From d3e814cd468d39c5b38f8a81d1d4bc2d165b7842 Mon Sep 17 00:00:00 2001
From: Gareth Healy <garethahealy@gmail.com>
Date: Sun, 01 Mar 2020 15:24:29 +0100
Subject: [PATCH] Improved checks to not deploy running components (#1211)
---
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml | 13 +--
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml | 4 +
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml | 7 ++
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml | 2
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml | 4 +
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml | 49 ----------------
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml | 13 +++
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomation.yml | 49 ++++++++++++++++
ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/bucketrepo/deployment.j2 | 6 +-
9 files changed, 82 insertions(+), 65 deletions(-)
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml
index 1e6dc77..c2cb179 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/defaults/main.yml
@@ -12,4 +12,6 @@
_user_login_password: openshift
-_kie_container_id: proactive-fraud-detection-case_1.0.0-SNAPSHOT
\ No newline at end of file
+_kie_container_id: proactive-fraud-detection-case_1.0.0-SNAPSHOT
+
+_deploy_workload: true
\ No newline at end of file
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomation.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomation.yml
new file mode 100644
index 0000000..447477d
--- /dev/null
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomation.yml
@@ -0,0 +1,49 @@
+---
+- name: Check BusinessCentral is running
+ command: >
+ oc rollout status DeploymentConfig/rhpam-authoring-rhpamcentr --watch=true -n "{{ _namespace }}"
+
+- name: Check KieServer is running
+ command: >
+ oc rollout status DeploymentConfig/rhpam-authoring-kieserver --watch=true -n "{{ _namespace }}"
+
+- name: Get Business Central route host
+ command: >
+ oc get route/rhpam-authoring-rhpamcentr -o jsonpath='{.spec.host}' -n "{{ _namespace }}"
+ register: businesscentral_host
+ retries: "{{ _retry }}"
+ delay: "{{ _delay }}"
+ until: businesscentral_host.stdout != ""
+
+- name: Get Business Central route host
+ command: >
+ oc get route/rhpam-authoring-kieserver -o jsonpath='{.spec.host}' -n "{{ _namespace }}"
+ register: kieserver_host
+ retries: "{{ _retry }}"
+ delay: "{{ _delay }}"
+ until: kieserver_host.stdout != ""
+
+- name: Wait for Business Central route to respond with 200
+ uri:
+ url: "https://{{ businesscentral_host.stdout }}"
+ method: GET
+ validate_certs: false
+ follow_redirects: yes
+ register: bizcentralresult
+ retries: "{{ _retry }}"
+ delay: "{{ _delay }}"
+ until: bizcentralresult.status == 200
+
+- name: Wait for Kie Server route to respond with 200
+ uri:
+ url: "https://{{ kieserver_host.stdout }}/services/rest/server"
+ method: GET
+ validate_certs: false
+ follow_redirects: yes
+ user: "{{ _namespace }}"
+ password: "{{ _account_password }}"
+ force_basic_auth: true
+ register: kieserverresult
+ retries: "{{ _retry }}"
+ delay: "{{ _delay }}"
+ until: kieserverresult.status == 200
\ No newline at end of file
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml
index c7414fe..e7fb6bb 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_per_project_businessautomationworkload.yml
@@ -1,53 +1,4 @@
---
-- name: Check BusinessCentral is running
- command: >
- oc rollout status DeploymentConfig/rhpam-authoring-rhpamcentr --watch=true -n "{{ _namespace }}"
-
-- name: Check KieServer is running
- command: >
- oc rollout status DeploymentConfig/rhpam-authoring-kieserver --watch=true -n "{{ _namespace }}"
-
-- name: Get Business Central route host
- command: >
- oc get route/rhpam-authoring-rhpamcentr -o jsonpath='{.spec.host}' -n "{{ _namespace }}"
- register: businesscentral_host
