From 01e6a072c589f7e8f3bf5d2678b945927516fd70 Mon Sep 17 00:00:00 2001
From: Jeff Bride <jbride@users.noreply.github.com>
Date: Thu, 21 Feb 2019 11:33:14 +0100
Subject: [PATCH] Merge pull request #324 from honghuac/development
---
ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml | 17
ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml | 30
ansible/roles/ocp-workload-fuse-ignite/tasks/workload.bak | 185 ++++++++++
ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml | 138 +------
ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml | 6
ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh | 612 ++++++++++++++++++++++++++++++++++++
6 files changed, 855 insertions(+), 133 deletions(-)
diff --git a/ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml b/ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml
index cfd5cf1..cdfbcd1 100644
--- a/ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml
+++ b/ansible/roles/ocp-workload-fuse-ignite/defaults/main.yml
@@ -9,8 +9,8 @@
ocp_project: fuse-ignite-{{guid}}
-quota_requests_cpu: 5
-quota_limits_cpu: 13
+quota_requests_cpu: 12
+quota_limits_cpu: 20
quota_requests_memory: '6Gi'
quota_limits_memory: '20Gi'
@@ -50,6 +50,7 @@
mq_password: topSecret
+
########## community syndesis #################
#SYNDESIS_REGISTRY: docker.io
#SYNDESIS_REGISTRY_WEB_SUBCONTEXT: syndesis
@@ -73,17 +74,17 @@
########## supported fuse ignite #################
SYNDESIS_REGISTRY: registry.access.redhat.com
SYNDESIS_REGISTRY_WEB_SUBCONTEXT: fuse7
-product_name: fuse-ignite-1.4
+product_name: fuse-online-72
# Corresponds to GPTE fork of community syndesis master branch
# This branch implements the following:
# 1) DCs in a paused state
-ignite_template_name: "{{ product_name }}"
-syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/fuse-online-install/1.4.8
+#ignite_template_name: "{{ product_name }}"
+#syndesisio_url: https://raw.githubusercontent.com/gpe-mw-training/fuse-online-install/1.4.8
-fuse_ignite_is_yaml: "{{syndesisio_url}}/resources/fuse-online-image-streams.yml"
-syndesisio_sa_yml: "{{syndesisio_url}}/resources/serviceaccount-as-oauthclient-restricted.yml"
-syndesisio_template_yml: "{{syndesisio_url}}/resources/fuse-online-template.yml"
+#fuse_ignite_is_yaml: "{{syndesisio_url}}/resources/fuse-online-image-streams.yml"
+#syndesisio_sa_yml: "{{syndesisio_url}}/resources/serviceaccount-as-oauthclient-restricted.yml"
+#syndesisio_template_yml: "{{syndesisio_url}}/resources/fuse-online-template.yml"
#################################################################
diff --git a/ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml b/ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml
index 036a472..b7bc16e 100644
--- a/ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml
+++ b/ansible/roles/ocp-workload-fuse-ignite/tasks/pre_workload.yml
@@ -11,21 +11,21 @@
# var: groupadd_register
# verbosity: 2
-- name: Create user Quota - clusterresourcequota
- shell: |
- oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \
- --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \
- --hard requests.cpu="{{quota_requests_cpu}}" \
- --hard limits.cpu="{{quota_limits_cpu}}" \
- --hard requests.memory="{{quota_requests_memory}}" \
- --hard limits.memory="{{quota_limits_memory}}" \
- --hard configmaps="{{quota_configmaps}}" \
- --hard pods="{{quota_pods}}" \
- --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}" \
- --hard services="{{quota_services}}" \
- --hard secrets="{{quota_secrets}}" \
- --hard requests.storage="{{quota_requests_storage}}"
- ignore_errors: true
+#- name: Create user Quota - clusterresourcequota
+# shell: |
+# oc create clusterquota clusterquota-"{{ocp_username}}-{{guid}}" \
+# --project-annotation-selector=openshift.io/requester="{{ocp_username}}" \
+# --hard requests.cpu="{{quota_requests_cpu}}" \
+# --hard limits.cpu="{{quota_limits_cpu}}" \
+# --hard requests.memory="{{quota_requests_memory}}" \
+# --hard limits.memory="{{quota_limits_memory}}" \
+# --hard configmaps="{{quota_configmaps}}" \
+# --hard pods="{{quota_pods}}" \
+# --hard persistentvolumeclaims="{{quota_persistentvolumeclaims}}" \
+# --hard services="{{quota_services}}" \
+# --hard secrets="{{quota_secrets}}" \
