summaryrefslogtreecommitdiffstats
path: root/roles/ands_kaas/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/ands_kaas/tasks')
-rw-r--r--roles/ands_kaas/tasks/do_project.yml13
-rw-r--r--roles/ands_kaas/tasks/file.yml8
-rw-r--r--roles/ands_kaas/tasks/main.yml2
-rw-r--r--roles/ands_kaas/tasks/project.yml11
-rw-r--r--roles/ands_kaas/tasks/search.yml2
-rw-r--r--roles/ands_kaas/tasks/sync.yml22
-rw-r--r--roles/ands_kaas/tasks/template.yml4
-rw-r--r--roles/ands_kaas/tasks/templates.yml2
-rw-r--r--roles/ands_kaas/tasks/volume.yml34
9 files changed, 79 insertions, 19 deletions
diff --git a/roles/ands_kaas/tasks/do_project.yml b/roles/ands_kaas/tasks/do_project.yml
index a876d94..4fac6c6 100644
--- a/roles/ands_kaas/tasks/do_project.yml
+++ b/roles/ands_kaas/tasks/do_project.yml
@@ -6,13 +6,15 @@
include_tasks: volume.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_dict: "{{ kaas_project_config.volumes | default(kaas_openshift_volumes) }}"
+ with_dict: "{{ kaas_project_volumes }}"
loop_control:
loop_var: osv
vars:
query: "[*].volumes.{{osv.value.volume}}.mount"
mntpath: "{{ (ands_storage_domains | json_query(query)) }}"
- path: "{{ mntpath[0] ~ (osv.value.path | default('')) }}"
+ osvpath: "{{ osv.value.path | default('') }}"
+ prefix: "{{ ( osvpath[:1] == '/' ) | ternary('', '/' ~ kaas_project ~ '/') }}"
+ path: "{{ mntpath[0] ~ prefix ~ osvpath }}"
name: "{{osv.key}}"
volume: "{{osv.value}}"
when: ( mntpath | length ) > 0
@@ -29,19 +31,19 @@
include_tasks: file.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_items: "{{ kaas_project_config.files | default(ands_openshift_files) }}"
+ with_items: "{{ kaas_project_config.files | default(kaas_openshift_files) | default([]) }}"
loop_control:
loop_var: file
vars:
pvar: "kaas_{{ file.osv }}_path"
path: "{{ hostvars[inventory_hostname][pvar] }}/{{ file.path }}"
- when: file.osv in ( kaas_project_config.volumes | default(kaas_openshift_volumes) )
+ when: file.osv in kaas_project_volumes
- name: Load OpenSSL keys
include_tasks: keys.yml
# delegate_to: "{{ groups.masters[0] }}"
run_once: true
- with_dict: "{{ kaas_project_config.pods }}"
+ with_dict: "{{ kaas_project_config.pods | default({}) }}"
loop_control:
loop_var: pod
@@ -57,5 +59,4 @@
run_once: true
when:
- kaas_project_config.oc is undefined
- - kaas_project_config.pods != {}
diff --git a/roles/ands_kaas/tasks/file.yml b/roles/ands_kaas/tasks/file.yml
index e6b2e8d..a839473 100644
--- a/roles/ands_kaas/tasks/file.yml
+++ b/roles/ands_kaas/tasks/file.yml
@@ -3,15 +3,15 @@
set_fact: group="{{ file.group | default(kaas_project_config.file_group | default(ands_default_file_group)) }}"
- name : Resolve project groups
- set_fact: group="{{ (kaas_project_config.gids | default(ands_openshift_gids))[group].id }}"
- when: group in ( kaas_project_config.gids | default(ands_openshift_gids) )
+ set_fact: group="{{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}"
+ when: group in ( kaas_project_config.gids | default(kaas_openshift_gids) )
- name: Set owner
set_fact: owner="{{ file.owner | default(kaas_project_config.file_owner | default(ands_default_file_owner)) }}"
- name : Resolve project uids
- set_fact: owner="{{ (kaas_project_config.uids | default(ands_openshift_uids) )[owner].id }}"
- when: owner in ( kaas_project_config.uids | default(ands_openshift_uids) )
+ set_fact: owner="{{ (kaas_project_config.uids | default(kaas_openshift_uids) )[owner].id }}"
+ when: owner in ( kaas_project_config.uids | default(kaas_openshift_uids) )
- name: "Setting up files in {{ path }}"
file:
diff --git a/roles/ands_kaas/tasks/main.yml b/roles/ands_kaas/tasks/main.yml
index 0931f80..85110cb 100644
--- a/roles/ands_kaas/tasks/main.yml
+++ b/roles/ands_kaas/tasks/main.yml
@@ -4,7 +4,7 @@
include_tasks: project.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_items: "{{ kaas_projects }}"
+ with_items: "{{ (kaas_single_project is defined) | ternary([kaas_single_project], kaas_projects) }}"
loop_control:
loop_var: kaas_project
vars:
diff --git a/roles/ands_kaas/tasks/project.yml b/roles/ands_kaas/tasks/project.yml
index 40b5180..f7eb1df 100644
--- a/roles/ands_kaas/tasks/project.yml
+++ b/roles/ands_kaas/tasks/project.yml
@@ -1,11 +1,15 @@
---
- name: Load global variables
include_vars: "{{kaas_project_path}}/vars/globals.yml"
- when: "'{{kaas_project_path}}/vars/globals.yml' | is_file"
+ when: path | is_file
+ vars:
+ path: "{{ kaas_project_path }}/vars/globals.yml"
- name: Load variables
include_vars: dir="{{kaas_project_path}}/vars" name="var_{{kaas_project}}_config"
- when: "'{{kaas_project_path}}/vars' | is_dir"
+ when: path | is_dir
+ vars:
+ path: "{{ kaas_project_path }}/vars"
- set_fact: "var_{{kaas_project}}_config={{var_empty}}"
