ansible/roles/ocp4-workload-quay-operator/defaults/main.yml
@@ -3,56 +3,92 @@ ocp_username: opentlc-mgr silent: False _quay_project: quay-enterprise _quay_project_display: Red Hat Quay Registry _quay_name: quay ocp4_workload_quay_operator_defaults: project: quay-enterprise project_display: Red Hat Quay Registry name: quay # Deploy from Operator Hub # False is a manual deploy _quay_operator_hub: false # Quay starting CSV when deploying from Operator Hub starting_csv: quay.v1.0.2 # Quay starting CSV when deploying from Operator Hub _quay_operator_csv: quay.v1.0.2 # Verify successful deployment verify_deployment: true # Verify successful deployment _quay_verify_deployment: true # Image tag for Quay and Clair. Usually the same but can be set differently quay_image_tag: "v3.2.0" clair_image_tag: "v3.2.0" # Images to be used when deploying manually _quay_operator_image: quay.io/redhat-cop/quay-operator _quay_operator_image_tag: v1.0.1 # Image tag for Quay and Clair. Usually the same but can be set differently _quay_image_tag: v3.2.0 _clair_image_tag: "{{ _quay_image_tag }}" # Enable Clair clair_enabled: True # Clair Update Interval (Default 6h) clair_update_interval: "10m" # Enable Clair _quay_clair_enabled: True # Clair Update Interval (Default 6h) _quay_clair_update_interval: "10m" # Quay Route. Should be overwritten route: "" # Quay Superuser superuser_username: quayadmin superuser_email: rhpds-admins@redhat.com # Super User Password needs to be at least 8 characters # Will be generated with 12 random ascii characters if not defined #superuser_password: "" # Quay Config Password (username is always 'quayconfig'): config_app_password: quayconfig # Resources for Quay Database quay_db_volume_size: 10Gi quay_db_cpu_request: "100m" quay_db_cpu_limit: "100m" quay_db_memory_request: "128Mi" quay_db_memory_limit: "128Mi" # Resources for Clair Database clair_db_cpu_request: "100m" clair_db_cpu_limit: "100m" clair_db_memory_request: "128Mi" clair_db_memory_limit: "128Mi" # Resources for Quay quay_volume_size: 15Gi quay_cpu_request: "1" quay_cpu_limit: "2" quay_memory_request: "6Gi" quay_memory_limit: "6Gi" # Resources for Clair clair_cpu_request: "200m" clair_cpu_limit: "500m" clair_memory_request: "1Gi" clair_memory_limit: "1Gi" # Resources for Redis redis_cpu_request: "100m" redis_cpu_limit: "100m" redis_memory_request: "128Mi" redis_memory_limit: "128Mi" # Resources for Quay Config Pod config_cpu_request: "400m" config_cpu_limit: "400m" config_memory_request: "512Mi" config_memory_limit: "512Mi" # Certificates # Pass these certificates. Otherwise the role will try to determine if # the bastion has usable certificates (from the ocp4-workload-enable-letsencrypt role) in # $HOME/certificates and use those. ssl_certificate: "" ssl_key: "" # Access Credentials for Quay.io to pull Red Hat Quay # Should be overwritten via base64 encoded Global Variables !!! # reference https://access.redhat.com/solutions/3533201 _quay_dockerconfigjson: 'pull_secret' # ocp4_workload_quay_operator_secrets: # quay_dockerconfigjson: 'pull_secret' # Quay Route. Should be overwritten _quay_route: "" # Quay Superuser # Super User Password needs to be at least 8 characters _quay_superuser_username: quayadmin _quay_superuser_password: "" _quay_superuser_email: rhpds-admins@redhat.com # Quay Config Password (username is always 'quayconfig'): _quay_config_app_password: quayconfig # Persistent Volumes Sizes _quay_database_volume_size: 10Gi _quay_volume_size: 15Gi # Certificates # Pass these certificates. Otherwise the role will try to determine if # the bastion has usable certificates (from the ocp4-workload-enable-letsencrypt role) in # $HOME/certificates and use those. _quay_ssl_certificate: "" _quay_ssl_key: "" # Internal variables. Don't set or change ocp4_workload_quay_operator_quay_route: "" ocp4_workload_quay_operator_superuser_password: "" ocp4_workload_quay_operator_ssl_certificate: "" ocp4_workload_quay_operator_ssl_key: "" ansible/roles/ocp4-workload-quay-operator/tasks/main.yml
