internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-05-08 14:22:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Issue #24: Update Molecule test suite to 3.0 and fix YAML lint issues.

Browse Source
This commit is contained in:
Jeff Geerling
2020-02-20 12:44:12 -06:00
parent 34a45c0eee
commit 27b8ba968e
27 changed files with 522 additions and 522 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.ansible-lint Normal file
View File

@@ -0,0 +1,7 @@
skip_list:
- '306'
- '602'
- '503'
exclude_paths:
- deploy/

2
.github/FUNDING.yml vendored
View File

@@ -1,4 +1,4 @@
# These are supported funding model platforms # These are supported funding model platforms
---
github: geerlingguy github: geerlingguy
patreon: geerlingguy patreon: geerlingguy

2
.travis.yml
View File

@@ -3,7 +3,7 @@ services: docker
language: python language: python
install: install:
- pip3 install docker molecule openshift jmespath - pip3 install docker molecule yamllint ansible-lint openshift jmespath
script: script:
- molecule test -s test-local - molecule test -s test-local

7
.yamllint Normal file
View File

@@ -0,0 +1,7 @@
---
extends: default
rules:
truthy: disable
line-length:
max: 160
level: warning

2
README.md
View File

@@ -121,7 +121,7 @@ Each of these must be appropriately built in preparation for a new tag:
Run the following command inside this directory: Run the following command inside this directory:
operator-sdk build geerlingguy/tower-operator:0.2.1 operator-sdk build geerlingguy/tower-operator:0.2.3
Then push the generated image to Docker Hub: Then push the generated image to Docker Hub:

2
build/chain-operator-files.yml
View File

@@ -22,7 +22,7 @@
blockinfile: blockinfile:
path: "{{ operator_file_path }}" path: "{{ operator_file_path }}"
block: "{{ item }}" block: "{{ item }}"
marker: "---" marker: ""
marker_begin: "" marker_begin: ""
marker_end: "" marker_end: ""
insertafter: "EOF" insertafter: "EOF"

1
deploy/crds/tower_v1alpha1_tower_cr_awx.yaml
View File

@@ -1,3 +1,4 @@
---
apiVersion: tower.ansible.com/v1alpha1 apiVersion: tower.ansible.com/v1alpha1
kind: Tower kind: Tower
metadata: metadata:

1
deploy/crds/tower_v1alpha1_tower_cr_tower.yaml
View File

@@ -1,3 +1,4 @@
---
apiVersion: tower.ansible.com/v1alpha1 apiVersion: tower.ansible.com/v1alpha1
kind: Tower kind: Tower
metadata: metadata:

7
deploy/crds/tower_v1alpha1_tower_crd.yaml
View File

@@ -1,3 +1,4 @@
---
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
@@ -14,6 +15,6 @@ spec:
status: {} status: {}
version: v1alpha1 version: v1alpha1
versions: versions:
- name: v1alpha1 - name: v1alpha1
served: true served: true
storage: true storage: true

19
deploy/operator.yaml
View File

@@ -1,3 +1,4 @@
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
@@ -16,21 +17,21 @@ spec:
containers: containers:
- name: ansible - name: ansible
command: command:
- /usr/local/bin/ao-logs - /usr/local/bin/ao-logs
- /tmp/ansible-operator/runner - /tmp/ansible-operator/runner
- stdout - stdout
image: "{{ operator_image }}" image: "{{ operator_image }}"
imagePullPolicy: "{{ pull_policy|default('Always') }}" imagePullPolicy: "{{ pull_policy|default('Always') }}"
volumeMounts: volumeMounts:
- mountPath: /tmp/ansible-operator/runner - mountPath: /tmp/ansible-operator/runner
name: runner name: runner
readOnly: true readOnly: true
- name: operator - name: operator
image: "{{ operator_image }}" image: "{{ operator_image }}"
imagePullPolicy: "{{ pull_policy|default('Always') }}" imagePullPolicy: "{{ pull_policy|default('Always') }}"
volumeMounts: volumeMounts:
- mountPath: /tmp/ansible-operator/runner - mountPath: /tmp/ansible-operator/runner
name: runner name: runner
env: env:
# Watch all namespaces (cluster-scoped). # Watch all namespaces (cluster-scoped).
- name: WATCH_NAMESPACE - name: WATCH_NAMESPACE
@@ -41,8 +42,6 @@ spec:
fieldPath: metadata.name fieldPath: metadata.name
- name: OPERATOR_NAME - name: OPERATOR_NAME
value: tower-operator value: tower-operator
# - name: ANSIBLE_VERBOSITY
# value: '3'
volumes: volumes:
- name: runner - name: runner
emptyDir: {} emptyDir: {}

