diff options
Diffstat (limited to 'roles')
97 files changed, 4607 insertions, 222 deletions
| diff --git a/roles/lib_openshift/library/oadm_manage_node.py b/roles/lib_openshift/library/oadm_manage_node.py index a45b3181b..ced04bf3d 100644 --- a/roles/lib_openshift/library/oadm_manage_node.py +++ b/roles/lib_openshift/library/oadm_manage_node.py @@ -769,6 +769,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -782,6 +808,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -983,11 +1010,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1003,7 +1029,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_adm_ca_server_cert.py b/roles/lib_openshift/library/oc_adm_ca_server_cert.py new file mode 100644 index 000000000..0b4a019f3 --- /dev/null +++ b/roles/lib_openshift/library/oc_adm_ca_server_cert.py @@ -0,0 +1,1544 @@ +#!/usr/bin/env python +# pylint: disable=missing-docstring +# flake8: noqa: T001 +#     ___ ___ _  _ ___ ___    _ _____ ___ ___ +#    / __| __| \| | __| _ \  /_\_   _| __|   \ +#   | (_ | _|| .` | _||   / / _ \| | | _|| |) | +#    \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____ +#   |   \ / _ \  | \| |/ _ \_   _| | __|   \_ _|_   _| +#   | |) | (_) | | .` | (_) || |   | _|| |) | |  | | +#   |___/ \___/  |_|\_|\___/ |_|   |___|___/___| |_| +# +# Copyright 2016 Red Hat, Inc. and/or its affiliates +# and other contributors as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +#    http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# -*- -*- -*- Begin included fragment: lib/import.py -*- -*- -*- +''' +   OpenShiftCLI class that wraps the oc commands in a subprocess +''' +# pylint: disable=too-many-lines + +from __future__ import print_function +import atexit +import copy +import json +import os +import re +import shutil +import subprocess +import tempfile +# pylint: disable=import-error +try: +    import ruamel.yaml as yaml +except ImportError: +    import yaml + +from ansible.module_utils.basic import AnsibleModule + +# -*- -*- -*- End included fragment: lib/import.py -*- -*- -*- + +# -*- -*- -*- Begin included fragment: doc/ca_server_cert -*- -*- -*- + +DOCUMENTATION = ''' +--- +module: oc_adm_ca_server_cert +short_description: Module to run openshift oc adm ca create-server-cert +description: +  - Wrapper around the openshift `oc adm ca create-server-cert` command. +options: +  state: +    description: +    - Present is the only supported state.  The state present means that `oc adm ca` will generate a certificate +    - and verify if the hostnames and the ClusterIP exists in the certificate. +    - When create-server-cert is desired then the following parameters are passed. +    - ['cert', 'key', 'signer_cert', 'signer_key', 'signer_serial'] +    required: false +    default: present +    choices:  +    - present +    aliases: [] +  kubeconfig: +    description: +    - The path for the kubeconfig file to use for authentication +    required: false +    default: /etc/origin/master/admin.kubeconfig +    aliases: [] +  debug: +    description: +    - Turn on debug output. +    required: false +    default: False +    aliases: [] +  cert: +    description: +    - The certificate file. Choose a name that indicates what the service is. +    required: false +    default: None +    aliases: [] +  key: +    description: +    - The key file. Choose a name that indicates what the service is. +    required: false +    default: None +    aliases: [] +  force: +    description: +    - Force updating of the existing cert and key files +    required: false +    default: False +    aliases: [] +  signer_cert: +    description: +    - The signer certificate file. +    required: false +    default: /etc/origin/master/ca.crt +    aliases: [] +  signer_key: +    description: +    - The signer key file. +    required: false +    default: /etc/origin/master/ca.key +    aliases: [] +  signer_serial: +    description: +    - The signer serial file. +    required: false +    default: /etc/origin/master/ca.serial.txt +    aliases: [] +  hostnames: +    description: +    - Every hostname or IP that server certs should be valid for +    required: false +    default: [] +    aliases: [] +  backup: +    description: +    - Whether to backup the cert and key files before writing them. +    required: false +    default: True +    aliases: [] +author: +- "Kenny Woodson <kwoodson@redhat.com>" +extends_documentation_fragment: [] +''' + +EXAMPLES = ''' +- name: Create a self-signed cert +  oc_adm_ca_server_cert: +    signer_cert: /etc/origin/master/ca.crt +    signer_key: /etc/origin/master/ca.key +    signer_serial: /etc/origin/master/ca.serial.txt +    hostnames: "registry.test.openshift.com,127.0.0.1,docker-registry.default.svc.cluster.local" +    cert: /etc/origin/master/registry.crt +    key: /etc/origin/master/registry.key +''' + +# -*- -*- -*- End included fragment: doc/ca_server_cert -*- -*- -*- + +# -*- -*- -*- Begin included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*- +# pylint: disable=undefined-variable,missing-docstring +# noqa: E301,E302 + + +class YeditException(Exception): +    ''' Exception class for Yedit ''' +    pass + + +# pylint: disable=too-many-public-methods +class Yedit(object): +    ''' Class to modify yaml files ''' +    re_valid_key = r"(((\[-?\d+\])|([0-9a-zA-Z%s/_-]+)).?)+$" +    re_key = r"(?:\[(-?\d+)\])|([0-9a-zA-Z%s/_-]+)" +    com_sep = set(['.', '#', '|', ':']) + +    # pylint: disable=too-many-arguments +    def __init__(self, +                 filename=None, +                 content=None, +                 content_type='yaml', +                 separator='.', +                 backup=False): +        self.content = content +        self._separator = separator +        self.filename = filename +        self.__yaml_dict = content +        self.content_type = content_type +        self.backup = backup +        self.load(content_type=self.content_type) +        if self.__yaml_dict is None: +            self.__yaml_dict = {} + +    @property +    def separator(self): +        ''' getter method for yaml_dict ''' +        return self._separator + +    @separator.setter +    def separator(self): +        ''' getter method for yaml_dict ''' +        return self._separator + +    @property +    def yaml_dict(self): +        ''' getter method for yaml_dict ''' +        return self.__yaml_dict + +    @yaml_dict.setter +    def yaml_dict(self, value): +        ''' setter method for yaml_dict ''' +        self.__yaml_dict = value + +    @staticmethod +    def parse_key(key, sep='.'): +        '''parse the key allowing the appropriate separator''' +        common_separators = list(Yedit.com_sep - set([sep])) +        return re.findall(Yedit.re_key % ''.join(common_separators), key) + +    @staticmethod +    def valid_key(key, sep='.'): +        '''validate the incoming key''' +        common_separators = list(Yedit.com_sep - set([sep])) +        if not re.match(Yedit.re_valid_key % ''.join(common_separators), key): +            return False + +        return True + +    @staticmethod +    def remove_entry(data, key, sep='.'): +        ''' remove data at location key ''' +        if key == '' and isinstance(data, dict): +            data.clear() +            return True +        elif key == '' and isinstance(data, list): +            del data[:] +            return True + +        if not (key and Yedit.valid_key(key, sep)) and \ +           isinstance(data, (list, dict)): +            return None + +        key_indexes = Yedit.parse_key(key, sep) +        for arr_ind, dict_key in key_indexes[:-1]: +            if dict_key and isinstance(data, dict): +                data = data.get(dict_key, None) +            elif (arr_ind and isinstance(data, list) and +                  int(arr_ind) <= len(data) - 1): +                data = data[int(arr_ind)] +            else: +                return None + +        # process last index for remove +        # expected list entry +        if key_indexes[-1][0]: +            if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501 +                del data[int(key_indexes[-1][0])] +                return True + +        # expected dict entry +        elif key_indexes[-1][1]: +            if isinstance(data, dict): +                del data[key_indexes[-1][1]] +                return True + +    @staticmethod +    def add_entry(data, key, item=None, sep='.'): +        ''' Get an item from a dictionary with key notation a.b.c +            d = {'a': {'b': 'c'}}} +            key = a#b +            return c +        ''' +        if key == '': +            pass +        elif (not (key and Yedit.valid_key(key, sep)) and +              isinstance(data, (list, dict))): +            return None + +        key_indexes = Yedit.parse_key(key, sep) +        for arr_ind, dict_key in key_indexes[:-1]: +            if dict_key: +                if isinstance(data, dict) and dict_key in data and data[dict_key]:  # noqa: E501 +                    data = data[dict_key] +                    continue + +                elif data and not isinstance(data, dict): +                    return None + +                data[dict_key] = {} +                data = data[dict_key] + +            elif (arr_ind and isinstance(data, list) and +                  int(arr_ind) <= len(data) - 1): +                data = data[int(arr_ind)] +            else: +                return None + +        if key == '': +            data = item + +        # process last index for add +        # expected list entry +        elif key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1:  # noqa: E501 +            data[int(key_indexes[-1][0])] = item + +        # expected dict entry +        elif key_indexes[-1][1] and isinstance(data, dict): +            data[key_indexes[-1][1]] = item + +        return data + +    @staticmethod +    def get_entry(data, key, sep='.'): +        ''' Get an item from a dictionary with key notation a.b.c +            d = {'a': {'b': 'c'}}} +            key = a.b +            return c +        ''' +        if key == '': +            pass +        elif (not (key and Yedit.valid_key(key, sep)) and +              isinstance(data, (list, dict))): +            return None + +        key_indexes = Yedit.parse_key(key, sep) +        for arr_ind, dict_key in key_indexes: +            if dict_key and isinstance(data, dict): +                data = data.get(dict_key, None) +            elif (arr_ind and isinstance(data, list) and +                  int(arr_ind) <= len(data) - 1): +                data = data[int(arr_ind)] +            else: +                return None + +        return data + +    @staticmethod +    def _write(filename, contents): +        ''' Actually write the file contents to disk. This helps with mocking. ''' + +        tmp_filename = filename + '.yedit' + +        with open(tmp_filename, 'w') as yfd: +            yfd.write(contents) + +        os.rename(tmp_filename, filename) + +    def write(self): +        ''' write to file ''' +        if not self.filename: +            raise YeditException('Please specify a filename.') + +        if self.backup and self.file_exists(): +            shutil.copy(self.filename, self.filename + '.orig') + +        # Try to set format attributes if supported +        try: +            self.yaml_dict.fa.set_block_style() +        except AttributeError: +            pass + +        # Try to use RoundTripDumper if supported. +        try: +            Yedit._write(self.filename, yaml.dump(self.yaml_dict, Dumper=yaml.RoundTripDumper)) +        except AttributeError: +            Yedit._write(self.filename, yaml.safe_dump(self.yaml_dict, default_flow_style=False)) + +        return (True, self.yaml_dict) + +    def read(self): +        ''' read from file ''' +        # check if it exists +        if self.filename is None or not self.file_exists(): +            return None + +        contents = None +        with open(self.filename) as yfd: +            contents = yfd.read() + +        return contents + +    def file_exists(self): +        ''' return whether file exists ''' +        if os.path.exists(self.filename): +            return True + +        return False + +    def load(self, content_type='yaml'): +        ''' return yaml file ''' +        contents = self.read() + +        if not contents and not self.content: +            return None + +        if self.content: +            if isinstance(self.content, dict): +                self.yaml_dict = self.content +                return self.yaml_dict +            elif isinstance(self.content, str): +                contents = self.content + +        # check if it is yaml +        try: +            if content_type == 'yaml' and contents: +                # Try to set format attributes if supported +                try: +                    self.yaml_dict.fa.set_block_style() +                except AttributeError: +                    pass + +                # Try to use RoundTripLoader if supported. +                try: +                    self.yaml_dict = yaml.safe_load(contents, yaml.RoundTripLoader) +                except AttributeError: +                    self.yaml_dict = yaml.safe_load(contents) + +                # Try to set format attributes if supported +                try: +                    self.yaml_dict.fa.set_block_style() +                except AttributeError: +                    pass + +            elif content_type == 'json' and contents: +                self.yaml_dict = json.loads(contents) +        except yaml.YAMLError as err: +            # Error loading yaml or json +            raise YeditException('Problem with loading yaml file. %s' % err) + +        return self.yaml_dict + +    def get(self, key): +        ''' get a specified key''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, key, self.separator) +        except KeyError: +            entry = None + +        return entry + +    def pop(self, path, key_or_item): +        ''' remove a key, value pair from a dict or an item for a list''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if entry is None: +            return (False, self.yaml_dict) + +        if isinstance(entry, dict): +            # AUDIT:maybe-no-member makes sense due to fuzzy types +            # pylint: disable=maybe-no-member +            if key_or_item in entry: +                entry.pop(key_or_item) +                return (True, self.yaml_dict) +            return (False, self.yaml_dict) + +        elif isinstance(entry, list): +            # AUDIT:maybe-no-member makes sense due to fuzzy types +            # pylint: disable=maybe-no-member +            ind = None +            try: +                ind = entry.index(key_or_item) +            except ValueError: +                return (False, self.yaml_dict) + +            entry.pop(ind) +            return (True, self.yaml_dict) + +        return (False, self.yaml_dict) + +    def delete(self, path): +        ''' remove path from a dict''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if entry is None: +            return (False, self.yaml_dict) + +        result = Yedit.remove_entry(self.yaml_dict, path, self.separator) +        if not result: +            return (False, self.yaml_dict) + +        return (True, self.yaml_dict) + +    def exists(self, path, value): +        ''' check if value exists at path''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if isinstance(entry, list): +            if value in entry: +                return True +            return False + +        elif isinstance(entry, dict): +            if isinstance(value, dict): +                rval = False +                for key, val in value.items(): +                    if entry[key] != val: +                        rval = False +                        break +                else: +                    rval = True +                return rval + +            return value in entry + +        return entry == value + +    def append(self, path, value): +        '''append value to a list''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if entry is None: +            self.put(path, []) +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        if not isinstance(entry, list): +            return (False, self.yaml_dict) + +        # AUDIT:maybe-no-member makes sense due to loading data from +        # a serialized format. +        # pylint: disable=maybe-no-member +        entry.append(value) +        return (True, self.yaml_dict) + +    # pylint: disable=too-many-arguments +    def update(self, path, value, index=None, curr_value=None): +        ''' put path, value into a dict ''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if isinstance(entry, dict): +            # AUDIT:maybe-no-member makes sense due to fuzzy types +            # pylint: disable=maybe-no-member +            if not isinstance(value, dict): +                raise YeditException('Cannot replace key, value entry in ' + +                                     'dict with non-dict type. value=[%s] [%s]' % (value, type(value)))  # noqa: E501 + +            entry.update(value) +            return (True, self.yaml_dict) + +        elif isinstance(entry, list): +            # AUDIT:maybe-no-member makes sense due to fuzzy types +            # pylint: disable=maybe-no-member +            ind = None +            if curr_value: +                try: +                    ind = entry.index(curr_value) +                except ValueError: +                    return (False, self.yaml_dict) + +            elif index is not None: +                ind = index + +            if ind is not None and entry[ind] != value: +                entry[ind] = value +                return (True, self.yaml_dict) + +            # see if it exists in the list +            try: +                ind = entry.index(value) +            except ValueError: +                # doesn't exist, append it +                entry.append(value) +                return (True, self.yaml_dict) + +            # already exists, return +            if ind is not None: +                return (False, self.yaml_dict) +        return (False, self.yaml_dict) + +    def put(self, path, value): +        ''' put path, value into a dict ''' +        try: +            entry = Yedit.get_entry(self.yaml_dict, path, self.separator) +        except KeyError: +            entry = None + +        if entry == value: +            return (False, self.yaml_dict) + +        # deepcopy didn't work +        # Try to use ruamel.yaml and fallback to pyyaml +        try: +            tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict, +                                                      default_flow_style=False), +                                 yaml.RoundTripLoader) +        except AttributeError: +            tmp_copy = copy.deepcopy(self.yaml_dict) + +        # set the format attributes if available +        try: +            tmp_copy.fa.set_block_style() +        except AttributeError: +            pass + +        