vars:
@@ -24,4 +28,5 @@
- include_tasks: do_project.yml
vars:
var_name: "var_{{kaas_project}}_config"
- kaas_project_config: "{{hostvars[inventory_hostname][var_name]}}"
+ kaas_project_config: "{{ hostvars[inventory_hostname][var_name] }}"
+ kaas_project_volumes: "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}" \ No newline at end of file
diff --git a/roles/ands_kaas/tasks/search.yml b/roles/ands_kaas/tasks/search.yml
index 9844ee8..1cefb7d 100644
--- a/roles/ands_kaas/tasks/search.yml
+++ b/roles/ands_kaas/tasks/search.yml
@@ -12,5 +12,5 @@
local_path: "{{ osv_path }}"
remote_path: "{{ hostvars[inventory_hostname][pvar] }}"
when:
- - osv in (kaas_project_config.volumes | default(kaas_openshift_volumes))
+ - osv in kaas_project_volumes
- hostvars[inventory_hostname][pvar] is defined
diff --git a/roles/ands_kaas/tasks/sync.yml b/roles/ands_kaas/tasks/sync.yml
index 07764ca..a4febe7 100644
--- a/roles/ands_kaas/tasks/sync.yml
+++ b/roles/ands_kaas/tasks/sync.yml
@@ -4,5 +4,23 @@
register: result
- name: "Sync '{{ item_name }}'"
- local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes
- when: (result.stat.exists == False) or (kaas_resync | default(false))
+ local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes delete=yes
+ register: sync
+ when: (result.stat.exists == False) or (kaas_resync | default(false)) or (kaas_project_config.resync | default(false))
+
+- name: "Ensure the data is writeable by project pods"
+ vars:
+ grp: "{{ kaas_project_config.sync_set_gid }}"
+ gid: "{{ ((kaas_project_config.gids | default(kaas_openshift_gids))[grp] is defined) | ternary((kaas_project_config.gids | default(kaas_openshift_gids))[grp].id, grp) }}"
+ file:
+ path: "{{ remote_path }}"
+ state: "directory"
+ recurse: "yes"
+ mode: "g+w"
+ owner: "{{ kaas_project_config.sync_set_uid | default('root') }}"
+ group: "{{ gid }}"
+ register: chmod
+ when:
+ - sync | changed
+ - kaas_openshift_gid_ranges[kaas_project] is defined
+ - kaas_project_config.sync_set_gid | default(false)
diff --git a/roles/ands_kaas/tasks/template.yml b/roles/ands_kaas/tasks/template.yml
index 6a81dd7..6c90b3d 100644
--- a/roles/ands_kaas/tasks/template.yml
+++ b/roles/ands_kaas/tasks/template.yml
@@ -1,4 +1,4 @@
-- name: Populate template
+- name: "Populate template {{ tmpl_name }}"
template: src="{{ item }}" dest="{{ kaas_template_path }}/{{ item | basename | regex_replace('\.j2','') }}" owner=root group=root mode="0644"
register: result
with_first_found:
@@ -8,7 +8,7 @@
files:
- "{{ tmpl_name }}"
-- name: Configure KaaS resources
+- name: "Configure KaaS resources defined in {{ tmpl_name }}"
include_role: name="openshift_resource"
vars:
template: "{{ tmpl_name | basename | regex_replace('\\.j2','') }}"
diff --git a/roles/ands_kaas/tasks/templates.yml b/roles/ands_kaas/tasks/templates.yml
index e1612bc..2de4fad 100644
--- a/roles/ands_kaas/tasks/templates.yml
+++ b/roles/ands_kaas/tasks/templates.yml
@@ -4,10 +4,12 @@
command: "echo {{ item | quote }}"
register: results
changed_when: false
+ when: (kaas_project_config.pods | default([]) | length > 0) or not (item | regex_search('kaas-pods'))
with_fileglob:
- "{{ role_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
- "{{ kaas_project_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
+
#- debug: msg="{{ results }}"
- name: "Sort and execute KaaS templates"
diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml
index b82e55f..ff51fb0 100644
--- a/roles/ands_kaas/tasks/volume.yml
+++ b/roles/ands_kaas/tasks/volume.yml
@@ -6,6 +6,40 @@
file:
path: "{{ path }}"
state: "directory"
+ recurse: "no"
+ register: mkdir
+
+- name: "Ensure the {{ path }} is writeable by project pods"
+ vars:
+ default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}"
+ file:
+ path: "{{ path }}"
+ state: "directory"
+ recurse: "no"
+ mode: "{{ volume.mode | default(0775) }}"
+ owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}"
+ group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}"
+ register: chmod
+ when:
+ - mkdir | changed
+ - kaas_openshift_gid_ranges[kaas_project] is defined
+ - osvpath[:1] != "/"
+
+# There is no other way to write for users. There will be just two osv's one writeable and one not.
+# We may create a dir with the wrong one and have permissions not set
+# - volume.write | default(false)
+
+- name: "Setting default permissions for non standard locations"
+ file:
+ path: "{{ path }}"
+ state: "directory"
+ recurse: "no"
mode: "{{ volume.mode | default(0755) }}"
owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}"
group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}"
+ when:
+ - mkdir | changed
+ - chmod | skipped
+
+
+