117
deploy/role.yaml
View File

@@ -1,64 +1,65 @@
---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
creationTimestamp: null creationTimestamp: null
name: tower-operator name: tower-operator
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- services - services
- services/finalizers - services/finalizers
- endpoints - endpoints
- persistentvolumeclaims - persistentvolumeclaims
- events - events
- configmaps - configmaps
- secrets - secrets
verbs: verbs:
- '*' - '*'
- apiGroups: - apiGroups:
- apps - apps
- extensions - extensions
resources: resources:
- deployments - deployments
- daemonsets - daemonsets
- replicasets - replicasets
- statefulsets - statefulsets
- ingresses - ingresses
verbs: verbs:
- '*' - '*'
- apiGroups: - apiGroups:
- monitoring.coreos.com - monitoring.coreos.com
resources: resources:
- servicemonitors - servicemonitors
verbs: verbs:
- get - get
- create - create
- apiGroups: - apiGroups:
- apps - apps
resourceNames: resourceNames:
- tower-operator - tower-operator
resources: resources:
- deployments/finalizers - deployments/finalizers
verbs: verbs:
- update - update
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods/exec - pods/exec
verbs: verbs:
- create - create
- get - get
- apiGroups: - apiGroups:
- apps - apps
resources: resources:
- replicasets - replicasets
verbs: verbs:
- get - get
- apiGroups: - apiGroups:
- tower.ansible.com - tower.ansible.com
resources: resources:
- '*' - '*'
verbs: verbs:
- '*' - '*'

7
deploy/role_binding.yaml
View File

@@ -1,11 +1,12 @@
---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: tower-operator name: tower-operator
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: tower-operator name: tower-operator
namespace: default namespace: default
roleRef: roleRef:
kind: ClusterRole kind: ClusterRole
name: tower-operator name: tower-operator

1
deploy/service_account.yaml
View File

@@ -1,3 +1,4 @@
---
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:

