Skip to content

Commit

Permalink
Add OpenTour DACH 2022 role : ansible/roles_ocp_workloads/ocp4_worklo…
Browse files Browse the repository at this point in the history
…ad_opentour_dach_2022 (redhat-cop#5479)

* Initial ocp4_workload_opentour_dach_2022 role

* Added cluster-config & service-mesh stuff

* Remove useless task

* Rename generic.j2 to generic.yaml.j2

* Fixed namespace names, remove duplicated prefix

* Added work-a-round https://access.redhat.com/solutions/6975952

* Get rid of  lookup('ansible.utils.index_of',

* Cleanup

* Rollout gitops & pipeline too

* Remove blank lines

* Update workload.yml

Add Line-Length skip

* Update workload.yml

Co-authored-by: klewis0928 <[email protected]>
  • Loading branch information
rbo and klewis0928 authored Sep 26, 2022
1 parent 262c25a commit ca93c68
Show file tree
Hide file tree
Showing 12 changed files with 317 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
become_override: false
ocp_username: opentlc-mgr
silent: false

ocp4_workload_opentour_dach_2022_user_count: 4
ocp4_workload_opentour_dach_2022_user_prefix: opentour-

ocp4_workload_opentour_dach_2022_infra_repo: https://github.com/sa-mw-dach/opentour-2022-gitops-infra.git
ocp4_workload_opentour_dach_2022_infra_repo_tag: HEAD
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
galaxy_info:
role_name: ocp4_workload_opentour_dach_2022
author: Robert Bohne
description: |
Set up the OpenTour DACH 2022 Workshop environment
license: MIT
min_ansible_version: 2.9
platforms: []
galaxy_tags:
- ocp
- openshift
dependencies: []
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
# Do not modify this file

- name: Running Pre Workload Tasks
include_tasks:
file: ./pre_workload.yml
apply:
become: "{{ become_override | bool }}"
when: ACTION == "create" or ACTION == "provision"

- name: Running Workload Tasks
include_tasks:
file: ./workload.yml
apply:
become: "{{ become_override | bool }}"
when: ACTION == "create" or ACTION == "provision"

- name: Running Post Workload Tasks
include_tasks:
file: ./post_workload.yml
apply:
become: "{{ become_override | bool }}"
when: ACTION == "create" or ACTION == "provision"

- name: Running Workload removal Tasks
include_tasks:
file: ./remove_workload.yml
apply:
become: "{{ become_override | bool }}"
when: ACTION == "destroy" or ACTION == "remove"
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
# Implement your Post Workload deployment tasks here
# --------------------------------------------------


# Leave these as the last tasks in the playbook
# ---------------------------------------------

# For deployment onto a dedicated cluster (as part of the
# cluster deployment) set workload_shared_deployment to False
# This is the default so it does not have to be set explicitely
- name: post_workload tasks complete
debug:
msg: "Post-Workload tasks completed successfully."
when:
- not silent | bool
- not workload_shared_deployment | default(false) | bool

# For RHPDS deployment (onto a shared cluster) set
# workload_shared_deployment to True
# (in the deploy script or AgnosticV configuration)
- name: post_workload tasks complete
debug:
msg: "Post-Software checks completed successfully"
when:
- not silent | bool
- workload_shared_deployment | default(false) | bool
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
# Implement your Pre Workload deployment tasks here
# -------------------------------------------------


# Leave these as the last tasks in the playbook
# ---------------------------------------------

# For deployment onto a dedicated cluster (as part of the
# cluster deployment) set workload_shared_deployment to False
# This is the default so it does not have to be set explicitely
- name: pre_workload tasks complete
debug:
msg: "Pre-Workload tasks completed successfully."
when:
- not silent | bool
- not workload_shared_deployment | default(false) | bool

# For RHPDS deployment (onto a shared cluster) set
# workload_shared_deployment to True
# (in the deploy script or AgnosticV configuration)
- name: pre_workload tasks complete
debug:
msg: "Pre-Software checks completed successfully"
when:
- not silent | bool
- workload_shared_deployment | default(false) | bool
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
---
# Implement your workload removal tasks here
# ------------------------------------------

# This playbook is called upon deletion of the environment
# OpenShift resources get deleted automatically
# Need to cleanup after ourselves in RHV though.

# Leave this as the last task in the playbook.
# --------------------------------------------
- name: remove_workload tasks complete
debug:
msg: "Remove Workload tasks completed successfully."
when: not silent|bool
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
---

- name: Determine cluster wildcard domain
kubernetes.core.k8s_info:
api_version: operator.openshift.io/v1
kind: IngressController
name: default
namespace: openshift-ingress-operator
register: r_ingress_controller

- name: Save cluster apps domain variable
ansible.builtin.set_fact:
_ocp4_workload_opentour_dach_2022_shared_apps_domain: "{{ r_ingress_controller.resources[0].status.domain }}"

- name: Set up cluster-configuratoin
kubernetes.core.k8s:
state: present
definition: "{{ lookup('template', 'apps/cluster-configuration.yaml.j2' ) | from_yaml }}"

- name: Rollout helm
kubernetes.core.k8s:
state: present
definition: "{{ lookup('template', 'appsets/generic.yaml.j2' ) | from_yaml }}"
with_items:
- service-mesh-app
- service-mesh-system
- gitops
- pipeline

# Patch openshift pipelines because of
# https://access.redhat.com/solutions/6975952

- name: Fetch crd resolutionrequests.resolution.tekton.dev
kubernetes.core.k8s_info:
api_version: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
name: resolutionrequests.resolution.tekton.dev
register: crd_resolutionrequests

