internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-26 21:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Begin to migrate towards operator-sdk 1.x project structure

Browse Source
This commit is contained in:
Shane McDonald
2021-09-29 15:31:16 -04:00
parent 302957e509
commit 316d08ccb4
58 changed files with 898 additions and 2283 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,2 +1,3 @@
*~ *~
.cache/ .cache/
/bin

6
build/Dockerfile → Dockerfile
View File

@@ -1,11 +1,9 @@
FROM quay.io/operator-framework/ansible-operator:v0.19.4 FROM quay.io/operator-framework/ansible-operator:v1.12.0
# Install Ansible requirements.
COPY requirements.yml ${HOME}/requirements.yml COPY requirements.yml ${HOME}/requirements.yml
RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \
&& chmod -R ug+rwx ${HOME}/.ansible && chmod -R ug+rwx ${HOME}/.ansible
COPY watches.yaml ${HOME}/watches.yaml COPY watches.yaml ${HOME}/watches.yaml
COPY main.yml ${HOME}/main.yml
COPY roles/ ${HOME}/roles/ COPY roles/ ${HOME}/roles/
COPY playbooks/ ${HOME}/playbooks/

173
Makefile Normal file
View File

@@ -0,0 +1,173 @@
# VERSION defines the project version for the bundle.
# Update this value when you upgrade the version of your project.
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 0.14.0
# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
# To re-generate a bundle for other specific channels without changing the standard setup, you can:
# - use the CHANNELS as arg of the bundle target (e.g make bundle CHANNELS=candidate,fast,stable)
# - use environment variables to overwrite this value (e.g export CHANNELS="candidate,fast,stable")
ifneq ($(origin CHANNELS), undefined)
BUNDLE_CHANNELS := --channels=$(CHANNELS)
endif
# DEFAULT_CHANNEL defines the default channel used in the bundle.
# Add a new line here if you would like to change its default config. (E.g DEFAULT_CHANNEL = "stable")
# To re-generate a bundle for any other default channel without changing the default setup, you can:
# - use the DEFAULT_CHANNEL as arg of the bundle target (e.g make bundle DEFAULT_CHANNEL=stable)
# - use environment variables to overwrite this value (e.g export DEFAULT_CHANNEL="stable")
ifneq ($(origin DEFAULT_CHANNEL), undefined)
BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL)
endif
BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL)
# IMAGE_TAG_BASE defines the docker.io namespace and part of the image name for remote images.
# This variable is used to construct full image tags for bundle and catalog images.
#
# For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both
# ansible.com/awx-operator-bundle:$VERSION and ansible.com/awx-operator-catalog:$VERSION.
IMAGE_TAG_BASE ?= quay.io/ansible/awx-operator
# BUNDLE_IMG defines the image:tag used for the bundle.
# You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=<some-registry>/<project-name-bundle>:<tag>)
BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION)
# Image URL to use all building/pushing image targets
IMG ?= $(IMAGE_TAG_BASE):$(VERSION)
all: docker-build
##@ General
# The help target prints out all targets with their descriptions organized
# beneath their categories. The categories are represented by '##@' and the
# target descriptions by '##'. The awk commands is responsible for reading the
# entire set of makefiles included in this invocation, looking for lines of the
# file as xyz: ## something, and then pretty-format the target and help. Then,
# if there's a line with ##@ something, that gets pretty-printed as a category.
# More info on the usage of ANSI control characters for terminal formatting:
# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
# More info on the awk command:
# http://linuxcommand.org/lc3_adv_awk.php
help: ## Display this help.
@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
##@ Build
run: ansible-operator ## Run against the configured Kubernetes cluster in ~/.kube/config
ANSIBLE_ROLES_PATH="$(ANSIBLE_ROLES_PATH):$(shell pwd)/roles" $(ANSIBLE_OPERATOR) run
docker-build: ## Build docker image with the manager.
docker build -t ${IMG} .
docker-push: ## Push docker image with the manager.
docker push ${IMG}
##@ Deployment
install: kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/crd | kubectl apply -f -
uninstall: kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/crd | kubectl delete -f -
deploy: kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default | kubectl apply -f -
undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/default | kubectl delete -f -
OS := $(shell uname -s | tr '[:upper:]' '[:lower:]')
ARCH := $(shell uname -m | sed 's/x86_64/amd64/')
.PHONY: kustomize
KUSTOMIZE = $(shell pwd)/bin/kustomize
kustomize: ## Download kustomize locally if necessary.
ifeq (,$(wildcard $(KUSTOMIZE)))
ifeq (,$(shell which kustomize 2>/dev/null))
@{ \
set -e ;\
mkdir -p $(dir $(KUSTOMIZE)) ;\
curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.7/kustomize_v3.8.7_$(OS)_$(ARCH).tar.gz | \
tar xzf - -C bin/ ;\
}
else
KUSTOMIZE = $(shell which kustomize)
endif
endif
.PHONY: ansible-operator
ANSIBLE_OPERATOR = $(shell pwd)/bin/ansible-operator
ansible-operator: ## Download ansible-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist.
ifeq (,$(wildcard $(ANSIBLE_OPERATOR)))
ifeq (,$(shell which ansible-operator 2>/dev/null))
@{ \
set -e ;\
mkdir -p $(dir $(ANSIBLE_OPERATOR)) ;\
curl -sSLo $(ANSIBLE_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v1.12.0/ansible-operator_$(OS)_$(ARCH) ;\
chmod +x $(ANSIBLE_OPERATOR) ;\
}
else
ANSIBLE_OPERATOR = $(shell which ansible-operator)
endif
endif
.PHONY: bundle
bundle: kustomize ## Generate bundle manifests and metadata, then validate generated files.
operator-sdk generate kustomize manifests -q
cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
$(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
operator-sdk bundle validate ./bundle
.PHONY: bundle-build
bundle-build: ## Build the bundle image.
docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) .
.PHONY: bundle-push
bundle-push: ## Push the bundle image.
$(MAKE) docker-push IMG=$(BUNDLE_IMG)
.PHONY: opm
OPM = ./bin/opm
opm: ## Download opm locally if necessary.
ifeq (,$(wildcard $(OPM)))
ifeq (,$(shell which opm 2>/dev/null))
@{ \
set -e ;\
mkdir -p $(dir $(OPM)) ;\
curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.15.1/$(OS)-$(ARCH)-opm ;\
chmod +x $(OPM) ;\
}
else
OPM = $(shell which opm)
endif
endif
# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v0.2.0).
# These images MUST exist in a registry and be pull-able.
BUNDLE_IMGS ?= $(BUNDLE_IMG)
# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v0.2.0).
CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:v$(VERSION)
# Set CATALOG_BASE_IMG to an existing catalog image tag to add $BUNDLE_IMGS to that image.
ifneq ($(origin CATALOG_BASE_IMG), undefined)
FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG)
endif
# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'.
# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see:
# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator
.PHONY: catalog-build
catalog-build: opm ## Build a catalog image.
$(OPM) index add --container-tool docker --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT)
# Push the catalog image.
.PHONY: catalog-push
catalog-push: ## Push a catalog image.
$(MAKE) docker-push IMG=$(CATALOG_IMG)