- retries: "{{ _retry }}"
- delay: "{{ _delay }}"
- until: businesscentral_host.stdout != ""
-
-- name: Get Business Central route host
- command: >
- oc get route/rhpam-authoring-kieserver -o jsonpath='{.spec.host}' -n "{{ _namespace }}"
- register: kieserver_host
- retries: "{{ _retry }}"
- delay: "{{ _delay }}"
- until: kieserver_host.stdout != ""
-
-- name: Wait for Business Central route to respond with 200
- uri:
- url: "https://{{ businesscentral_host.stdout }}"
- method: GET
- validate_certs: false
- follow_redirects: yes
- register: bizcentralresult
- retries: "{{ _retry }}"
- delay: "{{ _delay }}"
- until: bizcentralresult.status == 200
-
-- name: Wait for Kie Server route to respond with 200
- uri:
- url: "https://{{ kieserver_host.stdout }}/services/rest/server"
- method: GET
- validate_certs: false
- follow_redirects: yes
- user: "{{ _namespace }}"
- password: "{{ _account_password }}"
- force_basic_auth: true
- register: kieserverresult
- retries: "{{ _retry }}"
- delay: "{{ _delay }}"
- until: kieserverresult.status == 200
-
- name: Check proactive-fraud-detection-case responds with 201
uri:
url: "https://{{ kieserver_host.stdout }}/services/rest/server/containers/{{ _kie_container_id }}/cases/proactivefrauddetectioncase.fraud-case/instances"
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml
index b26cb58..9ee7ab2 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop-verification/tasks/workload_project.yml
@@ -12,6 +12,9 @@
- name: DataGrid for {{ _namespace }}
include_tasks: workload_per_project_datagrid.yml
+- name: Business Automation for {{ _namespace }}
+ include_tasks: workload_per_project_businessautomation.yml
+
- name: Prometheus for {{ _namespace }}
include_tasks: workload_per_project_prometheus.yml
@@ -20,6 +23,8 @@
- name: Business Automation workload for {{ _namespace }}
include_tasks: workload_per_project_businessautomationworkload.yml
+ when: _deploy_workload == true
- name: Fuse workdload for {{ _namespace }}
- include_tasks: workload_per_project_fuseworkload.yml
\ No newline at end of file
+ include_tasks: workload_per_project_fuseworkload.yml
+ when: _deploy_workload == true
\ No newline at end of file
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml
index 090b6e8..2441850 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/defaults/main.yml
@@ -27,4 +27,6 @@
_kie_container_id: proactive-fraud-detection-case_1.0.0-SNAPSHOT
_kjar_group_id: com.demo
_kjar_artefact_id: proactive-fraud-detection-case
-_kjar_version: "1.0.0-SNAPSHOT"
\ No newline at end of file
+_kjar_version: "1.0.0-SNAPSHOT"
+
+_deploy_workload: true
\ No newline at end of file
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml
index f655f68..8fa19fb 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_businessautomationworkload.yml
@@ -60,7 +60,7 @@
- name: Check project exists in Business Central (note; error can be ignored)
uri:
- url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/projects/{{ _kie_container_id }}"
+ url: "https://{{ businesscentral_host.stdout }}/rest/spaces/workshop/projects/{{ _kie_project_id }}"
method: GET
validate_certs: false
follow_redirects: yes
@@ -69,8 +69,6 @@
force_basic_auth: true
register: bizcentralproject
ignore_errors: true
-
-### todo: only clone if it doesnt exist
- name: Clone case into Business Central
uri:
@@ -177,21 +175,19 @@
- bizcentraldeploy_job.json is defined
- bizcentraldeploy_job.json.status == "SUCCESS"
-- name: Delete KIE Container proactive-fraud-detection-case (note; error can be ignored)
+- name: Check KIE Container proactive-fraud-detection-case exists (note; error can be ignored)
uri:
url: "https://{{ businesscentral_host.stdout }}/rest/controller/management/servers/{{ _kie_server_id }}/containers/{{ _kie_container_id }}"
- method: DELETE
+ method: GET
validate_certs: false
