diff --git a/ansible/build-and-push.yml b/ansible/build-and-push.yml deleted file mode 100644 index aae813d8..00000000 --- a/ansible/build-and-push.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Build and Deploy the AWX Operator - hosts: localhost - - collections: - - community.docker - - tasks: - - name: Build and (optionally) push operator image - docker_image: - name: "{{ operator_image }}:{{ operator_version }}" - source: "build" - push: "{{ push_image }}" - build: - dockerfile: "build/Dockerfile" - path: "../" - force_source: "yes" diff --git a/ansible/chain-operator-files.yml b/ansible/chain-operator-files.yml deleted file mode 100644 index 23cfc05a..00000000 --- a/ansible/chain-operator-files.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# To run: `ansible-playbook chain-operator-files.yml` -- name: Chain operator files together for easy deployment. - hosts: localhost - connection: local - gather_facts: false - - tasks: - - name: Template AWX CRD - template: - src: crd.yml.j2 - dest: "{{ playbook_dir }}/../deploy/crds/awx_v1beta1_crd.yaml" - mode: '0644' - - - name: Template AWXBackup CRD - template: - src: awxbackup_crd.yml.j2 - dest: "{{ playbook_dir }}/../deploy/crds/awxbackup_v1beta1_crd.yaml" - mode: '0644' - - - name: Template AWXRestore CRD - template: - src: awxrestore_crd.yml.j2 - dest: "{{ playbook_dir }}/../deploy/crds/awxrestore_v1beta1_crd.yaml" - mode: '0644' - - - name: Template awx-operator.yaml - template: - src: awx-operator.yaml.j2 - dest: ../deploy/awx-operator.yaml - mode: '0644' diff --git a/ansible/deploy-operator.yml b/ansible/deploy-operator.yml deleted file mode 100644 index 6839af12..00000000 --- a/ansible/deploy-operator.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -- name: Reconstruct awx-operator.yaml - import_playbook: chain-operator-files.yml - -- name: Deploy Operator - hosts: localhost - vars: - k8s_namespace: "{{ namespace | default('default') }}" - obliterate: no - - collections: - - kubernetes.core - - tasks: - - name: Obliterate Operator - k8s: - state: absent - namespace: "{{ k8s_namespace }}" - src: "../deploy/awx-operator.yaml" - wait: yes - when: obliterate | bool - - - name: Deploy Operator - k8s: - state: present - namespace: "{{ k8s_namespace }}" - apply: yes - wait: yes - src: "../deploy/awx-operator.yaml" diff --git a/ansible/group_vars/all b/ansible/group_vars/all deleted file mode 100644 index 8782f9fe..00000000 --- a/ansible/group_vars/all +++ /dev/null @@ -1,4 +0,0 @@ -operator_image: quay.io/ansible/awx-operator -operator_version: 0.13.0 -pull_policy: Always -ansible_debug_logs: "false" diff --git a/ansible/templates/awx-operator.yaml.j2 b/ansible/templates/awx-operator.yaml.j2 deleted file mode 100644 index 21a74d67..00000000 --- a/ansible/templates/awx-operator.yaml.j2 +++ /dev/null @@ -1,16 +0,0 @@ -#jinja2: trim_blocks:False -# This file is generated by Ansible. Changes will be lost. -# Update templates under ansible/templates/ -{% include 'crd.yml.j2' %} - -{% include 'awxbackup_crd.yml.j2' %} - -{% include 'awxrestore_crd.yml.j2' %} - -{% include 'role.yml.j2' %} - -{% include 'role_binding.yml.j2' %} - -{% include 'service_account.yml.j2' %} - -{% include 'operator.yml.j2' %} diff --git a/ansible/templates/awxbackup_crd.yml.j2 b/ansible/templates/awxbackup_crd.yml.j2 deleted file mode 100644 index cbf9ae37..00000000 --- a/ansible/templates/awxbackup_crd.yml.j2 +++ /dev/null @@ -1,78 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: awxbackups.awx.ansible.com -spec: - group: awx.ansible.com - names: - kind: AWXBackup - listKind: AWXBackupList - plural: awxbackups - singular: awxbackup - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - description: Schema validation for the AWXBackup CRD - properties: - spec: - type: object - required: - - deployment_name - properties: - deployment_name: - description: Name of the deployment to be backed up - type: string - backup_pvc: - description: Name of the PVC to be used for storing the backup - type: string - backup_pvc_namespace: - description: Namespace the PVC is in - type: string - backup_storage_requirements: - description: Storage requirements for the PostgreSQL container - type: string - backup_storage_class: - description: Storage class to use when creating PVC for backup - type: string - postgres_label_selector: - description: Label selector used to identify postgres pod for backing up data - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - status: - type: object - properties: - conditions: - description: The resulting conditions when a Service Telemetry is - instantiated - items: - properties: - lastTransitionTime: - type: string - reason: - type: string - status: - type: string - type: - type: string - type: object - type: array - backupDirectory: - description: Backup directory name on the specified pvc - type: string - backupClaim: - description: Backup persistent volume claim - type: string diff --git a/ansible/templates/awxrestore_crd.yml.j2 