16
PROJECT Normal file
View File

@@ -0,0 +1,16 @@
domain: ansible.com
layout:
- ansible.sdk.operatorframework.io/v1
plugins:
manifests.sdk.operatorframework.io/v2: {}
scorecard.sdk.operatorframework.io/v2: {}
projectName: awx-operator
resources:
- api:
crdVersion: v1
namespaced: true
domain: ansible.com
group: awx
kind: AWX
version: v1beta1
version: "3"

13
build/test-framework/Dockerfile
View File

@@ -1,13 +0,0 @@
ARG BASEIMAGE
FROM ${BASEIMAGE}
USER 0
RUN yum install -y python-devel gcc libffi-devel
RUN pip install molecule==3.0.6 jmespath
ARG NAMESPACEDMAN
ADD $NAMESPACEDMAN /namespaced.yaml
ADD build/test-framework/ansible-test.sh /ansible-test.sh
RUN chmod +x /ansible-test.sh
USER 1001
ADD . /opt/ansible/project

7
build/test-framework/ansible-test.sh
View File

@@ -1,7 +0,0 @@
#!/bin/sh
export WATCH_NAMESPACE=${TEST_NAMESPACE}
(/usr/local/bin/entrypoint)&
trap "kill $!" SIGINT SIGTERM EXIT
cd ${HOME}/project
exec molecule test -s test-minikube

14
bundle.Dockerfile
View File

@@ -1,14 +0,0 @@
FROM scratch
LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
LABEL operators.operatorframework.io.bundle.package.v1=awx-operator
LABEL operators.operatorframework.io.bundle.channels.v1=alpha
LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v0.19.4
LABEL operators.operatorframework.io.metrics.project_layout=ansible
COPY deploy/olm-catalog/awx-operator/manifests /manifests/
COPY deploy/olm-catalog/awx-operator/metadata /metadata/

0
deploy/crds/awx_v1beta1_crd.yaml → config/crd/bases/awx.ansible.com_awxs.yaml
View File

0
deploy/crds/awxbackup_v1beta1_crd.yaml → config/crd/bases/awxbackup.ansible.com_awxbackups.yaml
View File

0
deploy/crds/awxrestore_v1beta1_crd.yaml → config/crd/bases/awxrestore.ansible.com_awxrestores.yaml
View File

8
config/crd/kustomization.yaml Normal file
View File

@@ -0,0 +1,8 @@
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/default
resources:
- bases/awx.ansible.com_awxs.yaml
- bases/awxbackup.ansible.com_awxbackups.yaml
- bases/awxrestore.ansible.com_awxrestores.yaml
#+kubebuilder:scaffold:crdkustomizeresource

30
config/default/kustomization.yaml Normal file
View File

@@ -0,0 +1,30 @@
# Adds namespace to all resources.
namespace: awx-operator-system
# Value of this field is prepended to the
# names of all resources, e.g. a deployment named
# "wordpress" becomes "alices-wordpress".
# Note that it should also match with the prefix (text before '-') of the namespace
# field above.
namePrefix: awx-operator-
# Labels to add to all resources and selectors.
#commonLabels:
# someName: someValue
bases:
- ../crd
- ../rbac
- ../manager
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
#- ../prometheus
patchesStrategicMerge:
# Protect the /metrics endpoint by putting it behind auth.
# If you want your controller-manager to expose the /metrics
# endpoint w/o any authn/z, please comment the following line.
- manager_auth_proxy_patch.yaml
# Mount the controller config file for loading manager configurations
# through a ComponentConfig type
#- manager_config_patch.yaml

28
config/default/manager_auth_proxy_patch.yaml Normal file
View File

@@ -0,0 +1,28 @@
# This patch inject a sidecar container which is a HTTP proxy for the
# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: kube-rbac-proxy
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
ports:
- containerPort: 8443
protocol: TCP
name: https
- name: manager
args:
- "--health-probe-bind-address=:6789"
- "--metrics-bind-address=127.0.0.1:8080"
- "--leader-elect"
- "--leader-election-id=awx-operator"

20
config/default/manager_config_patch.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
args:
- "--config=controller_manager_config.yaml"
volumeMounts:
- name: manager-config
mountPath: /controller_manager_config.yaml
subPath: controller_manager_config.yaml
volumes:
- name: manager-config
configMap:
name: manager-config

10
config/manager/controller_manager_config.yaml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: controller-runtime.sigs.k8s.io/v1beta1
kind: ControllerManagerConfig
health:
healthProbeBindAddress: :6789
metrics:
bindAddress: 127.0.0.1:8080
leaderElection:
leaderElect: true
resourceName: 811c9dc5.ansible.com

16
config/manager/kustomization.yaml Normal file
View File

@@ -0,0 +1,16 @@
resources:
- manager.yaml
generatorOptions:
disableNameSuffixHash: true
configMapGenerator:
- files:
- controller_manager_config.yaml
name: manager-config
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
images:
- name: controller
newName: quay.io/shanemcd/awx-operator
newTag: 0.0.1

55
config/manager/manager.yaml Normal file
View File

@@ -0,0 +1,55 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
spec:
selector:
matchLabels:
control-plane: controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: controller-manager
spec:
securityContext:
runAsNonRoot: true
containers:
- args:
- --leader-elect
- --leader-election-id=awx-operator
image: controller:latest
name: manager
env:
- name: ANSIBLE_GATHERING
value: explicit
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
securityContext:
allowPrivilegeEscalation: false
livenessProbe:
httpGet:
path: /healthz
port: 6789
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 6789
initialDelaySeconds: 5
periodSeconds: 10
serviceAccountName: controller-manager
terminationGracePeriodSeconds: 10

40
config/manifests/bases/awx-operator.clusterserviceversion.yaml Normal file
View File

@@ -0,0 +1,40 @@
apiVersion: operators.coreos.com/v1beta1
kind: ClusterServiceVersion
metadata:
annotations:
alm-examples: '[]'
capabilities: Basic Install
name: awx-operator.v0.0.0
namespace: placeholder
spec:
apiservicedefinitions: {}
customresourcedefinitions: {}
description: An operator for the AWX Project
displayName: AWX
icon:
- base64data: ""
mediatype: ""
install:
spec:
deployments: null
strategy: ""
installModes:
- supported: false
type: OwnNamespace
- supported: false
type: SingleNamespace
- supported: false
type: MultiNamespace
- supported: true
type: AllNamespaces
keywords:
- automation
- ansible
links:
- name: Awx Operator
url: https://awx-operator.domain
maturity: alpha
provider:
name: Ansible
url: github.com/ansible/awx-operator
version: 0.0.0