183
deploy/tower-operator.yaml
View File

@@ -1,107 +1,90 @@
--- ---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: towers.tower.ansible.com
spec:
group: tower.ansible.com
names:
kind: Tower
listKind: TowerList
plural: towers
singular: tower
scope: Namespaced
subresources:
status: {}
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
creationTimestamp: null creationTimestamp: null
name: tower-operator name: tower-operator
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods
- services - services
- services/finalizers - services/finalizers
- endpoints - endpoints
- persistentvolumeclaims - persistentvolumeclaims
- events - events
- configmaps - configmaps
- secrets - secrets
verbs: verbs:
- '*' - '*'
- apiGroups: - apiGroups:
- apps - apps
- extensions - extensions
resources: resources:
- deployments - deployments
- daemonsets - daemonsets
- replicasets - replicasets
- statefulsets - statefulsets
- ingresses - ingresses
verbs: verbs:
- '*' - '*'
- apiGroups: - apiGroups:
- monitoring.coreos.com - monitoring.coreos.com
resources: resources:
- servicemonitors - servicemonitors
verbs: verbs:
- get - get
- create - create
- apiGroups: - apiGroups:
- apps - apps
resourceNames: resourceNames:
- tower-operator - tower-operator
resources: resources:
- deployments/finalizers - deployments/finalizers
verbs: verbs:
- update - update
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods/exec - pods/exec
verbs: verbs:
- create - create
- get - get
- apiGroups: - apiGroups:
- apps - apps
resources: resources:
- replicasets - replicasets
verbs: verbs:
- get - get
- apiGroups: - apiGroups:
- tower.ansible.com - tower.ansible.com
resources: resources:
- '*' - '*'
verbs: verbs:
- '*' - '*'
--- ---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
name: tower-operator name: tower-operator
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: tower-operator name: tower-operator
namespace: default namespace: default
roleRef: roleRef:
kind: ClusterRole kind: ClusterRole
name: tower-operator name: tower-operator
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
--- ---
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: tower-operator name: tower-operator
namespace: default namespace: default
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@@ -121,21 +104,21 @@ spec:
containers: containers:
- name: ansible - name: ansible
command: command:
- /usr/local/bin/ao-logs - /usr/local/bin/ao-logs
- /tmp/ansible-operator/runner - /tmp/ansible-operator/runner
- stdout - stdout
image: "geerlingguy/tower-operator:0.2.3" image: "geerlingguy/tower-operator:0.2.3"
imagePullPolicy: "Always" imagePullPolicy: "Always"
volumeMounts: volumeMounts:
- mountPath: /tmp/ansible-operator/runner - mountPath: /tmp/ansible-operator/runner
name: runner name: runner
readOnly: true readOnly: true
- name: operator - name: operator
image: "geerlingguy/tower-operator:0.2.3" image: "geerlingguy/tower-operator:0.2.3"
imagePullPolicy: "Always" imagePullPolicy: "Always"
volumeMounts: volumeMounts:
- mountPath: /tmp/ansible-operator/runner - mountPath: /tmp/ansible-operator/runner
name: runner name: runner
env: env:
# Watch all namespaces (cluster-scoped). # Watch all namespaces (cluster-scoped).
- name: WATCH_NAMESPACE - name: WATCH_NAMESPACE
@@ -146,9 +129,27 @@ spec:
fieldPath: metadata.name fieldPath: metadata.name
- name: OPERATOR_NAME - name: OPERATOR_NAME
value: tower-operator value: tower-operator
# - name: ANSIBLE_VERBOSITY
# value: '3'
volumes: volumes:
- name: runner - name: runner
emptyDir: {} emptyDir: {}
--- ---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: towers.tower.ansible.com
spec:
group: tower.ansible.com
names:
kind: Tower
listKind: TowerList
plural: towers
singular: tower
scope: Namespaced
subresources:
status: {}
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true

1
main.yml
View File

@@ -1,3 +1,4 @@
---
- hosts: localhost - hosts: localhost
gather_facts: no gather_facts: no
roles: roles:

0
molecule/default/playbook.yml → molecule/default/converge.yml
View File

39
molecule/default/molecule.yml
View File

@@ -3,28 +3,25 @@ dependency:
name: galaxy name: galaxy
driver: driver:
name: docker name: docker
lint: lint: |
name: yamllint yamllint .
enabled: False ansible-lint
platforms: platforms:
- name: kind-default - name: kind-default
groups: groups:
- k8s - k8s
image: bsycorp/kind:latest-1.14 image: bsycorp/kind:latest-1.14
privileged: True privileged: True
override_command: no override_command: no
exposed_ports: exposed_ports:
- 8443/tcp - 8443/tcp
- 10080/tcp - 10080/tcp
published_ports: published_ports:
- 0.0.0.0:${TEST_CLUSTER_PORT:-9443}:8443/tcp - 0.0.0.0:${TEST_CLUSTER_PORT:-9443}:8443/tcp
pre_build_image: yes pre_build_image: yes
provisioner: provisioner:
name: ansible name: ansible
log: True log: True
lint:
name: ansible-lint
enabled: False
inventory: inventory:
group_vars: group_vars:
all: all:
@@ -34,9 +31,3 @@ provisioner:
KUBECONFIG: /tmp/molecule/kind-default/kubeconfig KUBECONFIG: /tmp/molecule/kind-default/kubeconfig
ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles
KIND_PORT: '${TEST_CLUSTER_PORT:-9443}' KIND_PORT: '${TEST_CLUSTER_PORT:-9443}'
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8

