }' - name: Deploy proactive-fraud-detection-kclient into gitea uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/migrate" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_repo_kclient.status == 404 vars: body: '{ "clone_addr": "https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-kclient.git", "description": "Mirrored from https://gitlab.com/2020-summit-labs/proactive-fraud-detection/proactive-fraud-detection-kclient.git", "repo_name": "proactive-fraud-detection-kclient", "uid": {{ gitea_insystem_user.json.id | int }} }' ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_prometheus.yml
@@ -34,16 +34,22 @@ k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/files/prometheus/route.yml' ) | from_yaml }}" definition: "{{ lookup('file', role_path ~ '/files/prometheus/route.yml' ) | from_yaml }}" - name: Create Prometheus Service k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/files/prometheus/service.yml' ) | from_yaml }}" definition: "{{ lookup('file', role_path ~ '/files/prometheus/service.yml' ) | from_yaml }}" - name: Create Prometheus ServiceMonitor Auth k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/templates/prometheus/servicemonitor-auth.j2' ) | from_yaml }}" - name: Create Prometheus ServiceMonitor k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/files/prometheus/servicemonitor.yml' ) | from_yaml }}" definition: "{{ lookup('file', role_path ~ '/files/prometheus/servicemonitor.yml' ) | from_yaml }}" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml
@@ -55,7 +55,10 @@ - name: Grafana for {{ _namespace }} include_tasks: workload_per_project_grafana.yml - name: Fuse workdload for {{ _namespace }} - name: Business Automation workload for {{ _namespace }} include_tasks: workload_per_project_businessautomationworkload.yml - name: Fuse workload for {{ _namespace }} include_tasks: workload_per_project_fuseworkload.yml - name: Print Overview ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/businessautomation/kie.j2
New file @@ -0,0 +1,30 @@ apiVersion: app.kiegroup.org/v2 kind: KieApp metadata: name: rhpam-authoring spec: environment: rhpam-authoring commonConfig: adminUser: "{{ _namespace }}" adminPassword: "{{ _account_password }}" objects: console: resources: limits: memory: 4Gi requests: memory: 4Gi env: - name: KIE_ADMIN_USER value: "{{ _namespace }}" - name: KIE_ADMIN_PWD value: "{{ _account_password }}" - name: MAVEN_MIRROR_URL value: http://mavenrepo.codeready-workspaces.svc.cluster.local:8080/bucketrepo/ servers: - deployments: 1 env: - name: JAVA_OPTS_APPEND value: "-Dorg.kie.prometheus.server.ext.disabled=false" - name: MAVEN_MIRROR_URL value: http://mavenrepo.codeready-workspaces.svc.cluster.local:8080/bucketrepo/ ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/codeready-workspaces/workspace.j2
@@ -4,9 +4,51 @@ }, "projects": [ { "name": "pam-fraudmanagement", "name": "proactive-fraud-detection-bucketrepo", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/pam-fraudmanagement.git", "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-bucketrepo.git", "type": "git" } }, { "name": "proactive-fraud-detection-doc", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-doc.git", "type": "git" } }, { "name": "proactive-fraud-detection-fuse", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-fuse.git", "type": "git" } }, { "name": "proactive-fraud-detection-kafka", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-kafka.git", "type": "git" } }, { "name": "proactive-fraud-detection-dmn", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-dmn.git", "type": "git" } }, { "name": "proactive-fraud-detection-case", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-case.git", "type": "git" } }, { "name": "proactive-fraud-detection-kclient", "source": { "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-kclient.git", "type": "git" } } ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/prometheus/servicemonitor-auth.j2
New file @@ -0,0 +1,14 @@ --- kind: List apiVersion: v1 metadata: name: service-monitors-auth items: - apiVersion: v1 kind: Secret metadata: name: kie-monitor-basicauth data: username: {{ _namespace | b64encode }} password: {{ _account_password | b64encode }} type: Opaque