template awxbackup crd into awx-operator.yml for easy deployment

ansible/chain-operator-files.yml

@@ -6,12 +6,18 @@
   gather_facts: false
 
   tasks:
-    - name: Template CRD
+    - name: Template AWX CRD
       template:
         src: crd.yml.j2
         dest: "{{ playbook_dir }}/../deploy/crds/awx_v1beta1_crd.yaml"
         mode: '0644'
 
+    - name: Template AWXBackup CRD
+      template:
+        src: awxbackup_crd.yml.j2
+        dest: "{{ playbook_dir }}/../deploy/crds/awxbackup_v1beta1_crd.yaml"
+        mode: '0644'
+
     - name: Template awx-operator.yaml
       template:
         src: awx-operator.yaml.j2

ansible/templates/awx-operator.yaml.j2

@@ -10,3 +10,7 @@
 {% include 'service_account.yml.j2' %}
 
 {% include 'operator.yml.j2' %}
+
+{% include 'crd.yml.j2' %}
+
+{% include 'awxbackup_crd.yml.j2' %}

deploy/awx-operator.yaml

@@ -80,7 +80,7 @@ rules:
       - awx.ansible.com
     resources:
       - '*'
-      - backups
+      - awxbackups
     verbs:
       - '*'
 
@@ -527,151 +527,34 @@ spec:
           type: object
 
 ---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
 metadata:
-  creationTimestamp: null
-  name: awx-operator
-rules:
-  - apiGroups:
-      - route.openshift.io
-    resources:
-      - routes
-      - routes/custom-host
-    verbs:
-      - '*'
-  - apiGroups:
-      - ""
-      - "rbac.authorization.k8s.io"
-    resources:
-      - pods
-      - services
-      - services/finalizers
-      - serviceaccounts
-      - endpoints
-      - persistentvolumeclaims
-      - events
-      - configmaps
-      - secrets
-      - roles
-      - rolebindings
-    verbs:
-      - '*'
-  - apiGroups:
-      - apps
-      - extensions
-    resources:
-      - deployments
-      - daemonsets
-      - replicasets
-      - statefulsets
-      - ingresses
-    verbs:
-      - '*'
-  - apiGroups:
-      - monitoring.coreos.com
-    resources:
-      - servicemonitors
-    verbs:
-      - get
-      - create
-  - apiGroups:
-      - apps
-    resourceNames:
-      - awx-operator
-    resources:
-      - deployments/finalizers
-    verbs:
-      - update
-  - apiGroups:
-      - apps
-    resources:
-      - deployments/scale
-      - statefulsets/scale
-    verbs:
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - pods/exec
-    verbs:
-      - create
-      - get
-  - apiGroups:
-      - apps
-    resources:
-      - replicasets
-    verbs:
-      - get
-  - apiGroups:
-      - awx.ansible.com
-    resources:
-      - '*'
-    verbs:
-      - '*'
-
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: awx-operator
-subjects:
-  - kind: ServiceAccount
-    name: awx-operator
-    namespace: default
-roleRef:
-  kind: ClusterRole
-  name: awx-operator
-  apiGroup: rbac.authorization.k8s.io
-
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: awx-operator
-  namespace: default
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: awx-operator
+  name: awxbackups.awx.ansible.com
 spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      name: awx-operator
-  template:
-    metadata:
-      labels:
-        name: awx-operator
-    spec:
-      serviceAccountName: awx-operator
-      containers:
-        - name: awx-operator
-          image: "quay.io/ansible/awx-operator:0.8.0"
-          imagePullPolicy: "Always"
-          volumeMounts:
-            - mountPath: /tmp/ansible-operator/runner
-              name: runner
-          env:
-            # Watch all namespaces (cluster-scoped).
-            - name: WATCH_NAMESPACE
-              value: ""
-            - name: POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: OPERATOR_NAME
-              value: awx-operator
-            - name: ANSIBLE_GATHERING
-              value: explicit
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: 6789
-            initialDelaySeconds: 15
-            periodSeconds: 20
-      volumes:
-        - name: runner
-          emptyDir: {}
+  group: awx.ansible.com
+  names:
+    kind: AWXBackup
+    listKind: AWXBackupList
+    plural: awxbackups
+    singular: awxbackup
+  scope: Namespaced
+  versions:
+    - name: v1beta1
+      served: true
+      storage: true
+      subresources:
+        status: {}
+      schema:
+        openAPIV3Schema:
+          type: object
+          x-kubernetes-preserve-unknown-fields: true
+          description: Schema validation for the AWXBackup CRD
+          # TODO: Figure out how to require the tower_name field
+          properties:
+            spec:
+              type: object
+              properties:
+                tower_name:
+                  description: Name of the deployment to be backed up
+                  type: string