32
molecule/default/prepare.yml
View File

@@ -8,21 +8,21 @@
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
tasks: tasks:
- name: Create Custom Resource Definition - name: Create Custom Resource Definition
k8s: k8s:
definition: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_crd.yaml'])) }}" definition: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_crd.yaml'])) }}"
- name: Ensure specified namespace is present - name: Ensure specified namespace is present
k8s: k8s:
api_version: v1 api_version: v1
kind: Namespace kind: Namespace
name: '{{ operator_namespace }}' name: '{{ operator_namespace }}'
- name: Create RBAC resources - name: Create RBAC resources
k8s: k8s:
definition: "{{ lookup('template', '/'.join([deploy_dir, item])) }}" definition: "{{ lookup('template', '/'.join([deploy_dir, item])) }}"
namespace: '{{ operator_namespace }}' namespace: '{{ operator_namespace }}'
with_items: with_items:
- role.yaml - role.yaml
- role_binding.yaml - role_binding.yaml
- service_account.yaml - service_account.yaml

130
molecule/test-local/converge.yml Normal file
View File

@@ -0,0 +1,130 @@
---
- name: Build Operator in Kind container
hosts: k8s
vars:
image_name: tower.ansible.com/tower-operator:testing
tasks:
# using command so we don't need to install any dependencies
- name: Get existing image hash
command: docker images -q {{ image_name }}
register: prev_hash
changed_when: false
- name: Build Operator Image
command: docker build -f /build/build/Dockerfile -t {{ image_name }} /build
register: build_cmd
changed_when: not prev_hash.stdout or (prev_hash.stdout and prev_hash.stdout not in ''.join(build_cmd.stdout_lines[-2:]))
- name: Converge
hosts: localhost
connection: local
vars:
ansible_python_interpreter: '{{ ansible_playbook_python }}'
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
pull_policy: Never
operator_image: tower.ansible.com/tower-operator:testing
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_awx.yaml'])) | from_yaml }}"
tasks:
- block:
- name: Delete the Operator Deployment
k8s:
state: absent
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
register: delete_deployment
when: hostvars[groups.k8s.0].build_cmd.changed
- name: Wait 30s for Operator Deployment to terminate
k8s_info:
api_version: '{{ definition.apiVersion }}'
kind: '{{ definition.kind }}'
namespace: '{{ operator_namespace }}'
name: '{{ definition.metadata.name }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: deployment
until: not deployment.resources
delay: 3
retries: 10
when: delete_deployment.changed
- name: Create the Operator Deployment
k8s:
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
- name: Ensure the Tower custom_resource namespace exists
k8s:
state: present
name: '{{ custom_resource.metadata.namespace }}'
kind: Namespace
api_version: v1
- name: Create the tower.ansible.com/v1alpha1.Tower
k8s:
state: present
namespace: '{{ custom_resource.metadata.namespace }}'
definition: '{{ custom_resource }}'
- name: Wait 15m for reconciliation to run
k8s_info:
api_version: '{{ custom_resource.apiVersion }}'
kind: '{{ custom_resource.kind }}'
namespace: '{{ custom_resource.metadata.namespace }}'
name: '{{ custom_resource.metadata.name }}'
register: cr
until:
- "'Successful' in (cr | json_query('resources[].status.conditions[].reason'))"
delay: 6
retries: 150
rescue:
- name: debug cr
ignore_errors: yes
failed_when: false
debug:
var: debug_cr
vars:
debug_cr: '{{ lookup("k8s",
kind=custom_resource.kind,
api_version=custom_resource.apiVersion,
namespace=custom_resource.metadata.namespace,
resource_name=custom_resource.metadata.name
)}}'
- name: debug tower deployment
ignore_errors: yes
failed_when: false
debug:
var: deploy
vars:
deploy: '{{ lookup("k8s",
kind="Deployment",
api_version="apps/v1",
namespace=custom_resource.metadata.namespace,
label_selector="app=tower"
)}}'
- name: get operator logs
ignore_errors: yes
failed_when: false
command: kubectl logs deployment/{{ definition.metadata.name }} -n {{ operator_namespace }} -c operator
environment:
KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: log
- debug: var=log.stdout_lines
- fail:
msg: "Failed on action: converge"
- import_playbook: '{{ playbook_dir }}/../default/asserts.yml'