b/ansible/templates/awxrestore_crd.yml.j2 deleted file mode 100644 index a8f88759..00000000 --- a/ansible/templates/awxrestore_crd.yml.j2 +++ /dev/null @@ -1,79 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: awxrestores.awx.ansible.com -spec: - group: awx.ansible.com - names: - kind: AWXRestore - listKind: AWXRestoreList - plural: awxrestores - singular: awxrestore - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - description: Schema validation for the AWXRestore CRD - properties: - spec: - type: object - properties: - backup_source: - description: Backup source - type: string - enum: - - CR - - PVC - deployment_name: - description: Name of the deployment to be restored to - type: string - backup_name: - description: AWXBackup object name - type: string - backup_pvc: - description: Name of the PVC to be restored from, set as a status found on the awxbackup object (backupClaim) - type: string - backup_pvc_namespace: - description: Namespace the PVC is in - type: string - backup_dir: - description: Backup directory name, set as a status found on the awxbackup object (backupDirectory) - type: string - postgres_label_selector: - description: Label selector used to identify postgres pod for backing up data - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - status: - type: object - properties: - conditions: - description: The resulting conditions when a Service Telemetry is - instantiated - items: - properties: - lastTransitionTime: - type: string - reason: - type: string - status: - type: string - type: - type: string - type: object - type: array - restoreComplete: - description: Restore process complete - type: boolean diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 deleted file mode 100644 index 69d0b649..00000000 --- a/ansible/templates/crd.yml.j2 +++ /dev/null @@ -1,448 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: awxs.awx.ansible.com -spec: - group: awx.ansible.com - names: - kind: AWX - listKind: AWXList - plural: awxs - singular: awx - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Schema validation for the AWX CRD - properties: - spec: - properties: - deployment_type: - description: Name of the deployment type - type: string - kind: - description: Kind of the deployment type - type: string - api_version: - description: apiVersion of the deployment type - type: string - task_privileged: - description: If a privileged security context should be enabled - type: boolean - default: false - admin_user: - description: Username to use for the admin account - type: string - default: admin - hostname: - description: The hostname of the instance - type: string - admin_email: - description: The admin user email - type: string - admin_password_secret: - description: Secret where the admin password can be found - type: string - postgres_configuration_secret: - description: Secret where the database configuration can be found - type: string - old_postgres_configuration_secret: - description: Secret where the old database configuration can be found for data migration - type: string - postgres_label_selector: - description: Label selector used to identify postgres pod for data migration - type: string - secret_key_secret: - description: Secret where the secret key can be found - type: string - broadcast_websocket_secret: - description: Secret where the broadcast websocket secret can be found - type: string - extra_volumes: - description: Specify extra volumes to add to the application pod - type: string - service_type: - description: The service type to be used on the deployed instance - type: string - enum: - - LoadBalancer - - loadbalancer - - ClusterIP - - clusterip - - NodePort - - nodeport - ingress_type: - description: The ingress type to use to reach the deployed instance - type: string - enum: - - none - - Ingress - - ingress - - Route - - route - ingress_path: - description: The ingress path used to reach the deployed service - type: string - ingress_annotations: - description: Annotations to add to the Ingress Controller - type: string - ingress_tls_secret: - description: Secret where the Ingress TLS secret can be found - type: string - loadbalancer_annotations: - description: Annotations to add to the loadbalancer - type: string - loadbalancer_protocol: - description: Protocol to use for the loadbalancer - type: string - default: http - enum: - - http - - https - loadbalancer_port: - description: Port to use for the loadbalancer - type: integer - default: 80 - nodeport_port: - description: Port to use for the nodeport - type: integer - default: 30080 - route_host: - description: The DNS to use to points to the instance - type: string - route_tls_termination_mechanism: - description: The secure TLS termination mechanism to use - type: string - default: Edge - enum: - - Edge - - edge - - Passthrough - - passthrough - route_tls_secret: - description: Secret where the TLS related credentials are stored - type: string - node_selector: - description: nodeSelector for the pods - type: string - service_labels: - description: Additional labels to apply to the service - type: string - tolerations: - description: node tolerations for the pods - type: string - image: - description: Registry path to the application container to use - type: string - image_version: - description: Application container image version to use - type: string - ee_images: - description: Registry path to the Execution Environment container to use - type: array - items: - type: object - properties: - name: - type: string - image: - type: string - control_plane_ee_image: - description: Registry path to the Execution Environment container image to use on control plane pods - type: string - ee_pull_credentials_secret: - description: Secret where pull credentials for registered ees can be found - type: string - image_pull_policy: - description: The image pull policy - type: string - default: IfNotPresent - enum: - - Always - - always - - Never - - never - - IfNotPresent - - ifnotpresent - image_pull_secret: - description: The image pull secret - type: string - task_resource_requirements: - description: Resource requirements for the task container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - type: object - web_resource_requirements: - description: Resource requirements for the web container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - type: object - ee_resource_requirements: - description: Resource requirements for the ee container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - type: object - service_account_annotations: - description: ServiceAccount annotations - type: string - replicas: - description: Number of instance replicas - type: integer - default: 1 - format: int32 - garbage_collect_secrets: - description: Whether or not to remove secrets upon instance removal - default: false - type: boolean - create_preload_data: - description: Whether or not to preload data upon instance creation - default: true - type: boolean - task_args: - type: array - items: - type: string - task_command: - type: array - items: - type: string - web_args: - type: array - items: - type: string - web_command: - type: array - items: - type: string - task_extra_env: - type: string - web_extra_env: - type: string - ee_extra_env: - type: string - ee_extra_volume_mounts: - description: Specify volume mounts to be added to Execution container - type: string - task_extra_volume_mounts: - description: Specify volume mounts to be added to Task container - type: string - web_extra_volume_mounts: - description: Specify volume mounts to be added to the Web container - type: string - redis_image: - description: Registry path to the redis container to use - type: string - redis_image_version: - description: Redis container image version to use - type: string - init_container_image: - description: Registry path to the init container to use - type: string - init_container_image_version: - description: Init container image version to use - type: string - init_container_extra_commands: - description: Extra commands for the init container - type: string - init_container_extra_volume_mounts: - description: Specify volume mounts to be added to the init container - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - postgres_selector: - description: nodeSelector for the Postgres pods - type: string - postgres_tolerations: - description: node tolerations for the Postgres pods - type: string - postgres_storage_requirements: - description: Storage requirements for the PostgreSQL container - properties: - requests: - properties: - storage: - type: string - type: object - limits: - properties: - storage: - type: string - type: object - type: object - postgres_resource_requirements: - description: Resource requirements for the PostgreSQL container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - type: object - type: object - postgres_storage_class: - description: Storage class to use for the PostgreSQL PVC - type: string - postgres_data_path: - description: Path where the PostgreSQL data are located - type: string - ca_trust_bundle: - description: Path where the trusted CA bundle is available - type: string - development_mode: - description: If the deployment should be done in development mode - type: boolean - ldap_cacert_secret: - description: Secret where can be found the LDAP trusted Certificate Authority Bundle - type: string - bundle_cacert_secret: - description: Secret where can be found the trusted Certificate Authority Bundle - type: string - projects_persistence: - description: Whether or not the /var/lib/projects directory will be persistent - default: false - type: boolean - projects_use_existing_claim: - description: Using existing PersistentVolumeClaim - type: string - enum: - - _Yes_ - - _No_ - projects_existing_claim: - description: PersistentVolumeClaim to mount /var/lib/projects directory - type: string - projects_storage_class: - description: Storage class for the /var/lib/projects PersistentVolumeClaim - type: string - projects_storage_size: - description: Size for the /var/lib/projects PersistentVolumeClaim - default: 8Gi - type: string - projects_storage_access_mode: - description: AccessMode for the /var/lib/projects PersistentVolumeClaim - default: ReadWriteMany - type: string - extra_settings: - description: Extra settings to specify for the API - items: - properties: - setting: - type: string - value: - x-kubernetes-preserve-unknown-fields: true - type: object - type: array - type: object - status: - properties: - URL: - description: URL to access the deployed instance - type: string - adminUser: - description: Admin user of the deployed instance - type: string - adminPasswordSecret: - description: Admin password secret name of the deployed instance - type: string - postgresConfigurationSecret: - description: Postgres Configuration secret name of the deployed instance - type: string - broadcastWebsocketSecret: - description: Broadcast websocket secret name of the deployed instance - type: string - secretKeySecret: - description: Secret key secret name of the deployed instance - type: string - migratedFromSecret: - description: The secret used for migrating an old instance. - type: string - version: - description: Version of the deployed instance - type: string - image: - description: URL of the image used for the deployed instance - type: string - conditions: - description: The resulting conditions when a Service Telemetry is instantiated - items: - properties: - status: - type: string - type: - type: string - reason: - type: string - lastTransitionTime: - type: string - type: object - type: array - type: object - type: object diff --git a/ansible/templates/operator.yml.j2 b/ansible/templates/operator.yml.j2 deleted file mode 100644 index 680042a3..00000000 --- a/ansible/templates/operator.yml.j2 +++ /dev/null @@ -1,50 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: awx-operator -spec: - replicas: 1 - selector: - matchLabels: - name: awx-operator - template: - metadata: - labels: - name: awx-operator - spec: - serviceAccountName: awx-operator - containers: - - name: awx-operator - image: "{{ operator_image }}:{{ operator_version }}" - imagePullPolicy: "{{ pull_policy|default('Always') }}" - volumeMounts: - - mountPath: /tmp/ansible-operator/runner - name: runner - env: - # Watch one namespace (namespace-scoped). - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: awx-operator - - name: ANSIBLE_GATHERING - value: explicit - - name: OPERATOR_VERSION - value: "{{ operator_version }}" - - name: ANSIBLE_DEBUG_LOGS - value: "{{ ansible_debug_logs|lower | default('false'|lower) }}" - livenessProbe: - httpGet: - path: /healthz - port: 6789 - initialDelaySeconds: 15 - periodSeconds: 20 - volumes: - - name: runner - emptyDir: {} diff --git a/ansible/templates/role.yml.j2 b/ansible/templates/role.yml.j2 deleted file mode 100644 index adf9828f..00000000 --- a/ansible/templates/role.yml.j2 +++ /dev/null @@ -1,106 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: awx-operator -rules: - - apiGroups: - - route.openshift.io - resources: - - routes - - routes/custom-host - verbs: - - get - - list - - create - - delete - - patch - - update - - watch - - apiGroups: - - "" - - "rbac.authorization.k8s.io" - resources: - - pods - - services - - services/finalizers - - serviceaccounts - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - - roles - - rolebindings - verbs: - - get - - list - - create - - delete - - patch - - update - - watch - - apiGroups: - - apps - - networking.k8s.io - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - - ingresses - verbs: - - get - - list - - create - - delete - - patch - - update - - watch - - apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create - - apiGroups: - - apps - resourceNames: - - awx-operator - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - apps - resources: - - deployments/scale - - statefulsets/scale - verbs: - - patch - - apiGroups: - - "" - resources: - - pods/exec - - pods/attach - - pods/log # log & attach rules needed to be able to grant them to AWX service account - verbs: - - create - - get - - apiGroups: - - apps - resources: - - replicasets - verbs: - - get - - create - - apiGroups: - - awx.ansible.com - resources: - - '*' - - awxbackups - - awxrestores - verbs: - - '*' diff --git a/ansible/templates/role_binding.yml.j2 b/ansible/templates/role_binding.yml.j2 deleted file mode 100644 index e4e4ab9d..00000000 --- a/ansible/templates/role_binding.yml.j2 +++ /dev/null @@ -1,12 +0,0 @@ ---- -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: awx-operator -subjects: - - kind: ServiceAccount - name: awx-operator -roleRef: - kind: Role - name: awx-operator - apiGroup: rbac.authorization.k8s.io diff --git a/ansible/templates/service_account.yml.j2 b/ansible/templates/service_account.yml.j2 deleted file mode 100644 index c4d60043..00000000 --- a/ansible/templates/service_account.yml.j2 +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: awx-operator