# yamllint disable-line rule:line-length
- name: Find out 'all' in /spec/names/categories
set_fact:
# yamllint disable-line rule:line-length
index_of_all: "{% set i=-1 -%}{%- for cat in crd_resolutionrequests.resources[0].spec.names.categories -%}{%- if cat == 'all' -%}{{ loop.index - 1 }}{%- endif -%}{%- endfor-%}"

- name: Remove 'all' in /spec/names/categories
kubernetes.core.k8s_json_patch:
api_version: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
name: resolutionrequests.resolution.tekton.dev
patch:
- op: remove
path: "/spec/names/categories/{{ index_of_all | int }}"
when:
- index_of_all is defined
- index_of_all | length > 0
- index_of_all | int > -1
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: applications
namespace: {{ _ocp4_workload_opentour_dach_2022_shared_namespace }}
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
name: ''
namespace: {{ _ocp4_workload_opentour_dach_2022_shared_namespace }}
server: 'https://kubernetes.default.svc'
project: default
syncPolicy:
automated:
prune: false
selfHeal: false
source:
repoURL: http://{{ ocp4_workload_opentour_dach_2022_shared_gitea_instance }}.{{ ocp4_workload_opentour_dach_2022_shared_gitea_project }}.svc:3000/{{ _ocp4_workload_opentour_dach_2022_shared_user }}/{{ ocp4_workload_opentour_dach_2022_shared_gitea_repo }}
targetRevision: main
path: helm/argoapps
helm:
values: |
user: {{ _ocp4_workload_opentour_dach_2022_shared_user }}
customerDatabase:
password: {{ ocp4_workload_opentour_dach_2022_shared_oracle_db_password }}
customersHost: {{ _ocp4_workload_opentour_dach_2022_shared_tomcat_ip }}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cluster-configuration
namespace: openshift-gitops
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
name: ""
server: 'https://kubernetes.default.svc'
project: default
syncPolicy:
syncOptions:
automated:
prune: false
selfHeal: false
source:
repoURL: 'https://github.com/sa-mw-dach/opentour-2022-gitops-infra.git'
path: cluster-configuration/overlays/common
targetRevision: HEAD
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: "{{ _ocp4_workload_opentour_dach_2022_shared_namespace }}"
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: {{ item }}
namespace: openshift-gitops
spec:
generators:
- list:
elements:
{% for n in range(1, ocp4_workload_opentour_dach_2022_user_count | int + 1 ) %}
- user: {{ ocp4_workload_opentour_dach_2022_user_prefix }}{{ n }}
{% endfor %}
template:
metadata:
name: "{% raw %}{{ user }}{% endraw %}-{{ item }}"
namespace: openshift-gitops
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
name: ""
namespace: "{% raw %}{{ user }}{% endraw %}-{{ item }}"
server: 'https://kubernetes.default.svc'
project: default
syncPolicy:
syncOptions:
- CreateNamespace=true
automated:
prune: false
selfHeal: false
source:
repoURL: {{ ocp4_workload_opentour_dach_2022_infra_repo }}
targetRevision: {{ ocp4_workload_opentour_dach_2022_infra_repo_tag }}
path: per-user/{{ item }}
helm:
values: |
namespacePermissions:
user: "{% raw %}{{ user }}{% endraw %}"
role: admin
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: cicd
namespace: openshift-gitops
spec:
generators:
- list:
elements:
{% for n in range(1, ocp4_workload_opentour_dach_2022_shared_gitea_user_count | int + 1 ) %}
- user: {{ ocp4_workload_opentour_dach_2022_shared_gitea_user_prefix }}{{ n }}
{% endfor %}
template:
metadata:
name: "cicd-{% raw %}{{ user }}{% endraw %}"
namespace: openshift-gitops
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
name: ''
namespace: "{{ ocp4_workload_opentour_dach_2022_shared_pipeline_namespace_prefix }}{% raw %}{{ user }}{% endraw %}"
server: 'https://kubernetes.default.svc'
project: default
syncPolicy:
automated:
prune: false
selfHeal: false
source:
repoURL: "http://{{ ocp4_workload_opentour_dach_2022_shared_gitea_instance }}.{{ ocp4_workload_opentour_dach_2022_shared_gitea_project }}.svc:3000/{% raw %}{{ user }}{% endraw %}/{{ ocp4_workload_opentour_dach_2022_shared_gitea_repo }}"
targetRevision: main
path: helm/cicd
helm:
values: |
namespacePermissions:
user: "{% raw %}{{ user }}{% endraw %}"
role: edit
demoNamespace: "{{ ocp4_workload_opentour_dach_2022_shared_demo_namespace_prefix }}{% raw %}{{ user }}{% endraw %}"
cicdNamespace: "{{ ocp4_workload_opentour_dach_2022_shared_pipeline_namespace_prefix }}{% raw %}{{ user }}{% endraw %}"
repo:
url: "http://{{ ocp4_workload_opentour_dach_2022_shared_gitea_instance }}.{{ ocp4_workload_opentour_dach_2022_shared_gitea_project }}.svc:3000/{% raw %}{{ user }}{% endraw %}/{{ ocp4_workload_opentour_dach_2022_shared_gitea_repo }}"
user: "{% raw %}{{ user }}{% endraw %}"
password: {{ ocp4_workload_opentour_dach_2022_shared_gitea_user_password }}

0 comments on commit ca93c68

Please sign in to comment.