7
config/manifests/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
# These resources constitute the fully configured set of manifests
# used to generate the 'manifests/' directory in a bundle.
resources:
- bases/awx-operator.clusterserviceversion.yaml
- ../default
- ../samples
- ../scorecard

2
config/prometheus/kustomization.yaml Normal file
View File

@@ -0,0 +1,2 @@
resources:
- monitor.yaml

20
config/prometheus/monitor.yaml Normal file
View File

@@ -0,0 +1,20 @@
# Prometheus Monitor Service (Metrics)
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
control-plane: controller-manager
name: controller-manager-metrics-monitor
namespace: system
spec:
endpoints:
- path: /metrics
port: https
scheme: https
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
tlsConfig:
insecureSkipVerify: true
selector:
matchLabels:
control-plane: controller-manager

9
config/rbac/auth_proxy_client_clusterrole.yaml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: metrics-reader
rules:
- nonResourceURLs:
- "/metrics"
verbs:
- get

17
config/rbac/auth_proxy_role.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: proxy-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create

12
config/rbac/auth_proxy_role_binding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: controller-manager
namespace: system

15
config/rbac/auth_proxy_service.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
labels:
control-plane: controller-manager
name: controller-manager-metrics-service
namespace: system
spec:
ports:
- name: https
port: 8443
protocol: TCP
targetPort: https
selector:
control-plane: controller-manager

24
config/rbac/awx_editor_role.yaml Normal file
View File

@@ -0,0 +1,24 @@
# permissions for end users to edit awxs.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: awx-editor-role
rules:
- apiGroups:
- awx.ansible.com
resources:
- awxs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- awx.ansible.com
resources:
- awxs/status
verbs:
- get

20
config/rbac/awx_viewer_role.yaml Normal file
View File

@@ -0,0 +1,20 @@
# permissions for end users to view awxs.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: awx-viewer-role
rules:
- apiGroups:
- awx.ansible.com
resources:
- awxs
verbs:
- get
- list
- watch
- apiGroups:
- awx.ansible.com
resources:
- awxs/status
verbs:
- get

18
config/rbac/kustomization.yaml Normal file
View File

@@ -0,0 +1,18 @@
resources:
# All RBAC will be applied under this service account in
# the deployment namespace. You may comment out this resource
# if your manager will use a service account that exists at
# runtime. Be sure to update RoleBinding and ClusterRoleBinding
# subjects if changing service account names.
- service_account.yaml
- role.yaml
- role_binding.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
# Comment the following 4 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
# which protects your /metrics endpoint.
- auth_proxy_service.yaml
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml
- auth_proxy_client_clusterrole.yaml

37
config/rbac/leader_election_role.yaml Normal file
View File

@@ -0,0 +1,37 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch

12
config/rbac/leader_election_role_binding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: controller-manager
namespace: system

106
config/rbac/role.yaml Normal file
View File

@@ -0,0 +1,106 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- route.openshift.io
resources:
- routes
- routes/custom-host
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- ""
- "rbac.authorization.k8s.io"
resources:
- pods
- services
- services/finalizers
- serviceaccounts
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- roles
- rolebindings
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- apps
- networking.k8s.io
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
- ingresses
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- awx-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- deployments/scale
- statefulsets/scale
verbs:
- patch
- apiGroups:
- ""
resources:
- pods/exec
- pods/attach
- pods/log # log & attach rules needed to be able to grant them to AWX service account
verbs:
- create
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- create
- apiGroups:
- awx.ansible.com
resources:
- '*'
- awxbackups
- awxrestores
verbs:
- '*'

11
config/rbac/role_binding.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: manager-role
subjects:
- kind: ServiceAccount
name: controller-manager

5
config/rbac/service_account.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: controller-manager
namespace: system

7
config/samples/awx_v1alpha1_awx.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-sample
spec:
# Add fields here
foo: bar

4
config/samples/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
## Append samples you want in your CSV to this file as resources ##
resources:
- awx_v1beta1_awx.yaml
#+kubebuilder:scaffold:manifestskustomizesamples

7
config/scorecard/bases/config.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: scorecard.operatorframework.io/v1alpha3
kind: Configuration
metadata:
name: config
stages:
- parallel: true
tests: []

16
config/scorecard/kustomization.yaml Normal file
View File

@@ -0,0 +1,16 @@
resources:
- bases/config.yaml
patchesJson6902:
- path: patches/basic.config.yaml
target:
group: scorecard.operatorframework.io
version: v1alpha3
kind: Configuration
name: config
- path: patches/olm.config.yaml
target:
group: scorecard.operatorframework.io
version: v1alpha3
kind: Configuration
name: config
#+kubebuilder:scaffold:patchesJson6902

10
config/scorecard/patches/basic.config.yaml Normal file
View File

@@ -0,0 +1,10 @@
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- basic-check-spec
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: basic
test: basic-check-spec-test

50
config/scorecard/patches/olm.config.yaml Normal file
View File

@@ -0,0 +1,50 @@
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- olm-bundle-validation
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: olm
test: olm-bundle-validation-test
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- olm-crds-have-validation
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: olm
test: olm-crds-have-validation-test
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- olm-crds-have-resources
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: olm
test: olm-crds-have-resources-test
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- olm-spec-descriptors
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: olm
test: olm-spec-descriptors-test
- op: add
path: /stages/0/tests/-
value:
entrypoint:
- scorecard-test
- olm-status-descriptors
image: quay.io/operator-framework/scorecard-test:v1.12.0
labels:
suite: olm
test: olm-status-descriptors-test

14
config/testing/debug_logs_patch.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
env:
- name: ANSIBLE_DEBUG_LOGS
value: "TRUE"

23
config/testing/kustomization.yaml Normal file
View File

@@ -0,0 +1,23 @@
# Adds namespace to all resources.
namespace: osdk-test
namePrefix: osdk-
# Labels to add to all resources and selectors.
#commonLabels:
# someName: someValue
patchesStrategicMerge:
- manager_image.yaml
- debug_logs_patch.yaml
- ../default/manager_auth_proxy_patch.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../crd
- ../rbac
- ../manager
images:
- name: testing
newName: testing-operator

12
config/testing/manager_image.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
image: testing

12
config/testing/pull_policy/Always.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

12
config/testing/pull_policy/IfNotPresent.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: IfNotPresent

12
config/testing/pull_policy/Never.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Never

