internet/awx-operator
3
0
Fork 0
mirror of https://github.com/ansible/awx-operator.git synced 2026-03-26 21:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

meta -> ansible_operator_meta

Browse Source
This commit is contained in:
Shane McDonald
2021-09-29 15:31:16 -04:00
parent 316d08ccb4
commit e97def4429
54 changed files with 306 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/backup/defaults/main.yml
View File

@@ -6,7 +6,7 @@ api_version: '{{ deployment_type }}.ansible.com/v1beta1'
# Specify a pre-created PVC (name) to backup to
backup_pvc: ''
backup_pvc_namespace: "{{ meta.namespace }}"
backup_pvc_namespace: "{{ ansible_operator_meta.namespace }}"
# Size of backup PVC if created dynamically
backup_storage_requirements: ''

4
roles/backup/tasks/awx-cro.yml
View File

@@ -4,7 +4,7 @@
k8s_info:
version: v1beta1
kind: AWX
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ deployment_name }}'
register: _awx_cro
@@ -29,6 +29,6 @@
- name: Write awx object to pvc
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c 'echo "$0" > {{ backup_dir }}/awx_object' {{ awx_spec | to_yaml | quote }}

2
roles/backup/tasks/cleanup.yml
View File

@@ -2,7 +2,7 @@
- name: Delete any existing management pod
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Pod
namespace: "{{ backup_pvc_namespace }}"
state: absent

2
roles/backup/tasks/dump_generated_secret.yml
View File

@@ -22,7 +22,7 @@
k8s_info:
version: v1
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: "{{ _name }}"
register: _secret
no_log: true

2
roles/backup/tasks/dump_secret.yml
View File

@@ -10,7 +10,7 @@
k8s_info:
version: v1
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: "{{ _name }}"
register: _secret
no_log: true

2
roles/backup/tasks/error_handling.yml
View File

@@ -7,5 +7,5 @@
- name: Emit ocp event with error
k8s:
kind: Event
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
template: "event.yml.j2"

6
roles/backup/tasks/init.yml
View File

@@ -2,7 +2,7 @@
- name: Delete any existing management pod
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Pod
namespace: "{{ backup_pvc_namespace }}"
state: absent
@@ -65,7 +65,7 @@
- name: Create management pod from templated deployment config
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Deployment
state: present
template: "management-pod.yml.j2"
@@ -76,5 +76,5 @@
api_version: "{{ api_version }}"
kind: "AWX"
name: "{{ deployment_name }}"
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: this_awx

16
roles/backup/tasks/main.yml
View File

@@ -5,14 +5,14 @@
definition:
apiVersion: '{{ api_version }}'
kind: '{{ kind }}'
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -21,8 +21,8 @@
k8s_info:
api_version: "{{ api_version }}"
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: this_backup
- block:

14
roles/backup/tasks/postgres.yml
View File

@@ -3,7 +3,7 @@
- name: Get PostgreSQL configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}"
register: pg_config
no_log: true
@@ -32,7 +32,7 @@
- name: Get the postgres pod information
k8s_info:
kind: Pod
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
label_selectors:
- "{{ postgres_label_selector }}"
register: postgres_pod
@@ -58,27 +58,27 @@
- name: Create directory for backup
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
mkdir -p {{ backup_dir }}
- name: Precreate file for database dump
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
touch {{ backup_dir }}/tower.db
- name: Set permissions on file for database dump
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c "chmod 0600 {{ backup_dir }}/tower.db && chown postgres:root {{ backup_dir }}/tower.db"
- name: Set full resolvable host name for postgres pod
set_fact:
resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # noqa 204
resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # noqa 204
no_log: true
- name: Set pg_dump command
@@ -95,7 +95,7 @@
- name: Write pg_dump to backup on PVC
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: |
bash -c """
set -e -o pipefail

2
roles/backup/tasks/secrets.yml
View File

@@ -32,7 +32,7 @@
- name: Write postgres configuration to pvc
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c "echo '{{ secrets | to_yaml }}' > {{ backup_dir }}/secrets.yml"
no_log: true

4
roles/backup/tasks/update_status.yml
View File

@@ -5,8 +5,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
backupDirectory: "{{ backup_dir }}"
backupClaim: "{{ backup_claim }}"

4
roles/backup/templates/backup_pvc.yml.j2
View File

@@ -6,8 +6,8 @@ metadata:
namespace: {{ backup_pvc_namespace }}
ownerReferences: null
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

6
roles/backup/templates/event.yml.j2
View File

@@ -3,12 +3,12 @@ apiVersion: v1
kind: Event
metadata:
name: backup-error.{{ now }}
namespace: {{ meta.namespace }}
namespace: {{ ansible_operator_meta.namespace }}
involvedObject:
apiVersion: awx.ansible.com/v1beta1
kind: {{ kind }}
name: {{ meta.name }}
namespace: {{ meta.namespace }}
name: {{ ansible_operator_meta.name }}
namespace: {{ ansible_operator_meta.namespace }}
message: {{ error_msg }}
reason: BackupFailed
type: Warning

