fcos-pipeline: Added openshift-apps/fcos-pipeline role

Signed-off-by: David Kirwan <dkirwan@redhat.com>
2021-10-20 16:32:34 +02:00 · 2021-10-20 16:32:34 +02:00 · 29282005c4
commit 29282005c4
parent d8659c221f
6 changed files with 70 additions and 0 deletions
--- a/playbooks/openshift-apps/fedora-coreos.yml
+++ b/playbooks/openshift-apps/fedora-coreos.yml
@ -0,0 +1,13 @@
+---
+- hosts: os-control01.stg # :os-control01
+  user: root
+  gather_facts: false
+
+  roles:
+  - role: openshift-apps/fcos-pipeline
+    project_name: fcos-pipeline
+    project_description: Jenkins pipeline configuration for Fedora CoreOS.
+    appowners:
+    - dustymabe
+    - jlebon
+    - cverna
--- a/roles/openshift-apps/fcos-pipeline/defaults/main.yaml
+++ b/roles/openshift-apps/fcos-pipeline/defaults/main.yaml
@ -0,0 +1,8 @@
+project_name: fcos-pipeline
+project_description: Jenkins Pipeline Configuration for FHCOS
+appowners: []
+ocp_service_account: root
+project_templates:
+  - project.yaml
+  - group.yaml
+  - rolebinding.yaml
--- a/roles/openshift-apps/fcos-pipeline/tasks/main.yaml
+++ b/roles/openshift-apps/fcos-pipeline/tasks/main.yaml
@ -0,0 +1,20 @@
+- name: Create the directories to hold the templates
+  file:
+    path: "/root/ocp4/openshift-apps/"
+    state: directory
+    owner: root
+    group: root
+    mode: 0770
+    recurse: yes
+
+# generate the templates for project to be created
+- name: apply the template
+  template:
+    src: "{{ item }}"
+    dest: "/root/ocp4/openshift-apps/{{ item }}"
+  with_items: "{{ project_templates }}"
+
+# apply created openshift resources
+- name: oc apply resources
+  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/{{ item }}"
+  with_items: "{{ project_templates }}"
--- a/roles/openshift-apps/fcos-pipeline/templates/group.yaml
+++ b/roles/openshift-apps/fcos-pipeline/templates/group.yaml
@ -0,0 +1,8 @@
+kind: Group
+apiVersion: user.openshift.io/v1
+metadata:
+  name: "{{project_name}}-appowners"
+users:
+{% for item in appowners %}
+- "{{ item }}"
+{% endfor %}
--- a/roles/openshift-apps/fcos-pipeline/templates/project.yaml
+++ b/roles/openshift-apps/fcos-pipeline/templates/project.yaml
@ -0,0 +1,8 @@
+---
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: "{{project_name}}"
+  annotations:
+    openshift.io/description: "{{ project_description }}"
+    openshift.io/display-name: "{{ project_name }}"
--- a/roles/openshift-apps/fcos-pipeline/templates/rolebinding.yaml
+++ b/roles/openshift-apps/fcos-pipeline/templates/rolebinding.yaml
@ -0,0 +1,13 @@
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: "{{project_name}}-appowners"
+  namespace: "{{project_name}}"
+subjects:
+  - kind: Group
+    apiGroup: rbac.authorization.k8s.io
+    name: "{{project_name}}-appowners"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: admin