diff --git a/playbooks/manual/fas2discourse.yml b/playbooks/manual/fas2discourse.yml index 10cd03c53b..e5dff0ac06 100644 --- a/playbooks/manual/fas2discourse.yml +++ b/playbooks/manual/fas2discourse.yml @@ -9,11 +9,23 @@ - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml tasks: + - name: fas2discourse Role + include_role: + name: fas2discourse + tasks_from: create-keytab + +- hosts: os-control-stg #:os-control + user: root + gather_facts: false + + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + tasks: - name: fas2discourse Role include_role: name: fas2discourse tasks_from: administration-tasks - apply: - tags: - - generate-keytab diff --git a/roles/fas2discourse/default/main.yml b/roles/fas2discourse/default/main.yml index 94bbb3c1bc..27c52dd15e 100644 --- a/roles/fas2discourse/default/main.yml +++ b/roles/fas2discourse/default/main.yml @@ -1 +1,5 @@ fas2discourse_hostname: "fas2discourse.hostna.me" +fas2discourse_namespace: "fas2discourse-operator" +fas2discourse_project_description: "The fas2discourse-operator is responsible for synchronising group membership for users between Discourse and IPA." +fas2discourse_keytab_file: "OVERRIDEME WITH A FILE LOOKUP" +fas2discourse_discourse_apikey: "OVERRIDEME WITH A DISCOURSE APIKEY" diff --git a/roles/fas2discourse/tasks/administration-tasks.yml b/roles/fas2discourse/tasks/administration-tasks.yml index 8939fe888a..0d42ecf4af 100644 --- a/roles/fas2discourse/tasks/administration-tasks.yml +++ b/roles/fas2discourse/tasks/administration-tasks.yml @@ -1,2 +1,15 @@ --- -- include_tasks: create-keytab.yml +- name: Create the directories to hold the templates + file: + path: "/root/ocp4/openshift-apps/fas2discourse-operator" + state: directory + owner: root + group: root + mode: 0770 + recurse: yes + +- include_tasks: create-operator-namespace.yml +- include_tasks: create-keytab-secret.yml +- include_tasks: create-discourse-apikey-secret.yml +- include_tasks: deploy-fas2discourse-operator.yml + diff --git a/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml new file mode 100644 index 0000000000..b1edf28634 --- /dev/null +++ b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml @@ -0,0 +1,12 @@ +--- +# generate the templates for project to be created +- name: create the templates + template: + src: "secret-discourse-apikey.yml" + dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml" + mode: 0770 + +# apply created openshift resources +- name: oc apply resources + command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml" + diff --git a/roles/fas2discourse/tasks/create-keytab-secret.yml b/roles/fas2discourse/tasks/create-keytab-secret.yml new file mode 100644 index 0000000000..da9c64ccf7 --- /dev/null +++ b/roles/fas2discourse/tasks/create-keytab-secret.yml @@ -0,0 +1,24 @@ +--- +# generate the templates for project to be created +- name: create the templates + ansible.builtin.copy: + src: "/etc/openshift_apps/fas2discourse/fas2discourse-keytab.kt" + dest: "/root/ocp4/openshift-apps/fas2discourse-operator/fas2discourse-keytab.kt" + mode: 0770 + +# generate the templates for project to be created +- name: create the templates + template: + src: "secret-keytab.yml" + dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml" + mode: 0770 + vars: + fas2discourse_keytab_file: + "{{ lookup('file', + '/etc/openshift_apps/fas2discourse/fas2discourse-keytab.kt') + }}" + +# apply created openshift resources +- name: oc apply resources + command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml" + diff --git a/roles/fas2discourse/tasks/create-operator-namespace.yml b/roles/fas2discourse/tasks/create-operator-namespace.yml new file mode 100644 index 0000000000..3901a115de --- /dev/null +++ b/roles/fas2discourse/tasks/create-operator-namespace.yml @@ -0,0 +1,11 @@ +--- +# generate the templates for project to be created +- name: create the templates + template: + src: "namespace.yml" + dest: "/root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml" + mode: 0770 + +# apply created openshift resources +- name: oc apply resources + command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml" diff --git a/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml new file mode 100644 index 0000000000..cd21505a47 --- /dev/null +++ b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml @@ -0,0 +1,2 @@ +--- + diff --git a/roles/fas2discourse/templates/namespace.yml b/roles/fas2discourse/templates/namespace.yml new file mode 100644 index 0000000000..e7a2e66144 --- /dev/null +++ b/roles/fas2discourse/templates/namespace.yml @@ -0,0 +1,8 @@ +--- +kind: Namespace +apiVersion: v1 +metadata: + name: "{{fas2discourse_namespace}}" + annotations: + openshift.io/description: "{{ fas2discourse_project_description }}" + openshift.io/display-name: "{{ fas2discourse_namespace }}" diff --git a/roles/fas2discourse/templates/secret-discourse-apikey.yml b/roles/fas2discourse/templates/secret-discourse-apikey.yml new file mode 100644 index 0000000000..9711bd3bc0 --- /dev/null +++ b/roles/fas2discourse/templates/secret-discourse-apikey.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: "{{ fas2discourse_namespace }}-discourse-apikey-secret" + namespace: "{{ fas2discourse_namespace }}" +data: + fas2discourse-discourse-apikey: + "{{ fas2discourse_discourse_apikey | b64encode }}" + diff --git a/roles/fas2discourse/templates/secret-keytab.yml b/roles/fas2discourse/templates/secret-keytab.yml new file mode 100644 index 0000000000..af56bb3727 --- /dev/null +++ b/roles/fas2discourse/templates/secret-keytab.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: "{{ fas2discourse_namespace }}-keytab-secret" + namespace: "{{ fas2discourse_namespace }}" +data: + fas2discourse-keytab: + "{{ fas2discourse_keytab_file | b64encode }}" +