deploy/crds/awxbackup_v1beta1_crd.yaml

@@ -0,0 +1,32 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: awxbackups.awx.ansible.com
+spec:
+  group: awx.ansible.com
+  names:
+    kind: AWXBackup
+    listKind: AWXBackupList
+    plural: awxbackups
+    singular: awxbackup
+  scope: Namespaced
+  versions:
+    - name: v1beta1
+      served: true
+      storage: true
+      subresources:
+        status: {}
+      schema:
+        openAPIV3Schema:
+          type: object
+          x-kubernetes-preserve-unknown-fields: true
+          description: Schema validation for the AWXBackup CRD
+          # TODO: Figure out how to require the tower_name field
+          properties:
+            spec:
+              type: object
+              properties:
+                tower_name:
+                  description: Name of the deployment to be backed up
+                  type: string

molecule/default/prepare.yml

@@ -17,7 +17,7 @@
 
     - name: Create AWXBackup Custom Resource Definition
       k8s:
-        definition: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx.ansible.com_awxbackups_crd.yaml'])) }}"
+        definition: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awxbackup_v1beta1_crd.yaml'])) }}"
 
     - name: Ensure specified namespace is present
       k8s:

molecule/test-local/converge.yml

@@ -29,10 +29,9 @@
     operator_image: awx.ansible.com/awx-operator
     operator_version: testing
     custom_resource: "{{ lookup('file', '/'.join([deploy_dir, 'crds/awx_v1beta1_molecule.yaml'])) | from_yaml }}"
+
   tasks:
-
     - block:
-
         - name: Delete the Operator Deployment
           k8s:
             state: absent

roles/installer/tasks/database_configuration.yml

@@ -110,23 +110,15 @@
     awx_postgres_host: "{{ pg_config['resources'][0]['data']['host'] | b64decode }}"
     awx_postgres_sslmode: "{{ pg_config['resources'][0]['data']['sslmode'] |  default('prefer'|b64encode) | b64decode }}"
 
-# - name: Set apiVersion and kind variables
-#   set_fact:
-#     api_version: '{{ hostvars["localhost"]["inventory_file"].split("/")[4:6] | join("/")  }}'
-#     kind: '{{ hostvars["localhost"]["inventory_file"].split("/")[6]  }}'
-#
-# - name: Look up details for this deployment
-#   k8s_info:
-#     api_version: "{{ api_version }}"
-#     kind: "{{ kind }}"
-#     name: "{{ meta.name }}"
-#     namespace: "{{ meta.namespace }}"
-#   register: this_awx
+- name: Set apiVersion and kind variables
+  set_fact:
+    api_version: '{{ hostvars["localhost"]["inventory_file"].split("/")[4:6] | join("/")  }}'
+    kind: '{{ hostvars["localhost"]["inventory_file"].split("/")[6]  }}'
 
 - name: Look up details for this deployment
   k8s_info:
-    api_version: 'v1beta1'  # TODO: How to parameterize this?
-    kind: "AWX"  #  TODO: How to parameterize this?
+    api_version: "{{ api_version }}"
+    kind: "{{ kind }}"
     name: "{{ meta.name }}"
     namespace: "{{ meta.namespace }}"
   register: this_awx