result = Yedit.add_entry(tmp_copy, path, value, self.separator) +        if not result: +            return (False, self.yaml_dict) + +        self.yaml_dict = tmp_copy + +        return (True, self.yaml_dict) + +    def create(self, path, value): +        ''' create a yaml file ''' +        if not self.file_exists(): +            # deepcopy didn't work +            # Try to use ruamel.yaml and fallback to pyyaml +            try: +                tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict, +                                                          default_flow_style=False), +                                     yaml.RoundTripLoader) +            except AttributeError: +                tmp_copy = copy.deepcopy(self.yaml_dict) + +            # set the format attributes if available +            try: +                tmp_copy.fa.set_block_style() +            except AttributeError: +                pass + +            result = Yedit.add_entry(tmp_copy, path, value, self.separator) +            if result: +                self.yaml_dict = tmp_copy +                return (True, self.yaml_dict) + +        return (False, self.yaml_dict) + +    @staticmethod +    def get_curr_value(invalue, val_type): +        '''return the current value''' +        if invalue is None: +            return None + +        curr_value = invalue +        if val_type == 'yaml': +            curr_value = yaml.load(invalue) +        elif val_type == 'json': +            curr_value = json.loads(invalue) + +        return curr_value + +    @staticmethod +    def parse_value(inc_value, vtype=''): +        '''determine value type passed''' +        true_bools = ['y', 'Y', 'yes', 'Yes', 'YES', 'true', 'True', 'TRUE', +                      'on', 'On', 'ON', ] +        false_bools = ['n', 'N', 'no', 'No', 'NO', 'false', 'False', 'FALSE', +                       'off', 'Off', 'OFF'] + +        # It came in as a string but you didn't specify value_type as string +        # we will convert to bool if it matches any of the above cases +        if isinstance(inc_value, str) and 'bool' in vtype: +            if inc_value not in true_bools and inc_value not in false_bools: +                raise YeditException('Not a boolean type. str=[%s] vtype=[%s]' +                                     % (inc_value, vtype)) +        elif isinstance(inc_value, bool) and 'str' in vtype: +            inc_value = str(inc_value) + +        # If vtype is not str then go ahead and attempt to yaml load it. +        if isinstance(inc_value, str) and 'str' not in vtype: +            try: +                inc_value = yaml.load(inc_value) +            except Exception: +                raise YeditException('Could not determine type of incoming ' + +                                     'value. value=[%s] vtype=[%s]' +                                     % (type(inc_value), vtype)) + +        return inc_value + +    # pylint: disable=too-many-return-statements,too-many-branches +    @staticmethod +    def run_ansible(module): +        '''perform the idempotent crud operations''' +        yamlfile = Yedit(filename=module.params['src'], +                         backup=module.params['backup'], +                         separator=module.params['separator']) + +        if module.params['src']: +            rval = yamlfile.load() + +            if yamlfile.yaml_dict is None and \ +               module.params['state'] != 'present': +                return {'failed': True, +                        'msg': 'Error opening file [%s].  Verify that the ' + +                               'file exists, that it is has correct' + +                               ' permissions, and is valid yaml.'} + +        if module.params['state'] == 'list': +            if module.params['content']: +                content = Yedit.parse_value(module.params['content'], +                                            module.params['content_type']) +                yamlfile.yaml_dict = content + +            if module.params['key']: +                rval = yamlfile.get(module.params['key']) or {} + +            return {'changed': False, 'result': rval, 'state': "list"} + +        elif module.params['state'] == 'absent': +            if module.params['content']: +                content = Yedit.parse_value(module.params['content'], +                                            module.params['content_type']) +                yamlfile.yaml_dict = content + +            if module.params['update']: +                rval = yamlfile.pop(module.params['key'], +                                    module.params['value']) +            else: +                rval = yamlfile.delete(module.params['key']) + +            if rval[0] and module.params['src']: +                yamlfile.write() + +            return {'changed': rval[0], 'result': rval[1], 'state': "absent"} + +        elif module.params['state'] == 'present': +            # check if content is different than what is in the file +            if module.params['content']: +                content = Yedit.parse_value(module.params['content'], +                                            module.params['content_type']) + +                # We had no edits to make and the contents are the same +                if yamlfile.yaml_dict == content and \ +                   module.params['value'] is None: +                    return {'changed': False, +                            'result': yamlfile.yaml_dict, +                            'state': "present"} + +                yamlfile.yaml_dict = content + +            # we were passed a value; parse it +            if module.params['value']: +                value = Yedit.parse_value(module.params['value'], +                                          module.params['value_type']) +                key = module.params['key'] +                if module.params['update']: +                    # pylint: disable=line-too-long +                    curr_value = Yedit.get_curr_value(Yedit.parse_value(module.params['curr_value']),  # noqa: E501 +                                                      module.params['curr_value_format'])  # noqa: E501 + +                    rval = yamlfile.update(key, value, module.params['index'], curr_value)  # noqa: E501 + +                elif module.params['append']: +                    rval = yamlfile.append(key, value) +                else: +                    rval = yamlfile.put(key, value) + +                if rval[0] and module.params['src']: +                    yamlfile.write() + +                return {'changed': rval[0], +                        'result': rval[1], 'state': "present"} + +            # no edits to make +            if module.params['src']: +                # pylint: disable=redefined-variable-type +                rval = yamlfile.write() +                return {'changed': rval[0], +                        'result': rval[1], +                        'state': "present"} + +        return {'failed': True, 'msg': 'Unkown state passed'} + +# -*- -*- -*- End included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*- + +# -*- -*- -*- Begin included fragment: lib/base.py -*- -*- -*- +# pylint: disable=too-many-lines +# noqa: E301,E302,E303,T001 + + +class OpenShiftCLIError(Exception): +    '''Exception class for openshiftcli''' +    pass + + +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + + +# pylint: disable=too-few-public-methods +class OpenShiftCLI(object): +    ''' Class to wrap the command line tools ''' +    def __init__(self, +                 namespace, +                 kubeconfig='/etc/origin/master/admin.kubeconfig', +                 verbose=False, +                 all_namespaces=False): +        ''' Constructor for OpenshiftCLI ''' +        self.namespace = namespace +        self.verbose = verbose +        self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig) +        self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary() + +    # Pylint allows only 5 arguments to be passed. +    # pylint: disable=too-many-arguments +    def _replace_content(self, resource, rname, content, force=False, sep='.'): +        ''' replace the current object with the content ''' +        res = self._get(resource, rname) +        if not res['results']: +            return res + +        fname = Utils.create_tmpfile(rname + '-') + +        yed = Yedit(fname, res['results'][0], separator=sep) +        changes = [] +        for key, value in content.items(): +            changes.append(yed.put(key, value)) + +        if any([change[0] for change in changes]): +            yed.write() + +            atexit.register(Utils.cleanup, [fname]) + +            return self._replace(fname, force) + +        return {'returncode': 0, 'updated': False} + +    def _replace(self, fname, force=False): +        '''replace the current object with oc replace''' +        cmd = ['replace', '-f', fname] +        if force: +            cmd.append('--force') +        return self.openshift_cmd(cmd) + +    def _create_from_content(self, rname, content): +        '''create a temporary file and then call oc create on it''' +        fname = Utils.create_tmpfile(rname + '-') +        yed = Yedit(fname, content=content) +        yed.write() + +        atexit.register(Utils.cleanup, [fname]) + +        return self._create(fname) + +    def _create(self, fname): +        '''call oc create on a filename''' +        return self.openshift_cmd(['create', '-f', fname]) + +    def _delete(self, resource, rname, selector=None): +        '''call oc delete on a resource''' +        cmd = ['delete', resource, rname] +        if selector: +            cmd.append('--selector=%s' % selector) + +        return self.openshift_cmd(cmd) + +    def _process(self, template_name, create=False, params=None, template_data=None):  # noqa: E501 +        '''process a template + +           template_name: the name of the template to process +           create: whether to send to oc create after processing +           params: the parameters for the template +           template_data: the incoming template's data; instead of a file +        ''' +        cmd = ['process'] +        if template_data: +            cmd.extend(['-f', '-']) +        else: +            cmd.append(template_name) +        if params: +            param_str = ["%s=%s" % (key, value) for key, value in params.items()] +            cmd.append('-v') +            cmd.extend(param_str) + +        results = self.openshift_cmd(cmd, output=True, input_data=template_data) + +        if results['returncode'] != 0 or not create: +            return results + +        fname = Utils.create_tmpfile(template_name + '-') +        yed = Yedit(fname, results['results']) +        yed.write() + +        atexit.register(Utils.cleanup, [fname]) + +        return self.openshift_cmd(['create', '-f', fname]) + +    def _get(self, resource, rname=None, selector=None): +        '''return a resource by name ''' +        cmd = ['get', resource] +        if selector: +            cmd.append('--selector=%s' % selector) +        elif rname: +            cmd.append(rname) + +        cmd.extend(['-o', 'json']) + +        rval = self.openshift_cmd(cmd, output=True) + +        # Ensure results are retuned in an array +        if 'items' in rval: +            rval['results'] = rval['items'] +        elif not isinstance(rval['results'], list): +            rval['results'] = [rval['results']] + +        return rval + +    def _schedulable(self, node=None, selector=None, schedulable=True): +        ''' perform oadm manage-node scheduable ''' +        cmd = ['manage-node'] +        if node: +            cmd.extend(node) +        else: +            cmd.append('--selector=%s' % selector) + +        cmd.append('--schedulable=%s' % schedulable) + +        return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw')  # noqa: E501 + +    def _list_pods(self, node=None, selector=None, pod_selector=None): +        ''' perform oadm list pods + +            node: the node in which to list pods +            selector: the label selector filter if provided +            pod_selector: the pod selector filter if provided +        ''' +        cmd = ['manage-node'] +        if node: +            cmd.extend(node) +        else: +            cmd.append('--selector=%s' % selector) + +        if pod_selector: +            cmd.append('--pod-selector=%s' % pod_selector) + +        cmd.extend(['--list-pods', '-o', 'json']) + +        return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw') + +    # pylint: disable=too-many-arguments +    def _evacuate(self, node=None, selector=None, pod_selector=None, dry_run=False, grace_period=None, force=False): +        ''' perform oadm manage-node evacuate ''' +        cmd = ['manage-node'] +        if node: +            cmd.extend(node) +        else: +            cmd.append('--selector=%s' % selector) + +        if dry_run: +            cmd.append('--dry-run') + +        if pod_selector: +            cmd.append('--pod-selector=%s' % pod_selector) + +        if grace_period: +            cmd.append('--grace-period=%s' % int(grace_period)) + +        if force: +            cmd.append('--force') + +        cmd.append('--evacuate') + +        return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw') + +    def _version(self): +        ''' return the openshift version''' +        return self.openshift_cmd(['version'], output=True, output_type='raw') + +    def _import_image(self, url=None, name=None, tag=None): +        ''' perform image import ''' +        cmd = ['import-image'] + +        image = '{0}'.format(name) +        if tag: +            image += ':{0}'.format(tag) + +        cmd.append(image) + +        if url: +            cmd.append('--from={0}/{1}'.format(url, image)) + +        cmd.append('-n{0}'.format(self.namespace)) + +        cmd.append('--confirm') +        return self.openshift_cmd(cmd) + +    def _run(self, cmds, input_data): +        ''' Actually executes the command. This makes mocking easier. ''' +        curr_env = os.environ.copy() +        curr_env.update({'KUBECONFIG': self.kubeconfig}) +        proc = subprocess.Popen(cmds, +                                stdin=subprocess.PIPE, +                                stdout=subprocess.PIPE, +                                stderr=subprocess.PIPE, +                                env=curr_env) + +        stdout, stderr = proc.communicate(input_data) + +        return proc.returncode, stdout.decode(), stderr.decode() + +    # pylint: disable=too-many-arguments,too-many-branches +    def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None): +        '''Base command for oc ''' +        cmds = [self.oc_binary] + +        if oadm: +            cmds.append('adm') + +        if self.all_namespaces: +            cmds.extend(['--all-namespaces']) +        elif self.namespace is not None and self.namespace.lower() not in ['none', 'emtpy']:  # E501 +            cmds.extend(['-n', self.namespace]) + +        cmds.extend(cmd) + +        rval = {} +        results = '' +        err = None + +        if self.verbose: +            print(' '.join(cmds)) + +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex) + +        rval = {"returncode": returncode, +                "results": results, +                "cmd": ' '.join(cmds)} + +        if returncode == 0: +            if output: +                if output_type == 'json': +                    try: +                        rval['results'] = json.loads(stdout) +                    except ValueError as err: +                        if "No JSON object could be decoded" in err.args: +                            err = err.args +                elif output_type == 'raw': +                    rval['results'] = stdout + +            if self.verbose: +                print("STDOUT: {0}".format(stdout)) +                print("STDERR: {0}".format(stderr)) + +            if err: +                rval.update({"err": err, +                             "stderr": stderr, +                             "stdout": stdout, +                             "cmd": cmds}) + +        else: +            rval.update({"stderr": stderr, +                         "stdout": stdout, +                         "results": {}}) + +        return rval + + +class Utils(object): +    ''' utilities for openshiftcli modules ''' + +    @staticmethod +    def _write(filename, contents): +        ''' Actually write the file contents to disk. This helps with mocking. ''' + +        with open(filename, 'w') as sfd: +            sfd.write(contents) + +    @staticmethod +    def create_tmp_file_from_contents(rname, data, ftype='yaml'): +        ''' create a file in tmp with name and contents''' + +        tmp = Utils.create_tmpfile(prefix=rname) + +        if ftype == 'yaml': +            # AUDIT:no-member makes sense here due to ruamel.YAML/PyYAML usage +            # pylint: disable=no-member +            if hasattr(yaml, 'RoundTripDumper'): +                Utils._write(tmp, yaml.dump(data, Dumper=yaml.RoundTripDumper)) +            else: +                Utils._write(tmp, yaml.safe_dump(data, default_flow_style=False)) + +        elif ftype == 'json': +            Utils._write(tmp, json.dumps(data)) +        else: +            Utils._write(tmp, data) + +        # Register cleanup when module is done +        atexit.register(Utils.cleanup, [tmp]) +        return tmp + +    @staticmethod +    def create_tmpfile_copy(inc_file): +        '''create a temporary copy of a file''' +        tmpfile = Utils.create_tmpfile('lib_openshift-') +        Utils._write(tmpfile, open(inc_file).read()) + +        # Cleanup the tmpfile +        atexit.register(Utils.cleanup, [tmpfile]) + +        return tmpfile + +    @staticmethod +    def create_tmpfile(prefix='tmp'): +        ''' Generates and returns a temporary file name ''' + +        with tempfile.NamedTemporaryFile(prefix=prefix, delete=False) as tmp: +            return tmp.name + +    @staticmethod +    def create_tmp_files_from_contents(content, content_type=None): +        '''Turn an array of dict: filename, content into a files array''' +        if not isinstance(content, list): +            content = [content] +        files = [] +        for item in content: +            path = Utils.create_tmp_file_from_contents(item['path'] + '-', +                                                       item['data'], +                                                       ftype=content_type) +            files.append({'name': os.path.basename(item['path']), +                          'path': path}) +        return files + +    @staticmethod +    def cleanup(files): +        '''Clean up on exit ''' +        for sfile in files: +            if os.path.exists(sfile): +                if os.path.isdir(sfile): +                    shutil.rmtree(sfile) +                elif os.path.isfile(sfile): +                    os.remove(sfile) + +    @staticmethod +    def exists(results, _name): +        ''' Check to see if the results include the name ''' +        if not results: +            return False + +        if Utils.find_result(results, _name): +            return True + +        return False + +    @staticmethod +    def find_result(results, _name): +        ''' Find the specified result by name''' +        rval = None +        for result in results: +            if 'metadata' in result and result['metadata']['name'] == _name: +                rval = result +                break + +        return rval + +    @staticmethod +    def get_resource_file(sfile, sfile_type='yaml'): +        ''' return the service file ''' +        contents = None +        with open(sfile) as sfd: +            contents = sfd.read() + +        if sfile_type == 'yaml': +            # AUDIT:no-member makes sense here due to ruamel.YAML/PyYAML usage +            # pylint: disable=no-member +            if hasattr(yaml, 'RoundTripLoader'): +                contents = yaml.load(contents, yaml.RoundTripLoader) +            else: +                contents = yaml.safe_load(contents) +        elif sfile_type == 'json': +            contents = json.loads(contents) + +        return contents + +    @staticmethod +    def filter_versions(stdout): +        ''' filter the oc version output ''' + +        version_dict = {} +        version_search = ['oc', 'openshift', 'kubernetes'] + +        for line in stdout.strip().split('\n'): +            for term in version_search: +                if not line: +                    continue +                if line.startswith(term): +                    version_dict[term] = line.split()[-1] + +        # horrible hack to get openshift version in Openshift 3.2 +        #  By default "oc version in 3.2 does not return an "openshift" version +        if "openshift" not in version_dict: +            version_dict["openshift"] = version_dict["oc"] + +        return version_dict + +    @staticmethod +    def add_custom_versions(versions): +        ''' create custom versions strings ''' + +        versions_dict = {} + +        for tech, version in versions.items(): +            # clean up "-" from version +            if "-" in version: +                version = version.split("-")[0] + +            if version.startswith('v'): +                versions_dict[tech + '_numeric'] = version[1:].split('+')[0] +                # "v3.3.0.33" is what we have, we want "3.3" +                versions_dict[tech + '_short'] = version[1:4] + +        return versions_dict + +    @staticmethod +    def openshift_installed(): +        ''' check if openshift is installed ''' +        import yum + +        yum_base = yum.YumBase() +        if yum_base.rpmdb.searchNevra(name='atomic-openshift'): +            return True + +        return False + +    # Disabling too-many-branches.  