+# --hard requests.storage="{{quota_requests_storage}}"
+# ignore_errors: true
- name: pre_workload Tasks Complete
debug:
diff --git a/ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml b/ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml
index a6c9182..2c4dbac 100644
--- a/ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml
+++ b/ansible/roles/ocp-workload-fuse-ignite/tasks/remove_workload.yml
@@ -3,9 +3,9 @@
debug:
msg: "Pre-Software checks completed successfully - Removed"
-- name: Remove user Quota - oc delete clusterresourcequota "clusterquota-{{ocp_username}}-{{guid}}"
- shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}}
- ignore_errors: true
+#- name: Remove user Quota - oc delete clusterresourcequota "clusterquota-{{ocp_username}}-{{guid}}"
+# shell: oc delete clusterresourcequota clusterquota-{{ocp_username}}-{{guid}}
+# ignore_errors: true
- name: Remove user Project
shell: "oc delete project {{ocp_project}}"
diff --git a/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.bak b/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.bak
new file mode 100644
index 0000000..c1fe0b1
--- /dev/null
+++ b/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.bak
@@ -0,0 +1,185 @@
+---
+
+- name: check if user is cluster admin
+ shell: "oc get project default"
+ register: default_project_result
+ ignore_errors: true
+ changed_when: false
+
+- name: user granted access rights
+ fail:
+ msg: "User does not have cluster-admin rights to install Fuse Online"
+ when: default_project_result is failed
+
+
+- name: Create project for workload; project = {{ocp_project}}
+ shell: "oc new-project {{ocp_project}} --display-name={{ocp_project}}"
+
+- name: "Label namespace"
+ command: "oc label namespace {{ocp_project}} AAD='{{guid}}'"
+
+- name: Make sure we go back do default project
+ shell: "oc project default"
+
+# Note; depending on the environment, OCP projects may or may not have default limit ranges
+- name: Delete default limitrange
+ shell: |
+ oc delete limitrange {{ocp_project}}-core-resource-limits -n {{ocp_project}}
+ ignore_errors: true
+
+- name: Create a new limitrange
+ template:
+ src: templates/limitrange.yaml.j2
+ dest: /tmp/{{ocp_project}}_limitrange.yaml
+- shell: |
+ oc create -f /tmp/{{ocp_project}}_limitrange.yaml -n {{ocp_project}}
+
+
+
+# ###### Fuse Online ##########
+
+- name: Create serviceaccount-as-oauthclient
+ shell: "oc create -f {{syndesisio_sa_yml}} -n {{ocp_project}}"
+
+- name: Create syndesisio template; {{syndesisio_template_yml}}
+ shell: "oc create -f {{syndesisio_template_yml}} -n {{ocp_project}}"
+
+
+- name: delete temp dir if it exists
+ file:
+ path: /tmp/{{ocp_project}}
+ state: absent
+- file:
+ path: /tmp/{{ocp_project}}
+ state: directory
+
+- name: Load fuse-ignite-is
+ shell: "oc create -f {{ fuse_ignite_is_yaml }} -n {{ocp_project}}"
+
+- name: Create the syndesisio app
+ shell: |
+ oc new-app {{ignite_template_name}} \
+ -p ROUTE_HOSTNAME=fuse.{{ocp_project}}.{{ocp_apps_domain}} \
+ -p OPENSHIFT_MASTER={{ocp_domain}} \
+ -p OPENSHIFT_PROJECT={{ocp_project}} \
+ -p POSTGRESQL_MEMORY_LIMIT={{POSTGRESQL_MEMORY_LIMIT}} \
+ -p PROMETHEUS_MEMORY_LIMIT={{PROMETHEUS_MEMORY_LIMIT}} \
+ -p META_MEMORY_LIMIT={{META_MEMORY_LIMIT}} \
+ -p SERVER_MEMORY_LIMIT={{SERVER_MEMORY_LIMIT}} \
+ -p OPENSHIFT_OAUTH_CLIENT_SECRET=$(oc sa get-token syndesis-oauth-client -n {{ocp_project}}) \
+ -p MAX_INTEGRATIONS_PER_USER={{MAX_INTEGRATIONS_PER_USER}} \
+ -p IMAGE_STREAM_NAMESPACE={{ocp_project}} \
+ -n {{ocp_project}}
+
+- name: "Resume {{with_items}}"
+ command: oc rollout resume dc/"{{ item }}" -n "{{ ocp_project }}"
+ with_items:
+ - syndesis-db
+ - syndesis-oauthproxy
+
+- include_tasks: wait_for_deploy.yml
+ vars:
+ pod_to_wait:
+ - syndesis-db
+ - syndesis-oauthproxy
+
+- name: resume todo
+ shell: oc rollout resume dc/todo -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - todo
+
+- name: Scale up broker-amq
+ shell: |
+ oc scale dc/broker-amq --replicas=1 -n {{ocp_project}}
+- name: resume broker-amq
+ shell: oc rollout resume dc/broker-amq -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - "broker-amq"
+
+- name: resume syndesis-meta
