diff options
Diffstat (limited to 'ansible/roles')
| -rw-r--r-- | ansible/roles/application-install/defaults/main.yml | 1 | ||||
| -rw-r--r-- | ansible/roles/application-install/tasks/main.yml | 22 | ||||
| -rw-r--r-- | ansible/roles/application-override/tasks/main.yml | 16 | ||||
| -rw-r--r-- | ansible/roles/application/defaults/main.yml | 11 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/custom_role.yml (renamed from ansible/roles/application-install/tasks/custom_role.yml) | 2 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/install.yml (renamed from ansible/roles/application-install/tasks/install.yml) | 30 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/main.yml | 24 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/post-install.yml (renamed from ansible/roles/application-install/tasks/post-install.yml) | 2 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/pre-install.yml | 5 | ||||
| -rw-r--r-- | ansible/roles/application/tasks/transfer-helm-charts.yml (renamed from ansible/roles/application-install/tasks/pre-install.yml) | 9 | ||||
| -rw-r--r-- | ansible/roles/firewall/tasks/firewall-disable.yml | 1 |
11 files changed, 71 insertions, 52 deletions
diff --git a/ansible/roles/application-install/defaults/main.yml b/ansible/roles/application-install/defaults/main.yml deleted file mode 100644 index 473fbb80..00000000 --- a/ansible/roles/application-install/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ -phase: install diff --git a/ansible/roles/application-install/tasks/main.yml b/ansible/roles/application-install/tasks/main.yml deleted file mode 100644 index ba522792..00000000 --- a/ansible/roles/application-install/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- debug: - msg: "phase is {{ phase }}" - -- name: Check if install needed - block: - - name: "Does {{ app_helm_charts_install_directory }} exist and contain Helm Charts" - find: - paths: "{{ app_helm_charts_install_directory }}" - recurse: yes - delegate_to: localhost - register: charts_files - - name: Set install active fact - set_fact: - install_needed: "{{ true if charts_files.matched | int > 0 else false }}" - when: phase == "pre-install" - -- include_tasks: "{{ phase }}.yml" - when: install_needed - -- debug: - msg: "Install needed {{ install_needed }}" diff --git a/ansible/roles/application-override/tasks/main.yml b/ansible/roles/application-override/tasks/main.yml new file mode 100644 index 00000000..1ecf7c79 --- /dev/null +++ b/ansible/roles/application-override/tasks/main.yml @@ -0,0 +1,16 @@ +--- +# Role for generating Helm override.yml file +- name: Register root certificate + slurp: + src: "{{ playbook_dir }}/certs/rootCA.crt" + register: root_cert + delegate_to: localhost + +- name: "Set root ca certificate" + set_fact: + merged_overrides: "{{ overrides | default({}) | combine({'global': {'cacert': root_cert.content | b64decode}}, recursive=True) }}" + +- name: "Create {{ app_helm_override_file }}" + copy: + dest: "{{ app_helm_override_file }}" + content: "{{ merged_overrides | to_nice_yaml }}" diff --git a/ansible/roles/application/defaults/main.yml b/ansible/roles/application/defaults/main.yml new file mode 100644 index 00000000..dec17601 --- /dev/null +++ b/ansible/roles/application/defaults/main.yml @@ -0,0 +1,11 @@ +--- +helm_repository_name: local +helm_repository_url: http://127.0.0.1:8879 +# Override file generation for Helm application can be customized by any role +# given by user and found by ansible from roles_path. +# By default override file is generated by 'application-override' role that is +# specific for offline installer (for onap) as it's generating server +# certificate needed to simulate internet by offline installer. +app_skip_helm_override: false +app_helm_override_role: application-override +app_helm_override_file: "{{ app_data_path }}/override.yaml" diff --git a/ansible/roles/application-install/tasks/custom_role.yml b/ansible/roles/application/tasks/custom_role.yml index b6f6f351..f0b9a84f 100644 --- a/ansible/roles/application-install/tasks/custom_role.yml +++ b/ansible/roles/application/tasks/custom_role.yml @@ -1,6 +1,6 @@ --- # Caller fills application_custom_role variable with actual role name. -- name: "Execute custom role {{ application_custom_role }} {{ phase }} Helm install." +- name: "Execute custom role {{ application_custom_role }} for Helm install." include_role: name: "{{ application_custom_role }}" when: diff --git a/ansible/roles/application-install/tasks/install.yml b/ansible/roles/application/tasks/install.yml index 96f66b90..103ecc8b 100644 --- a/ansible/roles/application-install/tasks/install.yml +++ b/ansible/roles/application/tasks/install.yml @@ -6,8 +6,8 @@ --skip-refresh changed_when: true # init is always changed type of action -#A correct way to implement this would be using --wait option in helm init invocation. -#However, it does not work due to https://github.com/helm/helm/issues/4031 (fixed in newer helm release) +# A correct way to implement this would be using --wait option in helm