786
deploy/awx-operator.yaml
View File

@@ -1,786 +0,0 @@
# This file is generated by Ansible. Changes will be lost.
# Update templates under ansible/templates/
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: awxs.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWX
listKind: AWXList
plural: awxs
singular: awx
scope: Namespaced
versions:
- name: v1beta1
served: true
storage: true
subresources:
status: {}
schema:
openAPIV3Schema:
description: Schema validation for the AWX CRD
properties:
spec:
properties:
deployment_type:
description: Name of the deployment type
type: string
kind:
description: Kind of the deployment type
type: string
api_version:
description: apiVersion of the deployment type
type: string
task_privileged:
description: If a privileged security context should be enabled
type: boolean
default: false
admin_user:
description: Username to use for the admin account
type: string
default: admin
hostname:
description: The hostname of the instance
type: string
admin_email:
description: The admin user email
type: string
admin_password_secret:
description: Secret where the admin password can be found
type: string
postgres_configuration_secret:
description: Secret where the database configuration can be found
type: string
old_postgres_configuration_secret:
description: Secret where the old database configuration can be found for data migration
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for data migration
type: string
secret_key_secret:
description: Secret where the secret key can be found
type: string
broadcast_websocket_secret:
description: Secret where the broadcast websocket secret can be found
type: string
extra_volumes:
description: Specify extra volumes to add to the application pod
type: string
service_type:
description: The service type to be used on the deployed instance
type: string
enum:
- LoadBalancer
- loadbalancer
- ClusterIP
- clusterip
- NodePort
- nodeport
ingress_type:
description: The ingress type to use to reach the deployed instance
type: string
enum:
- none
- Ingress
- ingress
- Route
- route
ingress_path:
description: The ingress path used to reach the deployed service
type: string
ingress_annotations:
description: Annotations to add to the Ingress Controller
type: string
ingress_tls_secret:
description: Secret where the Ingress TLS secret can be found
type: string
loadbalancer_annotations:
description: Annotations to add to the loadbalancer
type: string
loadbalancer_protocol:
description: Protocol to use for the loadbalancer
type: string
default: http
enum:
- http
- https
loadbalancer_port:
description: Port to use for the loadbalancer
type: integer
default: 80
route_host:
description: The DNS to use to points to the instance
type: string
route_tls_termination_mechanism:
description: The secure TLS termination mechanism to use
type: string
default: Edge
enum:
- Edge
- edge
- Passthrough
- passthrough
route_tls_secret:
description: Secret where the TLS related credentials are stored
type: string
nodeport_port:
description: Port to use for the nodeport
type: integer
default: 30080
node_selector:
description: nodeSelector for the pods
type: string
service_labels:
description: Additional labels to apply to the service
type: string
tolerations:
description: node tolerations for the pods
type: string
image:
description: Registry path to the application container to use
type: string
image_version:
description: Application container image version to use
type: string
ee_images:
description: Registry path to the Execution Environment container to use
type: array
items:
type: object
properties:
name:
type: string
image:
type: string
control_plane_ee_image:
description: Registry path to the Execution Environment container image to use on control plane pods
type: string
ee_pull_credentials_secret:
description: Secret where pull credentials for registered ees can be found
type: string
image_pull_policy:
description: The image pull policy
type: string
default: IfNotPresent
enum:
- Always
- always
- Never
- never
- IfNotPresent
- ifnotpresent
image_pull_secret:
description: The image pull secret
type: string
task_resource_requirements:
description: Resource requirements for the task container
properties:
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
web_resource_requirements:
description: Resource requirements for the web container
properties:
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
ee_resource_requirements:
description: Resource requirements for the ee container
properties:
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
service_account_annotations:
description: ServiceAccount annotations
type: string
replicas:
description: Number of instance replicas
type: integer
default: 1
format: int32
garbage_collect_secrets:
description: Whether or not to remove secrets upon instance removal
default: false
type: boolean
create_preload_data:
description: Whether or not to preload data upon instance creation
default: true
type: boolean
task_args:
type: array
items:
type: string
task_command:
type: array
items:
type: string
web_args:
type: array
items:
type: string
web_command:
type: array
items:
type: string
task_extra_env:
type: string
web_extra_env:
type: string
ee_extra_env:
type: string
ee_extra_volume_mounts:
description: Specify volume mounts to be added to Execution container
type: string
task_extra_volume_mounts:
description: Specify volume mounts to be added to Task container
type: string
web_extra_volume_mounts:
description: Specify volume mounts to be added to the Web container
type: string
redis_image:
description: Registry path to the redis container to use
type: string
redis_image_version:
description: Redis container image version to use
type: string
init_container_image:
description: Registry path to the init container to use
type: string
init_container_image_version:
description: Init container image version to use
type: string
init_container_extra_commands:
description: Extra commands for the init container
type: string
init_container_extra_volume_mounts:
description: Specify volume mounts to be added to the init container
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
postgres_selector:
description: nodeSelector for the Postgres pods
type: string
postgres_tolerations:
description: node tolerations for the Postgres pods
type: string
postgres_storage_requirements:
description: Storage requirements for the PostgreSQL container
properties:
requests:
properties:
storage:
type: string
type: object
limits:
properties:
storage:
type: string
type: object
type: object
postgres_resource_requirements:
description: Resource requirements for the PostgreSQL container
properties:
requests:
properties:
cpu:
type: string
memory:
type: string
type: object
limits:
properties:
cpu:
type: string
memory:
type: string
type: object
type: object
postgres_storage_class:
description: Storage class to use for the PostgreSQL PVC
type: string
postgres_data_path:
description: Path where the PostgreSQL data are located
type: string
ca_trust_bundle:
description: Path where the trusted CA bundle is available
type: string
development_mode:
description: If the deployment should be done in development mode
type: boolean
ldap_cacert_secret:
description: Secret where can be found the LDAP trusted Certificate Authority Bundle
type: string
bundle_cacert_secret:
description: Secret where can be found the trusted Certificate Authority Bundle
type: string
projects_persistence:
description: Whether or not the /var/lib/projects directory will be persistent
default: false
type: boolean
projects_use_existing_claim:
description: Using existing PersistentVolumeClaim
type: string
enum:
- _Yes_
- _No_
projects_existing_claim:
description: PersistentVolumeClaim to mount /var/lib/projects directory
type: string
projects_storage_class:
description: Storage class for the /var/lib/projects PersistentVolumeClaim
type: string
projects_storage_size:
description: Size for the /var/lib/projects PersistentVolumeClaim
default: 8Gi
type: string
projects_storage_access_mode:
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
default: ReadWriteMany
type: string
extra_settings:
description: Extra settings to specify for the API
items:
properties:
setting:
type: string
value:
x-kubernetes-preserve-unknown-fields: true
type: object
type: array
type: object
status:
properties:
URL:
description: URL to access the deployed instance
type: string
adminUser:
description: Admin user of the deployed instance
type: string
adminPasswordSecret:
description: Admin password secret name of the deployed instance
type: string
postgresConfigurationSecret:
description: Postgres Configuration secret name of the deployed instance
type: string
broadcastWebsocketSecret:
description: Broadcast websocket secret name of the deployed instance
type: string
secretKeySecret:
description: Secret key secret name of the deployed instance
type: string
migratedFromSecret:
description: The secret used for migrating an old instance.
type: string
version:
description: Version of the deployed instance
type: string
image:
description: URL of the image used for the deployed instance
type: string
conditions:
description: The resulting conditions when a Service Telemetry is instantiated
items:
properties:
status:
type: string
type:
type: string
reason:
type: string
lastTransitionTime:
type: string
type: object
type: array
type: object
type: object
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: awxbackups.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWXBackup
listKind: AWXBackupList
plural: awxbackups
singular: awxbackup
scope: Namespaced
versions:
- name: v1beta1
served: true
storage: true
subresources:
status: {}
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
description: Schema validation for the AWXBackup CRD
properties:
spec:
type: object
required:
- deployment_name
properties:
deployment_name:
description: Name of the deployment to be backed up
type: string
backup_pvc:
description: Name of the PVC to be used for storing the backup
type: string
backup_pvc_namespace:
description: Namespace the PVC is in
type: string
backup_storage_requirements:
description: Storage requirements for the PostgreSQL container
type: string
backup_storage_class:
description: Storage class to use when creating PVC for backup
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for backing up data
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
status:
type: object
properties:
conditions:
description: The resulting conditions when a Service Telemetry is
instantiated
items:
properties:
lastTransitionTime:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
type: array
backupDirectory:
description: Backup directory name on the specified pvc
type: string
backupClaim:
description: Backup persistent volume claim
type: string
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: awxrestores.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWXRestore
listKind: AWXRestoreList
plural: awxrestores
singular: awxrestore
scope: Namespaced
versions:
- name: v1beta1
served: true
storage: true
subresources:
status: {}
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
description: Schema validation for the AWXRestore CRD
properties:
spec:
type: object
properties:
backup_source:
description: Backup source
type: string
enum:
- CR
- PVC
deployment_name:
description: Name of the deployment to be restored to
type: string
backup_name:
description: AWXBackup object name
type: string
backup_pvc:
description: Name of the PVC to be restored from, set as a status found on the awxbackup object (backupClaim)
type: string
backup_pvc_namespace:
description: Namespace the PVC is in
type: string
backup_dir:
description: Backup directory name, set as a status found on the awxbackup object (backupDirectory)
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for backing up data
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
status:
type: object
properties:
conditions:
description: The resulting conditions when a Service Telemetry is
instantiated
items:
properties:
lastTransitionTime:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
type: array
restoreComplete:
description: Restore process complete
type: boolean
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: awx-operator
rules:
- apiGroups:
- route.openshift.io
resources:
- routes
- routes/custom-host
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- ""
- "rbac.authorization.k8s.io"
resources:
- pods
- services
- services/finalizers
- serviceaccounts
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- roles
- rolebindings
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- apps
- networking.k8s.io
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
- ingresses
verbs:
- get
- list
- create
- delete
- patch
- update
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- awx-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- deployments/scale
- statefulsets/scale
verbs:
- patch
- apiGroups:
- ""
resources:
- pods/exec
- pods/attach
- pods/log # log & attach rules needed to be able to grant them to AWX service account
verbs:
- create
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- create
- apiGroups:
- awx.ansible.com
resources:
- '*'
- awxbackups
- awxrestores
verbs:
- '*'
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: awx-operator
subjects:
- kind: ServiceAccount
name: awx-operator
roleRef:
kind: Role
name: awx-operator
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: awx-operator
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: awx-operator
spec:
replicas: 1
selector:
matchLabels:
name: awx-operator
template:
metadata:
labels:
name: awx-operator
spec:
serviceAccountName: awx-operator
containers:
- name: awx-operator
image: "quay.io/ansible/awx-operator:0.13.0"
imagePullPolicy: "Always"
volumeMounts:
- mountPath: /tmp/ansible-operator/runner
name: runner
env:
# Watch one namespace (namespace-scoped).
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: awx-operator
- name: ANSIBLE_GATHERING
value: explicit
- name: OPERATOR_VERSION
value: "0.13.0"
- name: ANSIBLE_DEBUG_LOGS
value: "false"
livenessProbe:
httpGet:
path: /healthz
port: 6789
initialDelaySeconds: 15
periodSeconds: 20
volumes:
- name: runner
emptyDir: {}