+ shell: oc rollout resume dc/syndesis-meta -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - syndesis-meta
+
+- name: resume syndesis-server
+ shell: oc rollout resume dc/syndesis-server -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - syndesis-server
+
+- name: resume syndesis-ui
+ shell: oc rollout resume dc/syndesis-ui -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - syndesis-ui
+
+- name: resume syndesis-prometheus
+ shell: oc rollout resume dc/syndesis-prometheus -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - syndesis-prometheus
+
+# ########################################################
+
+
+
+# ###### Coolstore Catalog Service ##########
+
+- name: Add the view role to the default service account
+ shell: "oc policy add-role-to-user view -z default -n {{ocp_project}}"
+
+- name: Copy catalog service configmap to known path
+ template:
+ src: templates/app-config.yaml
+ dest: /tmp/{{ocp_project}}/app-config.yaml
+- name: Load catalog service configmap
+ shell: "oc create configmap app-config --from-file=/tmp/{{ocp_project}}/app-config.yaml -n {{ocp_project}}"
+
+
+- name: Copy catalog service (with db) template to known path
+ template:
+ src: templates/coolstore-catalog-mongodb-persistent.yaml
+ dest: /tmp/{{ocp_project}}/coolstore-catalog-mongodb-persistent.yaml
+- name: Build and create catalog service
+ shell: |
+ oc new-app \
+ -f /tmp/{{ocp_project}}/coolstore-catalog-mongodb-persistent.yaml \
+ -p CATALOG_DB_USERNAME=mongo \
+ -p CATALOG_DB_PASSWORD=mongo \
+ -n {{ocp_project}}
+
+- name: resume catalog-service
+ shell: oc rollout resume dc/catalog-service -n {{ocp_project}}
+- include_tasks: ./wait_for_deploy.yml
+ static: no
+ vars:
+ pod_to_wait:
+ - catalog-service
+
+# ########################################################
+
+- name: Annotate the empty project as requested by user
+ shell: "oc annotate namespace {{ocp_project}} openshift.io/requester={{ocp_username}} --overwrite"
+
+- name: Give ocp_username access to ocp_project; user = {{ocp_username}}
+ shell: "oc policy add-role-to-user admin {{ocp_username}} -n {{ocp_project}}"
+
+
+- name: workload Tasks Complete
+ debug:
+ msg: workload Tasks Complete
diff --git a/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml b/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml
index c1fe0b1..6741a58 100644
--- a/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml
+++ b/ansible/roles/ocp-workload-fuse-ignite/tasks/workload.yml
@@ -11,132 +11,56 @@
msg: "User does not have cluster-admin rights to install Fuse Online"
when: default_project_result is failed
-
- name: Create project for workload; project = {{ocp_project}}
shell: "oc new-project {{ocp_project}} --display-name={{ocp_project}}"
+# credentials for accessing registry.redhat.io
+#- name: Create project for workload; project = {{ocp_project}}
+# shell: "oc create secret docker-registry rhcc --docker-server=registry.redhat.io --docker-username={{oreg_user}} --docker-password={{oreg_pass}} --docker-email=honghuac@gmail.com"
+
- name: "Label namespace"
- command: "oc label namespace {{ocp_project}} AAD='{{guid}}'"
+ command: "oc label namespace {{ocp_project}} AAD='{{guid}}' --as={{ocp_username}}"
-- name: Make sure we go back do default project
- shell: "oc project default"
+- name: Make sure we go back do {{ocp_project}} project
+ shell: "oc project {{ocp_project}}"
-# Note; depending on the environment, OCP projects may or may not have default limit ranges
-- name: Delete default limitrange
+- name: List existing CRDs
shell: |
- oc delete limitrange {{ocp_project}}-core-resource-limits -n {{ocp_project}}
- ignore_errors: true
+ oc get crd
-- name: Create a new limitrange
+- name: Ensure the following directory is refreshed in remote, /tmp/{{ocp_project}}
+ file:
+ path: "/tmp/{{ocp_project}}"
+ state: absent
+- file:
+ path: "/tmp/{{ocp_project}}"
+ state: directory
+
+- name: Register a new CRD for Fuse Online
template:
- src: templates/limitrange.yaml.j2
- dest: /tmp/{{ocp_project}}_limitrange.yaml
-- shell: |
- oc create -f /tmp/{{ocp_project}}_limitrange.yaml -n {{ocp_project}}
+ src: templates/install_ocp.sh
+ dest: /tmp/{{ocp_project}}/install_ocp.sh
+- script: /tmp/{{ocp_project}}/install_ocp.sh --setup
-
