Creating initial tsb role to consume and apply templates provided for tsb

author: Eric Wolinetz <ewolinet@redhat.com> 2017-08-25 14:25:20 -0500
committer: Eric Wolinetz <ewolinet@redhat.com> 2017-09-20 13:32:19 -0500
commit: dace5169e0b5066a027746dd6f28f0268248043f (patch)
tree: 01ca466b678176c61fdb31ffe56bb972910b9f24 /roles
parent: 4f5839e585a78243eae2d215176047299c52a1eb (diff)
download: openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.gz
openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.bz2
openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.xz
openshift-dace5169e0b5066a027746dd6f28f0268248043f.zip
14 files changed, 118 insertions, 12 deletions
diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml
index 12929b354..9eb9db316 100644
--- a/roles/ansible_service_broker/defaults/main.yml
+++ b/roles/ansible_service_broker/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
 
 ansible_service_broker_remove: false
+ansible_service_broker_install: false
 ansible_service_broker_log_level: info
 ansible_service_broker_output_request: false
 ansible_service_broker_recovery: true
diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml
index b46ce8233..d8695bd3a 100644
--- a/roles/ansible_service_broker/tasks/main.yml
+++ b/roles/ansible_service_broker/tasks/main.yml
@@ -2,7 +2,7 @@
 # do any asserts here
 
 - include: install.yml
-  when: not  ansible_service_broker_remove|default(false) | bool
+  when: ansible_service_broker_install | default(false) | bool
 
 - include: remove.yml
-  when: ansible_service_broker_remove|default(false) | bool
+  when: ansible_service_broker_remove | default(false) | bool
diff --git a/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js b/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js
index 16a307c06..d0a9f11dc 100644
--- a/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js
+++ b/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js
@@ -1 +1,2 @@
-window.OPENSHIFT_CONSTANTS.ENABLE_TECH_PREVIEW_FEATURE.service_catalog_landing_page = true;
+// empty file so that the master-config can still point to a file that exists
+// this file will be replaced by the template service broker role if enabled
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
index 746c73eaf..751275c91 100644
--- a/roles/openshift_service_catalog/tasks/install.yml
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -112,15 +112,6 @@
   when:
     - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['instances', 'bindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
 
