| | |
| | | --- |
| | | - name: Step 00xxxxx post software |
| | | hosts: bastions |
| | | become: yes |
| | | become: no |
| | | gather_facts: False |
| | | environment: |
| | | KUBECONFIG: /home/{{ remote_user }}/{{ cluster_name }}/auth/kubeconfig |
| | | tasks: |
| | | - debug: |
| | | msg: "Post-Software Steps starting" |
| | | - debug: |
| | | msg: "Post-Software Steps starting" |
| | | |
| | | - name: Check if secret is present for registry (AWS) |
| | | command: >- |
| | | oc get secret -n openshift-image-registry image-registry-private-configuration-user |
| | | failed_when: false |
| | | changed_when: false |
| | | register: _registrysecret |
| | | |
| | | - when: _registrysecret.rc != 0 |
| | | block: |
| | | - name: Create secret if it doesn't exist |
| | | environment: |
| | | ACCESSKEY: "{{ hostvars.localhost.student_access_key_id }}" |
| | | SECRETKEY: "{{ hostvars.localhost.student_secret_access_key }}" |
| | | shell: >- |
| | | oc create secret generic |
| | | image-registry-private-configuration-user |
| | | -n openshift-image-registry |
| | | --from-literal=REGISTRY_STORAGE_S3_ACCESSKEY=${ACCESSKEY} |
| | | --from-literal=REGISTRY_STORAGE_S3_SECRETKEY=${SECRETKEY} |
| | | |
| | | - name: Update region in registry config |
| | | command: >- |
| | | oc patch config instance -n openshift-image-registry |
| | | --type merge --patch |
| | | '{"spec": { "storage": { "s3": { "region":"{{ aws_region_final | d(aws_region) }}"}}}}' |
| | | |
| | | - name: Configure Bastion for CF integration |
| | | hosts: bastions |
| | |
| | | owner: opentlc-mgr |
| | | group: opentlc-mgr |
| | | |
| | | - name: Copy /home/ec2-user/{{ cluster_name }}/auth/kubeconfig to ~opentlc-mgr |
| | | - name: Copy /home/{{ remote_user }}/{{ cluster_name }}/auth/kubeconfig to ~opentlc-mgr |
| | | copy: |
| | | src: /home/ec2-user/{{ cluster_name }}/auth/kubeconfig |
| | | src: /home/{{ remote_user }}/{{ cluster_name }}/auth/kubeconfig |
| | | dest: /home/opentlc-mgr/.kube/config |
| | | remote_src: yes |
| | | owner: opentlc-mgr |