+- name: Grant installation permission to user
+ template:
+ src: templates/install_ocp.sh
+ dest: /tmp/{{ocp_project}}/install_ocp.sh
+- script: /tmp/{{ocp_project}}/install_ocp.sh --grant {{ocp_username}}
# ###### Fuse Online ##########
-- name: Create serviceaccount-as-oauthclient
- shell: "oc create -f {{syndesisio_sa_yml}} -n {{ocp_project}}"
-
-- name: Create syndesisio template; {{syndesisio_template_yml}}
- shell: "oc create -f {{syndesisio_template_yml}} -n {{ocp_project}}"
-
-
-- name: delete temp dir if it exists
- file:
- path: /tmp/{{ocp_project}}
- state: absent
-- file:
- path: /tmp/{{ocp_project}}
- state: directory
-
-- name: Load fuse-ignite-is
- shell: "oc create -f {{ fuse_ignite_is_yaml }} -n {{ocp_project}}"
-
-- name: Create the syndesisio app
- shell: |
- oc new-app {{ignite_template_name}} \
- -p ROUTE_HOSTNAME=fuse.{{ocp_project}}.{{ocp_apps_domain}} \
- -p OPENSHIFT_MASTER={{ocp_domain}} \
- -p OPENSHIFT_PROJECT={{ocp_project}} \
- -p POSTGRESQL_MEMORY_LIMIT={{POSTGRESQL_MEMORY_LIMIT}} \
- -p PROMETHEUS_MEMORY_LIMIT={{PROMETHEUS_MEMORY_LIMIT}} \
- -p META_MEMORY_LIMIT={{META_MEMORY_LIMIT}} \
- -p SERVER_MEMORY_LIMIT={{SERVER_MEMORY_LIMIT}} \
- -p OPENSHIFT_OAUTH_CLIENT_SECRET=$(oc sa get-token syndesis-oauth-client -n {{ocp_project}}) \
- -p MAX_INTEGRATIONS_PER_USER={{MAX_INTEGRATIONS_PER_USER}} \
- -p IMAGE_STREAM_NAMESPACE={{ocp_project}} \
- -n {{ocp_project}}
-
-- name: "Resume {{with_items}}"
- command: oc rollout resume dc/"{{ item }}" -n "{{ ocp_project }}"
- with_items:
- - syndesis-db
- - syndesis-oauthproxy
-
-- include_tasks: wait_for_deploy.yml
- vars:
- pod_to_wait:
- - syndesis-db
- - syndesis-oauthproxy
-
-- name: resume todo
- shell: oc rollout resume dc/todo -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - todo
+- name: Install Fuse Online
+ template:
+ src: templates/install_ocp.sh
+ dest: /tmp/{{ocp_project}}/install_ocp.sh
+- script: /tmp/{{ocp_project}}/install_ocp.sh
- name: Scale up broker-amq
shell: |
oc scale dc/broker-amq --replicas=1 -n {{ocp_project}}
-- name: resume broker-amq
- shell: oc rollout resume dc/broker-amq -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - "broker-amq"
-
-- name: resume syndesis-meta
- shell: oc rollout resume dc/syndesis-meta -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - syndesis-meta
-
-- name: resume syndesis-server
- shell: oc rollout resume dc/syndesis-server -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - syndesis-server
-
-- name: resume syndesis-ui
- shell: oc rollout resume dc/syndesis-ui -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - syndesis-ui
-
-- name: resume syndesis-prometheus
- shell: oc rollout resume dc/syndesis-prometheus -n {{ocp_project}}
-- include_tasks: ./wait_for_deploy.yml
- static: no
- vars:
- pod_to_wait:
- - syndesis-prometheus
# ########################################################
-
-
# ###### Coolstore Catalog Service ##########
diff --git a/ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh b/ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh
new file mode 100644
index 0000000..0a95301
--- /dev/null
+++ b/ansible/roles/ocp-workload-fuse-ignite/templates/install_ocp.sh
@@ -0,0 +1,612 @@
+{% raw %}
+#!/bin/bash
+
+# ====================================================
+# Standalone script for deploying syndesis on OCP (including imagestreams)
+# It is based on https://github.com/syndesisio/syndesis/blob/master/tools/bin/install-syndesis
+# except that the TAG is frozen during the release
+
+# ================
+# Tag updated by release script
+TAG=1.5.12
+# ================
+
+# Minimal version for OC
+OC_MIN_VERSION=3.9.0
+
+# Exit if any error occurs
+# Fail on a single failed command in a pipeline (if supported)
+set -o pipefail
+
+# Fail on error and undefined vars (please don't use global vars, but evaluation of functions for return values)
+set -eu
+
+# Save global script args
+ARGS=("$@")
+
+
+display_usage() {
+ cat <<EOT
+Fuse Online Installation Tool for OCP
+
+Usage: install_ocp.sh [options]
+
+with options:
+
+-s --setup Install CRDs clusterwide. Use --grant if you want a specific user to be
+ able to install Fuse Online. You have to run this option once as cluster admin.