44
molecule/test-local/molecule.yml
View File

@@ -3,30 +3,27 @@ dependency:
name: galaxy name: galaxy
driver: driver:
name: docker name: docker
lint: lint: |
name: yamllint yamllint .
enabled: False ansible-lint
platforms: platforms:
- name: kind-test-local - name: kind-test-local
groups: groups:
- k8s - k8s
image: bsycorp/kind:latest-1.15 image: bsycorp/kind:latest-1.15
privileged: True privileged: True
override_command: no override_command: no
exposed_ports: exposed_ports:
- 8443/tcp - 8443/tcp
- 10080/tcp - 10080/tcp
published_ports: published_ports:
- 0.0.0.0:${TEST_CLUSTER_PORT:-10443}:8443/tcp - 0.0.0.0:${TEST_CLUSTER_PORT:-10443}:8443/tcp
pre_build_image: yes pre_build_image: yes
volumes: volumes:
- ${MOLECULE_PROJECT_DIRECTORY}:/build:Z - ${MOLECULE_PROJECT_DIRECTORY}:/build:Z
provisioner: provisioner:
name: ansible name: ansible
log: True log: True
lint:
name: ansible-lint
enabled: False
inventory: inventory:
group_vars: group_vars:
all: all:
@@ -37,7 +34,6 @@ provisioner:
ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles
KIND_PORT: '${TEST_CLUSTER_PORT:-10443}' KIND_PORT: '${TEST_CLUSTER_PORT:-10443}'
scenario: scenario:
name: test-local
test_sequence: test_sequence:
- lint - lint
- destroy - destroy
@@ -46,10 +42,4 @@ scenario:
- create - create
- prepare - prepare
- converge - converge
- side_effect
- verify
- destroy - destroy
verifier:
name: testinfra
lint:
name: flake8