This is a yaml dictionary comparison function +    # pylint: disable=too-many-branches,too-many-return-statements,too-many-statements +    @staticmethod +    def check_def_equal(user_def, result_def, skip_keys=None, debug=False): +        ''' Given a user defined definition, compare it with the results given back by our query.  ''' + +        # Currently these values are autogenerated and we do not need to check them +        skip = ['metadata', 'status'] +        if skip_keys: +            skip.extend(skip_keys) + +        for key, value in result_def.items(): +            if key in skip: +                continue + +            # Both are lists +            if isinstance(value, list): +                if key not in user_def: +                    if debug: +                        print('User data does not have key [%s]' % key) +                        print('User data: %s' % user_def) +                    return False + +                if not isinstance(user_def[key], list): +                    if debug: +                        print('user_def[key] is not a list key=[%s] user_def[key]=%s' % (key, user_def[key])) +                    return False + +                if len(user_def[key]) != len(value): +                    if debug: +                        print("List lengths are not equal.") +                        print("key=[%s]: user_def[%s] != value[%s]" % (key, len(user_def[key]), len(value))) +                        print("user_def: %s" % user_def[key]) +                        print("value: %s" % value) +                    return False + +                for values in zip(user_def[key], value): +                    if isinstance(values[0], dict) and isinstance(values[1], dict): +                        if debug: +                            print('sending list - list') +                            print(type(values[0])) +                            print(type(values[1])) +                        result = Utils.check_def_equal(values[0], values[1], skip_keys=skip_keys, debug=debug) +                        if not result: +                            print('list compare returned false') +                            return False + +                    elif value != user_def[key]: +                        if debug: +                            print('value should be identical') +                            print(value) +                            print(user_def[key]) +                        return False + +            # recurse on a dictionary +            elif isinstance(value, dict): +                if key not in user_def: +                    if debug: +                        print("user_def does not have key [%s]" % key) +                    return False +                if not isinstance(user_def[key], dict): +                    if debug: +                        print("dict returned false: not instance of dict") +                    return False + +                # before passing ensure keys match +                api_values = set(value.keys()) - set(skip) +                user_values = set(user_def[key].keys()) - set(skip) +                if api_values != user_values: +                    if debug: +                        print("keys are not equal in dict") +                        print(api_values) +                        print(user_values) +                    return False + +                result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug) +                if not result: +                    if debug: +                        print("dict returned false") +                        print(result) +                    return False + +            # Verify each key, value pair is the same +            else: +                if key not in user_def or value != user_def[key]: +                    if debug: +                        print("value not equal; user_def does not have key") +                        print(key) +                        print(value) +                        if key in user_def: +                            print(user_def[key]) +                    return False + +        if debug: +            print('returning true') +        return True + + +class OpenShiftCLIConfig(object): +    '''Generic Config''' +    def __init__(self, rname, namespace, kubeconfig, options): +        self.kubeconfig = kubeconfig +        self.name = rname +        self.namespace = namespace +        self._options = options + +    @property +    def config_options(self): +        ''' return config options ''' +        return self._options + +    def to_option_list(self): +        '''return all options as a string''' +        return self.stringify() + +    def stringify(self): +        ''' return the options hash as cli params in a string ''' +        rval = [] +        for key, data in self.config_options.items(): +            if data['include'] \ +               and (data['value'] or isinstance(data['value'], int)): +                rval.append('--%s=%s' % (key.replace('_', '-'), data['value'])) + +        return rval + + +# -*- -*- -*- End included fragment: lib/base.py -*- -*- -*- + +# -*- -*- -*- Begin included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- + +class CAServerCertConfig(OpenShiftCLIConfig): +    ''' CAServerCertConfig is a DTO for the oc adm ca command ''' +    def __init__(self, kubeconfig, verbose, ca_options): +        super(CAServerCertConfig, self).__init__('ca', None, kubeconfig, ca_options) +        self.kubeconfig = kubeconfig +        self.verbose = verbose +        self._ca = ca_options + + +class CAServerCert(OpenShiftCLI): +    ''' Class to wrap the oc adm ca create-server-cert command line''' +    def __init__(self, +                 config, +                 verbose=False): +        ''' Constructor for oadm ca ''' +        super(CAServerCert, self).__init__(None, config.kubeconfig, verbose) +        self.config = config +        self.verbose = verbose + +    def get(self): +        '''get the current cert file + +           If a file exists by the same name in the specified location then the cert exists +        ''' +        cert = self.config.config_options['cert']['value'] +        if cert and os.path.exists(cert): +            return open(cert).read() + +        return None + +    def create(self): +        '''run openshift oc adm ca create-server-cert cmd''' + +        # Added this here as a safegaurd for stomping on the +        # cert and key files if they exist +        if self.config.config_options['backup']['value']: +            import time +            ext = time.strftime("%Y-%m-%d@%H:%M:%S", time.localtime(time.time())) +            date_str = "%s_" + "%s" % ext + +            if os.path.exists(self.config.config_options['key']['value']): +                shutil.copy(self.config.config_options['key']['value'], +                            date_str % self.config.config_options['key']['value']) +            if os.path.exists(self.config.config_options['cert']['value']): +                shutil.copy(self.config.config_options['cert']['value'], +                            date_str % self.config.config_options['cert']['value']) + +        options = self.config.to_option_list() + +        cmd = ['ca', 'create-server-cert'] +        cmd.extend(options) + +        return self.openshift_cmd(cmd, oadm=True) + +    def exists(self): +        ''' check whether the certificate exists and has the clusterIP ''' + +        cert_path = self.config.config_options['cert']['value'] +        if not os.path.exists(cert_path): +            return False + +        # Would prefer pyopenssl but is not installed. +        # When we verify it is, switch this code +        # Here is the code to get the subject and the SAN +        # openssl x509 -text -noout -certopt \ +        #  no_header,no_version,no_serial,no_signame,no_validity,no_issuer,no_pubkey,no_sigdump,no_aux \ +        #  -in /etc/origin/master/registry.crt +        # Instead of this solution we will use a regex. +        cert_names = [] +        hostnames = self.config.config_options['hostnames']['value'].split(',') +        proc = subprocess.Popen(['openssl', 'x509', '-noout', '-text', '-in', cert_path], +                                stdout=subprocess.PIPE, stderr=subprocess.PIPE) + +        x509output, _ = proc.communicate() +        if proc.returncode == 0: +            regex = re.compile(r"^\s*X509v3 Subject Alternative Name:\s*?\n\s*(.*)\s*\n", re.MULTILINE) +            match = regex.search(x509output)  # E501 +            for entry in re.split(r", *", match.group(1)): +                if entry.startswith('DNS') or entry.startswith('IP Address'): +                    cert_names.append(entry.split(':')[1]) +            # now that we have cert names let's compare +            cert_set = set(cert_names) +            hname_set = set(hostnames) +            if cert_set.issubset(hname_set) and hname_set.issubset(cert_set): +                return True + +        return False + +    @staticmethod +    def run_ansible(params, check_mode): +        '''run the idempotent ansible code''' + +        config = CAServerCertConfig(params['kubeconfig'], +                                    params['debug'], +                                    {'cert':          {'value': params['cert'], 'include': True}, +                                     'hostnames':     {'value': ','.join(params['hostnames']), 'include': True}, +                                     'overwrite':     {'value': True, 'include': True}, +                                     'key':           {'value': params['key'], 'include': True}, +                                     'signer_cert':   {'value': params['signer_cert'], 'include': True}, +                                     'signer_key':    {'value': params['signer_key'], 'include': True}, +                                     'signer_serial': {'value': params['signer_serial'], 'include': True}, +                                     'backup':        {'value': params['backup'], 'include': False}, +                                    }) + +        server_cert = CAServerCert(config) + +        state = params['state'] + +        if state == 'present': +            ######## +            # Create +            ######## +            if not server_cert.exists() or params['force']: + +                if check_mode: +                    return {'changed': True, +                            'msg': "CHECK_MODE: Would have created the certificate.", +                            'state': state} + +                api_rval = server_cert.create() + +                return {'changed': True, 'results': api_rval, 'state': state} + +            ######## +            # Exists +            ######## +            api_rval = server_cert.get() +            return {'changed': False, 'results': api_rval, 'state': state} + +        return {'failed': True, +                'msg': 'Unknown state passed. %s' % state} + + +# -*- -*- -*- End included fragment: class/oc_adm_ca_server_cert.py -*- -*- -*- + +# -*- -*- -*- Begin included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- + +def main(): +    ''' +    ansible oc adm module for ca create-server-cert +    ''' + +    module = AnsibleModule( +        argument_spec=dict( +            state=dict(default='present', type='str', choices=['present']), +            debug=dict(default=False, type='bool'), +            kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), +            backup=dict(default=True, type='bool'), +            force=dict(default=False, type='bool'), +            # oc adm ca create-server-cert [options] +            cert=dict(default=None, type='str'), +            key=dict(default=None, type='str'), +            signer_cert=dict(default='/etc/origin/master/ca.crt', type='str'), +            signer_key=dict(default='/etc/origin/master/ca.key', type='str'), +            signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), +            hostnames=dict(default=[], type='list'), +        ), +        supports_check_mode=True, +    ) + +    results = CAServerCert.run_ansible(module.params, module.check_mode) +    if 'failed' in results: +        return module.fail_json(**results) + +    return module.exit_json(**results) + + +if __name__ == '__main__': +    main() + +# -*- -*- -*- End included fragment: ansible/oc_adm_ca_server_cert.py -*- -*- -*- diff --git a/roles/lib_openshift/library/oc_adm_registry.py b/roles/lib_openshift/library/oc_adm_registry.py index 79af63fea..fa17d0e58 100644 --- a/roles/lib_openshift/library/oc_adm_registry.py +++ b/roles/lib_openshift/library/oc_adm_registry.py @@ -873,6 +873,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -886,6 +912,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1087,11 +1114,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1107,7 +1133,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_adm_router.py b/roles/lib_openshift/library/oc_adm_router.py index 324b87f84..a9e76a92e 100644 --- a/roles/lib_openshift/library/oc_adm_router.py +++ b/roles/lib_openshift/library/oc_adm_router.py @@ -898,6 +898,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -911,6 +937,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1112,11 +1139,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1132,7 +1158,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, @@ -2501,8 +2530,11 @@ class Router(OpenShiftCLI):          ''' property for the prepared router'''          if self.__prepared_router is None:              results = self._prepare_router() -            if not results: -                raise RouterException('Could not perform router preparation') +            if not results or 'returncode' in results and results['returncode'] != 0: +                if 'stderr' in results: +                    raise RouterException('Could not perform router preparation: %s' % results['stderr']) + +                raise RouterException('Could not perform router preparation.')              self.__prepared_router = results          return self.__prepared_router @@ -2664,8 +2696,8 @@ class Router(OpenShiftCLI):          results = self.openshift_cmd(cmd, oadm=True, output=True, output_type='json') -        # pylint: disable=no-member -        if results['returncode'] != 0 and 'items' in results['results']: +        # pylint: disable=maybe-no-member +        if results['returncode'] != 0 or 'items' not in results['results']:              return results          oc_objects = {'DeploymentConfig': {'obj': None, 'path': None, 'update': False}, @@ -2702,12 +2734,22 @@ class Router(OpenShiftCLI):          return oc_objects      def create(self): -        '''Create a deploymentconfig ''' +        '''Create a router + +           This includes the different parts: +           - deploymentconfig +           - service +           - serviceaccount +           - secrets +           - clusterrolebinding +        '''          results = [] -        # pylint: disable=no-member +        import time +        # pylint: disable=maybe-no-member          for _, oc_data in self.prepared_router.items():              if oc_data['obj'] is not None: +                time.sleep(1)                  results.append(self._create(oc_data['path']))          rval = 0 @@ -2721,7 +2763,7 @@ class Router(OpenShiftCLI):          '''run update for the router.  