+-u --grant <user> Add permissions for the given user so that user can install the operator
+ in her projects. You have to run this as cluster-admin
+ --cluster Add the permission for all projects in the cluster
+ (only when used together with --grant)
+ --route Route to use. If not given, the route is trying to be detected from the currently
+ connected cluster.
+ --console <console-url> The URL to the openshift console
+ --force Override an existing installation if present
+
+-p --project <project> Install into this project. The project will be deleted
+ if it already exists. By default, install into the current project (without deleting)
+-w --watch Wait until the installation has completed
+-o --open Open Fuse Online after installation (implies --watch)
+ --help This help message
+-v --verbose Verbose logging
+
+You have to run `--setup --grant <user>` as a cluster-admin before you can install Fuse Online as a user.
+EOT
+}
+
+# ============================================================
+# Helper functions taken over from "syndesis" CLI:
+
+# Checks if a flag is present in the arguments.
+hasflag() {
+ filters="$@"
+
+ if [[ ! -z ${ARGS+x} ]]; then
+ for var in "${ARGS[@]}"; do
+ for filter in $filters; do
+ if [ "$var" = "$filter" ]; then
+ echo 'true'
+ return
+ fi
+ done
+ done
+ fi
+}
+
+# Read the value of an option.
+readopt() {
+ filters="$@"
+ if [[ ! -z ${ARGS+x} ]]; then
+ next=false
+ for var in "${ARGS[@]}"; do
+ if $next; then
+ echo $var
+ break;
+ fi
+ for filter in $filters; do
+ if [[ "$var" = ${filter}* ]]; then
+ local value="${var//${filter}=/}"
+ if [ "$value" != "$var" ]; then
+ echo $value
+ return
+ fi
+ next=true
+ fi
+ done
+ done
+ fi
+}
+
+
+check_error() {
+ local msg="$*"
+ if [ "${msg//ERROR/}" != "${msg}" ]; then
+ if [ -n "${ERROR_FILE:-}" ] && [ -f "$ERROR_FILE" ] && ! grep "$msg" $ERROR_FILE ; then
+ local tmp=$(mktemp /tmp/error-XXXX)
+ echo ${msg} >> $tmp
+ if [ $(wc -c <$ERROR_FILE) -ne 0 ]; then
+ echo >> $tmp
+ echo "===============================================================" >> $tmp
+ echo >> $tmp
+ cat $ERROR_FILE >> $tmp
+ fi
+ mv $tmp $ERROR_FILE
+ fi
+ exit 0
+ fi
+}
+
+print_error() {
+ local error_file="${1:-}"
+ if [ -f $error_file ]; then
+ if grep -q "ERROR" $error_file; then
+ cat $error_file
+ fi
+ rm $error_file
+ fi
+}
+
+# Install the Syndesis custom resource definition
+install_syndesis_crd() {
+ set +e
+ oc get crd >/dev/null 2>&1
+ local err=$?
+ set -e
+ if [ $err -ne 0 ]; then
+ echo "ERROR: Cannot install CRD 'Syndesis'. You have to be a cluster admin to do this."
