Issue #5: Allow switching between running open source AWX and Ansible Tower.

build/Dockerfile

@@ -1,5 +1,8 @@
 FROM quay.io/operator-framework/ansible-operator:v0.10.0
 
+# Install kubectl.
+COPY --from=lachlanevenson/k8s-kubectl:v1.16.2 /usr/local/bin/kubectl /usr/local/bin/kubectl
+
 COPY watches.yaml ${HOME}/watches.yaml
 
 COPY main.yml ${HOME}/main.yml

deploy/crds/tower_v1alpha1_tower_cr_awx.yaml

@@ -14,6 +14,8 @@ spec:
   tower_task_image: ansible/awx_task:9.0.1
   tower_web_image: ansible/awx_web:9.0.1
 
+  tower_create_preload_data: true
+
   tower_memcached_image: memcached:alpine
 
   tower_rabbitmq_image: rabbitmq:3

deploy/crds/tower_v1alpha1_tower_cr_tower.yaml

@@ -11,8 +11,10 @@ spec:
   tower_admin_email: test@example.com
   tower_admin_password: changeme
 
-  tower_task_image: registry.access.redhat.com/ansible-tower-36/ansible-tower:3.6.0
-  tower_web_image: registry.access.redhat.com/ansible-tower-36/ansible-tower:3.6.0
+  tower_task_image: quay.io/ansible-tower/ansible-tower:3.6.0
+  tower_web_image: quay.io/ansible-tower/ansible-tower:3.6.0
+
+  tower_create_preload_data: true
 
   tower_memcached_image: memcached:alpine
 

molecule/test-minikube/playbook.yml

@@ -34,7 +34,7 @@
     deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy"
     pull_policy: Never
     operator_image: tower.ansible.com/tower-operator:testing
-    custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_awx.yaml'])) | from_yaml }}"
+    custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/tower_v1alpha1_tower_cr_tower.yaml'])) | from_yaml }}"
 
   tasks:
     - block:

roles/tower/defaults/main.yml

@@ -14,6 +14,8 @@ tower_web_image: registry.access.redhat.com/ansible-tower-35/ansible-tower:3.5.3
 # tower_task_image: ansible/awx_task:9.0.1
 # tower_web_image: ansible/awx_web:9.0.1
 
+tower_create_preload_data: true
+
 tower_memcached_image: memcached:alpine
 
 tower_rabbitmq_image: rabbitmq:3

roles/tower/library/k8s_exec.py

@@ -1,136 +0,0 @@
-from __future__ import absolute_import, division, print_function
-
-__metaclass__ = type
-
-
-ANSIBLE_METADATA = {'metadata_version': '1.1',
-                    'status': ['preview'],
-                    'supported_by': 'community'}
-
-DOCUMENTATION = '''
-module: k8s_exec
-short_description: Execute command in Pod
-version_added: "2.10"
-author: "Tristan de Cacqueray (@tristanC)"
-description:
-  - Use the Kubernetes Python client to execute command on K8s pods.
-extends_documentation_fragment:
-  - k8s_auth_options
-requirements:
-  - "python >= 2.7"
-  - "openshift == 0.4.3"
-  - "PyYAML >= 3.11"
-options:
-  proxy:
-    description:
-    - The URL of an HTTP proxy to use for the connection. Can also be specified via K8S_AUTH_PROXY environment variable.
-    - Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY).
-    type: str
-  namespace:
-    description:
-    - The pod namespace name
-    type: str
-    required: yes
-  pod:
-    description:
-    - The pod name
-    type: str
-    required: yes
-  container:
-    description:
-    - The name of the container in the pod to connect to. Defaults to only container if there is only one container in the pod.
-    type: str
-    required: no
-  command:
-    description:
-    - The command to execute
-    type: str
-    required: yes
-'''
-
-EXAMPLES = '''
-- name: Execute a command
-  k8s_exec:
-    namespace: myproject
-    pod: zuul-scheduler
-    command: zuul-scheduler full-reconfigure
-'''
-
-RETURN = '''
-result:
-  description:
-  - The command object
-  returned: success
-  type: complex
-  contains:
-     stdout:
-       description: The command stdout
-       type: str
-     stdout_lines:
-       description: The command stdout
-       type: str
-     stderr:
-       description: The command stderr
-       type: str
-     stderr_lines:
-       description: The command stderr
-       type: str
-'''
-
-import copy
-import shlex
-from ansible.module_utils.k8s.common import KubernetesAnsibleModule
-from ansible.module_utils.k8s.common import AUTH_ARG_SPEC
-
-try:
-    from kubernetes.client.apis import core_v1_api
-    from kubernetes.stream import stream
-except ImportError:
-    # ImportError are managed by the common module already.
-    pass
-
-
-class KubernetesExecCommand(KubernetesAnsibleModule):
-    @property
-    def argspec(self):
-        spec = copy.deepcopy(AUTH_ARG_SPEC)
-        spec['namespace'] = {'type': 'str'}
-        spec['pod'] = {'type': 'str'}
-        spec['container'] = {'type': 'str'}
-        spec['command'] = {'type': 'str'}
-        return spec
-
-
-def main():
-    module = KubernetesExecCommand()
-    # Load kubernetes.client.Configuration
-    module.get_api_client()
-    api = core_v1_api.CoreV1Api()
-
-    # hack because passing the container as None breaks things
-    optional_kwargs = {}
-    if module.params.get('container'):
-        optional_kwargs['container'] = module.params['container']
-    resp = stream(
-        api.connect_get_namespaced_pod_exec,
-        module.params["pod"],
-        module.params["namespace"],
-        command=shlex.split(module.params["command"]),
-        stdout=True,
-        stderr=True,
-        stdin=False,
-        tty=False,
-        _preload_content=False, **optional_kwargs)
-    stdout, stderr = [], []
-    while resp.is_open():
-        resp.update(timeout=1)
-        if resp.peek_stdout():
-            stdout.append(resp.read_stdout())
-        if resp.peek_stderr():
-            stderr.append(resp.read_stderr())
-    module.exit_json(
-        changed=True, stdout="".join(stdout), stderr="".join(stderr))
-
-
-if __name__ == '__main__':
-    main()