12
roles/backup/templates/management-pod.yml.j2
View File

@@ -2,26 +2,26 @@
apiVersion: v1
kind: Pod
metadata:
name: {{ meta.name }}-db-management
name: {{ ansible_operator_meta.name }}-db-management
namespace: {{ backup_pvc_namespace }}
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
spec:
containers:
- name: {{ meta.name }}-db-management
- name: {{ ansible_operator_meta.name }}-db-management
image: "{{ postgres_image }}:{{ postgres_image_version }}"
imagePullPolicy: Always
command: ["sleep", "infinity"]
volumeMounts:
- name: {{ meta.name }}-backup
- name: {{ ansible_operator_meta.name }}-backup
mountPath: /backups
readOnly: false
volumes:
- name: {{ meta.name }}-backup
- name: {{ ansible_operator_meta.name }}-backup
persistentVolumeClaim:
claimName: {{ backup_claim }}
readOnly: false

2
roles/installer/defaults/main.yml
View File

@@ -53,7 +53,7 @@ route_tls_secret: ''
#
route_host: ''
hostname: '{{ meta.name }}.example.com'
hostname: '{{ ansible_operator_meta.name }}.example.com'
# Add a nodeSelector for the AWX pods. It must match a node's labels for the pod
# to be scheduled on that node. Specify as literal block. E.g.:

10
roles/installer/tasks/admin_password_configuration.yml
View File

@@ -2,7 +2,7 @@
- name: Check for specified admin password configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ admin_password_secret }}'
register: _custom_admin_password
no_log: true
@@ -11,8 +11,8 @@
- name: Check for default admin password configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-admin-password'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-admin-password'
register: _default_admin_password
no_log: true
@@ -31,8 +31,8 @@
- name: Read admin password secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-admin-password'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-admin-password'
register: _generated_admin_password
no_log: true

10
roles/installer/tasks/broadcast_websocket_configuration.yml
View File

@@ -2,7 +2,7 @@
- name: Check for specified broadcast websocket secret configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ broadcast_websocket_secret }}'
register: _custom_broadcast_websocket
no_log: true
@@ -11,8 +11,8 @@
- name: Check for default broadcast websocket secret configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-broadcast-websocket'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-broadcast-websocket'
register: _default_broadcast_websocket
no_log: true
@@ -32,8 +32,8 @@
- name: Read broadcast websocket secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-broadcast-websocket'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-broadcast-websocket'
register: _generated_broadcast_websocket
no_log: true

10
roles/installer/tasks/cleanup.yml
View File

@@ -2,12 +2,12 @@
- block:
- name: Define secrets name
set_fact:
_admin_password: '{{ admin_password_secret | length | ternary(admin_password_secret, meta.name + "-admin-password") }}'
_secret_key: '{{ secret_key_secret | length | ternary(secret_key_secret, meta.name + "-secret-key") }}'
_admin_password: '{{ admin_password_secret | length | ternary(admin_password_secret, ansible_operator_meta.name + "-admin-password") }}'
_secret_key: '{{ secret_key_secret | length | ternary(secret_key_secret, ansible_operator_meta.name + "-secret-key") }}'
# yamllint disable-line rule:line-length
_broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, meta.name + "-broadcast-websocket") }}' # noqa 204
_broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, ansible_operator_meta.name + "-broadcast-websocket") }}' # noqa 204
# yamllint disable-line rule:line-length
_postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, meta.name + "-postgres-configuration") }}' # noqa 204
_postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, ansible_operator_meta.name + "-postgres-configuration") }}' # noqa 204
- name: Remove ownerReferences reference
k8s:
@@ -16,7 +16,7 @@
kind: Secret
metadata:
name: '{{ item }}'
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
ownerReferences: null
loop:
- '{{ _admin_password }}'

28
roles/installer/tasks/database_configuration.yml
View File

@@ -2,7 +2,7 @@
- name: Check for specified PostgreSQL configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ postgres_configuration_secret }}'
register: _custom_pg_config_resources
when: postgres_configuration_secret | length
@@ -11,15 +11,15 @@
- name: Check for default PostgreSQL configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-postgres-configuration'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres-configuration'
register: _default_pg_config_resources
no_log: true
- name: Check for specified old PostgreSQL configuration secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ old_postgres_configuration_secret }}'
register: _custom_old_pg_config_resources
when: old_postgres_configuration_secret | length
@@ -28,8 +28,8 @@
- name: Check for default old PostgreSQL configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-old-postgres-configuration'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-old-postgres-configuration'
register: _default_old_pg_config_resources
no_log: true
@@ -62,8 +62,8 @@
- name: Read Database Configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-postgres-configuration'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres-configuration'
register: _generated_pg_config_resources
no_log: true
when: not _pg_config['resources'] | default([]) | length
@@ -92,8 +92,8 @@
kubernetes.core.k8s_scale:
api_version: apps/v1
kind: StatefulSet
name: "{{ meta.name }}-postgres"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}-postgres"
namespace: "{{ ansible_operator_meta.namespace }}"
replicas: 0
wait: yes
@@ -102,8 +102,8 @@
state: absent
api_version: apps/v1
kind: StatefulSet
name: "{{ meta.name }}-postgres"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}-postgres"
namespace: "{{ ansible_operator_meta.namespace }}"
wait: yes
when: create_statefulset_result.error == 422
@@ -127,8 +127,8 @@
k8s_info:
api_version: "{{ api_version }}"
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: this_awx
- name: Migrate data from old Openshift instance