+ return
+ fi
+
+ local crd_installed=$(oc get crd -o name | grep syndesises.syndesis.io)
+ if [ -z "$crd_installed" ]; then
+ local result=$(create_openshift_resource "resources/syndesis-crd.yml")
+ check_error $result
+ fi
+}
+
+add_user_permissions_for_operator() {
+ local user="$1"
+ local cluster_wide=${2:-false}
+
+ if [ -z "$user" ]; then
+ echo "ERROR: No user provided to fix permissions for"
+ return
+ fi
+ local extra_role_installed="$(oc get role -o name | grep syndesis-extra-permissions | wc -l | xargs)"
+ local kind="Role"
+ local oc_command="policy add-role-to-user --role-namespace=$(oc project -q)"
+ if $cluster_wide; then
+ extra_role_installed="$(oc get clusterrole -o name | grep syndesis-extra-permissions | wc -l | xargs)"
+ kind="ClusterRole"
+ oc_command="adm policy add-cluster-role-to-user"
+ fi
+
+ set +e
+ if [ $extra_role_installed -eq 0 ]; then
+ oc create -f - >/dev/null 2>&1 <<EOT
+---
+kind: $kind
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: syndesis-extra-permissions
+ labels:
+ app: syndesis
+ syndesis.io/app: syndesis
+ syndesis.io/type: operator
+ syndesis.io/component: syndesis-operator
+rules:
+- apiGroups:
+ - syndesis.io
+ resources:
+ - syndesises
+ - syndesises/finalizers
+ verbs: [ get, list, create, update, delete, deletecollection, watch ]
+- apiGroups:
+ - route.openshift.io
+ resources:
+ - routes/custom-host
+ verbs: [ get, list, create, update, delete, deletecollection, watch ]
+---
+
+EOT
+ if [ $? -ne 0 ]; then
+ echo "ERROR: Can not install role 'syndesis-extra-permissions'. Are you running as cluster-admin ?"
+ exit 1
+ fi
+ fi
+
+ oc $oc_command syndesis-extra-permissions $user
+ if [ $? -ne 0 ]; then
+ echo "ERROR: Can not add role 'syndesis-extra-permssionns' to user $user. Does the user exist ?"
+ exit 1
+ fi
+ set -e
+}
+
+recreate_project() {
+ local project=$1
+ local dont_ask=${2:-false}
+
+ if [ -z "$project" ]; then
+ echo "No project given"
+ exit 1
+ fi
+
+ # Delete project if existing
+ if oc get project "${project}" >/dev/null 2>&1 ; then
+ if [ $dont_ask != "true" ]; then
+ echo =============== WARNING -- Going to delete project ${project}
+ oc get all -n $project
+ echo ============================================================
+ read -p "Do you really want to delete the existing project $project ? yes/[no] : " choice
+ echo
+ if [ "$choice" != "yes" ] && [ "$choice" != "y" ]; then
+ echo "Aborting on user's request"
+ exit 1
+ fi
+ fi
+ echo "Deleting project ${project}"
+ oc delete project "${project}"
+ fi
+
+ # Create project afresh
+ echo "Creating project ${project}"
+ for i in {1..10}; do
+ if oc new-project "${project}" >/dev/null 2>&1 ; then
+ break
+ fi
+ echo "Project still exists. Sleeping 10s ..."
+ sleep 10
+ done
+ oc project "${project}"
+}
+
+check_oc_version()
+{
+ local minimum=${OC_MIN_VERSION}
+ local test=$(oc version | grep ^oc | tr -d oc\ v | cut -f1 -d "+")
+
+ echo $(compare_oc_version $test $minimum)
+}
+
+setup_oc() {
+
+ # Check path first if it already exists
+ set +e
+ which oc &>/dev/null
+ if [ $? -eq 0 ]; then
+ set -e
+ err=$(check_oc_version)
+ check_error $err
+ return
+ fi
+
+ # Check for minishift
+ which minishift &>/dev/null
+ if [ $? -eq 0 ]; then
+ set -e
+ eval $(minishift oc-env)
+ err=$(check_oc_version)
+ check_error $err
+ return
+ fi
+
+ set -e
+
+ # Error, no oc found
+ echo "ERROR: No 'oc' binary found in path. Please install the client tools from https://github.com/openshift/origin/releases/tag/v3.9.0 (or newer)"
+ exit 1
+}
+
+compare_version_part() {
+ local test=$1
+ local min=$2
+
+ test=`expr $test`
+ min=`expr $min`
+
+ if [ $test -eq $min ]; then
+ echo 0;
+ elif [ $test -gt $min ]; then
+ echo 1;
+ else
+ # $test -lt $min
+ echo -1
+ fi
+}
+
+compare_oc_version() {
+ local test=$1
+ local min=$2
+
+ echo -n "Testing oc version '$test' against required minimum '$min' ... "
+
+ testparts=( ${test//./ } )
+ minparts=( ${min//./ } )
+
+ local i=0
+ while [ $i -lt ${#minparts[@]} ]
+ do
+ local testpart=${testparts[$i]}
+ local minpart=${minparts[$i]}
+
+ if [ -z "$testpart" ]; then
+ # test version does not extend as far as minimum
+ # in parts so append a 0
+ testpart=0
+ fi
+
+ ret=$(compare_version_part $testpart $minpart)
+ if [ $ret == -1 ]; then
+ #
+ # version part is less than minimum while all preceding
+ # parts were equal so version does not meet minimum
+ #
+ echo "ERROR: oc version ($test) should be at least $min"
+ return
+ elif [ $ret == 1 ]; then
+ #
+ # version part is greater than minimum so no need to test
+ # any further parts as version is greater than minimum
+ #
+ echo "OK"
+ return
+ fi
+
+ #
+ # Only if the version part is equal will the loop continue
+ # with further parts.