130
molecule/test-local/playbook.yml
View File

@@ -1,130 +0,0 @@
---
- name: Build Operator in Kind container
hosts: k8s
vars:
image_name: tower.ansible.com/tower-operator:testing
tasks:
# using command so we don't need to install any dependencies
- name: Get existing image hash
command: docker images -q {{ image_name }}
register: prev_hash
changed_when: false
- name: Build Operator Image
command: docker build -f /build/build/Dockerfile -t {{ image_name }} /build
register: build_cmd
changed_when: not prev_hash.stdout or (prev_hash.stdout and prev_hash.stdout not in ''.join(build_cmd.stdout_lines[-2:]))
- name: Converge
hosts: localhost
connection: local
vars:
ansible_python_interpreter: '{{ ansible_playbook_python }}'
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
pull_policy: Never
operator_image: tower.ansible.com/tower-operator:testing
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_awx.yaml'])) | from_yaml }}"
tasks:
- block:
- name: Delete the Operator Deployment
k8s:
state: absent
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
register: delete_deployment
when: hostvars[groups.k8s.0].build_cmd.changed
- name: Wait 30s for Operator Deployment to terminate
k8s_info:
api_version: '{{ definition.apiVersion }}'
kind: '{{ definition.kind }}'
namespace: '{{ operator_namespace }}'
name: '{{ definition.metadata.name }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: deployment
until: not deployment.resources
delay: 3
retries: 10
when: delete_deployment.changed
- name: Create the Operator Deployment
k8s:
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
- name: Ensure the Tower custom_resource namespace exists
k8s:
state: present
name: '{{ custom_resource.metadata.namespace }}'
kind: Namespace
api_version: v1
- name: Create the tower.ansible.com/v1alpha1.Tower
k8s:
state: present
namespace: '{{ custom_resource.metadata.namespace }}'
definition: '{{ custom_resource }}'
- name: Wait 15m for reconciliation to run
k8s_info:
api_version: '{{ custom_resource.apiVersion }}'
kind: '{{ custom_resource.kind }}'
namespace: '{{ custom_resource.metadata.namespace }}'
name: '{{ custom_resource.metadata.name }}'
register: cr
until:
- "'Successful' in (cr | json_query('resources[].status.conditions[].reason'))"
delay: 6
retries: 150
rescue:
- name: debug cr
ignore_errors: yes
failed_when: false
debug:
var: debug_cr
vars:
debug_cr: '{{ lookup("k8s",
kind=custom_resource.kind,
api_version=custom_resource.apiVersion,
namespace=custom_resource.metadata.namespace,
resource_name=custom_resource.metadata.name
)}}'
- name: debug tower deployment
ignore_errors: yes
failed_when: false
debug:
var: deploy
vars:
deploy: '{{ lookup("k8s",
kind="Deployment",
api_version="apps/v1",
namespace=custom_resource.metadata.namespace,
label_selector="app=tower"
)}}'
- name: get operator logs
ignore_errors: yes
failed_when: false
command: kubectl logs deployment/{{ definition.metadata.name }} -n {{ operator_namespace }} -c operator
environment:
KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: log
- debug: var=log.stdout_lines
- fail:
msg: "Failed on action: converge"
- import_playbook: '{{ playbook_dir }}/../default/asserts.yml'

136
molecule/test-minikube/converge.yml Normal file
View File

@@ -0,0 +1,136 @@
---