34
roles/installer/tasks/initialize_django.yml
View File

@@ -1,9 +1,9 @@
---
- name: Check if there are any super users defined.
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "echo 'from django.contrib.auth.models import User;
nsu = User.objects.filter(is_superuser=True, username=\"{{ admin_user }}\").count();
@@ -15,9 +15,9 @@
- name: Update super user password via Django if it does exist (same password is a noop)
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage update_password --username '{{ admin_user }}' --password '{{ admin_password }}'"
register: update_pw_result
@@ -27,9 +27,9 @@
- name: Create super user via Django if it doesn't exist.
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "echo \"from django.contrib.auth.models import User;
User.objects.create_superuser('{{ admin_user }}', '{{ admin_email }}', '{{ admin_password }}')\"
@@ -39,9 +39,9 @@
- name: Create preload data if necessary. # noqa 305
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage create_preload_data"
register: cdo
@@ -50,9 +50,9 @@
- name: Check if legacy queue is present
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage list_instances | grep '^\[tower capacity=[0-9]*\]'"
register: legacy_queue
@@ -60,9 +60,9 @@
- name: Unregister legacy queue
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage unregister_queue --queuename=tower"
when: "'[tower capacity=' in legacy_queue.stdout"
@@ -70,7 +70,7 @@
- name: Check for specified default execution environment pull credentials
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ee_pull_credentials_secret }}'
register: _custom_execution_environments_pull_credentials
when: ee_pull_credentials_secret | length
@@ -84,9 +84,9 @@
- name: Register default execution environments (without authentication)
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage register_default_execution_environments"
register: ree
@@ -105,9 +105,9 @@
- name: Register default execution environments (with authentication)
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage register_default_execution_environments
--registry-username='{{ default_execution_environment_pull_credentials_user }}'

2
roles/installer/tasks/load_bundle_cacert_secret.yml
View File

@@ -2,7 +2,7 @@
- name: Retrieve bundle Certificate Authority Secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ bundle_cacert_secret }}'
register: bundle_cacert
no_log: true

2
roles/installer/tasks/load_ldap_cacert_secret.yml
View File

@@ -2,7 +2,7 @@
- name: Retrieve LDAP CA Certificate Secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ldap_cacert_secret }}'
register: ldap_cacert
no_log: true

2
roles/installer/tasks/load_route_tls_secret.yml
View File

@@ -2,7 +2,7 @@
- name: Retrieve Route TLS Secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ route_tls_secret }}'
register: route_tls
no_log: true

20
roles/installer/tasks/main.yml
View File

@@ -5,14 +5,14 @@
definition:
apiVersion: '{{ api_version }}'
kind: '{{ kind }}'
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -50,9 +50,9 @@
- name: Check for pending migrations
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage showmigrations | grep -v '[X]' | grep '[ ]' | wc -l"
changed_when: false
@@ -60,9 +60,9 @@
- name: Migrate the database if the K8s resources were updated. # noqa 305
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage migrate --noinput"
register: migrate_result

8
roles/installer/tasks/migrate_data.yml
View File

@@ -15,14 +15,14 @@
- name: Default label selector to custom resource generated postgres
set_fact:
postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ meta.name }}"
postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ ansible_operator_meta.name }}"
when: postgres_label_selector is not defined
- name: Get the postgres pod information
k8s_info:
kind: Pod
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-postgres-0' # using name to keep compatibility
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres-0' # using name to keep compatibility
field_selectors:
- status.phase=Running
register: postgres_pod
@@ -60,7 +60,7 @@
- name: Stream backup from pg_dump to the new postgresql container
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ postgres_pod_name }}"
command: |
bash -c """

12
roles/installer/tasks/resources_configuration.yml
View File

@@ -4,9 +4,9 @@
k8s_info:
api_version: v1
kind: Pod
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
label_selectors:
- "app.kubernetes.io/name={{ meta.name }}"
- "app.kubernetes.io/name={{ ansible_operator_meta.name }}"
- "app.kubernetes.io/managed-by={{ deployment_type }}-operator"
- "app.kubernetes.io/component={{ deployment_type }}"
field_selectors:
@@ -30,7 +30,7 @@
- 'persistent'
- 'service'
- 'ingress'
no_log: true
# no_log: true
- name: Apply deployment resources
k8s:
@@ -45,7 +45,7 @@
api_version: v1
state: absent
kind: Pod
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ tower_pod_name }}'
wait: yes
when:
@@ -55,9 +55,9 @@
- name: Get the new resource pod information after updating resource.
k8s_info:
kind: Pod
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
label_selectors:
- "app.kubernetes.io/name={{ meta.name }}"
- "app.kubernetes.io/name={{ ansible_operator_meta.name }}"
- "app.kubernetes.io/managed-by={{ deployment_type }}-operator"
- "app.kubernetes.io/component={{ deployment_type }}"
field_selectors:

8
roles/installer/tasks/scale_down_deployment.yml
View File

@@ -4,16 +4,16 @@
k8s_info:
api_version: v1
kind: Deployment
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: tower_deployment
- name: Scale down Deployment for migration
kubernetes.core.k8s_scale:
api_version: v1
kind: Deployment
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
replicas: 0
wait: yes
when: tower_deployment['resources'] | length

10
roles/installer/tasks/secret_key_configuration.yml
View File

@@ -2,7 +2,7 @@
- name: Check for specified secret key configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ secret_key_secret }}'
register: _custom_secret_key
no_log: true
@@ -11,8 +11,8 @@
- name: Check for default secret key configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-secret-key'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-secret-key'
register: _default_secret_key
no_log: true
@@ -31,8 +31,8 @@
- name: Read secret key secret
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}-secret-key'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-secret-key'
register: _generated_secret_key
no_log: true

44
roles/installer/tasks/update_status.yml
View File

@@ -3,8 +3,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
adminPasswordSecret: "{{ __admin_password_secret['resources'][0]['metadata']['name'] }}"
@@ -12,8 +12,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
adminUser: "{{ admin_user }}"
@@ -21,8 +21,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
postgresConfigurationSecret: "{{ pg_config['resources'][0]['metadata']['name'] }}"
@@ -30,8 +30,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
broadcastWebsocketSecret: "{{ __broadcast_websocket_secret['resources'][0]['metadata']['name'] }}"
@@ -39,16 +39,16 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
secretKeySecret: "{{ secret_key_secret_name }}"
- name: Retrieve instance version
k8s_exec:
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
pod: "{{ tower_pod_name }}"
container: "{{ meta.name }}-task"
container: "{{ ansible_operator_meta.name }}-task"
command: >-
bash -c "awx-manage --version"
register: instance_version
@@ -58,8 +58,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
version: "{{ instance_version.stdout | trim }}"
@@ -67,8 +67,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
image: "{{ image }}"
@@ -77,16 +77,16 @@
k8s_info:
api_version: 'route.openshift.io/v1'
kind: Route
namespace: '{{ meta.namespace }}'
name: '{{ meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
register: route_url
- name: Update URL status
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
URL: "https://{{ route_url['resources'][0]['status']['ingress'][0]['host'] }}"
@@ -96,8 +96,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
migratedFromSecret: "{{ tower_migrated_from_secret }}"
when: tower_migrated_from_secret is defined

8
roles/installer/templates/admin_password_secret.yaml.j2
View File

@@ -2,11 +2,11 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ meta.name }}-admin-password'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-admin-password'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

8
roles/installer/templates/app_credentials.yaml.j2
View File

@@ -3,11 +3,11 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ meta.name }}-app-credentials'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-app-credentials'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

8
roles/installer/templates/broadcast_websocket_secret.yaml.j2
View File

@@ -2,11 +2,11 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ meta.name }}-broadcast-websocket'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-broadcast-websocket'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

8
roles/installer/templates/config.yaml.j2
View File

@@ -3,11 +3,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: '{{ meta.name }}-{{ deployment_type }}-configmap'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

