diff options
Diffstat (limited to 'roles/ands_kaas/tasks')
-rw-r--r-- | roles/ands_kaas/tasks/do_project.yml | 13 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/file.yml | 8 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/project.yml | 11 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/search.yml | 2 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/sync.yml | 22 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/template.yml | 4 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/templates.yml | 2 | ||||
-rw-r--r-- | roles/ands_kaas/tasks/volume.yml | 34 |
9 files changed, 79 insertions, 19 deletions
diff --git a/roles/ands_kaas/tasks/do_project.yml b/roles/ands_kaas/tasks/do_project.yml index a876d94..4fac6c6 100644 --- a/roles/ands_kaas/tasks/do_project.yml +++ b/roles/ands_kaas/tasks/do_project.yml @@ -6,13 +6,15 @@ include_tasks: volume.yml run_once: true # delegate_to: "{{ groups.masters[0] }}" - with_dict: "{{ kaas_project_config.volumes | default(kaas_openshift_volumes) }}" + with_dict: "{{ kaas_project_volumes }}" loop_control: loop_var: osv vars: query: "[*].volumes.{{osv.value.volume}}.mount" mntpath: "{{ (ands_storage_domains | json_query(query)) }}" - path: "{{ mntpath[0] ~ (osv.value.path | default('')) }}" + osvpath: "{{ osv.value.path | default('') }}" + prefix: "{{ ( osvpath[:1] == '/' ) | ternary('', '/' ~ kaas_project ~ '/') }}" + path: "{{ mntpath[0] ~ prefix ~ osvpath }}" name: "{{osv.key}}" volume: "{{osv.value}}" when: ( mntpath | length ) > 0 @@ -29,19 +31,19 @@ include_tasks: file.yml run_once: true # delegate_to: "{{ groups.masters[0] }}" - with_items: "{{ kaas_project_config.files | default(ands_openshift_files) }}" + with_items: "{{ kaas_project_config.files | default(kaas_openshift_files) | default([]) }}" loop_control: loop_var: file vars: pvar: "kaas_{{ file.osv }}_path" path: "{{ hostvars[inventory_hostname][pvar] }}/{{ file.path }}" - when: file.osv in ( kaas_project_config.volumes | default(kaas_openshift_volumes) ) + when: file.osv in kaas_project_volumes - name: Load OpenSSL keys include_tasks: keys.yml # delegate_to: "{{ groups.masters[0] }}" run_once: true - with_dict: "{{ kaas_project_config.pods }}" + with_dict: "{{ kaas_project_config.pods | default({}) }}" loop_control: loop_var: pod @@ -57,5 +59,4 @@ run_once: true when: - kaas_project_config.oc is undefined - - kaas_project_config.pods != {} diff --git a/roles/ands_kaas/tasks/file.yml b/roles/ands_kaas/tasks/file.yml index e6b2e8d..a839473 100644 --- a/roles/ands_kaas/tasks/file.yml +++ b/roles/ands_kaas/tasks/file.yml @@ -3,15 +3,15 @@ set_fact: group="{{ file.group | default(kaas_project_config.file_group | default(ands_default_file_group)) }}" - name : Resolve project groups - set_fact: group="{{ (kaas_project_config.gids | default(ands_openshift_gids))[group].id }}" - when: group in ( kaas_project_config.gids | default(ands_openshift_gids) ) + set_fact: group="{{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}" + when: group in ( kaas_project_config.gids | default(kaas_openshift_gids) ) - name: Set owner set_fact: owner="{{ file.owner | default(kaas_project_config.file_owner | default(ands_default_file_owner)) }}" - name : Resolve project uids - set_fact: owner="{{ (kaas_project_config.uids | default(ands_openshift_uids) )[owner].id }}" - when: owner in ( kaas_project_config.uids | default(ands_openshift_uids) ) + set_fact: owner="{{ (kaas_project_config.uids | default(kaas_openshift_uids) )[owner].id }}" + when: owner in ( kaas_project_config.uids | default(kaas_openshift_uids) ) - name: "Setting up files in {{ path }}" file: diff --git a/roles/ands_kaas/tasks/main.yml b/roles/ands_kaas/tasks/main.yml index 0931f80..85110cb 100644 --- a/roles/ands_kaas/tasks/main.yml +++ b/roles/ands_kaas/tasks/main.yml @@ -4,7 +4,7 @@ include_tasks: project.yml run_once: true # delegate_to: "{{ groups.masters[0] }}" - with_items: "{{ kaas_projects }}" + with_items: "{{ (kaas_single_project is defined) | ternary([kaas_single_project], kaas_projects) }}" loop_control: loop_var: kaas_project vars: diff --git a/roles/ands_kaas/tasks/project.yml b/roles/ands_kaas/tasks/project.yml index 40b5180..f7eb1df 100644 --- a/roles/ands_kaas/tasks/project.yml +++ b/roles/ands_kaas/tasks/project.yml @@ -1,11 +1,15 @@ --- - name: Load global variables include_vars: "{{kaas_project_path}}/vars/globals.yml" - when: "'{{kaas_project_path}}/vars/globals.yml' | is_file" + when: path | is_file + vars: + path: "{{ kaas_project_path }}/vars/globals.yml" - name: Load variables include_vars: dir="{{kaas_project_path}}/vars" name="var_{{kaas_project}}_config" - when: "'{{kaas_project_path}}/vars' | is_dir" + when: path | is_dir + vars: + path: "{{ kaas_project_path }}/vars" - set_fact: "var_{{kaas_project}}_config={{var_empty}}" vars: @@ -24,4 +28,5 @@ - include_tasks: do_project.yml vars: var_name: "var_{{kaas_project}}_config" - kaas_project_config: "{{hostvars[inventory_hostname][var_name]}}" + kaas_project_config: "{{ hostvars[inventory_hostname][var_name] }}" + kaas_project_volumes: "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}"