+ #
+ i=`expr $i + 1`
+ done
+
+ echo "OK"
+}
+
+ensure_image_streams() {
+ local is_installed=$(oc get imagestream -o name | grep fuse-ignite-server)
+ if [ -n "$is_installed" ]; then
+ local result=$(delete_openshift_resource "resources/fuse-online-image-streams.yml")
+ check_error $result
+ fi
+
+ local result=$(create_openshift_resource "resources/fuse-online-image-streams.yml")
+ check_error $result
+}
+
+# Deploy operator
+deploy_syndesis_operator() {
+ local operator_installed=$(oc get dc -o name | grep syndesis-operator)
+ if [ -n "$operator_installed" ]; then
+ local result=$(delete_openshift_resource "resources/fuse-online-operator.yml")
+ check_error $result
+ wait_for_deployments 0 syndesis-operator >/dev/null 2>&1
+ fi
+
+ create_openshift_resource "resources/fuse-online-operator.yml"
+}
+
+create_openshift_resource() {
+ create_or_delete_openshift_resource "create" "${1:-}"
+}
+
+delete_openshift_resource() {
+ create_or_delete_openshift_resource "delete --ignore-not-found" "${1:-}"
+}
+
+create_or_delete_openshift_resource() {
+ local what=${1}
+ local resource=${2:-}
+ local result
+
+ set +e
+ local url="https://raw.githubusercontent.com/syndesisio/fuse-online-install/${TAG}/${resource}"
+ result=$(oc $what -f $url >$ERROR_FILE 2>&1)
+ if [ $? -ne 0 ]; then
+ echo "ERROR: Cannot create remote resource $url"
+ fi
+ set -e
+}
+
+# Create syndesis resource
+create_syndesis() {
+ local route="${1:-}"
+ local console="${2:-}"
+ local image_stream_namespace="${3:-}"
+
+ local syndesis_installed=$(oc get syndesis -o name | wc -l)
+ local force=$(hasflag --force)
+ if [ $syndesis_installed -gt 0 ]; then
+ if [ -n "${force}" ]; then
+ oc delete $(oc get syndesis -o name)
+ fi
+ fi
+
+ local syndesis=$(cat <<EOT
+apiVersion: "syndesis.io/v1alpha1"
+kind: "Syndesis"
+metadata:
+ name: "app"
+spec:
+ integration:
+ # No limitations by default on OCP
+ limit: 0
+EOT
+)
+ local extra=""
+ if [ -n "$console" ]; then
+ extra=$(cat <<EOT
+
+ openShiftConsoleUrl: "$console"
+EOT
+)
+ syndesis="${syndesis}${extra}"
+ fi
+
+ if [ -n "$route" ]; then
+ extra=$(cat <<EOT
+
+ routeHostname: "$route"
+EOT
+)
+ syndesis="${syndesis}${extra}"
+ fi
+
+ if [ -n "$image_stream_namespace" ]; then
+ extra=$(cat <<EOT
+
+ imageStreamNamespace: "$image_stream_namespace"
+EOT
+)
+ syndesis="${syndesis}${extra}"
+ fi
+
+ echo "$syndesis" | cat | oc create -f -
+ if [ $? -ne 0 ]; then
+ echo "ERROR: Error while creating resource"
+ echo "$syndesis"
+ return
+ fi
+}
+
+wait_for_deployments() {
+ local replicas_desired=$1
+ shift
+ local dcs="$@"
+
+ oc get pods -w &
+ watch_pid=$!