@@ -1,5 +1,4 @@ --- # Do not modify this file - name: Running Pre Workload Tasks ansible/roles/ocp4-workload-quay-operator/tasks/remove_workload.yml
@@ -1,39 +1,21 @@ --- # Implement your Workload removal tasks here - name: Set up combined ocp4_workload_quay_operator dictionary set_fact: ocp4_workload_quay_operator: >- {{ ocp4_workload_quay_operator_defaults | combine(ocp4_workload_quay_operator_input | default( {} ), ocp4_workload_quay_operator_secret | default( {} ), recursive=true) }} - name: Remove Quay Resources - name: Remove Red Hat Quay Operator k8s: state: absent definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/quay.j2 - name: Remove Red Hat Quay Operator (OLM install) when: _quay_operator_hub | bool k8s: state: absent definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/subscription.j2 - ./templates/operatorgroup.j2 - ./templates/catalogsourceconfig.j2 - name: Remove Red Hat Quay Operator (Manual install) when: not _quay_operator_hub | bool k8s: state: absent definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/operator.j2 - ./templates/service_account.j2 - ./templates/role.j2 - ./templates/role_binding.j2 - ./templates/cluster_role_binding.j2 # NOT removing Cluster Resources because there may be # other projects with Quay Operators in them. # Removing Cluster Resources would screw those up. #- ./templates/cluster_role.j2 #- ./templates/crd.j2 - name: Remove Red Hat Quay Operator (Shared resources) k8s: ansible/roles/ocp4-workload-quay-operator/tasks/workload.yml
@@ -1,20 +1,42 @@ --- # Implement your Workload deployment tasks here - name: Set up combined ocp4_workload_quay_operator dictionary set_fact: ocp4_workload_quay_operator: >- {{ ocp4_workload_quay_operator_defaults | combine(ocp4_workload_quay_operator_input | default( {} ), ocp4_workload_quay_operator_secret | default( {} ), recursive=true) }} - name: Print combined role variables debug: var: ocp4_workload_quay_operator verbosity: 2 - name: Setting up workload for user debug: msg: "Setting up workload for user ocp_username = {{ ocp_username }}" - name: Generate Quay Superuser Password set_fact: _quay_superuser_password: "{{ lookup('password', '/dev/null length=12 chars=ascii_letters') }}" when: - _quay_superuser_password is not defined or _quay_superuser_password|length == 0 - ocp4_workload_quay_operator.superuser_password is not defined or ocp4_workload_quay_operator.superuser_password|length == 0 set_fact: ocp4_workload_quay_operator_superuser_password: "{{ lookup('password', '/dev/null length=12 chars=ascii_letters') }}" - name: Check if key file exist on bastion VM - name: Use provided Quay Superuser Password when: - ocp4_workload_quay_operator.superuser_password is defined - ocp4_workload_quay_operator.superuser_password|length > 0 set_fact: ocp4_workload_quay_operator_superuser_password: "{{ ocp4_workload_quay_operator.superuser_password }}" - name: Use provided key file when: ocp4_workload_quay_operator.ssl_key | length > 0 set_fact: ocp4_workload_quay_operator_ssl_key: ocp4_workload_quay_operator.ssl_key - name: Otherwise check if key file exist on bastion VM become: yes become_user: root when: _quay_ssl_key | length == 0 when: ocp4_workload_quay_operator.ssl_key | length == 0 block: - name: Check for Key file on Bastion stat: @@ -25,15 +47,20 @@ slurp: src: "/home/{{ ansible_user }}/certificates/privkey.pem" register: _quay_ssl_key_file - name: Set _quay_ssl_key - name: Set ocp4_workload_quay_operator_ssl_key when: r_ssl_key.stat.exists set_fact: _quay_ssl_key: "{{ _quay_ssl_key_file['content'] }}" ocp4_workload_quay_operator_ssl_key: "{{ _quay_ssl_key_file['content'] }}" - name: Check if certificate file exist on bastion VM - name: Use provided certificate file when: ocp4_workload_quay_operator.ssl_certificate | length > 0 set_fact: ocp4_workload_quay_operator_ssl_certificate: ocp4_workload_quay_operator.ssl_certificate - name: Otherwise check if certificate file exist on bastion VM become: yes become_user: root when: _quay_ssl_certificate | length == 0 when: ocp4_workload_quay_operator.ssl_certificate | length == 0 block: - name: Check for Certificate file on Bastion stat: @@ -44,10 +71,10 @@ slurp: src: "/home/{{ ansible_user }}/certificates/fullchain.pem" register: _quay_ssl_cert_file - name: Set _quay_ssl_certificate - name: Set ocp4_workload_quay_operator_ssl_certificate when: r_ssl_cert.stat.exists set_fact: _quay_ssl_certificate: "{{ _quay_ssl_cert_file['content'] }}" ocp4_workload_quay_operator_ssl_certificate: "{{ _quay_ssl_cert_file['content'] }}" - name: Determine Cluster Base Domain for Quay Route k8s_facts: @@ -56,11 +83,19 @@ name: cluster register: r_ingress_config - name: Set the Base Domain for Quay - name: Use Provided Quay route when: - ocp4_workload_quay_operator.route is defined - ocp4_workload_quay_operator.route | length > 0 set_fact: _quay_route: "quay-{{ guid }}.{{ r_ingress_config.resources[0].spec.domain }}" ocp4_workload_quay_operator_quay_route: "{{ ocp4_workload_quay_operator.route }}" - name: Create Quay Operator Common Resources - name: Otherwise use quay-{{guid}}.basedomain for the Quay route when: ocp4_workload_quay_operator.route is not defined or ocp4_workload_quay_operator.route | length == 0 set_fact: ocp4_workload_quay_operator_quay_route: "quay-{{ guid }}.{{ r_ingress_config.resources[0].spec.domain }}" - name: Create Quay Operator Resources k8s: state: present definition: "{{ lookup('template', item ) | from_yaml }}" @@ -69,65 +104,38 @@ - ./templates/pull_secret.j2 - ./templates/quay_superuser_secret.j2 - ./templates/quay_config_secret.j2 - ./templates/catalogsourceconfig.j2 - ./templates/operatorgroup.j2 - ./templates/subscription.j2 - name: Create Quay Operator from Operator Hub when: _quay_operator_hub | bool block: - name: Create Operator Resources k8s: state: present definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/catalogsourceconfig.j2 - ./templates/operatorgroup.j2 - ./templates/subscription.j2 - name: Wait for ClusterServiceVersion to appear k8s_facts: api_version: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion namespace: "{{ ocp4_workload_quay_operator.project }}" name: "{{ ocp4_workload_quay_operator.starting_csv }}" register: r_csv until: r_csv.resources | length > 0 retries: 30 delay: 10 - name: Wait for ClusterServiceVersion to appear k8s_facts: api_version: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion namespace: "{{ _quay_project }}" name: "{{ _quay_operator_csv }}" # field_selectors: # - status.phase=Succeeded register: r_csv until: r_csv.resources | length > 0 # until: r_csv.resources[0] and r_csv.resources[0].get('status') and r_csv.resources[0].status.phase == 'Succeeded' # ignore_errors: true retries: 30 delay: 10 - name: Wait for operator to be installed k8s_facts: api_version: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion namespace: "{{ _quay_project }}" name: "{{ _quay_operator_csv }}" field_selectors: - status.phase=Succeeded register: r_csv until: r_csv.resources[0] and r_csv.resources[0].get('status') and r_csv.resources[0].status.phase == 'Succeeded' retries: 30 delay: 10 - name: Wait for operator to be installed k8s_facts: api_version: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion namespace: "{{ ocp4_workload_quay_operator.project }}" name: "{{ ocp4_workload_quay_operator.starting_csv }}" field_selectors: - status.phase=Succeeded register: r_csv until: r_csv.resources[0] and r_csv.resources[0].get('status') and r_csv.resources[0].status.phase == 'Succeeded' retries: 30 delay: 10 - name: Create OpenShift Objects for Red Hat Quay Registry prerequisites when: not _quay_operator_hub | bool k8s: state: present definition: "{{ lookup('template', item ) | from_yaml }}" loop: - ./templates/crd.j2 - ./templates/service_account.j2 - ./templates/cluster_role.j2 - ./templates/cluster_role_binding.j2 - ./templates/role.j2 - ./templates/role_binding.j2 - ./templates/operator.j2 - name: Create OpenShift Objects for Red Hat Quay Registry Certificates when: - _quay_ssl_certificate | length > 0 - _quay_ssl_key | length > 0 - ocp4_workload_quay_operator_ssl_certificate | length > 0 - ocp4_workload_quay_operator_ssl_key | length > 0 k8s: state: present definition: "{{ lookup('template', item ) | from_yaml }}" @@ -142,13 +150,13 @@ - ./templates/quay.j2 - name: Verify successful rollout (and fix crash looping Quay pod if necessary) when: _quay_verify_deployment | bool when: ocp4_workload_quay_operator.verify_deployment | bool block: - name: Wait for Quay App Pod to appear k8s_facts: api_version: v1 kind: Pod namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" label_selectors: - app=quay-operator - quay-enterprise-component=app @@ -161,7 +169,7 @@ k8s_facts: api_version: v1 kind: Pod namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" label_selectors: - app=quay-operator - quay-enterprise-component=app @@ -172,12 +180,12 @@ retries: 15 delay: 5 - name: Delete crashing Pod to pick up SCC when: - not r_running_quay_pod.resources[0].status.containerStatuses[0].ready | bool - r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("CrashLoopBackOff") or r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("Error") shell: "oc delete pod {{ r_running_quay_pod.resources[0].metadata.name }} -n {{ _quay_project }}" # - name: Delete crashing Pod to pick up SCC # when: # - not r_running_quay_pod.resources[0].status.containerStatuses[0].ready | bool # - r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("CrashLoopBackOff") # or r_running_quay_pod.resources[0].status.containerStatuses[0].state.waiting.reason is match("Error") # shell: "oc delete pod {{ r_running_quay_pod.resources[0].metadata.name }} -n {{ ocp4_workload_quay_operator.project }}" # - name: Restart crashing Pod to pick up SCC # when: @@ -189,14 +197,22 @@ # api_version: v1 # kind: Pod # name: "{{ r_running_quay_pod.resources[0].metadata.name }}" # namespace: "{{ _quay_project }}" # namespace: "{{ ocp4_workload_quay_operator.project }}" - name: Get Quay Hostname k8s_facts: api_version: redhatcop.redhat.io/v1alpha1 kind: QuayEcosystem name: "{{ ocp4_workload_quay_operator.name }}" namespace: "{{ ocp4_workload_quay_operator.project }}" register: r_quay - name: Print Student as user.info debug: msg: "{{ item }}" with_items: - "user.info: Quay is available at https://{{ _quay_route }}. It may take 5 to 10 minutes for this route to respond." - "user.info: The Quay Super User is {{ _quay_superuser_username }} with password {{ _quay_superuser_password }}" - "user.info: Quay is available at https://{{r_quay.resources[0].status.hostname }}. It may take 5 to 10 minutes for this route to respond." - "user.info: The Quay Super User is {{ ocp4_workload_quay_operator.superuser_username }} with password {{ ocp4_workload_quay_operator_superuser_password }}" # Leave this as the last task in the playbook. - name: workload tasks complete ansible/roles/ocp4-workload-quay-operator/templates/catalogsourceconfig.j2
@@ -1,8 +1,9 @@ apiVersion: operators.coreos.com/v1 apiVersion: operators.coreos.com/v2 kind: CatalogSourceConfig metadata: name: "installed-community-{{ _quay_project }}" name: "installed-community-{{ ocp4_workload_quay_operator.project }}" namespace: openshift-marketplace spec: targetNamespace: "{{ _quay_project }}" source: community-operators targetNamespace: "{{ ocp4_workload_quay_operator.project }}" packages: quay ansible/roles/ocp4-workload-quay-operator/templates/cluster_role.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/cluster_role_binding.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/crd.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/operator.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/operatorgroup.j2