23
deploy/crds/awx_v1beta1_molecule.yaml
View File

@@ -1,23 +0,0 @@
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: example-awx
namespace: example-awx
spec:
service_account_annotations: |
foo: bar
deployment_type: awx
ingress_type: ingress
web_resource_requirements:
requests:
cpu: 500m
memory: 128M
task_resource_requirements:
requests:
cpu: 500m
memory: 128M
ee_resource_requirements:
requests:
cpu: 200m
memory: 64M

5
deploy/kustomization.yaml
View File

@@ -1,5 +0,0 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./awx-operator.yaml

777
deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml
View File

@@ -1,777 +0,0 @@
apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
annotations:
alm-examples: |-
[
{
"apiVersion": "awx.ansible.com/v1beta1",
"kind": "AWX",
"metadata": {
"name": "example-awx",
"namespace": "example-awx"
},
"spec": {
"deployment_type": "awx",
"ee_resource_requirements": {
"requests": {
"cpu": "200m",
"memory": "64M"
}
},
"ingress_type": "ingress",
"service_account_annotations": "foo: bar\n",
"task_resource_requirements": {
"requests": {
"cpu": "500m",
"memory": "128M"
}
},
"web_resource_requirements": {
"requests": {
"cpu": "500m",
"memory": "128M"
}
}
}
}
]
capabilities: Basic Install
operators.operatorframework.io/builder: operator-sdk-v0.19.4
operators.operatorframework.io/project_layout: ansible
name: awx-operator.v0.13.0
namespace: placeholder
spec:
apiservicedefinitions: {}
customresourcedefinitions:
owned:
- displayName: AWX Backup
kind: AWXBackup
name: awxbackups.awx.ansible.com
specDescriptors:
- displayName: Deployment name
path: deployment_name
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Backup persistent volume claim
path: backup_pvc
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:advanced
- displayName: Backup persistent volume claim namespace
path: backup_pvc_namespace
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:advanced
- displayName: Backup PVC storage requirements
path: backup_storage_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:advanced
- displayName: Backup PVC storage class
path: backup_storage_class
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:advanced
- displayName: Database backup label selector
path: postgres_label_selector
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image
path: postgres_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image Version
path: postgres_image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
statusDescriptors:
- description: The persistent volume claim name used during backup
displayName: Backup claim
path: backupClaim
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: The directory data is backed up to on the PVC
displayName: Backup directory
path: backupDirectory
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
version: v1beta1
- displayName: AWX Restore
kind: AWXRestore
name: awxrestores.awx.ansible.com
specDescriptors:
- displayName: Backup source to restore ?
path: backup_source
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:select:CR
- urn:alm:descriptor:com.tectonic.ui:select:PVC
- displayName: Backup name
path: backup_name
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:CR
- displayName: Name of newly restored deployment
path: deployment_name
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Backup persistent volume claim
path: backup_pvc
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC
- displayName: Backup namespace
path: backup_pvc_namespace
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Backup directory in the persistent volume claim
path: backup_dir
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC
- displayName: Database restore label selector
path: postgres_label_selector
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image
path: postgres_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image Version
path: postgres_image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
statusDescriptors:
- description: The state of the restore
displayName: Restore status
path: restoreComplete
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
version: v1beta1
- description: A AWX Instance
displayName: AWX
kind: AWX
name: awxs.awx.ansible.com
specDescriptors:
- displayName: Hostname
path: hostname
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Admin account username
path: admin_user
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Admin email address
path: admin_email
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Admin password secret
path: admin_password_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Database configuration secret
path: postgres_configuration_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Old Database configuration secret
path: old_postgres_configuration_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Secret key secret
path: secret_key_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Broadcast Websocket Secret
path: broadcast_websocket_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Service Account Annotations
path: service_account_annotations
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Tower Service Type
path: service_type
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:select:ClusterIP
- urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer
- urn:alm:descriptor:com.tectonic.ui:select:NodePort
- displayName: Tower Ingress Type
path: ingress_type
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:select:none
- urn:alm:descriptor:com.tectonic.ui:select:Ingress
- urn:alm:descriptor:com.tectonic.ui:select:Route
- displayName: Tower Ingress Annotations
path: ingress_annotations
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress
- displayName: Tower Ingress TLS Secret
path: ingress_tls_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress
- displayName: Tower LoadBalancer Annotations
path: loadbalancer_annotations
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
- displayName: Tower LoadBalancer Protocol
path: loadbalancer_protocol
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:select:http
- urn:alm:descriptor:com.tectonic.ui:select:https
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
- displayName: Tower LoadBalancer Port
path: loadbalancer_port
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:number
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer
- displayName: Tower NodePort Port
path: nodeport_port
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:number
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:NodePort
- displayName: Route DNS host
path: route_host
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route
- displayName: Route TLS termination mechanism
path: route_tls_termination_mechanism
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:select:Edge
- urn:alm:descriptor:com.tectonic.ui:select:Passthrough
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route
- displayName: Route TLS credential secret
path: route_tls_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route
- displayName: Image Pull Policy
path: image_pull_policy
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:imagePullPolicy
- displayName: Image Pull Secret
path: image_pull_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Web container resource requirements
path: web_resource_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
- displayName: Task container resource requirements
path: task_resource_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
- displayName: EE Control Plane container resource requirements
path: ee_resource_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
- displayName: PostgreSQL container resource requirements (when using a managed
instance)
path: postgres_resource_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
- displayName: PostgreSQL container storage requirements (when using a managed
instance)
path: postgres_storage_requirements
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
- displayName: Replicas
path: replicas
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:number
- displayName: Remove used secrets on instance removal ?
path: garbage_collect_secrets
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
- displayName: Preload instance with data upon creation ?
path: create_preload_data
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
- displayName: Deploy the instance in development mode ?
path: development_mode
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Should the task container deployed with privileged level ?
path: task_privileged
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Deployment Type
path: deployment_type
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Deployment Kind
path: kind
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Deployment apiVersion