init invocation. +# However, it does not work due to https://github.com/helm/helm/issues/4031 (fixed in newer helm release) - name: "Wait for helm upgrade to finish" command: "{{ helm_bin_dir }}/helm version --tiller-connection-timeout 10" register: result @@ -42,7 +42,7 @@ - "'Error: no repositories to show' not in helm_repo_list.stderr" - name: Helm Add Repo - command: "{{ helm_bin_dir }}/helm repo add {{ helm_repository_name }} {{ helm_repository_url }}" + command: "{{ helm_bin_dir }}/helm repo add {{ helm_repository_name | mandatory }} {{ helm_repository_url | mandatory }}" when: "'local' not in helm_repo_list.stdout" changed_when: true # when executed its a changed type of action @@ -50,24 +50,14 @@ make: chdir: "{{ app_helm_charts_infra_directory }}" target: "{{ item }}" - with_items: "{{ app_helm_build_targets }}" + loop: "{{ app_helm_build_targets }}" environment: PATH: "{{ helm_bin_dir }}:{{ ansible_env.PATH }}" -- name: Register root certificate - slurp: - src: "{{ playbook_dir }}/certs/rootCA.crt" - register: root_cert - delegate_to: localhost - -# WA: this is required because deploy plugin dont process params properly -- name: Create override file with global.cacert - copy: - dest: "{{ app_data_path }}/override.yaml" - content: | - global: - cacert: | - {{ root_cert['content'] | b64decode | indent( width=4, indentfirst=False) }} +- name: Generate Helm application override file with custom role + include_role: + name: "{{ app_helm_override_role }}" + when: not app_skip_helm_override - name: Check for deploy plugin presence stat: @@ -81,5 +71,7 @@ {{ app_helm_release_name }} {{ helm_repository_name }}/{{ app_helm_chart_name }} --namespace {{ app_kubernetes_namespace }} - -f {{ app_data_path }}/override.yaml + {{ '' if app_skip_helm_override else '-f ' + app_helm_override_file }} changed_when: true # when executed its a changed type of action + register: helm_install + failed_when: helm_install.stderr diff --git a/ansible/roles/application/tasks/main.yml b/ansible/roles/application/tasks/main.yml new file mode 100644 index 00000000..3018e95f --- /dev/null +++ b/ansible/roles/application/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Check if application Helm charts exist and install is even needed + block: + - name: "Does {{ app_helm_charts_install_directory }} directory exist and contain Helm Charts" + find: + paths: "{{ app_helm_charts_install_directory }}" + recurse: true + delegate_to: localhost + register: charts_files + - name: Set install active fact + set_fact: + install_needed: "{{ true if charts_files.matched | int > 0 else false }}" + +- name: Install app with Helm charts + block: + - include_tasks: transfer-helm-charts.yml + - include_tasks: pre-install.yml + - include_tasks: install.yml + - include_tasks: post-install.yml + when: install_needed + +- debug: + msg: "NOTE, nothing done as application Helm charts does not exist!" + when: not install_needed diff --git a/ansible/roles/application-install/tasks/post-install.yml b/ansible/roles/application/tasks/post-install.yml index 10594233..5464cb46 100644 --- a/ansible/roles/application-install/tasks/post-install.yml +++ b/ansible/roles/application/tasks/post-install.yml @@ -2,4 +2,4 @@ - name: "Execute custome role {{ application_post_install_role }} if defined." include_tasks: custom_role.yml vars: - application_custom_role: "{{ application_post_install_role }}" + application_custom_role: "{{ application_post_install_role | default('') }}" diff --git a/ansible/roles/application/tasks/pre-install.yml b/ansible/roles/application/tasks/pre-install.yml new file mode 100644 index 00000000..74f1548f --- /dev/null +++ b/ansible/roles/application/tasks/pre-install.yml @@ -0,0 +1,5 @@ +--- +- name: "Execute custom role {{ application_pre_install_role }} if defined." + include_tasks: custom_role.yml + vars: + application_custom_role: "{{ application_pre_install_role | default('') }}" diff --git a/ansible/roles/application-install/tasks/pre-install.yml b/ansible/roles/application/tasks/transfer-helm-charts.yml index bf6619b0..0cd7c02f 100644 --- a/ansible/roles/application-install/tasks/pre-install.yml +++ b/ansible/roles/application/tasks/transfer-helm-charts.yml @@ -38,14 +38,7 @@ copy: src: "{{ item.path }}" dest: "{{ helm_home_dir.stdout }}/plugins" - directory_mode: yes + directory_mode: true mode: 0755 with_items: "{{ list_of_plugins.files }}" - become: true when: app_helm_plugins_directory is defined and app_helm_plugins_directory is not none - -- name: "Execute custom role {{ application_pre_install_role }} if defined." - include_tasks: custom_role.yml - vars: - application_custom_role: "{{ application_pre_install_role }}" - diff --git a/ansible/roles/firewall/tasks/firewall-disable.yml b/ansible/roles/firewall/tasks/firewall-disable.yml index f406d943..5f1ab537 100644 --- a/ansible/roles/firewall/tasks/firewall-disable.yml +++ b/ansible/roles/firewall/tasks/firewall-disable.yml @@ -13,3 +13,4 @@ - name: Flush iptables iptables: flush: true + changed_when: false # for idempotence |