diff --git a/README.md b/README.md index 71bd3bef..eac09bf8 100644 --- a/README.md +++ b/README.md @@ -176,14 +176,13 @@ Then push the generated image to Docker Hub: #### Build a new version of the `awx-operator.yaml` file -Update the awx-operator version in two places: +Update the awx-operator version: - 1. `deploy/awx-operator.yaml`: in the `ansible` and `operator` container definitions in the `awx-operator` Deployment. - 2. `build/chain-operator-files.yml`: the `operator_image` variable. + - `ansible/group_vars/all` -Once the versions are updated, run the playbook in the `build/` directory: +Once the version has been updated, run from the root of the repo: - ansible-playbook chain-operator-files.yml + ansible-playbook ansible/chain-operator-files.yml After it is built, test it on a local cluster: diff --git a/ansible/awx-operator.yaml.j2 b/ansible/awx-operator.yaml.j2 new file mode 100644 index 00000000..18ab6893 --- /dev/null +++ b/ansible/awx-operator.yaml.j2 @@ -0,0 +1,12 @@ +#jinja2: trim_blocks:False +# This file is generated by Ansible. Changes will be lost. +# Update templates under ansible/templates/ +{% include 'role.yml.j2' %} + +{% include 'role_binding.yml.j2' %} + +{% include 'service_account.yml.j2' %} + +{% include 'operator.yml.j2' %} + +{% include 'crd.yml.j2' %} diff --git a/ansible/build-and-push.yml b/ansible/build-and-push.yml new file mode 100644 index 00000000..4cdcb1d7 --- /dev/null +++ b/ansible/build-and-push.yml @@ -0,0 +1,17 @@ +--- +- name: Build and Deploy the AWX Operator + hosts: localhost + + collections: + - community.general + + tasks: + - name: Build and (optionally) push operator image + docker_image: + name: "{{ operator_image }}:{{ operator_version }}" + pull: no + push: "{{ push_image | bool }}" + build: + dockerfile: "build/Dockerfile" + path: "../" + force: yes diff --git a/ansible/chain-operator-files.yml b/ansible/chain-operator-files.yml new file mode 100644 index 00000000..5edf0a4a --- /dev/null +++ b/ansible/chain-operator-files.yml @@ -0,0 +1,17 @@ +--- +# To run: `ansible-playbook chain-operator-files.yml` +- name: Chain operator files together for easy deployment. + hosts: localhost + connection: local + gather_facts: false + + tasks: + - name: Template CRD + template: + src: crd.yml.j2 + dest: "{{ playbook_dir }}/../deploy/crds/awx_v1beta1_crd.yaml" + + - name: Template awx-operator.yaml + template: + src: awx-operator.yaml.j2 + dest: ../deploy/awx-operator.yaml diff --git a/ansible/deploy-operator.yml b/ansible/deploy-operator.yml new file mode 100644 index 00000000..c7fdc045 --- /dev/null +++ b/ansible/deploy-operator.yml @@ -0,0 +1,29 @@ +--- +- name: Reconstruct awx-operator.yaml + include: chain-operator-files.yml + +- name: Deploy Operator + hosts: localhost + vars: + k8s_namespace: "default" + obliterate: no + + collections: + - community.kubernetes + + tasks: + - name: Obliterate Operator + k8s: + state: absent + namespace: "{{ k8s_namespace }}" + src: "../deploy/awx-operator.yaml" + wait: yes + when: obliterate | bool + + - name: Deploy Operator + k8s: + state: present + namespace: "{{ k8s_namespace }}" + apply: yes + wait: yes + src: "../deploy/awx-operator.yaml" diff --git a/ansible/group_vars/all b/ansible/group_vars/all new file mode 100644 index 00000000..13e4ac87 --- /dev/null +++ b/ansible/group_vars/all @@ -0,0 +1,5 @@ +operator_image: ansible/awx-operator +operator_version: 0.5.0 +pull_policy: Always +operator_file_path: "../deploy/awx-operator.yaml" +operator_template: "../deploy/operator.yaml" diff --git a/ansible/instantiate-awx-deployment.yml b/ansible/instantiate-awx-deployment.yml new file mode 100644 index 00000000..c68e3138 --- /dev/null +++ b/ansible/instantiate-awx-deployment.yml @@ -0,0 +1,26 @@ +--- +- name: Deploy an instance of AWX using the awx-operator + hosts: localhost + + collections: + - community.kubernetes + + tasks: + - name: Deploy AWX + k8s: + state: "{{ state | default('present') }}" + namespace: awx + apply: yes + wait: yes + definition: + apiVersion: awx.ansible.com/v1beta1 + kind: AWX + metadata: + name: awx + spec: + deployment_type: awx + tower_admin_user: test + tower_admin_email: test@example.com + tower_admin_password: changeme + tower_broadcast_websocket_secret: changeme + tower_ingress_type: Route diff --git a/ansible/templates/crd.yml.j2 b/ansible/templates/crd.yml.j2 new file mode 100644 index 00000000..d6fa6c70 --- /dev/null +++ b/ansible/templates/crd.yml.j2 @@ -0,0 +1,55 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: awxs.awx.ansible.com +spec: + group: awx.ansible.com + names: + kind: AWX + listKind: AWXList + plural: awxs + singular: awx + scope: Namespaced + subresources: + status: {} + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true + validation: + openAPIV3Schema: + description: Schema validation for the AWX CRD + type: object + properties: + spec: + type: object + properties: + deployment_type: + type: string + pattern: "^(tower|awx)(-)?.*$" + external_database: + type: boolean + description: | + If true you must supply a secret containing the location and credentials for + connecting to the external database by a user who has permission to create + and apply a schema. + + The secret should have the name: -postgres-configuration and + should look like: + + apiVersion: v1 + kind: Secret + metadata: + name: -postgres-configuration + namespace: + stringData: + host: + port: + database: + username: + password: + type: Opaque + required: + - deployment_type diff --git a/deploy/operator.yaml b/ansible/templates/operator.yml.j2 similarity index 90% rename from deploy/operator.yaml rename to ansible/templates/operator.yml.j2 index 43f73ea5..d6105102 100644 --- a/deploy/operator.yaml +++ b/ansible/templates/operator.yml.j2 @@ -20,14 +20,14 @@ spec: - /usr/local/bin/ao-logs - /tmp/ansible-operator/runner - stdout - image: "{{ operator_image }}" + image: "{{ operator_image }}:{{ operator_version }}" imagePullPolicy: "{{ pull_policy|default('Always') }}" volumeMounts: - mountPath: /tmp/ansible-operator/runner name: runner readOnly: true - name: operator - image: "{{ operator_image }}" + image: "{{ operator_image }}:{{ operator_version }}" imagePullPolicy: "{{ pull_policy|default('Always') }}" volumeMounts: - mountPath: /tmp/ansible-operator/runner diff --git a/deploy/role.yaml b/ansible/templates/role.yml.j2 similarity index 100% rename from deploy/role.yaml rename to ansible/templates/role.yml.j2 diff --git a/deploy/role_binding.yaml b/ansible/templates/role_binding.yml.j2 similarity index 100% rename from deploy/role_binding.yaml rename to ansible/templates/role_binding.yml.j2 diff --git a/deploy/service_account.yaml b/ansible/templates/service_account.yml.j2 similarity index 100% rename from deploy/service_account.yaml rename to ansible/templates/service_account.yml.j2 diff --git a/build/chain-operator-files.yml b/build/chain-operator-files.yml deleted file mode 100644 index 039f3276..00000000 --- a/build/chain-operator-files.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# To run: `ansible-playbook chain-operator-files.yml` -- name: Chain operator files together for easy deployment. - hosts: localhost - connection: local - gather_facts: false - - vars: - operator_image: ansible/awx-operator:0.5.0 - pull_policy: Always - operator_file_path: "../deploy/awx-operator.yaml" - operator_template: "../deploy/operator.yaml" - - tasks: - - name: Clear out current contents of awx-operator.yml - copy: - dest: "{{ operator_file_path }}" - content: '' - force: true - - - name: Concatenate operator files into awx-operator.yml - blockinfile: - path: "{{ operator_file_path }}" - block: "{{ item }}" - marker: "" - marker_begin: "" - marker_end: "" - insertafter: "EOF" - with_file: - - "../deploy/role.yaml" - - "../deploy/role_binding.yaml" - - "../deploy/service_account.yaml" - - "../deploy/operator.yaml" - - "../deploy/crds/awx_v1beta1_crd.yaml" - - - name: Remove space at beginning of awx-operator.yml - shell: > - echo "$(tail -n +2 {{ operator_file_path }})" > {{ operator_file_path }} - changed_when: true - - - name: Template the awx-operator.yaml file into awx-operator.yml - template: - src: "{{ operator_file_path }}" - dest: "{{ operator_file_path }}" diff --git a/deploy/awx-operator.yaml b/deploy/awx-operator.yaml index b3300fac..e0ffd229 100644 --- a/deploy/awx-operator.yaml +++ b/deploy/awx-operator.yaml @@ -1,3 +1,5 @@ +# This file is generated by