@@ -3,8 +3,8 @@ metadata: annotations: olm.providedAPIs: "QuayEcosystem.v1alpha1.redhatcop.redhat.iospec" name: "{{ _quay_project }}-operatorgroup" namespace: "{{ _quay_project }}" name: "{{ ocp4_workload_quay_operator.project }}-operatorgroup" namespace: "{{ ocp4_workload_quay_operator.project }}" spec: targetNamespaces: - "{{ _quay_project }}" - "{{ ocp4_workload_quay_operator.project }}" ansible/roles/ocp4-workload-quay-operator/templates/project.j2
@@ -3,9 +3,9 @@ metadata: annotations: openshift.io/description: "" openshift.io/display-name: "{{ _quay_project_display }}" openshift.io/display-name: "{{ ocp4_workload_quay_operator.project_display }}" openshift.io/requester: "system:admin" name: "{{ _quay_project }}" name: "{{ ocp4_workload_quay_operator.project }}" spec: finalizers: - kubernetes ansible/roles/ocp4-workload-quay-operator/templates/pull_secret.j2
@@ -2,7 +2,7 @@ kind: Secret metadata: name: quay-pull-secret namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" data: .dockerconfigjson: "{{ _quay_dockerconfigjson }}" .dockerconfigjson: "{{ ocp4_workload_quay_operator.dockerconfigjson }}" type: kubernetes.io/dockerconfigjson ansible/roles/ocp4-workload-quay-operator/templates/quay.j2
@@ -1,90 +1,82 @@ apiVersion: redhatcop.redhat.io/v1alpha1 kind: QuayEcosystem metadata: name: "{{ _quay_name }}" namespace: "{{ _quay_project }}" name: "{{ ocp4_workload_quay_operator.name }}" namespace: "{{ ocp4_workload_quay_operator.project }}" spec: quay: {% if _quay_image_tag is version_compare('v3.2.0', '>=') %} {% if ocp4_workload_quay_operator.quay_image_tag is version_compare('v3.2.0', '>=') %} enableRepoMirroring: true {% endif %} {% if _quay_operator_image_tag is version_compare('v1.0.2', '>=') or _quay_operator_hub | bool %} hostname: "{{ _quay_route }}" {% else %} routeHost: "{{ _quay_route }}" {% endif %} hostname: "{{ ocp4_workload_quay_operator_quay_route }}" imagePullSecretName: quay-pull-secret superuserCredentialsSecretName: quay-superuser-secret configSecretName: quay-config-secret {% if _quay_ssl_certificate | length > 0 and _quay_ssl_key | length > 0 %} {% if ocp4_workload_quay_operator_ssl_certificate | length > 0 and ocp4_workload_quay_operator_ssl_key | length > 0 %} sslCertificatesSecretName: quay-ssl-certificate-secret {% endif %} database: deploymentStrategy: Recreate volumeSize: "{{ _quay_database_volume_size }}" volumeSize: "{{ ocp4_workload_quay_operator.quay_db_volume_size }}" resources: requests: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.quay_db_memory_request }}" cpu: "{{ ocp4_workload_quay_operator.quay_db_cpu_request }}" limits: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.quay_db_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.quay_db_cpu_limit}}" deploymentStrategy: Recreate image: "quay.io/redhat/quay:{{ _quay_image_tag }}" image: "quay.io/redhat/quay:{{ ocp4_workload_quay_operator.quay_image_tag }}" registryStorage: {% if _quay_operator_image_tag is version_compare('v1.0.0', '>=') %} persistentVolumeAccessModes: {% else %} persistentVolumeAccessMode: {% endif %} - ReadWriteOnce persistentVolumeSize: "{{ _quay_volume_size }}" persistentVolumeSize: "{{ ocp4_workload_quay_operator.quay_volume_size }}" resources: requests: memory: 6Gi cpu: "1" memory: "{{ ocp4_workload_quay_operator.quay_memory_request }}" cpu: "{{ ocp4_workload_quay_operator.quay_cpu_request }}" limits: memory: 6Gi cpu: "2" memory: "{{ ocp4_workload_quay_operator.quay_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.quay_cpu_limit }}" configResources: requests: memory: 512Mi cpu: 400m memory: "{{ ocp4_workload_quay_operator.config_memory_request }}" cpu: "{{ ocp4_workload_quay_operator.config_cpu_request }}" limits: memory: 512Mi cpu: 400m memory: "{{ ocp4_workload_quay_operator.config_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.config_cpu_limit }}" redis: deploymentStrategy: Recreate resources: requests: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.redis_memory_request}}" cpu: "{{ ocp4_workload_quay_operator.redis_cpu_request }}" limits: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.redis_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.redis_cpu_limit }}" {% if _quay_clair_enabled | bool %} {% if ocp4_workload_quay_operator.clair_enabled | bool %} clair: enabled: true deploymentStrategy: Recreate image: "quay.io/redhat/clair-jwt:{{ _clair_image_tag}}" image: "quay.io/redhat/clair-jwt:{{ ocp4_workload_quay_operator.clair_image_tag }}" imagePullSecretName: quay-pull-secret updateInterval: "{{ _quay_clair_update_interval }}" updateInterval: "{{ ocp4_workload_quay_operator.clair_update_interval }}" resources: requests: memory: 1Gi cpu: 200m memory: "{{ ocp4_workload_quay_operator.clair_memory_request }}" cpu: "{{ ocp4_workload_quay_operator.clair_cpu_request }}" limits: memory: 1Gi cpu: 500m memory: "{{ ocp4_workload_quay_operator.clair_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.clair_cpu_limit }}" database: deploymentStrategy: Recreate resources: requests: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.clair_db_memory_request }}" cpu: "{{ ocp4_workload_quay_operator.clair_db_cpu_request }}" limits: memory: 128Mi cpu: 100m memory: "{{ ocp4_workload_quay_operator.clair_db_memory_limit }}" cpu: "{{ ocp4_workload_quay_operator.clair_db_cpu_limit }}" {% endif %} ansible/roles/ocp4-workload-quay-operator/templates/quay_config_secret.j2
@@ -2,6 +2,6 @@ kind: Secret metadata: name: quay-config-secret namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" stringData: config-app-password: "{{ _quay_config_app_password }}" config-app-password: "{{ ocp4_workload_quay_operator.config_app_password }}" ansible/roles/ocp4-workload-quay-operator/templates/quay_ssl_certificate_secret.j2
@@ -2,7 +2,7 @@ kind: Secret metadata: name: quay-ssl-certificate-secret namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" data: ssl.cert: "{{ _quay_ssl_certificate }}" ssl.key: "{{ _quay_ssl_key }}" ssl.cert: "{{ ocp4_workload_quay_operator_ssl_certificate }}" ssl.key: "{{ ocp4_workload_quay_operator_ssl_key }}" ansible/roles/ocp4-workload-quay-operator/templates/quay_superuser_secret.j2
@@ -2,8 +2,8 @@ kind: Secret metadata: name: quay-superuser-secret namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" stringData: superuser-username: "{{ _quay_superuser_username }}" superuser-password: "{{ _quay_superuser_password }}" superuser-email: "{{ _quay_superuser_email }}" superuser-username: "{{ ocp4_workload_quay_operator.superuser_username }}" superuser-password: "{{ ocp4_workload_quay_operator_superuser_password }}" superuser-email: "{{ ocp4_workload_quay_operator.superuser_email }}" ansible/roles/ocp4-workload-quay-operator/templates/role.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/role_binding.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/service_account.j2
File was deleted ansible/roles/ocp4-workload-quay-operator/templates/subscription.j2
@@ -2,14 +2,14 @@ kind: Subscription metadata: name: quay namespace: "{{ _quay_project }}" namespace: "{{ ocp4_workload_quay_operator.project }}" labels: csc-owner-name: "installed-community-{{ _quay_project }}" csc-owner-name: "installed-community-{{ ocp4_workload_quay_operator.project }}" csc-owner-namespace: openshift-marketplace spec: channel: stable installPlanApproval: Automatic name: quay source: "installed-community-{{ _quay_project }}" sourceNamespace: "{{ _quay_project }}" startingCSV: "{{ _quay_operator_csv }}" source: "installed-community-{{ ocp4_workload_quay_operator.project }}" sourceNamespace: "{{ ocp4_workload_quay_operator.project }}" startingCSV: "{{ ocp4_workload_quay_operator.starting_csv }}"