# TODO: For some reason prepare is not run after a destroy in the Minikube env.
- import_playbook: ../default/prepare.yml
- name: Build Operator in Minikube
hosts: localhost
connection: local
vars:
image_name: tower.ansible.com/tower-operator:testing
tasks:
# Use raw Docker commands inside Minikube to avoid extra Python dependencies.
- name: Get existing image hash
shell: |
eval $(minikube docker-env)
docker images -q {{ image_name }}
register: prev_hash
changed_when: false
- name: Build Operator Image
shell: |
eval $(minikube docker-env)
docker build -f ../../build/Dockerfile -t {{ image_name }} ../..
register: build_cmd
changed_when: not prev_hash.stdout or (prev_hash.stdout and prev_hash.stdout not in ''.join(build_cmd.stdout_lines[-2:]))
- name: Converge
hosts: localhost
connection: local
vars:
ansible_python_interpreter: '{{ ansible_playbook_python }}'
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
pull_policy: Never
operator_image: tower.ansible.com/tower-operator:testing
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_tower.yaml'])) | from_yaml }}"
tasks:
- block:
- name: Delete the Operator Deployment
k8s:
state: absent
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
register: delete_deployment
when: build_cmd.changed
- name: Wait 30s for Operator Deployment to terminate
k8s_info:
api_version: '{{ definition.apiVersion }}'
kind: '{{ definition.kind }}'
namespace: '{{ operator_namespace }}'
name: '{{ definition.metadata.name }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: deployment
until: not deployment.resources
delay: 3
retries: 10
when: delete_deployment.changed
- name: Create the Operator Deployment
k8s:
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
- name: Ensure the Tower custom_resource namespace exists
k8s:
state: present
name: '{{ custom_resource.metadata.namespace }}'
kind: Namespace
api_version: v1
- name: Create the tower.ansible.com/v1alpha1.Tower
k8s:
state: present
namespace: '{{ custom_resource.metadata.namespace }}'
definition: '{{ custom_resource }}'
- name: Wait 15m for reconciliation to run
k8s_info:
api_version: '{{ custom_resource.apiVersion }}'
kind: '{{ custom_resource.kind }}'
namespace: '{{ custom_resource.metadata.namespace }}'
name: '{{ custom_resource.metadata.name }}'
register: cr
until:
- "'Successful' in (cr | json_query('resources[].status.conditions[].reason'))"
delay: 6
retries: 150
rescue:
- name: debug cr
ignore_errors: yes
failed_when: false
debug:
var: debug_cr
vars:
debug_cr: '{{ lookup("k8s",
kind=custom_resource.kind,
api_version=custom_resource.apiVersion,
namespace=custom_resource.metadata.namespace,
resource_name=custom_resource.metadata.name
)}}'
- name: debug tower deployment
ignore_errors: yes
failed_when: false
debug:
var: deploy
vars:
deploy: '{{ lookup("k8s",
kind="Deployment",
api_version="apps/v1",
namespace=custom_resource.metadata.namespace,
label_selector="app=tower"
)}}'
- name: get operator logs
ignore_errors: yes
failed_when: false
command: kubectl logs deployment/{{ definition.metadata.name }} -n {{ operator_namespace }} -c operator
environment:
KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: log
- debug: var=log.stdout_lines
- fail:
msg: "Failed on action: converge"
- import_playbook: '{{ playbook_dir }}/../default/asserts.yml'