This performs a replace'''          results = [] -        # pylint: disable=no-member +        # pylint: disable=maybe-no-member          for _, oc_data in self.prepared_router.items():              if oc_data['update']:                  results.append(self._replace(oc_data['path'])) diff --git a/roles/lib_openshift/library/oc_edit.py b/roles/lib_openshift/library/oc_edit.py index d957c932b..8901042ac 100644 --- a/roles/lib_openshift/library/oc_edit.py +++ b/roles/lib_openshift/library/oc_edit.py @@ -797,6 +797,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -810,6 +836,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1011,11 +1038,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1031,7 +1057,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_env.py b/roles/lib_openshift/library/oc_env.py index 1903f7271..3286985c5 100644 --- a/roles/lib_openshift/library/oc_env.py +++ b/roles/lib_openshift/library/oc_env.py @@ -764,6 +764,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -777,6 +803,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -978,11 +1005,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -998,7 +1024,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_label.py b/roles/lib_openshift/library/oc_label.py index a38bb764c..7a4d6959a 100644 --- a/roles/lib_openshift/library/oc_label.py +++ b/roles/lib_openshift/library/oc_label.py @@ -773,6 +773,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -786,6 +812,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -987,11 +1014,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1007,7 +1033,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_obj.py b/roles/lib_openshift/library/oc_obj.py index 6ae93da4c..0f56ce983 100644 --- a/roles/lib_openshift/library/oc_obj.py +++ b/roles/lib_openshift/library/oc_obj.py @@ -776,6 +776,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -789,6 +815,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -990,11 +1017,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1010,7 +1036,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_process.py b/roles/lib_openshift/library/oc_process.py index 10408a7a9..4f53bb5d6 100644 --- a/roles/lib_openshift/library/oc_process.py +++ b/roles/lib_openshift/library/oc_process.py @@ -765,6 +765,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -778,6 +804,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -979,11 +1006,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -999,7 +1025,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_route.py b/roles/lib_openshift/library/oc_route.py index ade5f7f74..a2cbd9b93 100644 --- a/roles/lib_openshift/library/oc_route.py +++ b/roles/lib_openshift/library/oc_route.py @@ -807,6 +807,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -820,6 +846,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1021,11 +1048,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1041,7 +1067,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_scale.py b/roles/lib_openshift/library/oc_scale.py index 8bbf26f21..3523e7ea6 100644 --- a/roles/lib_openshift/library/oc_scale.py +++ b/roles/lib_openshift/library/oc_scale.py @@ -751,6 +751,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -764,6 +790,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -965,11 +992,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -985,7 +1011,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_secret.py b/roles/lib_openshift/library/oc_secret.py index 36d5c51f4..db9a3a7ec 100644 --- a/roles/lib_openshift/library/oc_secret.py +++ b/roles/lib_openshift/library/oc_secret.py @@ -797,6 +797,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -810,6 +836,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1011,11 +1038,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1031,7 +1057,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_service.py b/roles/lib_openshift/library/oc_service.py index 57b906eb5..c8d4b3040 100644 --- a/roles/lib_openshift/library/oc_service.py +++ b/roles/lib_openshift/library/oc_service.py @@ -803,6 +803,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -816,6 +842,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -1017,11 +1044,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -1037,7 +1063,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_serviceaccount.py b/roles/lib_openshift/library/oc_serviceaccount.py index 4f70b208b..3e650b5f2 100644 --- a/roles/lib_openshift/library/oc_serviceaccount.py +++ b/roles/lib_openshift/library/oc_serviceaccount.py @@ -749,6 +749,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -762,6 +788,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -963,11 +990,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -983,7 +1009,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_serviceaccount_secret.py b/roles/lib_openshift/library/oc_serviceaccount_secret.py index aa9d92ffc..749cf2d8e 100644 --- a/roles/lib_openshift/library/oc_serviceaccount_secret.py +++ b/roles/lib_openshift/library/oc_serviceaccount_secret.py @@ -749,6 +749,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -762,6 +788,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -963,11 +990,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -983,7 +1009,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/library/oc_version.py b/roles/lib_openshift/library/oc_version.py index 537761e93..e9b970967 100644 --- a/roles/lib_openshift/library/oc_version.py +++ b/roles/lib_openshift/library/oc_version.py @@ -721,6 +721,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -734,6 +760,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -935,11 +962,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -955,7 +981,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/meta/main.yml b/roles/lib_openshift/meta/main.yml new file mode 100644 index 000000000..7c72daa63 --- /dev/null +++ b/roles/lib_openshift/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: +  author: OpenShift Team +  description: OpenShift Repositories +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.7 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +dependencies: +- { role: openshift_repos } diff --git a/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py new file mode 100644 index 000000000..c80c2eb44 --- /dev/null +++ b/roles/lib_openshift/src/ansible/oc_adm_ca_server_cert.py @@ -0,0 +1,35 @@ +# pylint: skip-file +# flake8: noqa + +def main(): +    ''' +    ansible oc adm module for ca create-server-cert +    ''' + +    module = AnsibleModule( +        argument_spec=dict( +            state=dict(default='present', type='str', choices=['present']), +            debug=dict(default=False, type='bool'), +            kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), +            backup=dict(default=True, type='bool'), +            force=dict(default=False, type='bool'), +            # oc adm ca create-server-cert [options] +            cert=dict(default=None, type='str'), +            key=dict(default=None, type='str'), +            signer_cert=dict(default='/etc/origin/master/ca.crt', type='str'), +            signer_key=dict(default='/etc/origin/master/ca.key', type='str'), +            signer_serial=dict(default='/etc/origin/master/ca.serial.txt', type='str'), +            hostnames=dict(default=[], type='list'), +        ), +        supports_check_mode=True, +    ) + +    results = CAServerCert.run_ansible(module.params, module.check_mode) +    if 'failed' in results: +        return module.fail_json(**results) + +    return module.exit_json(**results) + + +if __name__ == '__main__': +    main() diff --git a/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py new file mode 100644 index 000000000..6ed1f2f35 --- /dev/null +++ b/roles/lib_openshift/src/class/oc_adm_ca_server_cert.py @@ -0,0 +1,135 @@ +# pylint: skip-file +# flake8: noqa + +class CAServerCertConfig(OpenShiftCLIConfig): +    ''' CAServerCertConfig is a DTO for the oc adm ca command ''' +    def __init__(self, kubeconfig, verbose, ca_options): +        super(CAServerCertConfig, self).__init__('ca', None, kubeconfig, ca_options) +        self.kubeconfig = kubeconfig +        self.verbose = verbose +        self._ca = ca_options + + +class CAServerCert(OpenShiftCLI): +    ''' Class to wrap the oc adm ca create-server-cert command line''' +    def __init__(self, +                 config, +                 verbose=False): +        ''' Constructor for oadm ca ''' +        super(CAServerCert, self).__init__(None, config.kubeconfig, verbose) +        self.config = config +        self.verbose = verbose + +    def get(self): +        '''get the current cert file + +           If a file exists by the same name in the specified location then the cert exists +        ''' +        cert = self.config.config_options['cert']['value'] +        if cert and os.path.exists(cert): +            return open(cert).read() + +        return None + +    def create(self): +        '''run openshift oc adm ca create-server-cert cmd''' + +        # Added this here as a safegaurd for stomping on the +        # cert and key files if they exist +        if self.config.config_options['backup']['value']: +            import time +            ext = time.strftime("%Y-%m-%d@%H:%M:%S", time.localtime(time.time())) +            date_str = "%s_" + "%s" % ext + +            if os.path.exists(self.config.config_options['key']['value']): +                shutil.copy(self.config.config_options['key']['value'], +                            date_str % self.config.config_options['key']['value']) +            if os.path.exists(self.config.config_options['cert']['value']): +                shutil.copy(self.config.config_options['cert']['value'], +                            date_str % self.config.config_options['cert']['value']) + +        options = self.config.to_option_list() + +        cmd = ['ca', 'create-server-cert'] +        cmd.extend(options) + +        return self.openshift_cmd(cmd, oadm=True) + +    def exists(self): +        ''' check whether the certificate exists and has the clusterIP ''' + +        cert_path = self.config.config_options['cert']['value'] +        if not os.path.exists(cert_path): +            return False + +        # Would prefer pyopenssl but is not installed. +        # When we verify it is, switch this code +        # Here is the code to get the subject and the SAN +        # openssl x509 -text -noout -certopt \ +        #  no_header,no_version,no_serial,no_signame,no_validity,no_issuer,no_pubkey,no_sigdump,no_aux \ +        #  -in /etc/origin/master/registry.crt +        # Instead of this solution we will use a regex. +        cert_names = [] +        hostnames = self.config.config_options['hostnames']['value'].split(',') +        proc = subprocess.Popen(['openssl', 'x509', '-noout', '-text', '-in', cert_path], +                                stdout=subprocess.PIPE, stderr=subprocess.PIPE) + +        x509output, _ = proc.communicate() +        if proc.returncode == 0: +            regex = re.compile(r"^\s*X509v3 Subject Alternative Name:\s*?\n\s*(.*)\s*\n", re.MULTILINE) +            match = regex.search(x509output)  # E501 +            for entry in re.split(r", *", match.group(1)): +                if entry.startswith('DNS') or entry.startswith('IP Address'): +                    cert_names.append(entry.split(':')[1]) +            # now that we have cert names let's compare +            cert_set = set(cert_names) +            hname_set = set(hostnames) +            if cert_set.issubset(hname_set) and hname_set.issubset(cert_set): +                return True + +        return False + +    @staticmethod +    def run_ansible(params, check_mode): +        '''run the idempotent ansible code''' + +        config = CAServerCertConfig(params['kubeconfig'], +                                    params['debug'], +                                    {'cert':          {'value': params['cert'], 'include': True}, +                                     'hostnames':     {'value': ','.join(params['hostnames']), 'include': True}, +                                     'overwrite':     {'value': True, 'include': True}, +                                     'key':           {'value': params['key'], 'include': True}, +                                     'signer_cert':   {'value': params['signer_cert'], 'include': True}, +                                     'signer_key':    {'value': params['signer_key'], 'include': True}, +                                     'signer_serial': {'value': params['signer_serial'], 'include': True}, +                                     'backup':        {'value': params['backup'], 'include': False}, +                                    }) + +        server_cert = CAServerCert(config) + +        state = params['state'] + +        if state == 'present': +            ######## +            # Create +            ######## +            if not server_cert.exists() or params['force']: + +                if check_mode: +                    return {'changed': True, +                            'msg': "CHECK_MODE: Would have created the certificate.", +                            'state': state} + +                api_rval = server_cert.create() + +                return {'changed': True, 'results': api_rval, 'state': state} + +            ######## +            # Exists +            ######## +            api_rval = server_cert.get() +            return {'changed': False, 'results': api_rval, 'state': state} + +        return {'failed': True, +                'msg': 'Unknown state passed. %s' % state} + diff --git a/roles/lib_openshift/src/class/oc_adm_router.py b/roles/lib_openshift/src/class/oc_adm_router.py index ab7c96927..66769e73b 100644 --- a/roles/lib_openshift/src/class/oc_adm_router.py +++ b/roles/lib_openshift/src/class/oc_adm_router.py @@ -49,8 +49,11 @@ class Router(OpenShiftCLI):          ''' property for the prepared router'''          if self.__prepared_router is None:              results = self._prepare_router() -            if not results: -                raise RouterException('Could not perform router preparation') +            if not results or 'returncode' in results and results['returncode'] != 0: +                if 'stderr' in results: +                    raise RouterException('Could not perform router preparation: %s' % results['stderr']) + +                raise RouterException('Could not perform router preparation.')              self.__prepared_router = results          return self.__prepared_router @@ -212,8 +215,8 @@ class Router(OpenShiftCLI):          results = self.openshift_cmd(cmd, oadm=True, output=True, output_type='json') -        # pylint: disable=no-member -        if results['returncode'] != 0 and 'items' in results['results']: +        # pylint: disable=maybe-no-member +        if results['returncode'] != 0 or 'items' not in results['results']:              return results          oc_objects = {'DeploymentConfig': {'obj': None, 'path': None, 'update': False}, @@ -250,12 +253,22 @@ class Router(OpenShiftCLI):          return oc_objects      def create(self): -        '''Create a deploymentconfig ''' +        '''Create a router + +           This includes the different parts: +           - deploymentconfig +           - service +           - serviceaccount +           - secrets +           - clusterrolebinding +        '''          results = [] -        # pylint: disable=no-member +        import time +        # pylint: disable=maybe-no-member          for _, oc_data in self.prepared_router.items():              if oc_data['obj'] is not None: +                time.sleep(1)                  results.append(self._create(oc_data['path']))          rval = 0 @@ -269,7 +282,7 @@ class Router(OpenShiftCLI):          '''run update for the router.  This performs a replace'''          results = [] -        # pylint: disable=no-member +        # pylint: disable=maybe-no-member          for _, oc_data in self.prepared_router.items():              if oc_data['update']:                  results.append(self._replace(oc_data['path'])) diff --git a/roles/lib_openshift/src/doc/ca_server_cert b/roles/lib_openshift/src/doc/ca_server_cert new file mode 100644 index 000000000..ff9229281 --- /dev/null +++ b/roles/lib_openshift/src/doc/ca_server_cert @@ -0,0 +1,96 @@ +# flake8: noqa +# pylint: skip-file + +DOCUMENTATION = ''' +--- +module: oc_adm_ca_server_cert +short_description: Module to run openshift oc adm ca create-server-cert +description: +  - Wrapper around the openshift `oc adm ca create-server-cert` command. +options: +  state: +    description: +    - Present is the only supported state.  The state present means that `oc adm ca` will generate a certificate +    - and verify if the hostnames and the ClusterIP exists in the certificate. +    - When create-server-cert is desired then the following parameters are passed. +    - ['cert', 'key', 'signer_cert', 'signer_key', 'signer_serial'] +    required: false +    default: present +    choices:  +    - present +    aliases: [] +  kubeconfig: +    description: +    - The path for the kubeconfig file to use for authentication +    required: false +    default: /etc/origin/master/admin.kubeconfig +    aliases: [] +  debug: +    description: +    - Turn on debug output. +    required: false +    default: False +    aliases: [] +  cert: +    description: +    - The certificate file. Choose a name that indicates what the service is. +    required: false +    default: None +    aliases: [] +  key: +    description: +    - The key file. Choose a name that indicates what the service is. +    required: false +    default: None +    aliases: [] +  force: +    description: +    - Force updating of the existing cert and key files +    required: false +    default: False +    aliases: [] +  signer_cert: +    description: +    - The signer certificate file. +    required: false +    default: /etc/origin/master/ca.crt +    aliases: [] +  signer_key: +    description: +    - The signer key file. +    required: false +    default: /etc/origin/master/ca.key +    aliases: [] +  signer_serial: +    description: +    - The signer serial file. +    required: false +    default: /etc/origin/master/ca.serial.txt +    aliases: [] +  hostnames: +    description: +    - Every hostname or IP that server certs should be valid for +    required: false +    default: [] +    aliases: [] +  backup: +    description: +    - Whether to backup the cert and key files before writing them. +    required: false +    default: True +    aliases: [] +author: +- "Kenny Woodson <kwoodson@redhat.com>" +extends_documentation_fragment: [] +''' + +EXAMPLES = ''' +- name: Create a self-signed cert +  oc_adm_ca_server_cert: +    signer_cert: /etc/origin/master/ca.crt +    signer_key: /etc/origin/master/ca.key +    signer_serial: /etc/origin/master/ca.serial.txt +    hostnames: "registry.test.openshift.com,127.0.0.1,docker-registry.default.svc.cluster.local" +    cert: /etc/origin/master/registry.crt +    key: /etc/origin/master/registry.key +''' diff --git a/roles/lib_openshift/src/lib/base.py b/roles/lib_openshift/src/lib/base.py index fcbca4f2f..2e822d8ef 100644 --- a/roles/lib_openshift/src/lib/base.py +++ b/roles/lib_openshift/src/lib/base.py @@ -9,6 +9,32 @@ class OpenShiftCLIError(Exception):      pass +ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')] + + +def locate_oc_binary(): +    ''' Find and return oc binary file ''' +    # https://github.com/openshift/openshift-ansible/issues/3410 +    # oc can be in /usr/local/bin in some cases, but that may not +    # be in $PATH due to ansible/sudo +    paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS + +    oc_binary = 'oc' + +    # Use shutil.which if it is available, otherwise fallback to a naive path search +    try: +        which_result = shutil.which(oc_binary, path=os.pathsep.join(paths)) +        if which_result is not None: +            oc_binary = which_result +    except AttributeError: +        for path in paths: +            if os.path.exists(os.path.join(path, oc_binary)): +                oc_binary = os.path.join(path, oc_binary) +                break + +    return oc_binary + +  # pylint: disable=too-few-public-methods  class OpenShiftCLI(object):      ''' Class to wrap the command line tools ''' @@ -22,6 +48,7 @@ class OpenShiftCLI(object):          self.verbose = verbose          self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)          self.all_namespaces = all_namespaces +        self.oc_binary = locate_oc_binary()      # Pylint allows only 5 arguments to be passed.      # pylint: disable=too-many-arguments @@ -223,11 +250,10 @@ class OpenShiftCLI(object):      # pylint: disable=too-many-arguments,too-many-branches      def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):          '''Base command for oc ''' -        cmds = [] +        cmds = [self.oc_binary] +          if oadm: -            cmds = ['oadm'] -        else: -            cmds = ['oc'] +            cmds.append('adm')          if self.all_namespaces:              cmds.extend(['--all-namespaces']) @@ -243,7 +269,10 @@ class OpenShiftCLI(object):          if self.verbose:              print(' '.join(cmds)) -        returncode, stdout, stderr = self._run(cmds, input_data) +        try: +            returncode, stdout, stderr = self._run(cmds, input_data) +        except OSError as ex: +            returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)          rval = {"returncode": returncode,                  "results": results, diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index fca1f4818..35f8d71b2 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -1,4 +1,14 @@  --- +oc_adm_ca_server_cert.py: +- doc/generated +- doc/license +- lib/import.py +- doc/ca_server_cert +- ../../lib_utils/src/class/yedit.py +- lib/base.py +- class/oc_adm_ca_server_cert.py +- ansible/oc_adm_ca_server_cert.py +  oadm_manage_node.py:  - doc/generated  - doc/license diff --git a/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py b/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py index b0786dfac..761c849fb 100755 --- a/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py +++ b/roles/lib_openshift/src/test/unit/test_oadm_manage_node.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oadm_manage_node import ManageNode  # noqa: E402 +from oadm_manage_node import ManageNode, locate_oc_binary  # noqa: E402  class ManageNodeTest(unittest.TestCase): @@ -179,6 +180,114 @@ class ManageNodeTest(unittest.TestCase):          self.assertEqual(results['results']['nodes'][0]['name'], 'ip-172-31-49-140.ec2.internal')          self.assertEqual(results['results']['nodes'][0]['schedulable'], False) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_env.py b/roles/lib_openshift/src/test/unit/test_oc_env.py index 15bd7e464..dab5099c2 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_env.py +++ b/roles/lib_openshift/src/test/unit/test_oc_env.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_env import OCEnv  # noqa: E402 +from oc_env import OCEnv, locate_oc_binary  # noqa: E402  class OCEnvTest(unittest.TestCase): @@ -35,9 +36,10 @@ class OCEnvTest(unittest.TestCase):          ''' setup method will create a file and set to known configuration '''          pass +    @mock.patch('oc_env.locate_oc_binary')      @mock.patch('oc_env.Utils.create_tmpfile_copy')      @mock.patch('oc_env.OCEnv._run') -    def test_listing_all_env_vars(self, mock_cmd, mock_tmpfile_copy): +    def test_listing_all_env_vars(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):          ''' Testing listing all environment variables from a dc'''          # Arrange @@ -123,6 +125,10 @@ class OCEnvTest(unittest.TestCase):              (0, dc_results, ''),  # First call to the mock          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mock_adminkubeconfig',          ] @@ -144,9 +150,10 @@ class OCEnvTest(unittest.TestCase):              mock.call(['oc', '-n', 'default', 'get', 'dc', 'router', '-o', 'json'], None),          ]) +    @mock.patch('oc_env.locate_oc_binary')      @mock.patch('oc_env.Utils.create_tmpfile_copy')      @mock.patch('oc_env.OCEnv._run') -    def test_adding_env_vars(self, mock_cmd, mock_tmpfile_copy): +    def test_adding_env_vars(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):          ''' Test add environment variables to a dc'''          # Arrange @@ -304,6 +311,10 @@ class OCEnvTest(unittest.TestCase):              (0, dc_results_after, ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mock_adminkubeconfig',          ] @@ -325,9 +336,10 @@ class OCEnvTest(unittest.TestCase):              mock.call(['oc', '-n', 'default', 'get', 'dc', 'router', '-o', 'json'], None),          ]) +    @mock.patch('oc_env.locate_oc_binary')      @mock.patch('oc_env.Utils.create_tmpfile_copy')      @mock.patch('oc_env.OCEnv._run') -    def test_removing_env_vars(self, mock_cmd, mock_tmpfile_copy): +    def test_removing_env_vars(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):          ''' Test add environment variables to a dc'''          # Arrange @@ -419,6 +431,10 @@ class OCEnvTest(unittest.TestCase):              (0, '', ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mock_adminkubeconfig',          ] @@ -435,6 +451,114 @@ class OCEnvTest(unittest.TestCase):              mock.call(['oc', '-n', 'default', 'get', 'dc', 'router', '-o', 'json'], None),          ]) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_label.py b/roles/lib_openshift/src/test/unit/test_oc_label.py index 3176987b0..933b5f221 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_label.py +++ b/roles/lib_openshift/src/test/unit/test_oc_label.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_label import OCLabel  # noqa: E402 +from oc_label import OCLabel, locate_oc_binary  # noqa: E402  class OCLabelTest(unittest.TestCase): @@ -187,6 +188,114 @@ class OCLabelTest(unittest.TestCase):          self.assertTrue(results['results']['results']['labels'][0] ==                          {'storage_pv_quota': 'False', 'awesomens': 'testinglabel'}) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_process.py b/roles/lib_openshift/src/test/unit/test_oc_process.py index 450ff7071..c4b36928b 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_process.py +++ b/roles/lib_openshift/src/test/unit/test_oc_process.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_process import OCProcess  # noqa: E402 +from oc_process import OCProcess, locate_oc_binary  # noqa: E402  # pylint: disable=too-many-public-methods @@ -474,6 +475,114 @@ class OCProcessTest(unittest.TestCase):          self.assertFalse(results['changed'])          self.assertEqual(results['results']['results']['items'][0]['metadata']['name'], 'testdb') +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_route.py b/roles/lib_openshift/src/test/unit/test_oc_route.py index 361b61f4b..ea94bfabd 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_route.py +++ b/roles/lib_openshift/src/test/unit/test_oc_route.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_route import OCRoute  # noqa: E402 +from oc_route import OCRoute, locate_oc_binary  # noqa: E402  class OCRouteTest(unittest.TestCase): @@ -35,9 +36,10 @@ class OCRouteTest(unittest.TestCase):          ''' setup method will create a file and set to known configuration '''          pass +    @mock.patch('oc_route.locate_oc_binary')      @mock.patch('oc_route.Utils.create_tmpfile_copy')      @mock.patch('oc_route.OCRoute._run') -    def test_list_route(self, mock_cmd, mock_tmpfile_copy): +    def test_list_route(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):          ''' Testing getting a route '''          # Arrange @@ -115,6 +117,10 @@ class OCRouteTest(unittest.TestCase):              (0, route_result, ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mock.kubeconfig',          ] @@ -132,10 +138,11 @@ class OCRouteTest(unittest.TestCase):              mock.call(['oc', '-n', 'default', 'get', 'route', 'test', '-o', 'json'], None),          ]) +    @mock.patch('oc_route.locate_oc_binary')      @mock.patch('oc_route.Utils.create_tmpfile_copy')      @mock.patch('oc_route.Yedit._write')      @mock.patch('oc_route.OCRoute._run') -    def test_create_route(self, mock_cmd, mock_write, mock_tmpfile_copy): +    def test_create_route(self, mock_cmd, mock_write, mock_tmpfile_copy, mock_oc_binary):          ''' Testing getting a route '''          # Arrange @@ -235,6 +242,10 @@ metadata:              (0, route_result, ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mock.kubeconfig',          ] @@ -259,6 +270,114 @@ metadata:              mock.call(['oc', '-n', 'default', 'get', 'route', 'test', '-o', 'json'], None),          ]) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_scale.py b/roles/lib_openshift/src/test/unit/test_oc_scale.py index f15eb164d..b2dec2fbe 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_scale.py +++ b/roles/lib_openshift/src/test/unit/test_oc_scale.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_scale import OCScale  # noqa: E402 +from oc_scale import OCScale, locate_oc_binary  # noqa: E402  class OCScaleTest(unittest.TestCase): @@ -158,6 +159,114 @@ class OCScaleTest(unittest.TestCase):          self.assertTrue(results['failed'])          self.assertEqual(results['msg']['returncode'], 1) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_secret.py b/roles/lib_openshift/src/test/unit/test_oc_secret.py index 645aac82b..087c62dcf 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_secret.py +++ b/roles/lib_openshift/src/test/unit/test_oc_secret.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_secret import OCSecret  # noqa: E402 +from oc_secret import OCSecret, locate_oc_binary  # noqa: E402  class OCSecretTest(unittest.TestCase): @@ -35,10 +36,11 @@ class OCSecretTest(unittest.TestCase):          ''' setup method will create a file and set to known configuration '''          pass +    @mock.patch('oc_secret.locate_oc_binary')      @mock.patch('oc_secret.Utils.create_tmpfile_copy')      @mock.patch('oc_secret.Utils._write')      @mock.patch('oc_secret.OCSecret._run') -    def test_adding_a_secret(self, mock_cmd, mock_write, mock_tmpfile_copy): +    def test_adding_a_secret(self, mock_cmd, mock_write, mock_tmpfile_copy, mock_oc_binary):          ''' Testing adding a secret '''          # Arrange @@ -65,6 +67,10 @@ class OCSecretTest(unittest.TestCase):              (0, 'secret/testsecretname', ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mocked_kubeconfig',          ] @@ -87,6 +93,114 @@ class OCSecretTest(unittest.TestCase):              mock.call(mock.ANY, "{'one': 1, 'two': 2, 'three': 3}"),          ]) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_service.py b/roles/lib_openshift/src/test/unit/test_oc_service.py index 4a845e9f3..8974eb6c6 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_service.py +++ b/roles/lib_openshift/src/test/unit/test_oc_service.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_service import OCService  # noqa: E402 +from oc_service import OCService, locate_oc_binary  # noqa: E402  # pylint: disable=too-many-public-methods @@ -207,6 +208,114 @@ class OCServiceTest(unittest.TestCase):          self.assertTrue(results['results']['returncode'] == 0)          self.assertEqual(results['results']['results'][0]['metadata']['name'], 'router') +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_serviceaccount.py b/roles/lib_openshift/src/test/unit/test_oc_serviceaccount.py index 256b569eb..b02b37053 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_serviceaccount.py +++ b/roles/lib_openshift/src/test/unit/test_oc_serviceaccount.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_serviceaccount import OCServiceAccount  # noqa: E402 +from oc_serviceaccount import OCServiceAccount, locate_oc_binary  # noqa: E402  class OCServiceAccountTest(unittest.TestCase): @@ -35,9 +36,10 @@ class OCServiceAccountTest(unittest.TestCase):          ''' setup method will create a file and set to known configuration '''          pass +    @mock.patch('oc_serviceaccount.locate_oc_binary')      @mock.patch('oc_serviceaccount.Utils.create_tmpfile_copy')      @mock.patch('oc_serviceaccount.OCServiceAccount._run') -    def test_adding_a_serviceaccount(self, mock_cmd, mock_tmpfile_copy): +    def test_adding_a_serviceaccount(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):          ''' Testing adding a serviceaccount '''          # Arrange @@ -91,6 +93,10 @@ class OCServiceAccountTest(unittest.TestCase):              (0, valid_result_json, ''),          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mocked_kubeconfig',          ] @@ -110,6 +116,114 @@ class OCServiceAccountTest(unittest.TestCase):              mock.call(['oc', '-n', 'default', 'get', 'sa', 'testserviceaccountname', '-o', 'json'], None),          ]) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_serviceaccount_secret.py b/roles/lib_openshift/src/test/unit/test_oc_serviceaccount_secret.py index 213c581aa..ab8ccd18c 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_serviceaccount_secret.py +++ b/roles/lib_openshift/src/test/unit/test_oc_serviceaccount_secret.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_serviceaccount_secret import OCServiceAccountSecret  # noqa: E402 +from oc_serviceaccount_secret import OCServiceAccountSecret, locate_oc_binary  # noqa: E402  try:      import ruamel.yaml as yaml  # noqa: EF401 @@ -41,10 +42,11 @@ class OCServiceAccountSecretTest(unittest.TestCase):          ''' setup method will create a file and set to known configuration '''          pass +    @mock.patch('oc_serviceaccount_secret.locate_oc_binary')      @mock.patch('oc_serviceaccount_secret.Utils.create_tmpfile_copy')      @mock.patch('oc_serviceaccount_secret.Yedit._write')      @mock.patch('oc_serviceaccount_secret.OCServiceAccountSecret._run') -    def test_adding_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy): +    def test_adding_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy, mock_oc_binary):          ''' Testing adding a secret to a service account '''          # Arrange @@ -161,6 +163,10 @@ secrets:              (0, oc_get_sa_after, ''),  # Fourth call to the mock          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mocked_kubeconfig',          ] @@ -189,10 +195,11 @@ secrets:              mock.call(mock.ANY, yaml_file)          ]) +    @mock.patch('oc_serviceaccount_secret.locate_oc_binary')      @mock.patch('oc_serviceaccount_secret.Utils.create_tmpfile_copy')      @mock.patch('oc_serviceaccount_secret.Yedit._write')      @mock.patch('oc_serviceaccount_secret.OCServiceAccountSecret._run') -    def test_removing_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy): +    def test_removing_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy, mock_oc_binary):          ''' Testing removing a secret to a service account '''          # Arrange @@ -279,6 +286,10 @@ secrets:              (0, 'serviceaccount "builder" replaced', ''),  # Third call to the mock          ] +        mock_oc_binary.side_effect = [ +            'oc' +        ] +          mock_tmpfile_copy.side_effect = [              '/tmp/mocked_kubeconfig',          ] @@ -306,6 +317,114 @@ secrets:              mock.call(mock.ANY, yaml_file)          ]) +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_openshift/src/test/unit/test_oc_version.py b/roles/lib_openshift/src/test/unit/test_oc_version.py index 67dea415b..6daf5b00d 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_version.py +++ b/roles/lib_openshift/src/test/unit/test_oc_version.py @@ -11,6 +11,7 @@  # OK  import os +import six  import sys  import unittest  import mock @@ -23,7 +24,7 @@ import mock  # place class in our python path  module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library')  # noqa: E501  sys.path.insert(0, module_path) -from oc_version import OCVersion  # noqa: E402 +from oc_version import OCVersion, locate_oc_binary  # noqa: E402  class OCVersionTest(unittest.TestCase): @@ -64,6 +65,114 @@ class OCVersionTest(unittest.TestCase):          self.assertEqual(results['results']['oc_numeric'], '3.4.0.39')          self.assertEqual(results['results']['kubernetes_numeric'], '1.4.0') +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_path_exists.side_effect = lambda _: False + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY3, 'py2 test only') +    @mock.patch('os.path.exists') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home(self, mock_env_get, mock_path_exists): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_path_exists.side_effect = lambda f: f == oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_fallback_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup fallback ''' + +        mock_env_get.side_effect = lambda _v, _d: '' + +        mock_shutil_which.side_effect = lambda _f, path=None: None + +        self.assertEqual(locate_oc_binary(), 'oc') + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_path_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in path ''' + +        oc_bin = '/usr/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_usr_local_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in /usr/local/bin ''' + +        oc_bin = '/usr/local/bin/oc' + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) + +    @unittest.skipIf(six.PY2, 'py3 test only') +    @mock.patch('shutil.which') +    @mock.patch('os.environ.get') +    def test_binary_lookup_in_home_py3(self, mock_env_get, mock_shutil_which): +        ''' Testing binary lookup in ~/bin ''' + +        oc_bin = os.path.expanduser('~/bin/oc') + +        mock_env_get.side_effect = lambda _v, _d: '/bin:/usr/bin' + +        mock_shutil_which.side_effect = lambda _f, path=None: oc_bin + +        self.assertEqual(locate_oc_binary(), oc_bin) +      def tearDown(self):          '''TearDown method'''          pass diff --git a/roles/lib_utils/meta/main.yml b/roles/lib_utils/meta/main.yml new file mode 100644 index 000000000..e06b9a0f1 --- /dev/null +++ b/roles/lib_utils/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: +  author: TODO +  description: OpenShift Repositories +  company: Red Hat, Inc. +  license: Apache License, Version 2.0 +  min_ansible_version: 1.7 +  platforms: +  - name: EL +    versions: +    - 7 +  categories: +  - cloud +dependencies: +- { role: openshift_repos } diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index a501ad938..65e0e2a5a 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -5,7 +5,7 @@  #  # This script should be run from openshift-ansible/roles/openshift_examples -XPAAS_VERSION=ose-v1.3.5 +XPAAS_VERSION=ose-v1.3.6  ORIGIN_VERSION=${1:-v1.5}  RHAMP_TAG=1.0.0.GA  RHAMP_TEMPLATE=https://raw.githubusercontent.com/3scale/rhamp-openshift-templates/${RHAMP_TAG}/apicast-gateway/apicast-gateway-template.yml diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json index