path: api_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Image
path: image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Image Version
path: image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Redis Image
path: redis_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Redis Image Version
path: redis_image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image
path: postgres_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: PostgreSQL Image Version
path: postgres_image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Postgres Selector
path: postgres_selector
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Postgres Label Selector
path: postgres_label_selector
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Postgres Tolerations
path: postgres_tolerations
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Postgres Storage Class
path: postgres_storage_class
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Postgres Datapath
path: postgres_data_path
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Certificate Authorirty Trust Bundle
path: ca_trust_bundle
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: LDAP Certificate Authority Trust Bundle
path: ldap_cacert_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- displayName: Task Args
path: task_args
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Enable persistence for /var/lib/projects directory?
path: projects_persistence
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
- displayName: Use existing Persistent Claim?
path: projects_use_existing_claim
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:select:_Yes_
- urn:alm:descriptor:com.tectonic.ui:select:_No_
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_persistence:true
- displayName: Projects Existing Persistent Claim
path: projects_existing_claim
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_Yes_
- urn:alm:descriptor:io.kubernetes:PersistentVolumeClaim
- description: Projects Storage Class Name. If not present, the default storage
class will be used.
displayName: Projects Storage Class Name
path: projects_storage_class
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_
- urn:alm:descriptor:com.tectonic.ui:text
- description: Projects Storage Size
displayName: Projects Storage Size
path: projects_storage_size
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_
- urn:alm:descriptor:com.tectonic.ui:text
- description: Projects Storage Access Mode
displayName: Projects Storage Access Mode
path: projects_storage_access_mode
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_
- urn:alm:descriptor:com.tectonic.ui:text
- displayName: Task Command
path: task_command
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Environment variables to be added to Task container
displayName: Task Extra Env
path: task_extra_env
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Specify volume mounts to be added to Execution container
displayName: EE Extra Volume Mounts
path: ee_extra_volume_mounts
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Registry path to the Execution Environment container to use
displayName: EE Images
path: ee_images
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Environment variables to be added to EE container
displayName: EE Extra Env
path: ee_extra_env
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Registry path to the Execution Environment container to use on
control plane pods
displayName: Control Plane EE Image
path: control_plane_ee_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: EE Images Pull Credentials Secret
displayName: EE Images Pull Credentials Secret
path: ee_pull_credentials_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
- description: Specify volume mounts to be added to Task container
displayName: Task Extra Volume Mounts
path: task_extra_volume_mounts
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Web Args
path: web_args
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Web Command
path: web_command
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Environment variables to be added to Web container
displayName: Web Extra Env
path: web_extra_env
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Specify volume mounts to be added to Web container
displayName: Web Extra Volume Mounts
path: web_extra_volume_mounts
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Specify extra volumes to add to the application pod
displayName: Extra Volumes
path: extra_volumes
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Node Selector
path: node_selector
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Service Labels
path: service_labels
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:text
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: Tolerations
path: tolerations
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- displayName: API Extra Settings
path: extra_settings
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Registry path to the init container to use
displayName: Init Container Image
path: init_container_image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Init container image version to use
displayName: Init Container Image Version
path: init_container_image_version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Specify Extra commands for the Init container
displayName: Init Container Extra Commands
path: init_container_extra_commands
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Specify volume mounts to be added to Init container
displayName: Init Container Extra Volume Mounts
path: init_container_extra_volume_mounts
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:com.tectonic.ui:hidden
- description: Secret where can be found the trusted Certificate Authority Bundle
path: bundle_cacert_secret
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:advanced
- urn:alm:descriptor:io.kubernetes:Secret
statusDescriptors:
- description: Route to access the instance deployed
displayName: URL
path: URL
x-descriptors:
- urn:alm:descriptor:org.w3:link
- description: Admin user for the instance deployed
displayName: Admin User
path: adminUser
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Admin password for the instance deployed
displayName: Admin Password
path: adminPasswordSecret
x-descriptors:
- urn:alm:descriptor:io.kubernetes:Secret
- description: Version of the instance deployed
displayName: Version
path: version
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
- description: Image of the instance deployed
displayName: Image
path: image
x-descriptors:
- urn:alm:descriptor:com.tectonic.ui:text
version: v1beta1
description: AWX operator
displayName: AWX
icon:
- base64data: ""
mediatype: ""
install:
spec:
clusterPermissions:
- rules:
- apiGroups:
- route.openshift.io
resources:
- routes
- routes/custom-host
verbs:
- '*'
- apiGroups:
- ""
- rbac.authorization.k8s.io
resources:
- pods
- services
- services/finalizers
- serviceaccounts
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- roles
- rolebindings
verbs:
- '*'
- apiGroups:
- apps
- networking.k8s.io
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
- ingresses
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- awx-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- deployments/scale
- statefulsets/scale
verbs:
- patch
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- apiGroups:
- awx.ansible.com
resources:
- '*'
- awxbackups
- awxrestores
verbs:
- '*'
serviceAccountName: awx-operator
deployments:
- name: awx-operator
spec:
replicas: 1
selector:
matchLabels:
name: awx-operator
strategy: {}
template:
metadata:
labels:
name: awx-operator
spec:
containers:
- env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.annotations['olm.targetNamespaces']
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: awx-operator
- name: ANSIBLE_GATHERING
value: explicit
- name: OPERATOR_VERSION
value: 0.13.0
- name: ANSIBLE_DEBUG_LOGS
value: "false"
image: quay.io/ansible/awx-operator:0.13.0
imagePullPolicy: Always
livenessProbe:
httpGet:
path: /healthz
port: 6789
initialDelaySeconds: 15
periodSeconds: 20
name: awx-operator
resources: {}
volumeMounts:
- mountPath: /tmp/ansible-operator/runner
name: runner
serviceAccountName: awx-operator
volumes:
- emptyDir: {}
name: runner
strategy: deployment
installModes:
- supported: true
type: OwnNamespace
- supported: false
type: SingleNamespace
- supported: false
type: MultiNamespace
- supported: false
type: AllNamespaces
keywords:
- awx
links:
- name: Awx Operator
url: https://github.com/ansible/awx-operator
maintainers:
- email: yguenane@redhat.com
name: Yanis Guenane
maturity: alpha
provider:
name: AWX Community
url: https://github.com/ansible/awx-operator
replaces: awx-operator.v0.12.0
version: 0.13.0