22
molecule/test-minikube/molecule.yml
View File

@@ -6,26 +6,22 @@ driver:
options: options:
managed: False managed: False
ansible_connection_options: {} ansible_connection_options: {}
lint: lint: |
name: yamllint yamllint .
enabled: False ansible-lint
platforms: platforms:
- name: test-minikube - name: test-minikube
groups: groups:
- k8s - k8s
provisioner: provisioner:
name: ansible name: ansible
inventory: inventory:
group_vars: group_vars:
all: all:
operator_namespace: ${TEST_NAMESPACE:-default} operator_namespace: ${TEST_NAMESPACE:-default}
lint:
name: ansible-lint
enabled: False
env: env:
ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles
scenario: scenario:
name: test-minikube
test_sequence: test_sequence:
- lint - lint
- destroy - destroy
@@ -34,10 +30,4 @@ scenario:
- create - create
- prepare - prepare
- converge - converge
- side_effect
- verify
- destroy - destroy
verifier:
name: testinfra
lint:
name: flake8

136
molecule/test-minikube/playbook.yml
View File

@@ -1,136 +0,0 @@
---
# TODO: For some reason prepare is not run after a destroy in the Minikube env.
- import_playbook: ../default/prepare.yml
- name: Build Operator in Minikube
hosts: localhost
connection: local
vars:
image_name: tower.ansible.com/tower-operator:testing
tasks:
# Use raw Docker commands inside Minikube to avoid extra Python dependencies.
- name: Get existing image hash
shell: |
eval $(minikube docker-env)
docker images -q {{ image_name }}
register: prev_hash
changed_when: false
- name: Build Operator Image
shell: |
eval $(minikube docker-env)
docker build -f ../../build/Dockerfile -t {{ image_name }} ../..
register: build_cmd
changed_when: not prev_hash.stdout or (prev_hash.stdout and prev_hash.stdout not in ''.join(build_cmd.stdout_lines[-2:]))
- name: Converge
hosts: localhost
connection: local
vars:
ansible_python_interpreter: '{{ ansible_playbook_python }}'
deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
pull_policy: Never
operator_image: tower.ansible.com/tower-operator:testing
custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_tower.yaml'])) | from_yaml }}"
tasks:
- block:
- name: Delete the Operator Deployment
k8s:
state: absent
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
register: delete_deployment
when: build_cmd.changed
- name: Wait 30s for Operator Deployment to terminate
k8s_info:
api_version: '{{ definition.apiVersion }}'
kind: '{{ definition.kind }}'
namespace: '{{ operator_namespace }}'
name: '{{ definition.metadata.name }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: deployment
until: not deployment.resources
delay: 3
retries: 10
when: delete_deployment.changed
- name: Create the Operator Deployment
k8s:
namespace: '{{ operator_namespace }}'
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}"
- name: Ensure the Tower custom_resource namespace exists
k8s:
state: present
name: '{{ custom_resource.metadata.namespace }}'
kind: Namespace
api_version: v1
- name: Create the tower.ansible.com/v1alpha1.Tower
k8s:
state: present
namespace: '{{ custom_resource.metadata.namespace }}'
definition: '{{ custom_resource }}'
- name: Wait 15m for reconciliation to run
k8s_info:
api_version: '{{ custom_resource.apiVersion }}'
kind: '{{ custom_resource.kind }}'
namespace: '{{ custom_resource.metadata.namespace }}'
name: '{{ custom_resource.metadata.name }}'
register: cr
until:
- "'Successful' in (cr | json_query('resources[].status.conditions[].reason'))"
delay: 6
retries: 150
rescue:
- name: debug cr
ignore_errors: yes
failed_when: false
debug:
var: debug_cr
vars:
debug_cr: '{{ lookup("k8s",
kind=custom_resource.kind,
api_version=custom_resource.apiVersion,
namespace=custom_resource.metadata.namespace,
resource_name=custom_resource.metadata.name
)}}'
- name: debug tower deployment
ignore_errors: yes
failed_when: false
debug:
var: deploy
vars:
deploy: '{{ lookup("k8s",
kind="Deployment",
api_version="apps/v1",
namespace=custom_resource.metadata.namespace,
label_selector="app=tower"
)}}'
- name: get operator logs
ignore_errors: yes
failed_when: false
command: kubectl logs deployment/{{ definition.metadata.name }} -n {{ operator_namespace }} -c operator
environment:
KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}'
vars:
definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}"
register: log
- debug: var=log.stdout_lines
- fail:
msg: "Failed on action: converge"
- import_playbook: '{{ playbook_dir }}/../default/asserts.yml'

9
roles/tower/meta/main.yml
View File

@@ -1,3 +1,4 @@
---
galaxy_info: galaxy_info:
author: Jeff Geerling author: Jeff Geerling
description: Tower role for Tower Operator for Kubernetes. description: Tower role for Tower Operator for Kubernetes.
@@ -7,6 +8,14 @@ galaxy_info:
min_ansible_version: 2.8 min_ansible_version: 2.8
platforms:
- name: EL
versions:
- all
- name: Debian
versions:
- all
galaxy_tags: galaxy_tags:
- tower - tower
- awx - awx

3
roles/tower/tasks/initialize.yml
View File

@@ -7,7 +7,6 @@
exit(0 if nsu > 0 else 1)' exit(0 if nsu > 0 else 1)'
| awx-manage shell" | awx-manage shell"
ignore_errors: true ignore_errors: true
changed_when: false
register: users_result register: users_result
changed_when: users_result.rc > 0 changed_when: users_result.rc > 0
@@ -20,7 +19,7 @@
when: users_result.rc > 0 when: users_result.rc > 0
no_log: true no_log: true
- name: Create preload data if necessary. - name: Create preload data if necessary. # noqa 305
shell: >- shell: >-
kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
"awx-manage create_preload_data" "awx-manage create_preload_data"

2
roles/tower/tasks/main.yml
View File

@@ -44,7 +44,7 @@
register: database_check register: database_check
when: k8s_defs_result is not changed when: k8s_defs_result is not changed
- name: Migrate the database if the K8s resources were updated. - name: Migrate the database if the K8s resources were updated. # noqa 305
shell: >- shell: >-
kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
"awx-manage migrate --noinput" "awx-manage migrate --noinput"