cfbfc3e20..f347f1f9f 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MariaDB (Ephemeral)",        "description": "MariaDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mariadb", -      "tags": "database,mariadb" +      "tags": "database,mariadb", +      "template.openshift.io/long-description": "This template provides a standalone MariaDB server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json index e933eecf0..6ed744777 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MariaDB (Persistent)",        "description": "MariaDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mariadb", -      "tags": "database,mariadb" +      "tags": "database,mariadb", +      "template.openshift.io/long-description": "This template provides a standalone MariaDB server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json index c38d2680b..97a8abf6d 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "MongoDB (Ephemeral)",        "description": "MongoDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mongodb", -      "tags": "database,mongodb" +      "tags": "database,mongodb", +      "template.openshift.io/long-description": "This template provides a standalone MongoDB server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MONGODB_USER}\n       Password: ${MONGODB_PASSWORD}\n  Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json index e8853d8ff..0656219fb 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "MongoDB (Persistent)",        "description": "MongoDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mongodb", -      "tags": "database,mongodb" +      "tags": "database,mongodb", +      "template.openshift.io/long-description": "This template provides a standalone MongoDB server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MONGODB_USER}\n       Password: ${MONGODB_PASSWORD}\n  Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json index f7bcfe2ed..d60b4647d 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MySQL (Ephemeral)",        "description": "MySQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mysql-database", -      "tags": "database,mysql" +      "tags": "database,mysql", +      "template.openshift.io/long-description": "This template provides a standalone MySQL server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json index 85c48da01..c2bfa40fd 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MySQL (Persistent)",        "description": "MySQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mysql-database", -      "tags": "database,mysql" +      "tags": "database,mysql", +      "template.openshift.io/long-description": "This template provides a standalone MySQL server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json index 64d5e2b32..7a16e742a 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "PostgreSQL (Ephemeral)",        "description": "PostgreSQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-postgresql", -      "tags": "database,postgresql" +      "tags": "database,postgresql", +      "template.openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${POSTGRESQL_USER}\n       Password: ${POSTGRESQL_PASSWORD}\n  Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json index 6c101f9d2..242212d6f 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "PostgreSQL (Persistent)",        "description": "PostgreSQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-postgresql", -      "tags": "database,postgresql" +      "tags": "database,postgresql", +      "template.openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${POSTGRESQL_USER}\n       Password: ${POSTGRESQL_PASSWORD}\n  Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json index b97e1fd29..82a09a3ec 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Redis (Ephemeral)",        "description": "Redis in-memory data structure store, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-redis", -      "tags": "database,redis" +      "tags": "database,redis", +      "template.openshift.io/long-description": "This template provides a standalone Redis server.  The data is not stored on persistent storage, so any restart of the service will result in all data being lost.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.", diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json index dc167da41..1d5f59188 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Redis (Persistent)",        "description": "Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-redis", -      "tags": "database,redis" +      "tags": "database,redis", +      "template.openshift.io/long-description": "This template provides a standalone Redis server.  The data is stored on persistent storage.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.", diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json index 9b19b8bd0..eb94c3bb4 100644 --- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json @@ -241,7 +241,7 @@              },              "from": {                "kind": "ImageStreamTag", -              "name": "5.6" +              "name": "7.0"              }            },            { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json index 0ba57864e..eb3d296be 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "CakePHP + MySQL (Persistent)",        "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.",        "tags": "quickstart,php,cakephp", -      "iconClass": "icon-php" +      "iconClass": "icon-php", +      "template.openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.", @@ -129,7 +133,10 @@                "secret": "${GITHUB_WEBHOOK_SECRET}"              }            } -        ] +        ], +        "postCommit": { +          "script": "./lib/Cake/Console/cake test app AllTests" +        }        }      },      { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json index 9732e59e1..da2454d2e 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "CakePHP + MySQL (Ephemeral)",        "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,php,cakephp", -      "iconClass": "icon-php" +      "iconClass": "icon-php", +      "template.openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.", @@ -129,7 +133,10 @@                "secret": "${GITHUB_WEBHOOK_SECRET}"              }            } -        ] +        ], +        "postCommit": { +          "script": "./lib/Cake/Console/cake test app AllTests" +        }        }      },      { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json index 074561550..81ae63416 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Dancer + MySQL (Persistent)",        "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",        "tags": "quickstart,perl,dancer", -      "iconClass": "icon-perl" +      "iconClass": "icon-perl", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/dancer-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json index 18100974b..7a285dba8 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Dancer + MySQL (Ephemeral)",        "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,perl,dancer", -      "iconClass": "icon-perl" +      "iconClass": "icon-perl", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/dancer-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json index b39771bd8..9f982c286 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Django + PostgreSQL (Persistent)",        "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",        "tags": "quickstart,python,django", -      "iconClass": "icon-python" +      "iconClass": "icon-python", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/django-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json index 64b914e61..7bee85ddd 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Django + PostgreSQL (Ephemeral)",        "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,python,django", -      "iconClass": "icon-python" +      "iconClass": "icon-python", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/django-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json index 62ccc5b7f..b0aef3cfc 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Jenkins (Ephemeral)",        "description": "Jenkins service, without persistent storage.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "iconClass": "icon-jenkins", -      "tags": "instant-app,jenkins" +      "tags": "instant-app,jenkins", +      "template.openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.  The Jenkins configuration is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "A Jenkins service has been created in your project.  Log into Jenkins with your OpenShift account.  The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json index 50c4ad566..a542de219 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Jenkins (Persistent)",        "description": "Jenkins service, with persistent storage.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-jenkins", -      "tags": "instant-app,jenkins" +      "tags": "instant-app,jenkins", +      "template.openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "A Jenkins service has been created in your project.  Log into Jenkins with your OpenShift account.  The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json index fecb84662..6ee999cb1 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Node.js + MongoDB (Persistent)",        "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",        "tags": "quickstart,nodejs", -      "iconClass": "icon-nodejs" +      "iconClass": "icon-nodejs", +      "template.openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json index 6a55f0251..5c177a7e0 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Node.js + MongoDB (Ephemeral)",        "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,nodejs", -      "iconClass": "icon-nodejs" +      "iconClass": "icon-nodejs", +      "template.openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json index 6c0a484b5..b400cfdb3 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Rails + PostgreSQL (Persistent)",        "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",        "tags": "quickstart,ruby,rails", -      "iconClass": "icon-ruby" +      "iconClass": "icon-ruby", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/rails-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.", @@ -165,7 +169,7 @@              "imageChangeParams": {                "automatic": true,                "containerNames": [ -                "rails-pgsql-persistent" +                "${NAME}"                ],                "from": {                  "kind": "ImageStreamTag", @@ -191,7 +195,7 @@            "spec": {              "containers": [                { -                "name": "rails-pgsql-persistent", +                "name": "${NAME}",                  "image": " ",                  "ports": [                    { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json index 043554c79..fa67412ff 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Rails + PostgreSQL (Ephemeral)",        "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,ruby,rails", -      "iconClass": "icon-ruby" +      "iconClass": "icon-ruby", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/rails-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.", @@ -165,7 +169,7 @@              "imageChangeParams": {                "automatic": true,                "containerNames": [ -                "rails-postgresql-example" +                "${NAME}"                ],                "from": {                  "kind": "ImageStreamTag", @@ -191,7 +195,7 @@            "spec": {              "containers": [                { -                "name": "rails-postgresql-example", +                "name": "${NAME}",                  "image": " ",                  "ports": [                    { diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json index ed0e94bed..9d99973be 100644 --- a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json @@ -20,12 +20,22 @@                      {                          "name": "1.0",                          "annotations": { -                            "description": "JBoss Fuse Integration Services 6.2.1 Java S2I images.", +                            "description": "JBoss Fuse Integration Services 1.0 Java S2I images.",                              "iconClass": "icon-jboss",                              "tags": "builder,jboss-fuse,java,xpaas",                              "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",                              "version": "1.0"                          } +                    }, +                    { +                        "name": "2.0", +                        "annotations": { +                            "description": "JBoss Fuse Integration Services 2.0 Java S2I images.", +                            "iconClass": "icon-jboss", +                            "tags": "builder,jboss-fuse,java,xpaas", +                            "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2", +                            "version": "2.0" +                        }                      }                  ]              } @@ -42,12 +52,22 @@                      {                          "name": "1.0",                          "annotations": { -                            "description": "JBoss Fuse Integration Services 6.2.1 Karaf S2I images.", +                            "description": "JBoss Fuse Integration Services 1.0 Karaf S2I images.",                              "iconClass": "icon-jboss",                              "tags": "builder,jboss-fuse,java,karaf,xpaas",                              "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2",                              "version": "1.0"                          } +                    }, +                    { +                        "name": "2.0", +                        "annotations": { +                            "description": "JBoss Fuse Integration Services 2.0 Karaf S2I images.", +                            "iconClass": "icon-jboss", +                            "tags": "builder,jboss-fuse,java,karaf,xpaas", +                            "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2", +                            "version": "2.0" +                        }                      }                  ]              } diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json index a7cb12867..049f3f884 100644 --- a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json @@ -367,6 +367,31 @@                      }                  ]              } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "redhat-openjdk18-openshift" +            }, +            "spec": { +                "dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift", +                "tags": [ +                    { +                        "name": "1.0", +                        "annotations": { +                            "openshift.io/display-name": "Red Hat OpenJDK 8", +                            "description": "Build and run Java applications using Maven and OpenJDK 8.", +                            "iconClass": "icon-jboss", +                            "tags": "builder,java,xpaas,openjdk", +                            "supports":"java:8,xpaas:1.0", +                            "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts", +                            "sampleContextDir": "undertow-servlet", +                            "version": "1.0" +                        } +                    } +                ] +            }          }      ]  } diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json new file mode 100644 index 000000000..143e16756 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json @@ -0,0 +1,267 @@ +{ +    "kind": "Template", +    "apiVersion": "v1", +    "metadata": { +        "annotations": { +            "iconClass": "icon-jboss", +            "description": "Application template for Java applications built using S2I.", +            "tags": "java,xpaas", +            "version": "1.0.0" +        }, +        "name": "openjdk18-web-basic-s2i" +    }, +    "labels": { +        "template": "openjdk18-web-basic-s2i", +        "xpaas": "1.0.0" +    }, +    "message": "A new java application has been created in your project.", +    "parameters": [ +        { +            "description": "The name for the application.", +            "displayName": "Application Name", +            "name": "APPLICATION_NAME", +            "value": "openjdk-app", +            "required": true +        }, +        { +            "description": "Custom hostname for http service route.  Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", +            "displayName": "Custom http Route Hostname", +            "name": "HOSTNAME_HTTP", +            "value": "", +            "required": false +        }, +        { +            "description": "Git source URI for application", +            "displayName": "Git Repository URL", +            "name": "SOURCE_REPOSITORY_URL", +            "value": "https://github.com/jboss-openshift/openshift-quickstarts", +            "required": true +        }, +        { +            "description": "Git branch/tag reference", +            "displayName": "Git Reference", +            "name": "SOURCE_REPOSITORY_REF", +            "value": "master", +            "required": false +        }, +        { +            "description": "Path within Git project to build; empty for root project directory.", +            "displayName": "Context Directory", +            "name": "CONTEXT_DIR", +            "value": "undertow-servlet", +            "required": false +        }, +        { +            "description": "GitHub trigger secret", +            "displayName": "Github Webhook Secret", +            "name": "GITHUB_WEBHOOK_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression", +            "required": true +        }, +        { +            "description": "Generic build trigger secret", +            "displayName": "Generic Webhook Secret", +            "name": "GENERIC_WEBHOOK_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression", +            "required": true +        }, +        { +            "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", +            "displayName": "ImageStream Namespace", +            "name": "IMAGE_STREAM_NAMESPACE", +            "value": "openshift", +            "required": true +        } +    ], +    "objects": [ +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8080, +                        "targetPort": 8080 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The application's http port." +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-http", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's http service." +                } +            }, +            "spec": { +                "host": "${HOSTNAME_HTTP}", +                "to": { +                    "name": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "BuildConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "source": { +                    "type": "Git", +                    "git": { +                        "uri": "${SOURCE_REPOSITORY_URL}", +                        "ref": "${SOURCE_REPOSITORY_REF}" +                    }, +                    "contextDir": "${CONTEXT_DIR}" +                }, +                "strategy": { +                    "type": "Source", +                    "sourceStrategy": { +                        "forcePull": true, +                        "from": { +                            "kind": "ImageStreamTag", +                            "namespace": "${IMAGE_STREAM_NAMESPACE}", +                            "name": "redhat-openjdk18-openshift:1.0" +                        } +                    } +                }, +                "output": { +                    "to": { +                        "kind": "ImageStreamTag", +                        "name": "${APPLICATION_NAME}:latest" +                    } +                }, +                "triggers": [ +                    { +                        "type": "GitHub", +                        "github": { +                            "secret": "${GITHUB_WEBHOOK_SECRET}" +                        } +                    }, +                    { +                        "type": "Generic", +                        "generic": { +                            "secret": "${GENERIC_WEBHOOK_SECRET}" +                        } +                    }, +                    { +                        "type": "ImageChange", +                        "imageChange": {} +                    }, +                    { +                        "type": "ConfigChange" +                    } +                ] +            } +        }, +        { +            "kind": "DeploymentConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "strategy": { +                    "type": "Recreate" +                }, +                "triggers": [ +                    { +                        "type": "ImageChange", +                        "imageChangeParams": { +                            "automatic": true, +                            "containerNames": [ +                                "${APPLICATION_NAME}" +                            ], +                            "from": { +                                "kind": "ImageStreamTag", +                                "name": "${APPLICATION_NAME}:latest" +                            } +                        } +                    }, +                    { +                        "type": "ConfigChange" +                    } +                ], +                "replicas": 1, +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                }, +                "template": { +                    "metadata": { +                        "name": "${APPLICATION_NAME}", +                        "labels": { +                            "deploymentConfig": "${APPLICATION_NAME}", +                            "application": "${APPLICATION_NAME}" +                        } +                    }, +                    "spec": { +                        "terminationGracePeriodSeconds": 75, +                        "containers": [ +                            { +                                "name": "${APPLICATION_NAME}", +                                "image": "${APPLICATION_NAME}", +                                "imagePullPolicy": "Always", +                                "env": [ +                                ], +                                "ports": [ +                                    { +                                        "name": "jolokia", +                                        "containerPort": 8778, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "http", +                                        "containerPort": 8080, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "https", +                                        "containerPort": 8443, +                                        "protocol": "TCP" +                                    } +                                ] +                            } +                        ] +                    } +                } +            } +        } +    ] +} diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json index cfbfc3e20..f347f1f9f 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MariaDB (Ephemeral)",        "description": "MariaDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mariadb", -      "tags": "database,mariadb" +      "tags": "database,mariadb", +      "template.openshift.io/long-description": "This template provides a standalone MariaDB server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json index e933eecf0..6ed744777 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MariaDB (Persistent)",        "description": "MariaDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mariadb", -      "tags": "database,mariadb" +      "tags": "database,mariadb", +      "template.openshift.io/long-description": "This template provides a standalone MariaDB server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json index c38d2680b..97a8abf6d 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "MongoDB (Ephemeral)",        "description": "MongoDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mongodb", -      "tags": "database,mongodb" +      "tags": "database,mongodb", +      "template.openshift.io/long-description": "This template provides a standalone MongoDB server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MONGODB_USER}\n       Password: ${MONGODB_PASSWORD}\n  Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json index e8853d8ff..0656219fb 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "MongoDB (Persistent)",        "description": "MongoDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mongodb", -      "tags": "database,mongodb" +      "tags": "database,mongodb", +      "template.openshift.io/long-description": "This template provides a standalone MongoDB server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mongodb.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MONGODB_USER}\n       Password: ${MONGODB_PASSWORD}\n  Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json index f7bcfe2ed..d60b4647d 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MySQL (Ephemeral)",        "description": "MySQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-mysql-database", -      "tags": "database,mysql" +      "tags": "database,mysql", +      "template.openshift.io/long-description": "This template provides a standalone MySQL server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json index 85c48da01..c2bfa40fd 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "MySQL (Persistent)",        "description": "MySQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-mysql-database", -      "tags": "database,mysql" +      "tags": "database,mysql", +      "template.openshift.io/long-description": "This template provides a standalone MySQL server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/mysql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${MYSQL_USER}\n       Password: ${MYSQL_PASSWORD}\n  Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.7/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json index 64d5e2b32..7a16e742a 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "PostgreSQL (Ephemeral)",        "description": "PostgreSQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-postgresql", -      "tags": "database,postgresql" +      "tags": "database,postgresql", +      "template.openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created.  The database is not stored on persistent storage, so any restart of the service will result in all data being lost.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${POSTGRESQL_USER}\n       Password: ${POSTGRESQL_PASSWORD}\n  Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json index 6c101f9d2..242212d6f 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "PostgreSQL (Persistent)",        "description": "PostgreSQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-postgresql", -      "tags": "database,postgresql" +      "tags": "database,postgresql", +      "template.openshift.io/long-description": "This template provides a standalone PostgreSQL server with a database created.  The database is stored on persistent storage.  The database name, username, and password are chosen via parameters when provisioning this service.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/db_images/postgresql.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Username: ${POSTGRESQL_USER}\n       Password: ${POSTGRESQL_PASSWORD}\n  Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: postgresql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json index b97e1fd29..82a09a3ec 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Redis (Ephemeral)",        "description": "Redis in-memory data structure store, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",        "iconClass": "icon-redis", -      "tags": "database,redis" +      "tags": "database,redis", +      "template.openshift.io/long-description": "This template provides a standalone Redis server.  The data is not stored on persistent storage, so any restart of the service will result in all data being lost.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.", diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json index dc167da41..1d5f59188 100644 --- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Redis (Persistent)",        "description": "Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-redis", -      "tags": "database,redis" +      "tags": "database,redis", +      "template.openshift.io/long-description": "This template provides a standalone Redis server.  The data is stored on persistent storage.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/3.2", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n       Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json index 0ba57864e..eb3d296be 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "CakePHP + MySQL (Persistent)",        "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.",        "tags": "quickstart,php,cakephp", -      "iconClass": "icon-php" +      "iconClass": "icon-php", +      "template.openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.", @@ -129,7 +133,10 @@                "secret": "${GITHUB_WEBHOOK_SECRET}"              }            } -        ] +        ], +        "postCommit": { +          "script": "./lib/Cake/Console/cake test app AllTests" +        }        }      },      { diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json index 9732e59e1..da2454d2e 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "CakePHP + MySQL (Ephemeral)",        "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,php,cakephp", -      "iconClass": "icon-php" +      "iconClass": "icon-php", +      "template.openshift.io/long-description": "This template defines resources needed to develop a CakePHP application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/cakephp-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.", @@ -129,7 +133,10 @@                "secret": "${GITHUB_WEBHOOK_SECRET}"              }            } -        ] +        ], +        "postCommit": { +          "script": "./lib/Cake/Console/cake test app AllTests" +        }        }      },      { diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json index 074561550..81ae63416 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Dancer + MySQL (Persistent)",        "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.",        "tags": "quickstart,perl,dancer", -      "iconClass": "icon-perl" +      "iconClass": "icon-perl", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/dancer-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json index 18100974b..7a285dba8 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Dancer + MySQL (Ephemeral)",        "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,perl,dancer", -      "iconClass": "icon-perl" +      "iconClass": "icon-perl", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Dancer based application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/dancer-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json index b39771bd8..9f982c286 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Django + PostgreSQL (Persistent)",        "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.",        "tags": "quickstart,python,django", -      "iconClass": "icon-python" +      "iconClass": "icon-python", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/django-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json index 64b914e61..7bee85ddd 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Django + PostgreSQL (Ephemeral)",        "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,python,django", -      "iconClass": "icon-python" +      "iconClass": "icon-python", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Django based application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/django-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json index 62ccc5b7f..b0aef3cfc 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Jenkins (Ephemeral)",        "description": "Jenkins service, without persistent storage.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "iconClass": "icon-jenkins", -      "tags": "instant-app,jenkins" +      "tags": "instant-app,jenkins", +      "template.openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.  The Jenkins configuration is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "A Jenkins service has been created in your project.  Log into Jenkins with your OpenShift account.  The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json index 50c4ad566..a542de219 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json @@ -8,7 +8,11 @@        "openshift.io/display-name": "Jenkins (Persistent)",        "description": "Jenkins service, with persistent storage.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.",        "iconClass": "icon-jenkins", -      "tags": "instant-app,jenkins" +      "tags": "instant-app,jenkins", +      "template.openshift.io/long-description": "This template deploys a Jenkins server capable of managing OpenShift Pipeline builds and supporting OpenShift-based oauth login.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://docs.openshift.org/latest/using_images/other_images/jenkins.html", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "A Jenkins service has been created in your project.  Log into Jenkins with your OpenShift account.  The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json index fecb84662..6ee999cb1 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Node.js + MongoDB (Persistent)",        "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.",        "tags": "quickstart,nodejs", -      "iconClass": "icon-nodejs" +      "iconClass": "icon-nodejs", +      "template.openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json index 6a55f0251..5c177a7e0 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Node.js + MongoDB (Ephemeral)",        "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,nodejs", -      "iconClass": "icon-nodejs" +      "iconClass": "icon-nodejs", +      "template.openshift.io/long-description": "This template defines resources needed to develop a NodeJS application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/nodejs-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.", diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json index 6c0a484b5..b400cfdb3 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Rails + PostgreSQL (Persistent)",        "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.",        "tags": "quickstart,ruby,rails", -      "iconClass": "icon-ruby" +      "iconClass": "icon-ruby", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/rails-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.", @@ -165,7 +169,7 @@              "imageChangeParams": {                "automatic": true,                "containerNames": [ -                "rails-pgsql-persistent" +                "${NAME}"                ],                "from": {                  "kind": "ImageStreamTag", @@ -191,7 +195,7 @@            "spec": {              "containers": [                { -                "name": "rails-pgsql-persistent", +                "name": "${NAME}",                  "image": " ",                  "ports": [                    { diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json index 043554c79..fa67412ff 100644 --- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json @@ -7,7 +7,11 @@        "openshift.io/display-name": "Rails + PostgreSQL (Ephemeral)",        "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.",        "tags": "quickstart,ruby,rails", -      "iconClass": "icon-ruby" +      "iconClass": "icon-ruby", +      "template.openshift.io/long-description": "This template defines resources needed to develop a Rails application, including a build configuration, application deployment configuration, and database deployment configuration.  The database is stored in non-persistent storage, so this configuration should be used for experimental purposes only.", +      "template.openshift.io/provider-display-name": "Red Hat, Inc.", +      "template.openshift.io/documentation-url": "https://github.com/openshift/rails-ex", +      "template.openshift.io/support-url": "https://access.redhat.com"      }    },    "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.", @@ -165,7 +169,7 @@              "imageChangeParams": {                "automatic": true,                "containerNames": [ -                "rails-postgresql-example" +                "${NAME}"                ],                "from": {                  "kind": "ImageStreamTag", @@ -191,7 +195,7 @@            "spec": {              "containers": [                { -                "name": "rails-postgresql-example", +                "name": "${NAME}",                  "image": " ",                  "ports": [                    { diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json index a7cb12867..049f3f884 100644 --- a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json @@ -367,6 +367,31 @@                      }                  ]              } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "redhat-openjdk18-openshift" +            }, +            "spec": { +                "dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift", +                "tags": [ +                    { +                        "name": "1.0", +                        "annotations": { +                            "openshift.io/display-name": "Red Hat OpenJDK 8", +                            "description": "Build and run Java applications using Maven and OpenJDK 8.", +                            "iconClass": "icon-jboss", +                            "tags": "builder,java,xpaas,openjdk", +                            "supports":"java:8,xpaas:1.0", +                            "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts", +                            "sampleContextDir": "undertow-servlet", +                            "version": "1.0" +                        } +                    } +                ] +            }          }      ]  } diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json new file mode 100644 index 000000000..143e16756 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json @@ -0,0 +1,267 @@ +{ +    "kind": "Template", +    "apiVersion": "v1", +    "metadata": { +        "annotations": { +            "iconClass": "icon-jboss", +            "description": "Application template for Java applications built using S2I.", +            "tags": "java,xpaas", +            "version": "1.0.0" +        }, +        "name": "openjdk18-web-basic-s2i" +    }, +    "labels": { +        "template": "openjdk18-web-basic-s2i", +        "xpaas": "1.0.0" +    }, +    "message": "A new java application has been created in your project.", +    "parameters": [ +        { +            "description": "The name for the application.", +            "displayName": "Application Name", +            "name": "APPLICATION_NAME", +            "value": "openjdk-app", +            "required": true +        }, +        { +            "description": "Custom hostname for http service route.  Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>", +            "displayName": "Custom http Route Hostname", +            "name": "HOSTNAME_HTTP", +            "value": "", +            "required": false +        }, +        { +            "description": "Git source URI for application", +            "displayName": "Git Repository URL", +            "name": "SOURCE_REPOSITORY_URL", +            "value": "https://github.com/jboss-openshift/openshift-quickstarts", +            "required": true +        }, +        { +            "description": "Git branch/tag reference", +            "displayName": "Git Reference", +            "name": "SOURCE_REPOSITORY_REF", +            "value": "master", +            "required": false +        }, +        { +            "description": "Path within Git project to build; empty for root project directory.", +            "displayName": "Context Directory", +            "name": "CONTEXT_DIR", +            "value": "undertow-servlet", +            "required": false +        }, +        { +            "description": "GitHub trigger secret", +            "displayName": "Github Webhook Secret", +            "name": "GITHUB_WEBHOOK_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression", +            "required": true +        }, +        { +            "description": "Generic build trigger secret", +            "displayName": "Generic Webhook Secret", +            "name": "GENERIC_WEBHOOK_SECRET", +            "from": "[a-zA-Z0-9]{8}", +            "generate": "expression", +            "required": true +        }, +        { +            "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", +            "displayName": "ImageStream Namespace", +            "name": "IMAGE_STREAM_NAMESPACE", +            "value": "openshift", +            "required": true +        } +    ], +    "objects": [ +        { +            "kind": "Service", +            "apiVersion": "v1", +            "spec": { +                "ports": [ +                    { +                        "port": 8080, +                        "targetPort": 8080 +                    } +                ], +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                } +            }, +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "The application's http port." +                } +            } +        }, +        { +            "kind": "Route", +            "apiVersion": "v1", +            "id": "${APPLICATION_NAME}-http", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                }, +                "annotations": { +                    "description": "Route for application's http service." +                } +            }, +            "spec": { +                "host": "${HOSTNAME_HTTP}", +                "to": { +                    "name": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "ImageStream", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            } +        }, +        { +            "kind": "BuildConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "source": { +                    "type": "Git", +                    "git": { +                        "uri": "${SOURCE_REPOSITORY_URL}", +                        "ref": "${SOURCE_REPOSITORY_REF}" +                    }, +                    "contextDir": "${CONTEXT_DIR}" +                }, +                "strategy": { +                    "type": "Source", +                    "sourceStrategy": { +                        "forcePull": true, +                        "from": { +                            "kind": "ImageStreamTag", +                            "namespace": "${IMAGE_STREAM_NAMESPACE}", +                            "name": "redhat-openjdk18-openshift:1.0" +                        } +                    } +                }, +                "output": { +                    "to": { +                        "kind": "ImageStreamTag", +                        "name": "${APPLICATION_NAME}:latest" +                    } +                }, +                "triggers": [ +                    { +                        "type": "GitHub", +                        "github": { +                            "secret": "${GITHUB_WEBHOOK_SECRET}" +                        } +                    }, +                    { +                        "type": "Generic", +                        "generic": { +                            "secret": "${GENERIC_WEBHOOK_SECRET}" +                        } +                    }, +                    { +                        "type": "ImageChange", +                        "imageChange": {} +                    }, +                    { +                        "type": "ConfigChange" +                    } +                ] +            } +        }, +        { +            "kind": "DeploymentConfig", +            "apiVersion": "v1", +            "metadata": { +                "name": "${APPLICATION_NAME}", +                "labels": { +                    "application": "${APPLICATION_NAME}" +                } +            }, +            "spec": { +                "strategy": { +                    "type": "Recreate" +                }, +                "triggers": [ +                    { +                        "type": "ImageChange", +                        "imageChangeParams": { +                            "automatic": true, +                            "containerNames": [ +                                "${APPLICATION_NAME}" +                            ], +                            "from": { +                                "kind": "ImageStreamTag", +                                "name": "${APPLICATION_NAME}:latest" +                            } +                        } +                    }, +                    { +                        "type": "ConfigChange" +                    } +                ], +                "replicas": 1, +                "selector": { +                    "deploymentConfig": "${APPLICATION_NAME}" +                }, +                "template": { +                    "metadata": { +                        "name": "${APPLICATION_NAME}", +                        "labels": { +                            "deploymentConfig": "${APPLICATION_NAME}", +                            "application": "${APPLICATION_NAME}" +                        } +                    }, +                    "spec": { +                        "terminationGracePeriodSeconds": 75, +                        "containers": [ +                            { +                                "name": "${APPLICATION_NAME}", +                                "image": "${APPLICATION_NAME}", +                                "imagePullPolicy": "Always", +                                "env": [ +                                ], +                                "ports": [ +                                    { +                                        "name": "jolokia", +                                        "containerPort": 8778, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "http", +                                        "containerPort": 8080, +                                        "protocol": "TCP" +                                    }, +                                    { +                                        "name": "https", +                                        "containerPort": 8443, +                                        "protocol": "TCP" +                                    } +                                ] +                            } +                        ] +                    } +                } +            } +        } +    ] +} diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md index c90a5bf20..14b80304d 100644 --- a/roles/openshift_logging/README.md +++ b/roles/openshift_logging/README.md @@ -46,6 +46,7 @@ When both `openshift_logging_install_logging` and `openshift_logging_upgrade_log  - `openshift_logging_kibana_proxy_memory_limit`: The amount of memory to allocate to Kibana proxy or unset if not specified.  - `openshift_logging_kibana_replica_count`: The number of replicas Kibana should be scaled up to. Defaults to 1.  - `openshift_logging_kibana_nodeselector`: A map of labels (e.g. {"node":"infra","region":"west"} to select the nodes where the pod will land. +- `openshift_logging_kibana_edge_term_policy`: Insecure Edge Termination Policy. Defaults to Redirect.  - `openshift_logging_fluentd_nodeselector`: The node selector that the Fluentd daemonset uses to determine where to deploy to. Defaults to '"logging-infra-fluentd": "true"'.  - `openshift_logging_fluentd_cpu_limit`: The CPU limit for Fluentd pods. Defaults to '100m'. diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml index 9b3c17da1..5440a3647 100644 --- a/roles/openshift_logging/defaults/main.yml +++ b/roles/openshift_logging/defaults/main.yml @@ -26,6 +26,7 @@ openshift_logging_kibana_proxy_debug: false  openshift_logging_kibana_proxy_cpu_limit: null  openshift_logging_kibana_proxy_memory_limit: null  openshift_logging_kibana_replica_count: 1 +openshift_logging_kibana_edge_term_policy: Redirect  #The absolute path on the control node to the cert file to use  #for the public facing kibana certs diff --git a/roles/openshift_logging/tasks/generate_routes.yaml b/roles/openshift_logging/tasks/generate_routes.yaml index 3c462378b..7af17a708 100644 --- a/roles/openshift_logging/tasks/generate_routes.yaml +++ b/roles/openshift_logging/tasks/generate_routes.yaml @@ -26,6 +26,7 @@      tls_cert: "{{kibana_cert | default('') | b64decode}}"      tls_ca_cert: "{{kibana_ca | b64decode}}"      tls_dest_ca_cert: "{{key_pairs | entry_from_named_pair('ca_file')| b64decode }}" +    edge_term_policy: "{{openshift_logging_kibana_edge_term_policy | default('') }}"      labels:        component: support        logging-infra: support diff --git a/roles/openshift_logging/tasks/upgrade_logging.yaml b/roles/openshift_logging/tasks/upgrade_logging.yaml index 83867d361..30fdbd2af 100644 --- a/roles/openshift_logging/tasks/upgrade_logging.yaml +++ b/roles/openshift_logging/tasks/upgrade_logging.yaml @@ -33,7 +33,7 @@      selector: "component=es"      namespace: "{{openshift_logging_namespace}}"    register: running_pod -  until: running_pod.results.results[0]['items'] | selectattr('status.phase', 'equalto', 'Running') | map(attribute='metadata.name') | list | length != 0 +  until: running_pod.results.results[0]['items'] | selectattr('status.phase', 'match', '^Running$') | map(attribute='metadata.name') | list | length != 0    retries: 30    delay: 10 diff --git a/roles/openshift_logging/templates/curator.j2 b/roles/openshift_logging/templates/curator.j2 index 55f4976ec..a0fefd882 100644 --- a/roles/openshift_logging/templates/curator.j2 +++ b/roles/openshift_logging/templates/curator.j2 @@ -87,7 +87,7 @@ spec:                mountPath: /etc/curator/keys                readOnly: true              - name: config -              mountPath: /usr/curator/settings +              mountPath: /etc/curator/settings                readOnly: true              - name: elasticsearch-storage                mountPath: /elasticsearch/persistent diff --git a/roles/openshift_logging/templates/route_reencrypt.j2 b/roles/openshift_logging/templates/route_reencrypt.j2 index 341ffdd84..cf8a9e65f 100644 --- a/roles/openshift_logging/templates/route_reencrypt.j2 +++ b/roles/openshift_logging/templates/route_reencrypt.j2 @@ -28,6 +28,9 @@ spec:        {{ line }}  {% endfor %}      termination: reencrypt +{% if edge_term_policy is defined and edge_term_policy | length > 0 %} +    insecureEdgeTerminationPolicy: {{ edge_term_policy }} +{% endif %}    to:      kind: Service      name: {{ service_name }} diff --git a/roles/openshift_logging/templates/secret.j2 b/roles/openshift_logging/templates/secret.j2 index d73bae9c4..eba4197da 100644 --- a/roles/openshift_logging/templates/secret.j2 +++ b/roles/openshift_logging/templates/secret.j2 @@ -1,9 +1,9 @@  apiVersion: v1  kind: Secret  metadata: -  name: {{secret_name}} +  name: "{{secret_name}}"  type: Opaque  data:  {% for s in secrets %} -  {{s.key}}: {{s.value | b64encode}} +  "{{s.key}}" : "{{s.value | b64encode}}"  {% endfor %} diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml index 96e296a3b..2f79931df 100644 --- a/roles/openshift_node_upgrade/tasks/main.yml +++ b/roles/openshift_node_upgrade/tasks/main.yml @@ -82,7 +82,7 @@      name: "{{ openshift.common.hostname | lower }}"    register: node_output    delegate_to: "{{ groups.oo_first_master.0 }}" -  until: node_output.results.results[0].status.conditions | selectattr('type', 'equalto', 'Ready') | map(attribute='status') | join | bool == True +  until: node_output.results.results[0].status.conditions | selectattr('type', 'match', '^Ready$') | map(attribute='status') | join | bool == True    # Give the node two minutes to come back online.    retries: 24    delay: 5 diff --git a/roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo b/roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo index 124bff09d..1af0bd023 100644 --- a/roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo +++ b/roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo @@ -5,6 +5,13 @@ enabled=1  gpgcheck=1  gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS +[centos-openshift-origin-common] +name=CentOS OpenShift Origin Common +baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/common/ +enabled=1 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS +  [centos-openshift-origin-testing]  name=CentOS OpenShift Origin Testing  baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/ diff --git a/roles/openshift_repos/meta/main.yml b/roles/openshift_repos/meta/main.yml index 0558b822c..cc18c453c 100644 --- a/roles/openshift_repos/meta/main.yml +++ b/roles/openshift_repos/meta/main.yml @@ -11,5 +11,4 @@ galaxy_info:      - 7    categories:    - cloud -dependencies: -- { role: openshift_facts } +dependencies: [] diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 23dcd0440..ffb760bfe 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -1,50 +1,47 @@  --- -# TODO: Add flag for enabling EPEL repo, default to false - -# TODO: Add subscription-management config, with parameters -#       for username, password, poolid(name), and official repos to -#       enable/disable. Might need to make a module that extends the -#       subscription management module to take a poolid and enable/disable the -#       proper repos correctly. +- name: openshift_repos detect ostree +  stat: +    path: /run/ostree-booted +  register: ostree_booted  - assert:      that: openshift_deployment_type in known_openshift_deployment_types -  when: not openshift.common.is_containerized | bool +    msg: "openshift_deployment_type must be one of {{ known_openshift_deployment_types }}" -- name: Ensure libselinux-python is installed -  package: name=libselinux-python state=present -  when: not openshift.common.is_containerized | bool +- block: +  - name: Ensure libselinux-python is installed +    package: name=libselinux-python state=present -- name: Create any additional repos that are defined -  template: -    src: yum_repo.j2 -    dest: /etc/yum.repos.d/openshift_additional.repo -  when: openshift_additional_repos | length > 0 and not openshift.common.is_containerized | bool -  notify: refresh cache +  - name: Create any additional repos that are defined +    template: +      src: yum_repo.j2 +      dest: /etc/yum.repos.d/openshift_additional.repo +    when: +    - openshift_additional_repos | length > 0 +    notify: refresh cache -- name: Remove the additional repos if no longer defined -  file: -    dest: /etc/yum.repos.d/openshift_additional.repo -    state: absent -  when: openshift_additional_repos | length == 0 and not openshift.common.is_containerized | bool -  notify: refresh cache +  - name: Remove the additional repos if no longer defined +    file: +      dest: /etc/yum.repos.d/openshift_additional.repo +      state: absent +    when: +    - openshift_additional_repos | length == 0 +    notify: refresh cache -- name: Configure origin gpg keys if needed -  copy: -    src: origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS -    dest: /etc/pki/rpm-gpg/ -  notify: refresh cache -  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora" -        and openshift_deployment_type == 'origin' -        and not openshift.common.is_containerized | bool -        and openshift_enable_origin_repo | default(true) | bool +  - name: Configure origin gpg keys if needed +    copy: +      src: "{{ item.src }}" +      dest: "{{ item.dest }}" +    with_items: +    - src: origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS +      dest: /etc/pki/rpm-gpg/ +    - src: origin/repos/openshift-ansible-centos-paas-sig.repo +      dest: /etc/yum.repos.d/ +    notify: refresh cache +    when: +    - ansible_os_family == "RedHat" +    - ansible_distribution != "Fedora" +    - openshift_deployment_type == 'origin' +    - openshift_enable_origin_repo | default(true) | bool -- name: Configure origin yum repositories RHEL/CentOS -  copy: -    src: origin/repos/openshift-ansible-centos-paas-sig.repo -    dest: /etc/yum.repos.d/ -  notify: refresh cache -  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora" -        and openshift_deployment_type == 'origin' -        and not openshift.common.is_containerized | bool -        and openshift_enable_origin_repo | default(true) | bool +  when: not ostree_booted.stat.exists | 
