Merge pull request #214 from gamuniz/expose_extra_volume_config

Expose extra volume config

README.md

@@ -26,6 +26,7 @@ An [Ansible AWX](https://github.com/ansible/awx) operator for Kubernetes built w
          * [Containers Resource Requirements](#containers-resource-requirements)
          * [LDAP Certificate Authority](#ldap-certificate-authority)
          * [Persisting Projects Directory](#persisting-projects-directory)
+         * [Custom Volume and Volume Mount Options](#custom-volume-and-volume-mount-options)
    * [Development](#development)
       * [Testing](#testing)
          * [Testing in Docker](#testing-in-docker)
@@ -410,6 +411,72 @@ spec:
   tower_projects_storage_size: 20Gi
 ```
 
+#### Custom Volume and Volume Mount Options
+
+In a scenario where custom volumes and volume mounts are required to either overwrite defaults or mount configuration files.
+
+| Name                           | Description                                              | Default |
+| ------------------------------ | -------------------------------------------------------- | ------- |
+| tower_extra_volumes            | Specify extra volumes to add to the application pod      | ''      |
+| tower_web_extra_volume_mounts  | Specify volume mounts to be added to Web container       | ''      |
+| tower_task_extra_volume_mounts | Specify volume mounts to be added to Task container      | ''      |
+| tower_ee_extra_volume_mounts   | Specify volume mounts to be added to Execution container | ''      |
+
+Example configuration for ConfigMap
+
+```yaml
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: <resourcename>-extra-config
+  namespace: <target namespace>
+data:
+  ansible.cfg: |
+     [defaults]
+     remote_tmp = /tmp
+     [ssh_connection]
+     ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
+  custom.py:  |
+      INSIGHTS_URL_BASE = "example.org"
+      AWX_CLEANUP_PATHS = True
+```
+Example spec file for volumes and volume mounts
+
+```yaml
+---
+    spec:
+    ...
+      tower_ee_extra_volume_mounts: |
+        - name: ansible-cfg
+          mountPath: /etc/ansible/ansible.cfg
+          subPath: ansible.cfg
+
+      tower_task_extra_volume_mounts: |
+        - name: custom-py
+          mountPath: /etc/tower/conf.d/custom.py
+          subPath: custom.py
+
+      tower_extra_volumes: |
+        - name: ansible-cfg
+          configMap:
+            defaultMode: 420
+            items:
+              - key: ansible.cfg
+                path: ansible.cfg
+            name: <resourcename>-extra-config
+        - name: custom-py
+          configMap:
+            defaultMode: 420
+            items:
+              - key: custom.py
+                path: custom.py
+            name: <resourcename>-extra-config
+
+```
+
+> :warning: **Volume and VolumeMount names cannot contain underscores(_)**
+
 ## Development
 
 ### Testing

ansible/templates/crd.yml.j2

@@ -214,9 +214,14 @@ spec:
                   type: string
                 tower_web_extra_env:
                   type: string
+                tower_ee_extra_volume_mounts:
+                  description: Specify volume mounts to be added to Execution container
+                  type: string
                 tower_task_extra_volume_mounts:
+                  description: Specify volume mounts to be added to Task container
                   type: string
                 tower_web_extra_volume_mounts:
+                  description: Specify volume mounts to be added to the Web container
                   type: string
                 tower_redis_image:
                   description: Registry path to the redis container to use

deploy/olm-catalog/awx-operator/manifests/awx-operator.clusterserviceversion.yaml

@@ -299,7 +299,14 @@ spec:
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:hidden
+      - displayName: 
+        path: tower_ee_extra_volume_mounts
+        description: Specify volume mounts to be added to Execution container
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:hidden
       - displayName: Tower Task Extra Volume Mounts
+        description: Specify volume mounts to be added to Task container
         path: tower_task_extra_volume_mounts
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
@@ -320,11 +327,13 @@ spec:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:hidden
       - displayName: Tower Web Extra Volume Mounts
+        description: Specify volume mounts to be added to Web container
         path: tower_web_extra_volume_mounts
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:hidden
       - displayName: Tower Extra Volumes
+        description: Specify extra volumes to add to the application pod
         path: tower_extra_volumes
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced

deploy/olm-catalog/awx-operator/manifests/awx.ansible.com_awxs_crd.yaml

@@ -226,7 +226,11 @@ spec:
                 type: array
               tower_task_extra_env:
                 type: string
+              tower_ee_extra_volume_mounts:
+                description: Specify volume mounts to be added to Execution container
+                type: string
               tower_task_extra_volume_mounts:
+                description: Specify volume mounts to be added to Task container
                 type: string
               tower_task_privileged:
                 default: false
@@ -268,6 +272,7 @@ spec:
               tower_web_extra_env:
                 type: string
               tower_web_extra_volume_mounts:
+                description: Specify volume mounts to be added to web container
                 type: string
               tower_web_resource_requirements:
                 description: Resource requirements for the web container

roles/installer/defaults/main.yml

@@ -126,7 +126,7 @@ tower_web_extra_env: ''
 #     mountPath: /some/path
 tower_task_extra_volume_mounts: ''
 tower_web_extra_volume_mounts: ''
-
+tower_ee_extra_volume_mounts: ''
 tower_redis_image: redis:latest
 
 tower_postgres_image: postgres:12

roles/installer/templates/tower_deployment.yaml.j2

@@ -61,7 +61,16 @@ spec:
 {% endif %}
           volumeMounts:
             - name: "{{ meta.name }}-application-credentials"
-              mountPath: "/etc/tower/conf.d/"
+              mountPath: "/etc/tower/conf.d/execution_environments.py"
+              subPath: execution_environments.py
+              readOnly: true
+            - name: "{{ meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/credentials.py"
+              subPath: credentials.py
+              readOnly: true
+            - name: "{{ meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/ldap.py"
+              subPath: ldap.py
               readOnly: true
 {% if tower_ingress_type | lower == 'route' and tower_route_tls_termination_mechanism | lower == 'passthrough' %}
             - name: "{{ meta.name }}-nginx-certs"
@@ -129,7 +138,16 @@ spec:
 {% endif %}
           volumeMounts:
             - name: "{{ meta.name }}-application-credentials"
-              mountPath: "/etc/tower/conf.d/"
+              mountPath: "/etc/tower/conf.d/execution_environments.py"
+              subPath: execution_environments.py
+              readOnly: true
+            - name: "{{ meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/credentials.py"
+              subPath: credentials.py
+              readOnly: true
+            - name: "{{ meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/ldap.py"
+              subPath: ldap.py
               readOnly: true
             - name: "{{ secret_key_secret_name }}"
               mountPath: /etc/tower/SECRET_KEY
@@ -196,6 +214,9 @@ spec:
               mountPath: "/var/run/receptor"
             - name: "{{ meta.name }}-projects"
               mountPath: "/var/lib/awx/projects"
+{% if tower_ee_extra_volume_mounts -%}
+            {{ tower_ee_extra_volume_mounts | indent(width=12, indentfirst=True) }}
+{% endif %}
 {% if development_mode | bool %}
           env:
             - name: SDB_NOTIFY_HOST