follow_redirects: yes
user: "{{ _namespace }}"
password: "{{ _account_password }}"
force_basic_auth: true
- status_code: 200
- register: bizcentraldelete_container
+ register: bizcentralget_container
ignore_errors: true
retries: "{{ _retry }}"
delay: "{{ _delay }}"
- until: bizcentraldelete_container.status == 404
- name: Create KIE Container proactive-fraud-detection-case
uri:
@@ -209,6 +205,7 @@
retries: "{{ _retry }}"
delay: "{{ _delay }}"
until: bizcentralcreate_container.status == 201
+ when: bizcentralget_container.status == 404
vars:
body:
container-id: "{{ _kie_container_id }}"
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml
index 0b7aec6..97ce992 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_per_project_fuseworkload.yml
@@ -1,4 +1,10 @@
---
+- name: Check Fuse workload is running (note; error can be ignored)
+ command: >
+ oc rollout status DeploymentConfig/pam-fraudmanagement-fuse --watch=true -n {{ _namespace }}
+ register: fuserollout
+ ignore_errors: true
+
- name: Get Fuse template
uri:
url: "https://{{ gitea_route.stdout }}/{{ _namespace }}/proactive-fraud-detection-fuse/raw/branch/master/.openshiftio/application.yaml"
@@ -7,16 +13,19 @@
validate_certs: false
return_content: true
register: fusetemplate
+ when: '"successfully rolled out" not in fuserollout.stdout'
- name: Process Fuse workload template
command: >
- oc process -p SOURCE_REPOSITORY_URL=http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-fuse.git -p KAFKA_BROKERS={{ _namespace }}-cluster-kafka-brokers:9092 -f -
+ oc process -p SOURCE_REPOSITORY_URL=http://mygitea.gitea.svc.cluster.local:3000/{{ _namespace }}/proactive-fraud-detection-fuse.git -p KAFKA_BROKERS={{ _namespace }}-cluster-kafka-brokers:9092 -n {{ _namespace }} -f -
args:
stdin: "{{ fusetemplate.content | string }}"
register: fusework
+ when: '"successfully rolled out" not in fuserollout.stdout'
- name: Create Fuse workload
k8s:
state: present
namespace: "{{ _namespace }}"
- definition: "{{ fusework.stdout | from_json }}"
\ No newline at end of file
+ definition: "{{ fusework.stdout | from_json }}"
+ when: '"successfully rolled out" not in fuserollout.stdout'
\ No newline at end of file
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml
index ce93fb1..c10a4da 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/tasks/workload_project.yml
@@ -57,9 +57,11 @@
- name: Business Automation workload for {{ _namespace }}
include_tasks: workload_per_project_businessautomationworkload.yml
+ when: _deploy_workload == true
- name: Fuse workload for {{ _namespace }}
include_tasks: workload_per_project_fuseworkload.yml
+ when: _deploy_workload == true
- name: Print Overview
debug:
diff --git a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/bucketrepo/deployment.j2 b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/bucketrepo/deployment.j2
index d391806..9087308 100644
--- a/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/bucketrepo/deployment.j2
+++ b/ansible/roles/ocp4-workload-pam-fraudmanagement-workshop/templates/bucketrepo/deployment.j2
@@ -7,14 +7,14 @@
- apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
- name: summit-2020-bucketrepo
+ name: proactive-fraud-detection-bucketrepo
spec:
lookupPolicy:
local: false
tags:
- from:
kind: DockerImage
- name: quay.io/redhat-consulting-uk/summit-2020-bucketrepo:latest
+ name: quay.io/redhat-consulting-uk/proactive-fraud-detection-bucketrepo:latest
name: latest
referencePolicy:
type: Local
@@ -73,7 +73,7 @@
spec:
containers:
- name: bucketrepo
- image: "image-registry.openshift-image-registry.svc:5000/{{ _namespace }}/summit-2020-bucketrepo"
+ image: "image-registry.openshift-image-registry.svc:5000/{{ _namespace }}/proactive-fraud-detection-bucketrepo"
imagePullPolicy: IfNotPresent
command: ["/bucketrepo"]
args:
--
Gitblit v1.9.3