fas2discourse: structure to deploy the fas2discourse-operator

Signed-off-by: David Kirwan <dkirwan@redhat.com>
2023-02-06 13:20:54 +09:00 · 2023-02-06 13:20:54 +09:00 · a21dfeea4f
commit a21dfeea4f
parent 953f2e5c4a
10 changed files with 108 additions and 4 deletions
--- a/playbooks/manual/fas2discourse.yml
+++ b/playbooks/manual/fas2discourse.yml
@ -9,11 +9,23 @@
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  tasks:
+    - name: fas2discourse Role
+      include_role:
+        name: fas2discourse
+        tasks_from: create-keytab

+
+- hosts: os-control-stg #:os-control
+  user: root
+  gather_facts: false
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - "/srv/private/ansible/vars.yml"
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
    - name: fas2discourse Role
      include_role:
        name: fas2discourse
        tasks_from: administration-tasks
-        apply:
-          tags:
-            - generate-keytab
--- a/roles/fas2discourse/default/main.yml
+++ b/roles/fas2discourse/default/main.yml
@ -1 +1,5 @@
 fas2discourse_hostname: "fas2discourse.hostna.me"
+fas2discourse_namespace: "fas2discourse-operator"
+fas2discourse_project_description: "The fas2discourse-operator is responsible for synchronising group membership for users between Discourse and IPA."
+fas2discourse_keytab_file: "OVERRIDEME WITH A FILE LOOKUP"
+fas2discourse_discourse_apikey: "OVERRIDEME WITH A DISCOURSE APIKEY"
--- a/roles/fas2discourse/tasks/administration-tasks.yml
+++ b/roles/fas2discourse/tasks/administration-tasks.yml
@ -1,2 +1,15 @@
 ---
- include_tasks: create-keytab.yml
+- name: Create the directories to hold the templates
+  file:
+    path: "/root/ocp4/openshift-apps/fas2discourse-operator"
+    state: directory
+    owner: root
+    group: root
+    mode: 0770
+    recurse: yes
+
+- include_tasks: create-operator-namespace.yml
+- include_tasks: create-keytab-secret.yml
+- include_tasks: create-discourse-apikey-secret.yml
+- include_tasks: deploy-fas2discourse-operator.yml
+
--- a/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml
+++ b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml
@ -0,0 +1,12 @@
+---
+# generate the templates for project to be created
+- name: create the templates
+  template:
+    src: "secret-discourse-apikey.yml"
+    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"
+    mode: 0770
+
+# apply created openshift resources
+- name: oc apply resources
+  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"
+
--- a/roles/fas2discourse/tasks/create-keytab-secret.yml
+++ b/roles/fas2discourse/tasks/create-keytab-secret.yml
@ -0,0 +1,24 @@
+---
+# generate the templates for project to be created
+- name: create the templates
+  ansible.builtin.copy:
+    src: "/etc/openshift_apps/fas2discourse/fas2discourse-keytab.kt"
+    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/fas2discourse-keytab.kt"
+    mode: 0770
+
+# generate the templates for project to be created
+- name: create the templates
+  template:
+    src: "secret-keytab.yml"
+    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"
+    mode: 0770
+  vars:
+    fas2discourse_keytab_file:
+      "{{ lookup('file',
+      '/etc/openshift_apps/fas2discourse/fas2discourse-keytab.kt')
+      }}"
+
+# apply created openshift resources
+- name: oc apply resources
+  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"
+
--- a/roles/fas2discourse/tasks/create-operator-namespace.yml
+++ b/roles/fas2discourse/tasks/create-operator-namespace.yml
@ -0,0 +1,11 @@
+---
+# generate the templates for project to be created
+- name: create the templates
+  template:
+    src: "namespace.yml"
+    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml"
+    mode: 0770
+
+# apply created openshift resources
+- name: oc apply resources
+  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml"
--- a/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml
+++ b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml
@ -0,0 +1,2 @@
+---
+
--- a/roles/fas2discourse/templates/namespace.yml
+++ b/roles/fas2discourse/templates/namespace.yml
@ -0,0 +1,8 @@
+---
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: "{{fas2discourse_namespace}}"
+  annotations:
+    openshift.io/description: "{{ fas2discourse_project_description }}"
+    openshift.io/display-name: "{{ fas2discourse_namespace }}"
--- a/roles/fas2discourse/templates/secret-discourse-apikey.yml
+++ b/roles/fas2discourse/templates/secret-discourse-apikey.yml
@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ fas2discourse_namespace }}-discourse-apikey-secret"
+  namespace: "{{ fas2discourse_namespace }}"
+data:
+  fas2discourse-discourse-apikey:
+    "{{ fas2discourse_discourse_apikey | b64encode }}"
+
--- a/roles/fas2discourse/templates/secret-keytab.yml
+++ b/roles/fas2discourse/templates/secret-keytab.yml
@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ fas2discourse_namespace }}-keytab-secret"
+  namespace: "{{ fas2discourse_namespace }}"
+data:
+  fas2discourse-keytab:
+    "{{ fas2discourse_keytab_file | b64encode }}"
+