108
roles/installer/templates/deployment.yaml.j2
View File

@@ -3,12 +3,12 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/version: '{{ image_version }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -16,19 +16,19 @@ spec:
replicas: {{ replicas }}
selector:
matchLabels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
template:
metadata:
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/version: '{{ image_version }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
spec:
serviceAccountName: '{{ meta.name }}'
serviceAccountName: '{{ ansible_operator_meta.name }}'
{% if image_pull_secret %}
imagePullSecrets:
- name: {{ image_pull_secret }}
@@ -57,13 +57,13 @@ spec:
{% if bundle_ca_crt %}
- name: "ca-trust-extracted"
mountPath: "/etc/pki/ca-trust/extracted"
- name: "{{ meta.name }}-bundle-cacert"
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
subPath: bundle-ca.crt
readOnly: true
{% endif %}
{% if projects_persistence|bool %}
- name: "{{ meta.name }}-projects"
- name: "{{ ansible_operator_meta.name }}-projects"
mountPath: "/var/lib/awx/projects"
{% endif %}
{% if init_container_extra_volume_mounts -%}
@@ -76,16 +76,16 @@ spec:
name: redis
args: ["redis-server", "/etc/redis.conf"]
volumeMounts:
- name: {{ meta.name }}-redis-config
- name: {{ ansible_operator_meta.name }}-redis-config
mountPath: "/etc/redis.conf"
subPath: redis.conf
readOnly: true
- name: {{ meta.name }}-redis-socket
- name: {{ ansible_operator_meta.name }}-redis-socket
mountPath: "/var/run/redis"
- name: "{{ meta.name }}-redis-data"
- name: "{{ ansible_operator_meta.name }}-redis-data"
mountPath: "/data"
- image: '{{ image }}:{{ image_version }}'
name: '{{ meta.name }}-web'
name: '{{ ansible_operator_meta.name }}-web'
{% if web_command %}
command: {{ web_command }}
{% endif %}
@@ -102,30 +102,30 @@ spec:
{% if bundle_ca_crt %}
- name: "ca-trust-extracted"
mountPath: "/etc/pki/ca-trust/extracted"
- name: "{{ meta.name }}-bundle-cacert"
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
subPath: bundle-ca.crt
readOnly: true
{% endif %}
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/execution_environments.py"
subPath: execution_environments.py
readOnly: true
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/credentials.py"
subPath: credentials.py
readOnly: true
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/ldap.py"
subPath: ldap.py
readOnly: true
{% if ingress_type | lower == 'route' and route_tls_termination_mechanism | lower == 'passthrough' %}
- name: "{{ meta.name }}-nginx-certs"
- name: "{{ ansible_operator_meta.name }}-nginx-certs"
mountPath: "/etc/nginx/pki"
readOnly: true
{% endif %}
{% if ldap_cacert_ca_crt %}
- name: "{{ meta.name }}-ldap-cacert"
- name: "{{ ansible_operator_meta.name }}-ldap-cacert"
mountPath: /etc/openldap/certs/ldap-ca.crt
subPath: ldap-ca.crt
readOnly: true
@@ -134,15 +134,15 @@ spec:
mountPath: /etc/tower/SECRET_KEY
subPath: SECRET_KEY
readOnly: true
- name: {{ meta.name }}-settings
- name: {{ ansible_operator_meta.name }}-settings
mountPath: /etc/tower/settings.py
subPath: settings.py
readOnly: true
- name: {{ meta.name }}-nginx-conf
- name: {{ ansible_operator_meta.name }}-nginx-conf
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
readOnly: true
- name: {{ meta.name }}-redis-socket
- name: {{ ansible_operator_meta.name }}-redis-socket
mountPath: "/var/run/redis"
- name: supervisor-socket
mountPath: "/var/run/supervisor"
@@ -150,7 +150,7 @@ spec:
mountPath: "/var/run/awx-rsyslog"
- name: rsyslog-dir
mountPath: "/var/lib/awx/rsyslog"
- name: "{{ meta.name }}-projects"
- name: "{{ ansible_operator_meta.name }}-projects"
mountPath: "/var/lib/awx/projects"
{% if development_mode | bool %}
- name: awx-devel
@@ -173,7 +173,7 @@ spec:
{% endif %}
resources: {{ web_resource_requirements }}
- image: '{{ image }}:{{ image_version }}'
name: '{{ meta.name }}-task'
name: '{{ ansible_operator_meta.name }}-task'
imagePullPolicy: '{{ image_pull_policy }}'
{% if task_privileged == true %}
securityContext:
@@ -189,20 +189,20 @@ spec:
{% if bundle_ca_crt %}
- name: "ca-trust-extracted"
mountPath: "/etc/pki/ca-trust/extracted"
- name: "{{ meta.name }}-bundle-cacert"
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
subPath: bundle-ca.crt
readOnly: true
{% endif %}
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/execution_environments.py"
subPath: execution_environments.py
readOnly: true
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/credentials.py"
subPath: credentials.py
readOnly: true
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
mountPath: "/etc/tower/conf.d/ldap.py"
subPath: ldap.py
readOnly: true
@@ -210,11 +210,11 @@ spec:
mountPath: /etc/tower/SECRET_KEY
subPath: SECRET_KEY
readOnly: true
- name: {{ meta.name }}-settings
