Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vars from common #2

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Vars from common #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f9a0ca8
Adding vars from common to main.yml
david-rh Aug 12, 2020
f049bdf
Add description of current usage
david-rh Aug 12, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 22 additions & 1 deletion tisc_collection_gitea/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# Ansible Collection - rht_consulting.tisc_collection_gitea

Documentation for the collection.
Documentation for the collection.

The following example playbook will import and execute this collection

```
---
- hosts: localhost
tasks:
- import_role:
name: rht_consulting.tisc_collection_gitea.gitea
```

To run this the following vars need to be defined

p_cluster_name
p_base_domain
p_kube_config
p_oc_cli

For example, if the playbook above is named play.yml and our ocp cluster domain is openshift.example.net the youcan un the following to launch the collection

ansible-playbook -e 'p_cluster_name=openshift p_base_domain=openshift.example.net p_kube_config=<OCP_INSTALL_DIR>/auth/kubeconfig p_oc_cli=/usr/local/bin/oc' play.yml
110 changes: 6 additions & 104 deletions tisc_collection_gitea/roles/gitea/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,109 +1,11 @@
---
- name: Ensure namespace exists
k8s:
kubeconfig: '{{ kubeconfig }}'
definition:
apiVersion: v1
kind: Namespace
metadata:
name: '{{ gitea_project_name }}'
annotations:
openshift.io/display-name: '{{ gitea_project_display }}'
spec: {}
gitea_project_name: devsecops
gitea_project_display: DevSecOps Common Resources

- name: Deploy resources for Gitea Operator
k8s:
kubeconfig: '{{ kubeconfig }}'
namespace: '{{ resource.namespace|default(omit) }}'
definition: '{{ lookup("url", resource.url, split_lines=False)|from_yaml|regex_replace("REPLACE_ME", gitea_project_name) }}'
loop:
- name: crd
url: https://raw.githubusercontent.com/{{ github_project }}/gitea-operator/master/deploy/crds/gpte_v1alpha1_gitea_crd.yaml
- name: cluster_role
url: https://raw.githubusercontent.com/{{ github_project }}/gitea-operator/master/deploy/cluster_role.yaml
- name: service_account
url: https://raw.githubusercontent.com/{{ github_project }}/gitea-operator/master/deploy/service_account.yaml
namespace: '{{ gitea_project_name }}'
- name: cluster_role_binding
url: https://raw.githubusercontent.com/{{ github_project }}/gitea-operator/master/deploy/cluster_role_binding.yaml
namespace: '{{ gitea_project_name }}'
- name: operator
url: https://raw.githubusercontent.com/{{ github_project }}/gitea-operator/master/deploy/operator.yaml
namespace: '{{ gitea_project_name }}'
loop_control:
loop_var: resource
label: '{{ resource.name }}'
# The github account from which to pull the openshift-tasks project
tasks_github_project: "{{ github_project }}"

- name: Create Gitea from a CR
k8s:
kubeconfig: '{{ kubeconfig }}'
namespace: '{{ gitea_project_name }}'
definition:
apiVersion: gpte.opentlc.com/v1alpha1
kind: Gitea
metadata:
name: gitea-server
spec:
postgresqlVolumeSize: 4Gi
giteaVolumeSize: 4Gi
giteaSsl: True
giteaName: gitea
register: gitea_deployment
until: not gitea_deployment.failed
retries: 5
delay: 10
repos_to_load:
- openshift-tasks

- name: Wait for Gitea to finish being created
k8s_info:
kubeconfig: '{{ kubeconfig }}'
api_version: v1
kind: Pod
namespace: '{{ gitea_project_name }}'
label_selectors:
- app=gitea-server
register: gitea_pod
until: gitea_pod.resources|length > 0 and (gitea_pod.resources|first).status.phase == "Running"
retries: 10
delay: 30

# This is super hacky, I know... but it works for now. Will need fixing.
# Intent is to eventually clean up the operator and add more levers to the CRD.
- name: Create users in Gitea
shell: |
export KUBECONFIG='{{ kubeconfig }}'
oc='{{ oc_cli }}'
admin_user='{{ workshop_admin.username }}'
admin_password='{{ workshop_admin.password }}'
if [ $($oc whoami) != "$admin_user" ]; then
$oc login --insecure-skip-tls-verify=true -u "$admin_user" -p "$admin_password" || exit 1
fi

{% for user in workshop_users %}
args=(--username {{ user.username }} --password '{{ user.password }}')
{% if user.admin is defined and user.admin %}
args+=(--admin)
{% endif %}
args+=(--email '{{ user.username }}@{{ full_cluster_name }}')
args+=(--access-token --must-change-password=false)

pod=$($oc get pods -n {{ gitea_project_name }} -l app=gitea-server -o jsonpath='{.items[0].metadata.name}')
echo "running: $oc exec $pod -n {{ gitea_project_name }} -- /home/gitea/gitea --config=/home/gitea/conf/app.ini admin create-user ${args[@]}"
output=$($oc exec $pod -n {{ gitea_project_name }} -- /home/gitea/gitea --config=/home/gitea/conf/app.ini admin create-user "${args[@]}" 2>&1)
if echo "$output" | grep -qF 'created!'; then
echo "changed"
access_token=$(echo "$output" | awk '/^Access token was succ/ {print $NF}')
echo "token {{ user.username }} $access_token"
elif echo "$output" | grep -qF 'already exists'; then
echo ok
else
echo failed
echo "output: $output"
fi
echo "$output" >&2
{% endfor %}
register: gitea_users
changed_when: '"changed" in gitea_users.stdout_lines'
failed_when: '"failed" in gitea_users.stdout_lines'

- include_tasks: migrate_repo.yml
when: gitea_users.changed