diff --git a/README.md b/README.md index c1c4abae..dcc5b4bb 100644 --- a/README.md +++ b/README.md @@ -181,7 +181,7 @@ type: Opaque #### Migrating data from an old AWX instance -To migrate data from the postgresql pod of an AWX deployment in Openshift for Kubernetes, the Custom Resource needs to know about the connection details. Those connection details should be stored as a secret and either specified as `tower_old_postgres_configuration_secret` at the CR spec level, or simply be present on the namespace under the name `-old-postgres-configuration`. +To migrate data from an older AWX installation, the Custom Resource needs to know about the connection details. Those connection details should be stored as a secret and specified as `tower_old_postgres_configuration_secret` at the CR spec level. The secret should be formatted as follows: diff --git a/roles/installer/tasks/admin_password_configuration.yml b/roles/installer/tasks/admin_password_configuration.yml index 9f58e966..51b35664 100644 --- a/roles/installer/tasks/admin_password_configuration.yml +++ b/roles/installer/tasks/admin_password_configuration.yml @@ -13,10 +13,12 @@ namespace: '{{ meta.namespace }}' name: '{{ meta.name }}-admin-password' register: _default_admin_password + no_log: true - name: Set admin password secret set_fact: _admin_password_secret: '{{ _custom_admin_password["resources"] | default([]) | length | ternary(_custom_admin_password, _default_admin_password) }}' + no_log: true - block: - name: Create admin password secret @@ -36,7 +38,9 @@ - name: Set admin password secret set_fact: admin_password_secret: '{{ _generated_admin_password["resources"] | default([]) | length | ternary(_generated_admin_password, _admin_password_secret) }}' + no_log: true - name: Store admin password set_fact: tower_admin_password: "{{ admin_password_secret['resources'][0]['data']['password'] | b64decode }}" + no_log: true diff --git a/roles/installer/tasks/broadcast_websocket_configuration.yml b/roles/installer/tasks/broadcast_websocket_configuration.yml index e4b387ce..4bae70a5 100644 --- a/roles/installer/tasks/broadcast_websocket_configuration.yml +++ b/roles/installer/tasks/broadcast_websocket_configuration.yml @@ -13,11 +13,13 @@ namespace: '{{ meta.namespace }}' name: '{{ meta.name }}-broadcast-websocket' register: _default_broadcast_websocket + no_log: true - name: Set broadcast websocket secret set_fact: # yamllint disable-line rule:line-length _broadcast_websocket_secret: '{{ _custom_broadcast_websocket["resources"] | default([]) | length | ternary(_custom_broadcast_websocket, _default_broadcast_websocket) }}' # noqa 204 + no_log: true - block: - name: Create broadcast websocket secret @@ -38,7 +40,9 @@ set_fact: # yamllint disable-line rule:line-length broadcast_websocket_secret: '{{ _generated_broadcast_websocket["resources"] | default([]) | length | ternary(_generated_broadcast_websocket, _broadcast_websocket_secret) }}' # noqa 204 + no_log: true - name: Store broadcast websocket secret name set_fact: broadcast_websocket_secret_value: "{{ broadcast_websocket_secret['resources'][0]['data']['secret'] | b64decode }}" + no_log: true diff --git a/roles/installer/tasks/database_configuration.yml b/roles/installer/tasks/database_configuration.yml index 9ba0fdff..06962381 100644 --- a/roles/installer/tasks/database_configuration.yml +++ b/roles/installer/tasks/database_configuration.yml @@ -65,6 +65,7 @@ name: '{{ tower_old_postgres_configuration_secret }}' register: old_pg_config when: tower_old_postgres_configuration_secret | length + ignore_errors: true no_log: true - name: Migrate data from old Openshift instance diff --git a/roles/installer/tasks/migrate_data.yml b/roles/installer/tasks/migrate_data.yml index 3894337c..119a89ff 100644 --- a/roles/installer/tasks/migrate_data.yml +++ b/roles/installer/tasks/migrate_data.yml @@ -24,6 +24,14 @@ set_fact: postgres_pod_name: "{{ postgres_pod['resources'][0]['metadata']['name'] }}" +- name: Scale deployment down when current replicas match + community.kubernetes.k8s_scale: + api_version: v1 + kind: Deployment + name: "{{ meta.name }}" + namespace: "{{ meta.namespace }}" + replicas: 0 + - name: Set pg_dump command set_fact: pgdump: >- @@ -32,15 +40,13 @@ -U {{ tower_old_postgres_user }} -d {{ tower_old_postgres_database }} -p {{ tower_old_postgres_port }} - no_log: true - name: Set pg_restore command set_fact: psql_restore: >- psql -U {{ awx_postgres_user }} - -d {{ awx_postgres_database }} + -d template1 -p {{ awx_postgres_port }} - no_log: true - name: Stream backup from pg_dump to the new postgresql container community.kubernetes.k8s_exec: diff --git a/roles/installer/tasks/secret_key_configuration.yml b/roles/installer/tasks/secret_key_configuration.yml index 2769126c..26b6ea9d 100644 --- a/roles/installer/tasks/secret_key_configuration.yml +++ b/roles/installer/tasks/secret_key_configuration.yml @@ -23,6 +23,7 @@ k8s: apply: true definition: "{{ lookup('template', 'tower_secret_key.yaml.j2') }}" + no_log: true - name: Read secret key secret k8s_info: @@ -30,13 +31,16 @@ namespace: '{{ meta.namespace }}' name: '{{ meta.name }}-secret-key' register: _generated_secret_key + no_log: true when: not _secret_key_secret['resources'] | default([]) | length - name: Set secret key secret set_fact: secret_key_secret: '{{ _generated_secret_key["resources"] | default([]) | length | ternary(_generated_secret_key, _secret_key_secret) }}' + no_log: true - name: Store secret key secret name set_fact: secret_key_secret_name: "{{ secret_key_secret['resources'][0]['metadata']['name'] }}" + no_log: true