Ansible. Changes will be lost. +# Update templates under ansible/templates/ --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 63c841d6..a5edb8fb 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -6,6 +6,9 @@ vars: ansible_python_interpreter: '{{ ansible_playbook_python }}' deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" + templates_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/templates" + vars_files: + - "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/group_vars/all" tasks: - name: Create Custom Resource Definition @@ -20,9 +23,9 @@ - name: Create RBAC resources k8s: - definition: "{{ lookup('template', '/'.join([deploy_dir, item])) }}" + definition: "{{ lookup('template', '/'.join([templates_dir, item])) }}" namespace: '{{ operator_namespace }}' with_items: - - role.yaml - - role_binding.yaml - - service_account.yaml + - role.yml.j2 + - role_binding.yml.j2 + - service_account.yml.j2 diff --git a/molecule/test-local/converge.yml b/molecule/test-local/converge.yml index 58f94183..b098524f 100644 --- a/molecule/test-local/converge.yml +++ b/molecule/test-local/converge.yml @@ -24,9 +24,12 @@ vars: ansible_python_interpreter: '{{ ansible_playbook_python }}' deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" + templates_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/templates" pull_policy: Never operator_image: awx.ansible.com/awx-operator:testing custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx_v1beta1_molecule.yaml'])) | from_yaml }}" + vars_files: + - "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/group_vars/all" tasks: @@ -36,7 +39,7 @@ k8s: state: absent namespace: '{{ operator_namespace }}' - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) }}" register: delete_deployment when: hostvars[groups.k8s.0].build_cmd.changed @@ -47,7 +50,7 @@ namespace: '{{ operator_namespace }}' name: '{{ definition.metadata.name }}' vars: - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) | from_yaml }}" register: deployment until: not deployment.resources delay: 3 @@ -57,7 +60,7 @@ - name: Create the Operator Deployment k8s: namespace: '{{ operator_namespace }}' - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) }}" - name: Ensure the AWX custom_resource namespace exists k8s: @@ -119,7 +122,7 @@ environment: KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}' vars: - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) | from_yaml }}" register: log - name: print debug output diff --git a/molecule/test-minikube/converge.yml b/molecule/test-minikube/converge.yml index c0c56596..8a8c98e5 100644 --- a/molecule/test-minikube/converge.yml +++ b/molecule/test-minikube/converge.yml @@ -32,10 +32,13 @@ vars: ansible_python_interpreter: '{{ ansible_playbook_python }}' deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" + templates_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/templates" pull_policy: Never operator_image: awx.ansible.com/awx-operator:testing # Change this to _awx to test AWX, _tower to test Tower. custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx_v1beta1_molecule.yaml'])) | from_yaml }}" + vars_files: + - "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/ansible/group_vars/all" tasks: - block: @@ -43,7 +46,7 @@ k8s: state: absent namespace: '{{ operator_namespace }}' - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) }}" register: delete_deployment when: build_cmd.changed @@ -54,7 +57,7 @@ namespace: '{{ operator_namespace }}' name: '{{ definition.metadata.name }}' vars: - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) | from_yaml }}" register: deployment until: not deployment.resources delay: 3 @@ -64,7 +67,7 @@ - name: Create the Operator Deployment k8s: namespace: '{{ operator_namespace }}' - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) }}" - name: Ensure the AWX custom_resource namespace exists k8s: @@ -126,7 +129,7 @@ environment: KUBECONFIG: '{{ lookup("env", "KUBECONFIG") }}' vars: - definition: "{{ lookup('template', '/'.join([deploy_dir, 'operator.yaml'])) | from_yaml }}" + definition: "{{ lookup('template', '/'.join([templates_dir, 'operator.yml.j2'])) | from_yaml }}" register: log - name: print debug output