From 8b681313bc5d6f8d323b01e2dd1f6a3fd04d017d Mon Sep 17 00:00:00 2001 From: Tyler Auerbeck Date: Sun, 19 Jul 2020 04:20:57 -0400 Subject: [PATCH 1/2] Use k8s-exec instead of shell --- build/Dockerfile | 3 --- roles/awx/meta/main.yml | 3 +++ roles/awx/tasks/initialize.yml | 45 ++++++++++++++++++++-------------- roles/awx/tasks/main.yml | 26 ++++++++++++-------- 4 files changed, 46 insertions(+), 31 deletions(-) diff --git a/build/Dockerfile b/build/Dockerfile index e82b5f1d..61ff7a97 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,8 +1,5 @@ FROM quay.io/operator-framework/ansible-operator:v0.17.0 -# Install kubectl. -COPY --from=lachlanevenson/k8s-kubectl:v1.18.3 /usr/local/bin/kubectl /usr/local/bin/kubectl - # Install Ansible requirements. COPY requirements.yml ${HOME}/requirements.yml RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ diff --git a/roles/awx/meta/main.yml b/roles/awx/meta/main.yml index fff58871..0b582768 100644 --- a/roles/awx/meta/main.yml +++ b/roles/awx/meta/main.yml @@ -26,3 +26,6 @@ galaxy_info: - deployment dependencies: [] + +collections: + - community.kubernetes diff --git a/roles/awx/tasks/initialize.yml b/roles/awx/tasks/initialize.yml index 64d50292..e0d828ba 100644 --- a/roles/awx/tasks/initialize.yml +++ b/roles/awx/tasks/initialize.yml @@ -1,28 +1,37 @@ --- -- name: Check if there are any AWX super users defined. - shell: >- - kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c - "echo 'from django.contrib.auth.models import User; - nsu = User.objects.filter(is_superuser=True).count(); - exit(0 if nsu > 0 else 1)' - | awx-manage shell" +- name: Check if there are any super users defined. + k8s_exec: + namespace: "{{ meta.namespace }}" + pod: "{{ tower_pod_name }}" + container: "{{ meta.name }}-task" + command: >- + bash -c "echo 'from django.contrib.auth.models import User; + nsu = User.objects.filter(is_superuser=True).count(); + exit(0 if nsu > 0 else 1)' + | awx-manage shell" ignore_errors: true register: users_result - changed_when: users_result.rc > 0 + changed_when: users_result.return_code > 0 -- name: Create AWX super user via Django if it doesn't exist. - shell: >- - kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c - "echo \"from django.contrib.auth.models import User; - User.objects.create_superuser('{{ tower_admin_user }}', '{{ tower_admin_email }}', '{{ tower_admin_password }}')\" - | awx-manage shell" - when: users_result.rc > 0 +- name: Create super user via Django if it doesn't exist. + k8s_exec: + namespace: "{{ meta.namespace }}" + pod: "{{ tower_pod_name }}" + container: "{{ meta.name }}-task" + command: >- + bash -c "echo \"from django.contrib.auth.models import User; + User.objects.create_superuser('{{ tower_admin_user }}', '{{ tower_admin_email }}', '{{ tower_admin_password }}')\" + | awx-manage shell" + when: users_result.return_code > 0 no_log: true - name: Create preload data if necessary. # noqa 305 - shell: >- - kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c - "awx-manage create_preload_data" + k8s_exec: + namespace: "{{ meta.namespace }}" + pod: "{{ tower_pod_name }}" + container: "{{ meta.name }}-task" + command: >- + bash -c "awx-manage create_preload_data" register: cdo changed_when: "'added' in cdo.stdout" when: tower_create_preload_data | bool diff --git a/roles/awx/tasks/main.yml b/roles/awx/tasks/main.yml index 9c0733bc..f8fd6c3b 100644 --- a/roles/awx/tasks/main.yml +++ b/roles/awx/tasks/main.yml @@ -89,22 +89,28 @@ fail_msg: "Could not find the tower pod's name." - name: Check if database is populated (auth_user table exists). - shell: >- - kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c - "echo 'from django.db import connection; - tbl = \"auth_user\" in connection.introspection.table_names(); - exit(0 if tbl else 1)' - | awx-manage shell" + k8s_exec: + namespace: "{{ meta.namespace }}" + pod: "{{ tower_pod_name }}" + container: "{{ meta.name }}-task" + command: >- + bash -c "echo 'from django.db import connection; + tbl = \"auth_user\" in connection.introspection.table_names(); + exit(0 if tbl else 1)' + | awx-manage shell" ignore_errors: true changed_when: false register: database_check when: k8s_defs_result is not changed - name: Migrate the database if the K8s resources were updated. # noqa 305 - shell: >- - kubectl exec -n {{ meta.namespace }} -c {{ meta.name }}-task {{ tower_pod_name }} -- bash -c - "awx-manage migrate --noinput" + k8s_exec: + namespace: "{{ meta.namespace }}" + pod: "{{ tower_pod_name }}" + container: "{{ meta.name }}-task" + command: >- + bash -c "awx-manage migrate --noinput" register: migrate_result - when: (k8s_defs_result is changed) or (database_check is defined and database_check.rc != 0) + when: (k8s_defs_result is changed) or (database_check is defined and database_check.return_code != 0) - include_tasks: initialize.yml From 267741550f3de75a576b7feced0b7b8abf660a93 Mon Sep 17 00:00:00 2001 From: Shane McDonald Date: Sun, 11 Oct 2020 12:21:13 -0400 Subject: [PATCH 2/2] Make ansible-lint happy --- .travis.yml | 1 + roles/awx/tasks/initialize.yml | 6 +++--- roles/awx/tasks/main.yml | 6 +++--- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8dfa4297..ff795c06 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,6 +13,7 @@ env: install: - pip3 install docker molecule==3.0.6 yamllint ansible-lint openshift jmespath + - ansible-galaxy collection install community.kubernetes script: - molecule test -s test-local diff --git a/roles/awx/tasks/initialize.yml b/roles/awx/tasks/initialize.yml index e0d828ba..a0676cdd 100644 --- a/roles/awx/tasks/initialize.yml +++ b/roles/awx/tasks/initialize.yml @@ -1,6 +1,6 @@ --- - name: Check if there are any super users defined. - k8s_exec: + community.kubernetes.k8s_exec: namespace: "{{ meta.namespace }}" pod: "{{ tower_pod_name }}" container: "{{ meta.name }}-task" @@ -14,7 +14,7 @@ changed_when: users_result.return_code > 0 - name: Create super user via Django if it doesn't exist. - k8s_exec: + community.kubernetes.k8s_exec: namespace: "{{ meta.namespace }}" pod: "{{ tower_pod_name }}" container: "{{ meta.name }}-task" @@ -26,7 +26,7 @@ no_log: true - name: Create preload data if necessary. # noqa 305 - k8s_exec: + community.kubernetes.k8s_exec: namespace: "{{ meta.namespace }}" pod: "{{ tower_pod_name }}" container: "{{ meta.name }}-task" diff --git a/roles/awx/tasks/main.yml b/roles/awx/tasks/main.yml index f8fd6c3b..f98cbfc7 100644 --- a/roles/awx/tasks/main.yml +++ b/roles/awx/tasks/main.yml @@ -89,7 +89,7 @@ fail_msg: "Could not find the tower pod's name." - name: Check if database is populated (auth_user table exists). - k8s_exec: + community.kubernetes.k8s_exec: namespace: "{{ meta.namespace }}" pod: "{{ tower_pod_name }}" container: "{{ meta.name }}-task" @@ -104,7 +104,7 @@ when: k8s_defs_result is not changed - name: Migrate the database if the K8s resources were updated. # noqa 305 - k8s_exec: + community.kubernetes.k8s_exec: namespace: "{{ meta.namespace }}" pod: "{{ tower_pod_name }}" container: "{{ meta.name }}-task" @@ -113,4 +113,4 @@ register: migrate_result when: (k8s_defs_result is changed) or (database_check is defined and database_check.return_code != 0) -- include_tasks: initialize.yml +#- i_tasks: initialize.yml