ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml
@@ -8,7 +8,7 @@ _retry: 180 _delay: 10 _ocp_version: 4.3.0 _ocp_version: v1.16.2 _amqstreams_csv_verison: amqstreams.v1.3.0 _businessautomation_csv_version : businessautomation-operator.1.3.0 @@ -17,6 +17,5 @@ _grafana_csv_version: grafana-operator.v2.0.0 _prometheus_csv_version: prometheusoperator.0.32.0 _account_name: gitadmin _account_password: 123456 _gitea_admin_name: gitadmin _account_password: a123456 ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/post_workload.yml
@@ -6,19 +6,6 @@ path: "{{ tmp_dir }}" state: absent - name: Print Overview debug: msg: "{{ item }}" with_items: - "user.info: Clients:" - "user.info: - Kafka: {{ kafka_clients.stdout }}" - "user.info: - Infinispan hotrod: {{ hotrod_clients.stdout }}" - "user.info: Tools:" - "user.info: - Code Ready Workspaces (u: {{ _namespace }}, p: {{ _account_password }}): http://{{ che_route.stdout }}" - "user.info: - Gitea (u: {{ _account_name }}, p: {{ _account_password }}): https://{{ gitea_route.stdout }}" - "user.info: - Prometheus: https://{{ prom_route.stdout }}" - "user.info: - Grafana: https://{{ grafana_route.stdout }}" # Leave this as the last task in the playbook. - name: post_workload tasks complete debug: ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/pre_workload.yml
@@ -17,8 +17,8 @@ - name: Fail if incorrect oc version fail: msg: Expected oc server version minor to be {{ _ocp_version }} when: (ocversion.stdout | from_json).openshiftVersion != _ocp_version msg: "Expected oc server version to be '{{ _ocp_version }}' but found '{{ (ocversion.stdout | from_json).serverVersion.gitVersion }}'" when: (ocversion.stdout | from_json).serverVersion.gitVersion != _ocp_version - name: Ensure tmp directory exists file: ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/remove_workload.yml
@@ -16,6 +16,7 @@ with_items: - "amq-streams" - "codeready-workspaces" - "gitea" ignore_errors: yes - name: Delete projects loop ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_cluster.yml
@@ -6,4 +6,10 @@ include_tasks: workload_per_cluster_amqstreams.yml - name: CodeReady Workspaces for cluster include_tasks: workload_per_cluster_codereadyworkspaces.yml include_tasks: workload_per_cluster_codereadyworkspaces.yml - name: Bucketrepo for {{ _namespace }} include_tasks: workload_per_cluster_bucketrepo.yml - name: Gitea for cluster include_tasks: workload_per_cluster_gitea.yml ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_cluster_bucketrepo.yml
File was renamed from ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_bucketrepo.yml @@ -1,4 +1,8 @@ --- - name: set namespace set_fact: _namespace: "codeready-workspaces" - name: Create Bucketrepo k8s: state: present ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_cluster_codereadyworkspaces.yml
@@ -11,7 +11,7 @@ - name: Create OperatorGroup for the operators k8s: state: present definition: "{{ lookup('template', role_path ~ '/templates/olm-operatorgroup/group.j2' ) | from_yaml }}" definition: "{{ lookup('template', role_path ~ '/templates/olm-operatorgroup/single-namespace.j2' ) | from_yaml }}" - name: Create operator k8s: ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_cluster_gitea.yml
New file @@ -0,0 +1,85 @@ --- - name: set namespace set_fact: _namespace: "gitea" - name: Create namespace for {{ _namespace }} k8s: state: present definition: "{{ lookup('template', role_path ~ '/templates/namespace.j2' ) | from_yaml }}" - name: Create OperatorGroup for the operators k8s: state: present definition: "{{ lookup('template', role_path ~ '/templates/olm-operatorgroup/single-namespace.j2' ) | from_yaml }}" - name: Create operator k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/templates/gitea/operator.j2' ) | from_yaml }}" - name: Create Gitea deployment k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('file', role_path ~ '/files/gitea/server.yml' ) | from_yaml }}" - name: Wait until gitea-server has Running condition command: > oc get Gitea/gitea-server -o jsonpath='{.status.conditions[?(@.type=="Running")].status}' -n "{{ _namespace }}" register: gitea retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea.stdout == "True" - name: Check gitea deployment is created command: > oc get Deployment/mygitea -o jsonpath='{.metadata.name}' -n "{{ _namespace }}" register: gitea_deployment retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_deployment.stdout == "mygitea" - name: Check Gitea is running command: > oc rollout status Deployment/mygitea --watch=true -n "{{ _namespace }}" - name: Get gitea pod name command: > oc get pods -l app=mygitea -o jsonpath='{.items[0].metadata.name}' -n "{{ _namespace }}" register: gitea_podname retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_podname.stdout != "" - name: Get gitea route host command: > oc get route/mygitea -o jsonpath='{.spec.host}' -n "{{ _namespace }}" register: gitea_route retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_route.stdout != "" - name: Wait for gitea route to respond with 200 uri: url: "https://{{ gitea_route.stdout }}" method: GET validate_certs: false register: result retries: "{{ _retry }}" delay: "{{ _delay }}" until: result.status == 200 - name: Check if gitea admin user already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/users/{{ _gitea_admin_name }}" method: GET validate_certs: false register: giteaadmin_user ignore_errors: true - name: Create admin user in gitea command: > oc exec {{ gitea_podname.stdout }} -n "{{ _namespace }}" -- /home/gitea/gitea admin create-user --username {{ _gitea_admin_name }} --password {{ _account_password }} --email {{ _gitea_admin_name }}@workshop.com --must-change-password=false --admin -c /home/gitea/conf/app.ini when: giteaadmin_user.status == 404 ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomation.yml
@@ -5,7 +5,7 @@ namespace: "{{ _namespace }}" definition: "{{ lookup('file', role_path ~ '/files/businessautomation/operator.yml' ) | from_yaml }}" - name: Wait until csv/{{ _businessautomation_csv_version }} is Succeeded - name: Wait until csv/{{ _businessautomation_csv_version }} is Succeeded command: > oc get csv/{{ _businessautomation_csv_version }} -o jsonpath='{.status.phase}' -n "{{ _namespace }}" register: bizscsv ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_codereadyworkspaces.yml
@@ -22,7 +22,7 @@ username: "{{ _namespace }}" enabled: true emailVerified: true firstName: "{{ _account_name }}" firstName: "{{ _namespace }}" lastName: Developer email: "{{ _namespace }}@workshop.com" credentials: ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml
@@ -1,7 +1,7 @@ --- - name: Get Fuse template uri: url: "https://{{ gitea_route.stdout }}/gitadmin/pam-fraudmanagement/raw/branch/master/fuse/.openshiftio/application.yaml" url: "https://{{ gitea_route.stdout }}/{{ _namespace }}/pam-fraudmanagement/raw/branch/master/fuse/.openshiftio/application.yaml" method: GET body_format: json validate_certs: false @@ -10,7 +10,7 @@ - name: Process Fuse workload template command: > oc process -f - oc process -p SOURCE_REPOSITORY_URL=http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/pam-fraudmanagement.git -p KAFKA_BROKERS={{ _namespace }}-cluster-kafka-brokers:9092 -f - args: stdin: "{{ fusetemplate.content | string }}" register: fusework @@ -25,10 +25,6 @@ command: > oc start-build BuildConfig/pam-fraudmanagement-fuse --wait -n "{{ _namespace }}" #- name: Check Fuse workload is running # command: > # oc rollout status DeploymentConfig/pam-fraudmanagement-fuse --watch=true -n "{{ _namespace }}" - name: todo debug: msg: "TODO: the workload needs to be told the kafka client svc, so the application.props can be a configmap/dynamic - once thats done, re-add above" - name: Check Fuse workload is running command: > oc rollout status DeploymentConfig/pam-fraudmanagement-fuse --watch=true -n "{{ _namespace }}" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_gitea.yml
@@ -1,85 +1,56 @@ --- - name: Create operator k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('template', role_path ~ '/templates/gitea/operator.j2' ) | from_yaml }}" - name: Create Gitea deployment k8s: state: present namespace: "{{ _namespace }}" definition: "{{ lookup('file', role_path ~ '/files/gitea/server.yml' ) | from_yaml }}" - name: Wait until gitea-server has Running condition command: > oc get Gitea/gitea-server -o jsonpath='{.status.conditions[?(@.type=="Running")].status}' -n "{{ _namespace }}" register: gitea retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea.stdout == "True" - name: Check gitea deployment is created command: > oc get Deployment/mygitea -o jsonpath='{.metadata.name}' -n "{{ _namespace }}" register: gitea_deployment retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_deployment.stdout == "mygitea" - name: Check Gitea is running command: > oc rollout status Deployment/mygitea --watch=true -n "{{ _namespace }}" - name: Get gitea pod name command: > oc get pods -l app=mygitea -o jsonpath='{.items[0].metadata.name}' -n "{{ _namespace }}" register: gitea_podname retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_podname.stdout != "" - name: Get gitea route host command: > oc get route/mygitea -o jsonpath='{.spec.host}' -n "{{ _namespace }}" register: gitea_route retries: "{{ _retry }}" delay: "{{ _delay }}" until: gitea_route.stdout != "" - name: Wait for gitea route to respond with 200 uri: url: "https://{{ gitea_route.stdout }}" method: GET validate_certs: false register: result retries: "{{ _retry }}" delay: "{{ _delay }}" until: result.status == 200 - name: Check if gitea user already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/users/{{ _account_name }}" url: "https://{{ gitea_route.stdout }}/api/v1/users/{{ _namespace }}" method: GET validate_certs: false register: gitea_user ignore_errors: true - name: Create user in gitea command: > oc exec {{ gitea_podname.stdout }} -n "{{ _namespace }}" -- /home/gitea/gitea admin create-user --username {{ _account_name }} --password {{ _account_password }} --email {{ _account_name }}@workshop.com --must-change-password=false -c /home/gitea/conf/app.ini uri: url: "https://{{ gitea_route.stdout }}/api/v1/admin/users" method: POST body: "{{ body }}" status_code: 201 body_format: json validate_certs: false user: "{{ _gitea_admin_name }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_user.status == 404 vars: body: email: "{{ _namespace }}@workshop.com" full_name: "{{ _namespace }}" login_name: "{{ _namespace }}" must_change_password: false password: "{{ _account_password }}" send_notify: false source_id: 0 username: "{{ _namespace }}" - name: Check if gitea pam-fraudmanagement project already exists (note; error can be ignored) uri: url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _account_name }}/pam-fraudmanagement" url: "https://{{ gitea_route.stdout }}/api/v1/repos/{{ _namespace }}/pam-fraudmanagement" method: GET validate_certs: false user: "{{ _account_name }}" user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_pam_project ignore_errors: true - name: Get gitea user info uri: url: "https://{{ gitea_route.stdout }}/api/v1/users/{{ _namespace }}" method: GET validate_certs: false user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true register: gitea_insystem_user when: gitea_pam_project.status == 404 - name: Deploy pam-fraudmanagement into gitea uri: @@ -89,21 +60,14 @@ status_code: 201 body_format: json validate_certs: false user: "{{ _account_name }}" user: "{{ _namespace }}" password: "{{ _account_password }}" force_basic_auth: true when: gitea_pam_project.status == 404 vars: body: clone_addr: https://github.com/RedHat-Consulting-UK/summit-2020-pam-fraudmanagement.git description: "Proactive Fraud Management with Case Management, Kafka and DMN Services" issues: true labels: true milestones: true mirror: false private: false pull_requests: true releases: true repo_name: pam-fraudmanagement uid: 1 wiki: true body: '{ "clone_addr": "https://github.com/RedHat-Consulting-UK/summit-2020-pam-fraudmanagement.git", "description": "Proactive Fraud Management with Case Management, Kafka and DMN Services", "repo_name": "pam-fraudmanagement", "uid": {{ gitea_insystem_user.json.id | int }} }' ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml
@@ -11,7 +11,7 @@ - name: Create OperatorGroup for the operators k8s: state: present definition: "{{ lookup('template', role_path ~ '/templates/olm-operatorgroup/group.j2' ) | from_yaml }}" definition: "{{ lookup('template', role_path ~ '/templates/olm-operatorgroup/single-namespace.j2' ) | from_yaml }}" - name: AMQ Streams for {{ _namespace }} include_tasks: workload_per_project_amqstreams.yml @@ -24,9 +24,6 @@ - name: Fuse for {{ _namespace }} include_tasks: workload_per_project_fuse.yml - name: Bucketrepo for {{ _namespace }} include_tasks: workload_per_project_bucketrepo.yml - name: Gitea for {{ _namespace }} include_tasks: workload_per_project_gitea.yml @@ -41,4 +38,18 @@ include_tasks: workload_per_project_grafana.yml - name: Fuse workdload for {{ _namespace }} include_tasks: workload_per_project_fuseworkload.yml include_tasks: workload_per_project_fuseworkload.yml - name: Print Overview debug: msg: "{{ item }}" with_items: - "user.info: {{ _namespace }} ->" - "user.info: Clients:" - "user.info: - Kafka: {{ kafka_clients.stdout }}" - "user.info: - Infinispan hotrod: {{ hotrod_clients.stdout }}" - "user.info: Tools:" - "user.info: - Code Ready Workspaces (u: {{ _namespace }}, p: {{ _account_password }}): http://{{ che_route.stdout }}" - "user.info: - Gitea (u: {{ _namespace }}, p: {{ _account_password }}): https://{{ gitea_route.stdout }}" - "user.info: - Prometheus: https://{{ prom_route.stdout }}" - "user.info: - Grafana: https://{{ grafana_route.stdout }}" ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/codeready-workspaces/workspace.j2
@@ -6,7 +6,7 @@ { "name": "pam-fraudmanagement", "source": { "location": "http://mygitea.{{ _namespace }}.svc.cluster.local:3000/{{ _account_name }}/pam-fraudmanagement.git", "location": "http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/pam-fraudmanagement.git", "type": "git" } } ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/olm-operatorgroup/multi-namespace.j2
New file @@ -0,0 +1,16 @@ --- kind: List apiVersion: v1 metadata: name: olm-operatorgroup items: - apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: {{ _namespace }} namespace: {{ _namespace }} spec: targetNamespaces: {% for current in namespace_nums %} - {{ namespace_prefix }}{{ current }} {% endfor %} ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/olm-operatorgroup/single-namespace.j2