\ No newline at end of file diff --git a/roles/ands_kaas/tasks/search.yml b/roles/ands_kaas/tasks/search.yml index 9844ee8..1cefb7d 100644 --- a/roles/ands_kaas/tasks/search.yml +++ b/roles/ands_kaas/tasks/search.yml @@ -12,5 +12,5 @@ local_path: "{{ osv_path }}" remote_path: "{{ hostvars[inventory_hostname][pvar] }}" when: - - osv in (kaas_project_config.volumes | default(kaas_openshift_volumes)) + - osv in kaas_project_volumes - hostvars[inventory_hostname][pvar] is defined diff --git a/roles/ands_kaas/tasks/sync.yml b/roles/ands_kaas/tasks/sync.yml index 07764ca..a4febe7 100644 --- a/roles/ands_kaas/tasks/sync.yml +++ b/roles/ands_kaas/tasks/sync.yml @@ -4,5 +4,23 @@ register: result - name: "Sync '{{ item_name }}'" - local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes - when: (result.stat.exists == False) or (kaas_resync | default(false)) + local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes delete=yes + register: sync + when: (result.stat.exists == False) or (kaas_resync | default(false)) or (kaas_project_config.resync | default(false)) + +- name: "Ensure the data is writeable by project pods" + vars: + grp: "{{ kaas_project_config.sync_set_gid }}" + gid: "{{ ((kaas_project_config.gids | default(kaas_openshift_gids))[grp] is defined) | ternary((kaas_project_config.gids | default(kaas_openshift_gids))[grp].id, grp) }}" + file: + path: "{{ remote_path }}" + state: "directory" + recurse: "yes" + mode: "g+w" + owner: "{{ kaas_project_config.sync_set_uid | default('root') }}" + group: "{{ gid }}" + register: chmod + when: + - sync | changed + - kaas_openshift_gid_ranges[kaas_project] is defined + - kaas_project_config.sync_set_gid | default(false) diff --git a/roles/ands_kaas/tasks/template.yml b/roles/ands_kaas/tasks/template.yml index 6a81dd7..6c90b3d 100644 --- a/roles/ands_kaas/tasks/template.yml +++ b/roles/ands_kaas/tasks/template.yml @@ -1,4 +1,4 @@ -- name: Populate template +- name: "Populate template {{ tmpl_name }}" template: src="{{ item }}" dest="{{ kaas_template_path }}/{{ item | basename | regex_replace('\.j2','') }}" owner=root group=root mode="0644" register: result with_first_found: @@ -8,7 +8,7 @@ files: - "{{ tmpl_name }}" -- name: Configure KaaS resources +- name: "Configure KaaS resources defined in {{ tmpl_name }}" include_role: name="openshift_resource" vars: template: "{{ tmpl_name | basename | regex_replace('\\.j2','') }}" diff --git a/roles/ands_kaas/tasks/templates.yml b/roles/ands_kaas/tasks/templates.yml index e1612bc..2de4fad 100644 --- a/roles/ands_kaas/tasks/templates.yml +++ b/roles/ands_kaas/tasks/templates.yml @@ -4,10 +4,12 @@ command: "echo {{ item | quote }}" register: results changed_when: false + when: (kaas_project_config.pods | default([]) | length > 0) or not (item | regex_search('kaas-pods')) with_fileglob: - "{{ role_path }}/templates/{{ kaas_template_glob | default('*') }}.j2" - "{{ kaas_project_path }}/templates/{{ kaas_template_glob | default('*') }}.j2" + #- debug: msg="{{ results }}" - name: "Sort and execute KaaS templates" diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml index b82e55f..ff51fb0 100644 --- a/roles/ands_kaas/tasks/volume.yml +++ b/roles/ands_kaas/tasks/volume.yml @@ -6,6 +6,40 @@ file: path: "{{ path }}" state: "directory" + recurse: "no" + register: mkdir + +- name: "Ensure the {{ path }} is writeable by project pods" + vars: + default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}" + file: + path: "{{ path }}" + state: "directory" + recurse: "no" + mode: "{{ volume.mode | default(0775) }}" + owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" + group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}" + register: chmod + when: + - mkdir | changed + - kaas_openshift_gid_ranges[kaas_project] is defined + - osvpath[:1] != "/" + +# There is no other way to write for users. There will be just two osv's one writeable and one not. +# We may create a dir with the wrong one and have permissions not set +# - volume.write | default(false) + +- name: "Setting default permissions for non standard locations" + file: + path: "{{ path }}" + state: "directory" + recurse: "no" mode: "{{ volume.mode | default(0755) }}" owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}" group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}" + when: + - mkdir | changed + - chmod | skipped + + + |