85
deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxbackups_crd.yaml
View File

@@ -1,85 +0,0 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: awxbackups.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWXBackup
listKind: AWXBackupList
plural: awxbackups
singular: awxbackup
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: Schema validation for the AWXBackup CRD
properties:
spec:
properties:
backup_pvc:
description: Name of the PVC to be used for storing the backup
type: string
backup_pvc_namespace:
description: Namespace the PVC is in
type: string
backup_storage_class:
description: Storage class to use when creating PVC for backup
type: string
backup_storage_requirements:
description: Storage requirements for the PostgreSQL container
type: string
deployment_name:
description: Name of the deployment to be backed up
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for backing
up data
type: string
required:
- deployment_name
type: object
status:
properties:
backupClaim:
description: Backup persistent volume claim
type: string
backupDirectory:
description: Backup directory name on the specified pvc
type: string
conditions:
description: The resulting conditions when a Service Telemetry is
instantiated
items:
properties:
lastTransitionTime:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
type: array
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null

88
deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxrestores_crd.yaml
View File

@@ -1,88 +0,0 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: awxrestores.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWXRestore
listKind: AWXRestoreList
plural: awxrestores
singular: awxrestore
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: Schema validation for the AWXRestore CRD
properties:
spec:
properties:
backup_dir:
description: Backup directory name, set as a status found on the awxbackup
object (backupDirectory)
type: string
backup_name:
description: AWXBackup object name
type: string
backup_pvc:
description: Name of the PVC to be restored from, set as a status
found on the awxbackup object (backupClaim)
type: string
backup_pvc_namespace:
description: Namespace the PVC is in
type: string
backup_source:
description: Backup source
enum:
- CR
- PVC
type: string
deployment_name:
description: Name of the deployment to be restored to
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for backing
up data
type: string
type: object
status:
properties:
conditions:
description: The resulting conditions when a Service Telemetry is
instantiated
items:
properties:
lastTransitionTime:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
type: array
restoreComplete:
description: Restore process complete
type: boolean
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null