roles/tower/tasks/main.yml

@@ -15,7 +15,7 @@
   # TODO: Change to k8s_info after Ansible 2.9.0 is available in Operator image.
   k8s_facts:
     kind: Pod
-    namespace: example-tower
+    namespace: '{{ meta.namespace }}'
     label_selectors:
       - app=tower
   register: tower_pods
@@ -29,38 +29,48 @@
     that: tower_pod_name != ''
     fail_msg: "Could not find the tower pod's name."
 
+- name: Check if database is populated (auth_user table exists).
+  shell: >-
+    kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
+    "echo 'from django.db import connection;
+    tbl = \"auth_user\" in connection.introspection.table_names();
+    exit(0 if tbl else 1)'
+    | awx-manage shell"
+  ignore_errors: true
+  changed_when: false
+  register: database_check
+  when: k8s_defs_result is not changed
+
 - name: Migrate the database if the K8s resources were updated.
-  k8s_exec:
-    namespace: '{{ meta.namespace }}'
-    pod: '{{ tower_pod_name }}'
-    command: awx-manage migrate --noinput
-  when: k8s_defs_result is changed
+  shell: >-
+    kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
+    "awx-manage migrate --noinput"
+  when: (k8s_defs_result is changed) or (database_check is defined and database_check.rc != 0)
 
 - name: Check if there are any Tower super users defined.
-  k8s_exec:
-    namespace: '{{ meta.namespace }}'
-    pod: '{{ tower_pod_name }}'
-    command: >
-      echo 'from django.contrib.auth.models import User;
-      nsu = User.objects.filter(is_superuser=True).count();
-      exit(0 if nsu > 0 else 1)'
-      | awx-manage shell
-  ignore_errors: yes
+  shell: >-
+    kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
+    "echo 'from django.contrib.auth.models import User;
+    nsu = User.objects.filter(is_superuser=True).count();
+    exit(0 if nsu > 0 else 1)'
+    | awx-manage shell"
+  ignore_errors: true
+  changed_when: false
   register: users_result
   changed_when: users_result.rc > 0
 
 - name: Create Tower super user via Django if it doesn't exist.
-  k8s_exec:
-    namespace: '{{ meta.namespace }}'
-    pod: '{{ tower_pod_name }}'
-    command: >
-      echo "from django.contrib.auth.models import User;
-      User.objects.create_superuser('{{ tower_admin_user }}', '{{ tower_admin_email }}', '{{ tower_admin_password }}')"
-      | awx-manage shell
+  shell: >-
+    kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
+    "echo \"from django.contrib.auth.models import User;
+    User.objects.create_superuser('{{ tower_admin_user }}', '{{ tower_admin_email }}', '{{ tower_admin_password }}')\"
+    | awx-manage shell"
   when: users_result.rc > 0
 
-# - name: Create the default organization if configured.
-#   k8s_exec:
-#     namespace: TODO
-#     pod: TODO
-#     command: TODO
+- name: Create Tower super user via Django if it doesn't exist.
+  shell: >-
+    kubectl exec -n {{ meta.namespace }} {{ tower_pod_name }} -- bash -c
+    "awx-manage create_preload_data"
+  register: cdo
+  changed_when: "'added' in cdo.stdout"
+  when: tower_create_preload_data | bool

roles/tower/templates/tower_config.yaml.j2

@@ -18,6 +18,7 @@ data:
     MEMCACHED_PORT='11211'
     RABBITMQ_HOST='{{ meta.name }}-rabbitmq.{{ meta.namespace }}.svc.cluster.local'
     RABBITMQ_PORT='5672'
+    AWX_SKIP_MIGRATIONS=true
 
   settings: |
     import os

roles/tower/templates/tower_task.yaml.j2

@@ -20,6 +20,8 @@ spec:
       containers:
       - image: '{{ tower_task_image }}'
         name: tower-task
+        command:
+          - /usr/bin/launch_awx_task.sh
         envFrom:
         - configMapRef:
             name: '{{ meta.name }}-tower-configmap'