-- shell: >
-    oc get policybindings/kube-system:default -n kube-system || echo "not found"
-  register: get_kube_system
-  changed_when: no
-
-- command: >
-    oc create policybinding kube-system -n kube-system
-  when: "'not found' in get_kube_system.stdout"
-
 - oc_adm_policy_user:
     namespace: kube-service-catalog
     resource_kind: scc
diff --git a/roles/template_service_broker/defaults/main.yml b/roles/template_service_broker/defaults/main.yml
new file mode 100644
index 000000000..fb407c4a2
--- /dev/null
+++ b/roles/template_service_broker/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+# placeholder file?
+template_service_broker_remove: False
+template_service_broker_install: False
diff --git a/roles/template_service_broker/files/openshift-ansible-catalog-console.js b/roles/template_service_broker/files/openshift-ansible-catalog-console.js
new file mode 100644
index 000000000..b3a3d3428
--- /dev/null
+++ b/roles/template_service_broker/files/openshift-ansible-catalog-console.js
@@ -0,0 +1 @@
+window.OPENSHIFT_CONSTANTS.ENABLE_TECH_PREVIEW_FEATURE.template_service_broker = true;
diff --git a/roles/template_service_broker/files/remove-openshift-ansible-catalog-console.js b/roles/template_service_broker/files/remove-openshift-ansible-catalog-console.js
new file mode 100644
index 000000000..d0a9f11dc
--- /dev/null
+++ b/roles/template_service_broker/files/remove-openshift-ansible-catalog-console.js
@@ -0,0 +1,2 @@
+// empty file so that the master-config can still point to a file that exists
+// this file will be replaced by the template service broker role if enabled
diff --git a/roles/template_service_broker/meta/main.yml b/roles/template_service_broker/meta/main.yml
new file mode 100644
index 000000000..ab5a0cf08
--- /dev/null
+++ b/roles/template_service_broker/meta/main.yml
@@ -0,0 +1,13 @@
+---
+galaxy_info:
+  author: OpenShift Red Hat
+  description: OpenShift Template Service Broker
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 2.1
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
diff --git a/roles/template_service_broker/tasks/install.yml b/roles/template_service_broker/tasks/install.yml
new file mode 100644
index 000000000..199df83c2
--- /dev/null
+++ b/roles/template_service_broker/tasks/install.yml
@@ -0,0 +1,47 @@
+---
+# Fact setting
+- name: Set default image variables based on deployment type
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+    - "default_images.yml"
+
+- name: set ansible_service_broker facts
+  set_fact:
+    template_service_broker_image: "{{ template_service_broker_image | default(__template_service_broker_image) }}"
+
+- oc_project:
+    name: openshift-template-service-broker
+    state: present
+
+- command: mktemp -d /tmp/tsb-ansible-XXXXXX
+  register: mktemp
+  changed_when: False
+  become: no
+
+- copy:
+    src: "{{ __tsb_files_location }}/{{ item }}"
+    dest: "{{ mktemp.stdout }}/{{ item }}"
+  with_items:
+    - "{{ __tsb_template_file }}"
+    - "{{ __tsb_rbac_file }}"
+
+- name: Apply template file
+  shell: >
+    oc process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" --param API_SERVER_CONFIG="{{ lookup('file', __tsb_files_location ~ '/' ~ __tsb_config_file) }}" | kubectl apply -f -
+
+# reconcile with rbac
+- name: Reconcile with RBAC file
+  shell: >
+    oc process -f "{{ mktemp.stdout }}/{{ __tsb_rbac_file }}" | oc auth reconcile -f -
+
+- name: copy tech preview extension file for service console UI
+  copy:
+    src: openshift-ansible-catalog-console.js
+    dest: /etc/origin/master/openshift-ansible-catalog-console.js
+
+- file:
+    state: absent
+    name: "{{ mktemp.stdout }}"
+  changed_when: False
+  become: no
diff --git a/roles/template_service_broker/tasks/main.yml b/roles/template_service_broker/tasks/main.yml
new file mode 100644
index 000000000..d7ca970c7
--- /dev/null
+++ b/roles/template_service_broker/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+  when: template_service_broker_install | default(false) | bool
+
+- include: remove.yml
+  when: template_service_broker_remove | default(false) | bool
diff --git a/roles/template_service_broker/tasks/remove.yml b/roles/template_service_broker/tasks/remove.yml
new file mode 100644
index 000000000..207dd9bdb
--- /dev/null
+++ b/roles/template_service_broker/tasks/remove.yml
@@ -0,0 +1,28 @@
+---
+- command: mktemp -d /tmp/tsb-ansible-XXXXXX
+  register: mktemp
+  changed_when: False
+  become: no
+
+- copy:
+    src: "{{ __tsb_files_location }}/{{ item }}"
+    dest: "{{ mktemp.stdout }}/{{ __tsb_template_file }}"
+
+- name: Delete TSB objects
+  shell: >
+    oc process -f "{{ __tsb_files_location }}/{{ __tsb_template_file }}" | kubectl delete -f -
+
+- name: empty out tech preview extension file for service console UI
+  copy:
+    src: remove-openshift-ansible-catalog-console.js
+    dest: /etc/origin/master/openshift-ansible-catalog-console.js
+
+- oc_project:
+    name: openshift-template-service-broker
+    state: absent
+
+- file:
+    state: absent
+    name: "{{ mktemp.stdout }}"
+  changed_when: False
+  become: no
diff --git a/roles/template_service_broker/vars/default_images.yml b/roles/template_service_broker/vars/default_images.yml
new file mode 100644
index 000000000..807f2822c
--- /dev/null
+++ b/roles/template_service_broker/vars/default_images.yml
@@ -0,0 +1,2 @@
+---
+__template_service_broker_image: ""
diff --git a/roles/template_service_broker/vars/main.yml b/roles/template_service_broker/vars/main.yml
new file mode 100644
index 000000000..372ab8f6f
--- /dev/null
+++ b/roles/template_service_broker/vars/main.yml
@@ -0,0 +1,6 @@
+---
+__tsb_files_location: "../../../files/origin-components/"
+
+__tsb_template_file: "apiserver-template.yaml"
+__tsb_config_file: "apiserver-config.yaml"
+__tsb_rbac_file: "rbac-template.yaml"
diff --git a/roles/template_service_broker/vars/openshift-enterprise.yml b/roles/template_service_broker/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..807f2822c
--- /dev/null
+++ b/roles/template_service_broker/vars/openshift-enterprise.yml
@@ -0,0 +1,2 @@
+---
+__template_service_broker_image: ""
author	Eric Wolinetz <ewolinet@redhat.com>	2017-08-25 14:25:20 -0500
committer	Eric Wolinetz <ewolinet@redhat.com>	2017-09-20 13:32:19 -0500
commit	dace5169e0b5066a027746dd6f28f0268248043f (patch)
tree	01ca466b678176c61fdb31ffe56bb972910b9f24 /roles
parent	4f5839e585a78243eae2d215176047299c52a1eb (diff)
download	openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.gz openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.bz2 openshift-dace5169e0b5066a027746dd6f28f0268248043f.tar.xz openshift-dace5169e0b5066a027746dd6f28f0268248043f.zip