diff --git a/ansible/instantiate-awx-deployment.yml b/ansible/instantiate-awx-deployment.yml index 8c219a60..3c7b761c 100644 --- a/ansible/instantiate-awx-deployment.yml +++ b/ansible/instantiate-awx-deployment.yml @@ -24,3 +24,6 @@ tower_image: "{{ tower_image | default(omit) }}" development_mode: "{{ development_mode | default(omit) | bool }}" tower_image_pull_policy: "{{ tower_image_pull_policy | default(omit) }}" + # tower_ee_images: + # - name: test-ee + # image: quay.io//awx-ee diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 index 744164a6..77dc23c6 100644 --- a/ansible/templates/crd.yml.j2 +++ b/ansible/templates/crd.yml.j2 @@ -113,9 +113,16 @@ spec: tower_image: description: Registry path to the application container to use type: string - tower_ee_image: + tower_ee_images: description: Registry path to the Execution Environment container to use - type: string + type: array + items: + type: object + properties: + name: + type: string + image: + type: string tower_image_pull_policy: description: The image pull policy type: string diff --git a/deploy/awx-operator.yaml b/deploy/awx-operator.yaml index 0ddba7d9..3ef26181 100644 --- a/deploy/awx-operator.yaml +++ b/deploy/awx-operator.yaml @@ -264,9 +264,16 @@ spec: tower_image: description: Registry path to the application container to use type: string - tower_ee_image: + tower_ee_images: description: Registry path to the Execution Environment container to use - type: string + type: array + items: + type: object + properties: + name: + type: string + image: + type: string tower_image_pull_policy: description: The image pull policy type: string diff --git a/deploy/crds/awx_v1beta1_crd.yaml b/deploy/crds/awx_v1beta1_crd.yaml index 744164a6..77dc23c6 100644 --- a/deploy/crds/awx_v1beta1_crd.yaml +++ b/deploy/crds/awx_v1beta1_crd.yaml @@ -113,9 +113,16 @@ spec: tower_image: description: Registry path to the application container to use type: string - tower_ee_image: + tower_ee_images: description: Registry path to the Execution Environment container to use - type: string + type: array + items: + type: object + properties: + name: + type: string + image: + type: string tower_image_pull_policy: description: The image pull policy type: string diff --git a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml index b5eb091d..05b46ee7 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml @@ -4,28 +4,6 @@ metadata: annotations: alm-examples: |- [ - { - "apiVersion": "awx.ansible.com/v1beta1", - "kind": "AWX", - "metadata": { - "name": "example-awx", - "namespace": "example-awx" - }, - "spec": { - "tower_admin_email": "test@example.com", - "tower_admin_user": "test", - "tower_broadcast_websocket_secret": "changeme", - "tower_create_preload_data": true, - "tower_hostname": "example-awx.test", - "tower_image": "quay.io/ansible/awx:18.0.0", - "tower_ingress_type": "none", - "tower_ee_image": "quay.io/ansible/awx-ee:0.1.1", - "tower_memcached_image": "memcached:alpine", - "tower_postgres_storage_class": "", - "tower_redis_image": "redis:latest", - "tower_task_privileged": false - } - }, { "apiVersion": "awx.ansible.com/v1beta1", "kind": "AWX", @@ -36,8 +14,8 @@ metadata: "spec": { "deployment_type": "awx", "tower_admin_email": "test@example.com", - "tower_broadcast_websocket_secret": "changeme", "tower_create_preload_data": true, + "tower_ee_image": "quay.io/ansible/awx-ee:0.1.1", "tower_image": "quay.io/ansible/awx:18.0.0", "tower_ingress_type": "ingress", "tower_memcached_image": "memcached:alpine", @@ -71,8 +49,8 @@ spec: customresourcedefinitions: owned: - description: A AWX Instance - kind: AWX displayName: AWX + kind: AWX name: awxs.awx.ansible.com specDescriptors: - displayName: Hostname @@ -407,6 +385,12 @@ spec: - deployments/finalizers verbs: - update + - apiGroups: + - apps + resources: + - deployments/scale + verbs: + - patch - apiGroups: - "" resources: diff --git a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml index 6a1a77d0..8735c97c 100644 --- a/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml +++ b/deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml @@ -22,15 +22,16 @@ spec: ca_trust_bundle: description: Path where the trusted CA bundle is available type: string - ldap_cacert_secret: - description: Secret where can be found the LDAP trusted Certificate Authority Bundle - type: string deployment_type: description: Name of the deployment type type: string development_mode: description: If the deployment should be done in development mode type: boolean + ldap_cacert_secret: + description: Secret where can be found the LDAP trusted Certificate + Authority Bundle + type: string tower_admin_email: description: The admin user email type: string @@ -38,9 +39,9 @@ spec: description: Secret where the admin password can be found type: string tower_admin_user: + default: admin description: Username to use for the admin account type: string - default: admin tower_broadcast_websocket_secret: description: Secret where the broadcast websocket secret can be found type: string @@ -48,6 +49,17 @@ spec: default: true description: Whether or not to preload data upon Tower instance creation type: boolean + tower_ee_images: + description: Registry path to the Execution Environment container + to use + items: + properties: + image: + type: string + name: + type: string + type: object + type: array tower_extra_volumes: description: Specify extra volumes to add to the application pod type: string @@ -92,26 +104,27 @@ spec: tower_loadbalancer_annotations: description: Annotations to add to the loadbalancer type: string - tower_loadbalancer_protocol: - description: Protocol to use for the loadbalancer - type: string - default: http - enum: - - http - - https tower_loadbalancer_port: - description: Port to use for the loadbalancer - type: number default: 80 + description: Port to use for the loadbalancer + type: integer + tower_loadbalancer_protocol: + default: http + description: Protocol to use for the loadbalancer + enum: + - http + - https + type: string tower_node_selector: description: nodeSelector for the AWX pods type: string + tower_old_postgres_configuration_secret: + description: Secret where the old database configuration can be found + for data migration + type: string tower_postgres_configuration_secret: description: Secret where the database configuration can be found type: string - tower_old_postgres_configuration_secret: - description: Secret where the old database configuration can be found for data migration - type: string tower_postgres_data_path: description: Path where the PostgreSQL data are located type: string @@ -143,9 +156,6 @@ spec: tower_postgres_storage_class: description: Storage class to use for the PostgreSQL PVC type: string - tower_ee_image: - description: Registry path to the Execution Environment container to use - type: string tower_redis_image: description: Registry path to the redis container to use type: string @@ -185,9 +195,9 @@ spec: tower_task_extra_volume_mounts: type: string tower_task_privileged: + default: false description: If a privileged security context should be enabled type: boolean - default: false tower_task_resource_requirements: description: Resource requirements for the task container properties: @@ -274,6 +284,9 @@ spec: towerImage: description: URL of the image used for the deployed instance type: string + towerMigratedFromSecret: + description: The secret used for migrating an old Tower. + type: string towerURL: description: URL to access the deployed instance type: string diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index f9318718..2ff7d3a1 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -84,7 +84,10 @@ tower_extra_volumes: '' tower_image: quay.io/ansible/awx:18.0.0 tower_image_pull_policy: IfNotPresent tower_image_pull_secret: '' -tower_ee_image: quay.io/ansible/awx-ee:0.1.1 + +tower_ee_images: + - name: AWX EE 0.1.1 + image: quay.io/ansible/awx-ee:0.1.1 tower_create_preload_data: true diff --git a/roles/installer/templates/execution_environments.py.j2 b/roles/installer/templates/execution_environments.py.j2 new file mode 100644 index 00000000..31b17e42 --- /dev/null +++ b/roles/installer/templates/execution_environments.py.j2 @@ -0,0 +1,5 @@ +DEFAULT_EXECUTION_ENVIRONMENTS = [ +{% for item in tower_ee_images %} + {'name': '{{ item.name }}' , 'image': '{{ item.image }}'} +{% endfor %} +] diff --git a/roles/installer/templates/tower_app_credentials.yaml.j2 b/roles/installer/templates/tower_app_credentials.yaml.j2 index 4ce00637..5993b355 100644 --- a/roles/installer/templates/tower_app_credentials.yaml.j2 +++ b/roles/installer/templates/tower_app_credentials.yaml.j2 @@ -11,5 +11,6 @@ metadata: app.kubernetes.io/managed-by: awx-operator app.kubernetes.io/component: awx data: - credentials_py: "{{ lookup('template', 'credentials.py.j2') | b64encode }}" - ldap_py: "{{ lookup('template', 'ldap.py.j2') | b64encode }}" + credentials.py: "{{ lookup('template', 'credentials.py.j2') | b64encode }}" + ldap.py: "{{ lookup('template', 'ldap.py.j2') | b64encode }}" + execution_environments.py: "{{ lookup('template', 'execution_environments.py.j2') | b64encode }}" diff --git a/roles/installer/templates/tower_deployment.yaml.j2 b/roles/installer/templates/tower_deployment.yaml.j2 index ff1aca36..580bd396 100644 --- a/roles/installer/templates/tower_deployment.yaml.j2 +++ b/roles/installer/templates/tower_deployment.yaml.j2 @@ -183,7 +183,7 @@ spec: {{ tower_task_extra_env | indent(width=12, indentfirst=True) }} {% endif %} resources: {{ tower_task_resource_requirements }} - - image: '{{ tower_ee_image }}' + - image: '{{ tower_ee_images[0].image }}' name: '{{ meta.name }}-ee' imagePullPolicy: '{{ tower_image_pull_policy }}' args: ['receptor', '--config', '/etc/receptor.conf'] @@ -234,10 +234,12 @@ spec: secret: secretName: "{{ meta.name }}-app-credentials" items: - - key: credentials_py + - key: credentials.py path: 'credentials.py' - - key: ldap_py + - key: ldap.py path: 'ldap.py' + - key: execution_environments.py + path: 'execution_environments.py' - name: "{{ secret_key_secret_name }}" secret: secretName: '{{ secret_key_secret_name }}'