- name: {{ ansible_operator_meta.name }}-settings
mountPath: /etc/tower/settings.py
subPath: settings.py
readOnly: true
- name: {{ meta.name }}-redis-socket
- name: {{ ansible_operator_meta.name }}-redis-socket
mountPath: "/var/run/redis"
- name: supervisor-socket
mountPath: "/var/run/supervisor"
@@ -222,13 +222,13 @@ spec:
mountPath: "/var/run/awx-rsyslog"
- name: rsyslog-dir
mountPath: "/var/lib/awx/rsyslog"
- name: "{{ meta.name }}-receptor-config"
- name: "{{ ansible_operator_meta.name }}-receptor-config"
mountPath: "/etc/receptor/receptor.conf"
subPath: receptor.conf
readOnly: true
- name: receptor-socket
mountPath: "/var/run/receptor"
- name: "{{ meta.name }}-projects"
- name: "{{ ansible_operator_meta.name }}-projects"
mountPath: "/var/lib/awx/projects"
{% if development_mode | bool %}
- name: awx-devel
@@ -263,7 +263,7 @@ spec:
{% endif %}
resources: {{ task_resource_requirements }}
- image: '{{ control_plane_ee_image }}'
name: '{{ meta.name }}-ee'
name: '{{ ansible_operator_meta.name }}-ee'
imagePullPolicy: '{{ image_pull_policy }}'
resources: {{ ee_resource_requirements }}
args: ['receptor', '--config', '/etc/receptor/receptor.conf']
@@ -271,18 +271,18 @@ spec:
{% if bundle_ca_crt %}
- name: "ca-trust-extracted"
mountPath: "/etc/pki/ca-trust/extracted"
- name: "{{ meta.name }}-bundle-cacert"
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
subPath: bundle-ca.crt
readOnly: true
{% endif %}
- name: "{{ meta.name }}-receptor-config"
- name: "{{ ansible_operator_meta.name }}-receptor-config"
mountPath: "/etc/receptor/receptor.conf"
subPath: receptor.conf
readOnly: true
- name: receptor-socket
mountPath: "/var/run/receptor"
- name: "{{ meta.name }}-projects"
- name: "{{ ansible_operator_meta.name }}-projects"
mountPath: "/var/lib/awx/projects"
{% if ee_extra_volume_mounts -%}
{{ ee_extra_volume_mounts | indent(width=12, indentfirst=True) }}
@@ -313,7 +313,7 @@ spec:
{% if bundle_ca_crt %}
- name: "ca-trust-extracted"
emptyDir: {}
- name: "{{ meta.name }}-bundle-cacert"
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
secret:
secretName: "{{ bundle_cacert_secret }}"
items:
@@ -321,7 +321,7 @@ spec:
path: 'bundle-ca.crt'
{% endif %}
{% if ingress_type | lower == 'route' and route_tls_termination_mechanism | lower == 'passthrough' %}
- name: "{{ meta.name }}-nginx-certs"
- name: "{{ ansible_operator_meta.name }}-nginx-certs"
secret:
secretName: "{{ route_tls_secret }}"
items:
@@ -331,16 +331,16 @@ spec:
path: 'web.crt'
{% endif %}
{% if ldap_cacert_ca_crt %}
- name: "{{ meta.name }}-ldap-cacert"
- name: "{{ ansible_operator_meta.name }}-ldap-cacert"
secret:
secretName: "{{ ldap_cacert_secret }}"
items:
- key: ldap-ca.crt
path: 'ldap-ca.crt'
{% endif %}
- name: "{{ meta.name }}-application-credentials"
- name: "{{ ansible_operator_meta.name }}-application-credentials"
secret:
secretName: "{{ meta.name }}-app-credentials"
secretName: "{{ ansible_operator_meta.name }}-app-credentials"
items:
- key: credentials.py
path: 'credentials.py'
@@ -354,27 +354,27 @@ spec:
items:
- key: secret_key
path: SECRET_KEY
- name: {{ meta.name }}-settings
- name: {{ ansible_operator_meta.name }}-settings
configMap:
name: '{{ meta.name }}-{{ deployment_type }}-configmap'
name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
items:
- key: settings
path: settings.py
- name: {{ meta.name }}-nginx-conf
- name: {{ ansible_operator_meta.name }}-nginx-conf
configMap:
name: '{{ meta.name }}-{{ deployment_type }}-configmap'
name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
items:
- key: nginx_conf
path: nginx.conf
- name: {{ meta.name }}-redis-config
- name: {{ ansible_operator_meta.name }}-redis-config
configMap:
name: {{ meta.name }}-{{ deployment_type }}-configmap
name: {{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap
items:
- key: redis_conf
path: redis.conf
- name: {{ meta.name }}-redis-socket
- name: {{ ansible_operator_meta.name }}-redis-socket
emptyDir: {}
- name: {{ meta.name }}-redis-data
- name: {{ ansible_operator_meta.name }}-redis-data
emptyDir: {}
- name: supervisor-socket
emptyDir: {}
@@ -384,19 +384,19 @@ spec:
emptyDir: {}
- name: rsyslog-dir
emptyDir: {}
- name: {{ meta.name }}-receptor-config
- name: {{ ansible_operator_meta.name }}-receptor-config
configMap:
name: '{{ meta.name }}-{{ deployment_type }}-configmap'
name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
items:
- key: receptor_conf
path: receptor.conf
- name: "{{ meta.name }}-projects"
- name: "{{ ansible_operator_meta.name }}-projects"
{% if projects_persistence|bool %}
persistentVolumeClaim:
{% if projects_existing_claim %}
claimName: {{ projects_existing_claim }}
{% else %}
claimName: '{{ meta.name }}-projects-claim'
claimName: '{{ ansible_operator_meta.name }}-projects-claim'
{% endif %}
{% else %}
emptyDir: {}