463
deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml
View File

@@ -1,463 +0,0 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: awxs.awx.ansible.com
spec:
group: awx.ansible.com
names:
kind: AWX
listKind: AWXList
plural: awxs
singular: awx
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: Schema validation for the AWX CRD
properties:
spec:
properties:
admin_email:
description: The admin user email
type: string
admin_password_secret:
description: Secret where the admin password can be found
type: string
admin_user:
default: admin
description: Username to use for the admin account
type: string
api_version:
description: apiVersion of the deployment type
type: string
broadcast_websocket_secret:
description: Secret where the broadcast websocket secret can be found
type: string
bundle_cacert_secret:
description: Secret where can be found the trusted Certificate Authority
Bundle
type: string
ca_trust_bundle:
description: Path where the trusted CA bundle is available
type: string
control_plane_ee_image:
description: Registry path to the Execution Environment container
image to use on control plane pods
type: string
create_preload_data:
default: true
description: Whether or not to preload data upon instance creation
type: boolean
deployment_type:
description: Name of the deployment type
type: string
development_mode:
description: If the deployment should be done in development mode
type: boolean
ee_extra_env:
type: string
ee_extra_volume_mounts:
description: Specify volume mounts to be added to Execution container
type: string
ee_images:
description: Registry path to the Execution Environment container
to use
items:
properties:
image:
type: string
name:
type: string
type: object
type: array
ee_pull_credentials_secret:
description: Secret where pull credentials for registered ees can
be found
type: string
ee_resource_requirements:
description: Resource requirements for the ee container
properties:
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
extra_settings:
description: Extra settings to specify for the API
items:
properties:
setting:
type: string
value:
x-kubernetes-preserve-unknown-fields: true
type: object
type: array
extra_volumes:
description: Specify extra volumes to add to the application pod
type: string
garbage_collect_secrets:
default: false
description: Whether or not to remove secrets upon instance removal
type: boolean
hostname:
description: The hostname of the instance
type: string
image:
description: Registry path to the application container to use
type: string
image_pull_policy:
default: IfNotPresent
description: The image pull policy
enum:
- Always
- always
- Never
- never
- IfNotPresent
- ifnotpresent
type: string
image_pull_secret:
description: The image pull secret
type: string
image_version:
description: Application container image version to use
type: string
ingress_annotations:
description: Annotations to add to the Ingress Controller
type: string
ingress_path:
description: The ingress path used to reach the deployed service
type: string
ingress_tls_secret:
description: Secret where the Ingress TLS secret can be found
type: string
ingress_type:
description: The ingress type to use to reach the deployed instance
enum:
- none
- Ingress
- ingress
- Route
- route
type: string
init_container_extra_commands:
description: Extra commands for the init container
type: string
init_container_extra_volume_mounts:
description: Specify volume mounts to be added to the init container
type: string
init_container_image:
description: Registry path to the init container to use
type: string
init_container_image_version:
description: Init container image version to use
type: string
kind:
description: Kind of the deployment type
type: string
ldap_cacert_secret:
description: Secret where can be found the LDAP trusted Certificate
Authority Bundle
type: string
loadbalancer_annotations:
description: Annotations to add to the loadbalancer
type: string
loadbalancer_port:
default: 80
description: Port to use for the loadbalancer
type: integer
loadbalancer_protocol:
default: http
description: Protocol to use for the loadbalancer
enum:
- http
- https
type: string
nodeport_port:
default: 30080
description: Port to use for the nodeport
type: integer
node_selector:
description: nodeSelector for the pods
type: string
old_postgres_configuration_secret:
description: Secret where the old database configuration can be found
for data migration
type: string
postgres_configuration_secret:
description: Secret where the database configuration can be found
type: string
postgres_data_path:
description: Path where the PostgreSQL data are located
type: string
postgres_image:
description: Registry path to the PostgreSQL container to use
type: string
postgres_image_version:
description: PostgreSQL container image version to use
type: string
postgres_label_selector:
description: Label selector used to identify postgres pod for data
migration
type: string
postgres_resource_requirements:
description: Resource requirements for the PostgreSQL container
properties:
limits:
properties:
cpu:
type: string
memory:
type: string
type: object
requests:
properties:
cpu:
type: string
memory:
type: string
type: object
type: object
postgres_selector:
description: nodeSelector for the Postgres pods
type: string
postgres_storage_class:
description: Storage class to use for the PostgreSQL PVC
type: string
postgres_storage_requirements:
description: Storage requirements for the PostgreSQL container
properties:
limits:
properties:
storage:
type: string
type: object
requests:
properties:
storage:
type: string
type: object
type: object
postgres_tolerations:
description: node tolerations for the Postgres pods
type: string
projects_existing_claim:
description: PersistentVolumeClaim to mount /var/lib/projects directory
type: string
projects_persistence:
default: false
description: Whether or not the /var/lib/projects directory will be
persistent
type: boolean
projects_storage_access_mode:
default: ReadWriteMany
description: AccessMode for the /var/lib/projects PersistentVolumeClaim
type: string
projects_storage_class:
description: Storage class for the /var/lib/projects PersistentVolumeClaim
type: string
projects_storage_size:
default: 8Gi
description: Size for the /var/lib/projects PersistentVolumeClaim
type: string
projects_use_existing_claim:
description: Using existing PersistentVolumeClaim
enum:
- _Yes_
- _No_
type: string
redis_image:
description: Registry path to the redis container to use
type: string
redis_image_version:
description: Redis container image version to use
type: string
replicas:
default: 1
description: Number of instance replicas
format: int32
type: integer
route_host:
description: The DNS to use to points to the instance
type: string
route_tls_secret:
description: Secret where the TLS related credentials are stored
type: string
route_tls_termination_mechanism:
default: Edge
description: The secure TLS termination mechanism to use
enum:
- Edge
- edge
- Passthrough
- passthrough
type: string
secret_key_secret:
description: Secret where the secret key can be found
type: string
service_account_annotations:
description: ServiceAccount annotations
type: string
service_labels:
description: Additional labels to apply to the service
type: string
service_type:
description: The service type to be used on the deployed instance
enum:
- LoadBalancer
- loadbalancer
- ClusterIP
- clusterip
- NodePort
- nodeport
type: string
task_args:
items:
type: string
type: array
task_command:
items:
type: string
type: array
task_extra_env:
type: string
task_extra_volume_mounts:
description: Specify volume mounts to be added to Task container
type: string
task_privileged:
default: false
description: If a privileged security context should be enabled
type: boolean
task_resource_requirements:
description: Resource requirements for the task container
properties:
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
tolerations:
description: node tolerations for the pods
type: string
web_args:
items:
type: string
type: array
web_command:
items:
type: string
type: array
web_extra_env:
type: string
web_extra_volume_mounts:
description: Specify volume mounts to be added to the Web container
type: string
web_resource_requirements:
description: Resource requirements for the web container
properties:
limits:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
requests:
properties:
cpu:
type: string
memory:
type: string
storage:
type: string
type: object
type: object
type: object
status:
properties:
URL:
description: URL to access the deployed instance
type: string
adminPasswordSecret:
description: Admin password secret name of the deployed instance
type: string
adminUser:
description: Admin user of the deployed instance
type: string
broadcastWebsocketSecret:
description: Broadcast websocket secret name of the deployed instance
type: string
conditions:
description: The resulting conditions when a Service Telemetry is
instantiated
items:
properties:
lastTransitionTime:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
type: array
image:
description: URL of the image used for the deployed instance
type: string
migratedFromSecret:
description: The secret used for migrating an old instance.
type: string
postgresConfigurationSecret:
description: Postgres Configuration secret name of the deployed instance
type: string
secretKeySecret:
description: Secret key secret name of the deployed instance
type: string
version:
description: Version of the deployed instance
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null

10
deploy/olm-catalog/awx-operator/metadata/annotations.yaml
View File

@@ -1,10 +0,0 @@
annotations:
operators.operatorframework.io.bundle.channel.default.v1: alpha
operators.operatorframework.io.bundle.channels.v1: alpha
operators.operatorframework.io.bundle.manifests.v1: manifests/
operators.operatorframework.io.bundle.mediatype.v1: registry+v1
operators.operatorframework.io.bundle.metadata.v1: metadata/
operators.operatorframework.io.bundle.package.v1: awx-operator
operators.operatorframework.io.metrics.builder: operator-sdk-v0.19.4
operators.operatorframework.io.metrics.mediatype.v1: metrics+v1
operators.operatorframework.io.metrics.project_layout: ansible

5
main.yml
View File

@@ -1,5 +0,0 @@
---
- hosts: localhost
gather_facts: no
roles:
- installer

0
playbooks/.gitkeep Normal file
View File

0
projects/.gitkeep Normal file
View File

4
requirements.yml
View File

@@ -1,6 +1,6 @@
--- ---
collections: collections:
- name: kubernetes.core - name: kubernetes.core
version: '==1.1.1' version: '==1.2.1'
- name: operator_sdk.util - name: operator_sdk.util
version: '==0.1.0' version: "0.2.0"

4
watches.yaml
View File

@@ -1,8 +1,9 @@
--- ---
# Use the 'create api' subcommand to add watches to this file.
- version: v1beta1 - version: v1beta1
group: awx.ansible.com group: awx.ansible.com
kind: AWX kind: AWX
playbook: /opt/ansible/main.yml role: installer
- version: v1beta1 - version: v1beta1
group: awx.ansible.com group: awx.ansible.com
@@ -13,3 +14,4 @@
group: awx.ansible.com group: awx.ansible.com
kind: AWXRestore kind: AWXRestore
role: restore role: restore
#+kubebuilder:scaffold:watch