+ for dc in $dcs; do
+ echo "Waiting for $dc to be scaled to ${replicas_desired}"
+ local replicas=$(get_replicas $dc)
+ while [ -z "$replicas" ] || [ "$replicas" -ne $replicas_desired ]; do
+ echo "Sleeping 10s ..."
+ sleep 10
+ replicas=$(get_replicas $dc)
+ done
+ done
+ kill $watch_pid
+}
+
+get_replicas() {
+ local dc=${1}
+ local hasDc=$(oc get dc -o name | grep $dc)
+ if [ -z "$hasDc" ]; then
+ echo "0"
+ return
+ fi
+ oc get dc $dc -o jsonpath="{.status.availableReplicas}"
+}
+
+open_url() {
+ local url=$1
+ local cmd="$(probe_commands open xdg-open chrome firefox)"
+ if [ -z "$cmd" ]; then
+ echo "Cannot find command for opening URL:"
+ echo $url
+ exit 1
+ fi
+ exec $cmd $url
+}
+
+probe_commands() {
+ for cmd in $@; do
+ local ret=$(which $cmd 2>/dev/null)
+ if [ $? -eq 0 ]; then
+ echo $ret
+ return
+ fi
+ done
+}
+
+get_route_when_ready() {
+ local name="${1}"
+ local route=$(get_route $name)
+ while [ -z "$route" ]; do
+ sleep 10
+ route=$(get_route $name)
+ done
+ echo $route
+}
+
+get_route() {
+ local name="${1}"
+ oc get route $name -o jsonpath="{.spec.host}" 2>/dev/null
+}
+
+# ==============================================================
+
+if [ $(hasflag --help -h) ]; then
+ display_usage
+ exit 0
+fi
+
+ERROR_FILE="$(mktemp /tmp/syndesis-output-XXXXX)"
+trap "print_error $ERROR_FILE" EXIT
+
+if [ $(hasflag --verbose -v) ]; then
+ export PS4='+($(basename ${BASH_SOURCE[0]}):${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
+ set -x
+fi
+
+prep_only="false"
+if [ $(hasflag -s --setup) ]; then
+ echo "Installing Syndesis CRD"
+ result=$(install_syndesis_crd)
+ check_error "$result"
+ prep_only="true"
+fi
+
+user_to_prepare="$(readopt -u --grant)"
+if [ -n "$user_to_prepare" ]; then
+ echo "Grant permission to create Syndesis to user $user_to_prepare"
+ result=$(add_user_permissions_for_operator "$user_to_prepare" $(hasflag --cluster))
+ check_error "$result"
+ prep_only="true"
+fi
+
+if $prep_only; then
+ exit 0
+fi
+
+# ==================================================================
+
+# If a project is given, create it new or recreate it
+project=$(readopt --project -p)
+if [ -n "${project}" ]; then
+ recreate_project $project
+else
+ project=$(oc project -q)
+fi
+
+# Check for OC
+setup_oc
+
+# Check for the proper setup
+set +e
+oc get syndesis >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+ check_error "ERROR: No CRD Syndesis installed or no permissions to read them. Please run --setup and/or --grant as cluster-admin. Please use '--help' for more information."
+fi
+set -e
+
+echo "Ensuring imagestreams in $project"
+ensure_image_streams
+
+# Deploy operator and wait until its up
+echo "Deploying Syndesis operator"
+result=$(deploy_syndesis_operator)
+check_error "$result"
+wait_for_deployments 1 syndesis-operator
+
+# Create syndesis resource
+echo "Creating Syndesis resource"
+route=$(readopt --route)
+console=$(readopt --console)
+result=$(create_syndesis "$route" "$console" "$project")
+check_error "$result"
+
+if [ $(hasflag --watch -w) ] || [ $(hasflag --open -o) ]; then
+ wait_for_deployments 1 syndesis-server syndesis-ui syndesis-meta
+fi
+
+# ==========================================================
+
+echo "Getting Syndesis route"
+route=$(get_route_when_ready "syndesis")
+
+cat <<EOT
+========================================================
+Congratulation, Fuse Online $TAG has been installed successfully !
+Open now your browser at the following URL:
+
+https://$route
+
+Enjoy !
+EOT
+
+if [ $(hasflag --open -o) ]; then
+ open_url "https://$route"
+fi
+{% endraw %}
--
Gitblit v1.9.3