20
roles/installer/templates/ingress.yaml.j2
View File

@@ -3,11 +3,11 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: '{{ meta.name }}-ingress'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-ingress'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -24,7 +24,7 @@ spec:
pathType: Prefix
backend:
service:
name: '{{ meta.name }}-service'
name: '{{ ansible_operator_meta.name }}-service'
port:
number: 80
{% if ingress_tls_secret %}
@@ -40,11 +40,11 @@ spec:
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -69,7 +69,7 @@ spec:
{% endif %}
to:
kind: Service
name: {{ meta.name }}-service
name: {{ ansible_operator_meta.name }}-service
weight: 100
wildcardPolicy: None
{% endif %}

8
roles/installer/templates/persistent.yaml.j2
View File

@@ -2,11 +2,11 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: '{{ meta.name }}-projects-claim'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-projects-claim'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

28
roles/installer/templates/postgres.yaml.j2
View File

@@ -3,13 +3,13 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: '{{ meta.name }}-postgres'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: 'postgres'
app.kubernetes.io/instance: 'postgres-{{ meta.name }}'
app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
app.kubernetes.io/component: database
@@ -17,10 +17,10 @@ spec:
selector:
matchLabels:
app.kubernetes.io/name: 'postgres'
app.kubernetes.io/instance: 'postgres-{{ meta.name }}'
app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
serviceName: '{{ meta.name }}'
serviceName: '{{ ansible_operator_meta.name }}'
replicas: 1
updateStrategy:
type: RollingUpdate
@@ -28,9 +28,9 @@ spec:
metadata:
labels:
app.kubernetes.io/name: 'postgres'
app.kubernetes.io/instance: 'postgres-{{ meta.name }}'
app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
spec:
{% if image_pull_secret %}
@@ -113,13 +113,13 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: '{{ meta.name }}-postgres'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: 'postgres'
app.kubernetes.io/instance: 'postgres-{{ meta.name }}'
app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
app.kubernetes.io/component: database
@@ -129,7 +129,7 @@ spec:
clusterIP: None
selector:
app.kubernetes.io/name: 'postgres'
app.kubernetes.io/instance: 'postgres-{{ meta.name }}'
app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}'
app.kubernetes.io/component: 'database'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'

10
roles/installer/templates/postgres_secret.yaml.j2
View File

@@ -3,11 +3,11 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ meta.name }}-postgres-configuration'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-postgres-configuration'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -16,5 +16,5 @@ stringData:
username: '{{ database_username }}'
database: '{{ database_name }}'
port: '5432'
host: {{ meta.name }}-postgres
host: {{ ansible_operator_meta.name }}-postgres
type: 'managed'

8
roles/installer/templates/secret_key.yaml.j2
View File

@@ -2,11 +2,11 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ meta.name }}-secret-key'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-secret-key'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'

18
roles/installer/templates/service.yaml.j2
View File

@@ -2,11 +2,11 @@
apiVersion: v1
kind: Service
metadata:
name: '{{ meta.name }}-service'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}-service'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -39,19 +39,15 @@ spec:
protocol: TCP
targetPort: 8052
name: http
{% elif service_type | lower == "nodeport" %}
- port: {{ nodeport_port }}
protocol: TCP
targetPort: 8052
name: http
type: NodePort
{% endif %}
selector:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
{% if service_type | lower == "loadbalancer" %}
type: LoadBalancer
{% elif service_type | lower == "nodeport" %}
type: NodePort
{% else %}
type: ClusterIP
{% endif %}

20
roles/installer/templates/service_account.yaml.j2
View File

@@ -2,11 +2,11 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -18,8 +18,8 @@ metadata:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["pods"]
@@ -38,12 +38,12 @@ rules:
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
subjects:
- kind: ServiceAccount
name: '{{ meta.name }}'
name: '{{ ansible_operator_meta.name }}'
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: '{{ meta.name }}'
name: '{{ ansible_operator_meta.name }}'

2
roles/restore/defaults/main.yml
View File

@@ -6,7 +6,7 @@ api_version: '{{ deployment_type }}.ansible.com/v1beta1'
# Required: specify a pre-created PVC (name) to restore from
backup_pvc: ''
backup_pvc_namespace: '{{ meta.namespace }}'
backup_pvc_namespace: '{{ ansible_operator_meta.namespace }}'
# Required: backup name, found on the awxbackup object
backup_dir: ''

4
roles/restore/tasks/cleanup.yml
View File

@@ -2,7 +2,7 @@
- name: Delete any existing management pod
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Pod
namespace: "{{ backup_pvc_namespace }}"
state: absent
@@ -15,7 +15,7 @@
kind: Secret
metadata:
name: '{{ item }}'
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
ownerReferences: null
loop:
- '{{ secret_key_secret }}'

6
roles/restore/tasks/deploy_awx.yml
View File

@@ -3,7 +3,7 @@
- name: Get AWX object definition from pvc
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c "cat '{{ backup_dir }}/awx_object'"
register: awx_object
@@ -25,7 +25,7 @@
- name: Deploy AWX
k8s:
state: "{{ state | default('present') }}"
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
apply: yes
definition: "{{ lookup('template', 'awx_object.yml.j2') }}"
wait: true
@@ -40,5 +40,5 @@
kind: AWX
metadata:
name: '{{ deployment_name }}'
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
ownerReferences: null

2
roles/restore/tasks/error_handling.yml
View File

@@ -7,5 +7,5 @@
- name: Emit ocp event with error
k8s:
kind: Event
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
template: "event.yml.j2"

6
roles/restore/tasks/init.yml
View File

@@ -64,7 +64,7 @@
- name: Delete any existing management pod
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Pod
namespace: "{{ backup_pvc_namespace }}"
state: absent
@@ -73,7 +73,7 @@
- name: Create management pod from templated deployment config
k8s:
name: "{{ meta.name }}-db-management"
name: "{{ ansible_operator_meta.name }}-db-management"
kind: Deployment
state: present
template: "management-pod.yml.j2"
@@ -82,7 +82,7 @@
- name: Check to make sure backup directory exists on PVC
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c "stat {{ backup_dir }}"
register: stat_backup_dir

16
roles/restore/tasks/main.yml
View File

@@ -5,14 +5,14 @@
definition:
apiVersion: '{{ api_version }}'
kind: '{{ kind }}'
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
metadata:
name: '{{ meta.name }}'
namespace: '{{ meta.namespace }}'
name: '{{ ansible_operator_meta.name }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
@@ -21,8 +21,8 @@
k8s_info:
api_version: "{{ api_version }}"
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: this_restore
- block:

12
roles/restore/tasks/postgres.yml
View File

@@ -7,7 +7,7 @@
- name: Check for specified PostgreSQL configuration
k8s_info:
kind: Secret
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
name: '{{ postgres_configuration_secret }}'
register: pg_config
no_log: true
@@ -30,7 +30,7 @@
- name: Get the postgres pod information
k8s_info:
kind: Pod
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
label_selectors:
- "{{ postgres_label_selector }}"
register: postgres_pod
@@ -49,7 +49,7 @@
api_version: v1
kind: Deployment
name: "{{ deployment_name }}"
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
register: this_deployment
- name: Scale down Deployment for migration
@@ -57,14 +57,14 @@
api_version: v1
kind: Deployment
name: "{{ deployment_name }}"
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
replicas: 0
wait: yes
when: this_deployment['resources'] | length
- name: Set full resolvable host name for postgres pod
set_fact:
resolvable_db_host: "{{ awx_postgres_host }}.{{ meta.namespace }}.svc.cluster.local"
resolvable_db_host: "{{ awx_postgres_host }}.{{ ansible_operator_meta.namespace }}.svc.cluster.local"
no_log: true
when: awx_postgres_type == 'managed'
@@ -82,7 +82,7 @@
- name: Restore database dump to the new postgresql container
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: |
bash -c """
set -e -o pipefail

6
roles/restore/tasks/secrets.yml
View File

@@ -3,7 +3,7 @@
- name: Get secret definition from pvc
k8s_exec:
namespace: "{{ backup_pvc_namespace }}"
pod: "{{ meta.name }}-db-management"
pod: "{{ ansible_operator_meta.name }}-db-management"
command: >-
bash -c "cat '{{ backup_dir }}/secrets.yml'"
register: _secrets
@@ -57,7 +57,7 @@
- name: Apply secret
k8s:
state: present
namespace: "{{ meta.namespace }}"
namespace: "{{ ansible_operator_meta.namespace }}"
apply: yes
wait: yes
template: "secrets.yml.j2"
@@ -70,7 +70,7 @@
kind: Secret
metadata:
name: "{{ item.value.name }}"
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
ownerReferences: null
loop: "{{ secrets | dict2items }}"
no_log: true

4
roles/restore/tasks/update_status.yml
View File

@@ -4,8 +4,8 @@
operator_sdk.util.k8s_status:
api_version: '{{ api_version }}'
kind: "{{ kind }}"
name: "{{ meta.name }}"
namespace: "{{ meta.namespace }}"
name: "{{ ansible_operator_meta.name }}"
namespace: "{{ ansible_operator_meta.namespace }}"
status:
restoreComplete: true
when: tower_restore_complete is defined

2
roles/restore/templates/awx_object.yml.j2
View File

@@ -3,6 +3,6 @@ apiVersion: '{{ api_version }}'
kind: AWX
metadata:
name: '{{ deployment_name }}'
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
spec:
{{ spec | to_yaml | indent(2) }}

6
roles/restore/templates/event.yml.j2
View File

@@ -3,12 +3,12 @@ apiVersion: v1
kind: Event
metadata:
name: restore-error.{{ now }}
namespace: {{ meta.namespace }}
namespace: {{ ansible_operator_meta.namespace }}
involvedObject:
apiVersion: awx.ansible.com/v1beta1
kind: {{ kind }}
name: {{ meta.name }}
namespace: {{ meta.namespace }}
name: {{ ansible_operator_meta.name }}
namespace: {{ ansible_operator_meta.namespace }}
message: {{ error_msg }}
reason: RestoreFailed
type: Warning

12
roles/restore/templates/management-pod.yml.j2
View File

@@ -2,26 +2,26 @@
apiVersion: v1
kind: Pod
metadata:
name: {{ meta.name }}-db-management
name: {{ ansible_operator_meta.name }}-db-management
namespace: {{ backup_pvc_namespace }}
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
spec:
containers:
- name: {{ meta.name }}-db-management
- name: {{ ansible_operator_meta.name }}-db-management
image: "{{ postgres_image }}:{{ postgres_image_version }}"
imagePullPolicy: Always
command: ["sleep", "infinity"]
volumeMounts:
- name: {{ meta.name }}-backup
- name: {{ ansible_operator_meta.name }}-backup
mountPath: /backups
readOnly: false
volumes:
- name: {{ meta.name }}-backup
- name: {{ ansible_operator_meta.name }}-backup
persistentVolumeClaim:
claimName: {{ backup_pvc }}
readOnly: false

6
roles/restore/templates/secrets.yml.j2
View File

@@ -4,10 +4,10 @@ apiVersion: v1
kind: Secret
metadata:
name: '{{ secrets[secret]['name'] }}'
namespace: '{{ meta.namespace }}'
namespace: '{{ ansible_operator_meta.namespace }}'
labels:
app.kubernetes.io/name: '{{ meta.name }}'
app.kubernetes.io/part-of: '{{ meta.name }}'
app.kubernetes.io/name: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
app.kubernetes.io/component: '{{ deployment_type }}'
app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'