diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml index 3ad4c53a..8a609fd2 100644 --- a/roles/backup/defaults/main.yml +++ b/roles/backup/defaults/main.yml @@ -6,7 +6,7 @@ api_version: '{{ deployment_type }}.ansible.com/v1beta1' # Specify a pre-created PVC (name) to backup to backup_pvc: '' -backup_pvc_namespace: "{{ meta.namespace }}" +backup_pvc_namespace: "{{ ansible_operator_meta.namespace }}" # Size of backup PVC if created dynamically backup_storage_requirements: '' diff --git a/roles/backup/tasks/awx-cro.yml b/roles/backup/tasks/awx-cro.yml index d93838cc..cd9b9e03 100644 --- a/roles/backup/tasks/awx-cro.yml +++ b/roles/backup/tasks/awx-cro.yml @@ -4,7 +4,7 @@ k8s_info: version: v1beta1 kind: AWX - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ deployment_name }}' register: _awx_cro @@ -29,6 +29,6 @@ - name: Write awx object to pvc k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c 'echo "$0" > {{ backup_dir }}/awx_object' {{ awx_spec | to_yaml | quote }} diff --git a/roles/backup/tasks/cleanup.yml b/roles/backup/tasks/cleanup.yml index f91c8e6c..77172a54 100644 --- a/roles/backup/tasks/cleanup.yml +++ b/roles/backup/tasks/cleanup.yml @@ -2,7 +2,7 @@ - name: Delete any existing management pod k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Pod namespace: "{{ backup_pvc_namespace }}" state: absent diff --git a/roles/backup/tasks/dump_generated_secret.yml b/roles/backup/tasks/dump_generated_secret.yml index 6d262af1..71b3a425 100644 --- a/roles/backup/tasks/dump_generated_secret.yml +++ b/roles/backup/tasks/dump_generated_secret.yml @@ -22,7 +22,7 @@ k8s_info: version: v1 kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: "{{ _name }}" register: _secret no_log: true diff --git a/roles/backup/tasks/dump_secret.yml b/roles/backup/tasks/dump_secret.yml index 76f845d1..e927cac8 100644 --- a/roles/backup/tasks/dump_secret.yml +++ b/roles/backup/tasks/dump_secret.yml @@ -10,7 +10,7 @@ k8s_info: version: v1 kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: "{{ _name }}" register: _secret no_log: true diff --git a/roles/backup/tasks/error_handling.yml b/roles/backup/tasks/error_handling.yml index 1d41721d..679f1cea 100644 --- a/roles/backup/tasks/error_handling.yml +++ b/roles/backup/tasks/error_handling.yml @@ -7,5 +7,5 @@ - name: Emit ocp event with error k8s: kind: Event - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" template: "event.yml.j2" diff --git a/roles/backup/tasks/init.yml b/roles/backup/tasks/init.yml index 08d69451..2806a401 100644 --- a/roles/backup/tasks/init.yml +++ b/roles/backup/tasks/init.yml @@ -2,7 +2,7 @@ - name: Delete any existing management pod k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Pod namespace: "{{ backup_pvc_namespace }}" state: absent @@ -65,7 +65,7 @@ - name: Create management pod from templated deployment config k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Deployment state: present template: "management-pod.yml.j2" @@ -76,5 +76,5 @@ api_version: "{{ api_version }}" kind: "AWX" name: "{{ deployment_name }}" - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: this_awx diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml index 502450e3..b2573929 100644 --- a/roles/backup/tasks/main.yml +++ b/roles/backup/tasks/main.yml @@ -5,14 +5,14 @@ definition: apiVersion: '{{ api_version }}' kind: '{{ kind }}' - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -21,8 +21,8 @@ k8s_info: api_version: "{{ api_version }}" kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: this_backup - block: diff --git a/roles/backup/tasks/postgres.yml b/roles/backup/tasks/postgres.yml index 28dac9b6..9cfbff96 100644 --- a/roles/backup/tasks/postgres.yml +++ b/roles/backup/tasks/postgres.yml @@ -3,7 +3,7 @@ - name: Get PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}" register: pg_config no_log: true @@ -32,7 +32,7 @@ - name: Get the postgres pod information k8s_info: kind: Pod - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' label_selectors: - "{{ postgres_label_selector }}" register: postgres_pod @@ -58,27 +58,27 @@ - name: Create directory for backup k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- mkdir -p {{ backup_dir }} - name: Precreate file for database dump k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- touch {{ backup_dir }}/tower.db - name: Set permissions on file for database dump k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "chmod 0600 {{ backup_dir }}/tower.db && chown postgres:root {{ backup_dir }}/tower.db" - name: Set full resolvable host name for postgres pod set_fact: - resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # noqa 204 + resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # noqa 204 no_log: true - name: Set pg_dump command @@ -95,7 +95,7 @@ - name: Write pg_dump to backup on PVC k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: | bash -c """ set -e -o pipefail diff --git a/roles/backup/tasks/secrets.yml b/roles/backup/tasks/secrets.yml index e45d1ef8..e17083ca 100644 --- a/roles/backup/tasks/secrets.yml +++ b/roles/backup/tasks/secrets.yml @@ -32,7 +32,7 @@ - name: Write postgres configuration to pvc k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "echo '{{ secrets | to_yaml }}' > {{ backup_dir }}/secrets.yml" no_log: true diff --git a/roles/backup/tasks/update_status.yml b/roles/backup/tasks/update_status.yml index d134e95a..8130a85d 100644 --- a/roles/backup/tasks/update_status.yml +++ b/roles/backup/tasks/update_status.yml @@ -5,8 +5,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: backupDirectory: "{{ backup_dir }}" backupClaim: "{{ backup_claim }}" diff --git a/roles/backup/templates/backup_pvc.yml.j2 b/roles/backup/templates/backup_pvc.yml.j2 index bc3e9298..f5960f05 100644 --- a/roles/backup/templates/backup_pvc.yml.j2 +++ b/roles/backup/templates/backup_pvc.yml.j2 @@ -6,8 +6,8 @@ metadata: namespace: {{ backup_pvc_namespace }} ownerReferences: null labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/backup/templates/event.yml.j2 b/roles/backup/templates/event.yml.j2 index ead6aea4..5c6fd599 100644 --- a/roles/backup/templates/event.yml.j2 +++ b/roles/backup/templates/event.yml.j2 @@ -3,12 +3,12 @@ apiVersion: v1 kind: Event metadata: name: backup-error.{{ now }} - namespace: {{ meta.namespace }} + namespace: {{ ansible_operator_meta.namespace }} involvedObject: apiVersion: awx.ansible.com/v1beta1 kind: {{ kind }} - name: {{ meta.name }} - namespace: {{ meta.namespace }} + name: {{ ansible_operator_meta.name }} + namespace: {{ ansible_operator_meta.namespace }} message: {{ error_msg }} reason: BackupFailed type: Warning diff --git a/roles/backup/templates/management-pod.yml.j2 b/roles/backup/templates/management-pod.yml.j2 index 17711a84..b79fe8f4 100644 --- a/roles/backup/templates/management-pod.yml.j2 +++ b/roles/backup/templates/management-pod.yml.j2 @@ -2,26 +2,26 @@ apiVersion: v1 kind: Pod metadata: - name: {{ meta.name }}-db-management + name: {{ ansible_operator_meta.name }}-db-management namespace: {{ backup_pvc_namespace }} labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' spec: containers: - - name: {{ meta.name }}-db-management + - name: {{ ansible_operator_meta.name }}-db-management image: "{{ postgres_image }}:{{ postgres_image_version }}" imagePullPolicy: Always command: ["sleep", "infinity"] volumeMounts: - - name: {{ meta.name }}-backup + - name: {{ ansible_operator_meta.name }}-backup mountPath: /backups readOnly: false volumes: - - name: {{ meta.name }}-backup + - name: {{ ansible_operator_meta.name }}-backup persistentVolumeClaim: claimName: {{ backup_claim }} readOnly: false diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index a87ed186..337145d1 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -53,7 +53,7 @@ route_tls_secret: '' # route_host: '' -hostname: '{{ meta.name }}.example.com' +hostname: '{{ ansible_operator_meta.name }}.example.com' # Add a nodeSelector for the AWX pods. It must match a node's labels for the pod # to be scheduled on that node. Specify as literal block. E.g.: diff --git a/roles/installer/tasks/admin_password_configuration.yml b/roles/installer/tasks/admin_password_configuration.yml index c38300a2..551f68f3 100644 --- a/roles/installer/tasks/admin_password_configuration.yml +++ b/roles/installer/tasks/admin_password_configuration.yml @@ -2,7 +2,7 @@ - name: Check for specified admin password configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ admin_password_secret }}' register: _custom_admin_password no_log: true @@ -11,8 +11,8 @@ - name: Check for default admin password configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-admin-password' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-admin-password' register: _default_admin_password no_log: true @@ -31,8 +31,8 @@ - name: Read admin password secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-admin-password' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-admin-password' register: _generated_admin_password no_log: true diff --git a/roles/installer/tasks/broadcast_websocket_configuration.yml b/roles/installer/tasks/broadcast_websocket_configuration.yml index d40f1cc5..b417aed0 100644 --- a/roles/installer/tasks/broadcast_websocket_configuration.yml +++ b/roles/installer/tasks/broadcast_websocket_configuration.yml @@ -2,7 +2,7 @@ - name: Check for specified broadcast websocket secret configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ broadcast_websocket_secret }}' register: _custom_broadcast_websocket no_log: true @@ -11,8 +11,8 @@ - name: Check for default broadcast websocket secret configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-broadcast-websocket' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-broadcast-websocket' register: _default_broadcast_websocket no_log: true @@ -32,8 +32,8 @@ - name: Read broadcast websocket secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-broadcast-websocket' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-broadcast-websocket' register: _generated_broadcast_websocket no_log: true diff --git a/roles/installer/tasks/cleanup.yml b/roles/installer/tasks/cleanup.yml index 7fb5084a..2efaf8ea 100644 --- a/roles/installer/tasks/cleanup.yml +++ b/roles/installer/tasks/cleanup.yml @@ -2,12 +2,12 @@ - block: - name: Define secrets name set_fact: - _admin_password: '{{ admin_password_secret | length | ternary(admin_password_secret, meta.name + "-admin-password") }}' - _secret_key: '{{ secret_key_secret | length | ternary(secret_key_secret, meta.name + "-secret-key") }}' + _admin_password: '{{ admin_password_secret | length | ternary(admin_password_secret, ansible_operator_meta.name + "-admin-password") }}' + _secret_key: '{{ secret_key_secret | length | ternary(secret_key_secret, ansible_operator_meta.name + "-secret-key") }}' # yamllint disable-line rule:line-length - _broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, meta.name + "-broadcast-websocket") }}' # noqa 204 + _broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, ansible_operator_meta.name + "-broadcast-websocket") }}' # noqa 204 # yamllint disable-line rule:line-length - _postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, meta.name + "-postgres-configuration") }}' # noqa 204 + _postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, ansible_operator_meta.name + "-postgres-configuration") }}' # noqa 204 - name: Remove ownerReferences reference k8s: @@ -16,7 +16,7 @@ kind: Secret metadata: name: '{{ item }}' - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' ownerReferences: null loop: - '{{ _admin_password }}' diff --git a/roles/installer/tasks/database_configuration.yml b/roles/installer/tasks/database_configuration.yml index 2e99be55..0e4abac9 100644 --- a/roles/installer/tasks/database_configuration.yml +++ b/roles/installer/tasks/database_configuration.yml @@ -2,7 +2,7 @@ - name: Check for specified PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ postgres_configuration_secret }}' register: _custom_pg_config_resources when: postgres_configuration_secret | length @@ -11,15 +11,15 @@ - name: Check for default PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-postgres-configuration' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres-configuration' register: _default_pg_config_resources no_log: true - name: Check for specified old PostgreSQL configuration secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ old_postgres_configuration_secret }}' register: _custom_old_pg_config_resources when: old_postgres_configuration_secret | length @@ -28,8 +28,8 @@ - name: Check for default old PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-old-postgres-configuration' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-old-postgres-configuration' register: _default_old_pg_config_resources no_log: true @@ -62,8 +62,8 @@ - name: Read Database Configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-postgres-configuration' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres-configuration' register: _generated_pg_config_resources no_log: true when: not _pg_config['resources'] | default([]) | length @@ -92,8 +92,8 @@ kubernetes.core.k8s_scale: api_version: apps/v1 kind: StatefulSet - name: "{{ meta.name }}-postgres" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-postgres" + namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 wait: yes @@ -102,8 +102,8 @@ state: absent api_version: apps/v1 kind: StatefulSet - name: "{{ meta.name }}-postgres" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-postgres" + namespace: "{{ ansible_operator_meta.namespace }}" wait: yes when: create_statefulset_result.error == 422 @@ -127,8 +127,8 @@ k8s_info: api_version: "{{ api_version }}" kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: this_awx - name: Migrate data from old Openshift instance diff --git a/roles/installer/tasks/initialize_django.yml b/roles/installer/tasks/initialize_django.yml index 924e77b0..2de9ffa0 100644 --- a/roles/installer/tasks/initialize_django.yml +++ b/roles/installer/tasks/initialize_django.yml @@ -1,9 +1,9 @@ --- - name: Check if there are any super users defined. k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True, username=\"{{ admin_user }}\").count(); @@ -15,9 +15,9 @@ - name: Update super user password via Django if it does exist (same password is a noop) k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage update_password --username '{{ admin_user }}' --password '{{ admin_password }}'" register: update_pw_result @@ -27,9 +27,9 @@ - name: Create super user via Django if it doesn't exist. k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "echo \"from django.contrib.auth.models import User; User.objects.create_superuser('{{ admin_user }}', '{{ admin_email }}', '{{ admin_password }}')\" @@ -39,9 +39,9 @@ - name: Create preload data if necessary. # noqa 305 k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage create_preload_data" register: cdo @@ -50,9 +50,9 @@ - name: Check if legacy queue is present k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage list_instances | grep '^\[tower capacity=[0-9]*\]'" register: legacy_queue @@ -60,9 +60,9 @@ - name: Unregister legacy queue k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage unregister_queue --queuename=tower" when: "'[tower capacity=' in legacy_queue.stdout" @@ -70,7 +70,7 @@ - name: Check for specified default execution environment pull credentials k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ ee_pull_credentials_secret }}' register: _custom_execution_environments_pull_credentials when: ee_pull_credentials_secret | length @@ -84,9 +84,9 @@ - name: Register default execution environments (without authentication) k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage register_default_execution_environments" register: ree @@ -105,9 +105,9 @@ - name: Register default execution environments (with authentication) k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage register_default_execution_environments --registry-username='{{ default_execution_environment_pull_credentials_user }}' diff --git a/roles/installer/tasks/load_bundle_cacert_secret.yml b/roles/installer/tasks/load_bundle_cacert_secret.yml index d1803d00..96d46f2d 100644 --- a/roles/installer/tasks/load_bundle_cacert_secret.yml +++ b/roles/installer/tasks/load_bundle_cacert_secret.yml @@ -2,7 +2,7 @@ - name: Retrieve bundle Certificate Authority Secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ bundle_cacert_secret }}' register: bundle_cacert no_log: true diff --git a/roles/installer/tasks/load_ldap_cacert_secret.yml b/roles/installer/tasks/load_ldap_cacert_secret.yml index c1ff67c3..a384cfd6 100644 --- a/roles/installer/tasks/load_ldap_cacert_secret.yml +++ b/roles/installer/tasks/load_ldap_cacert_secret.yml @@ -2,7 +2,7 @@ - name: Retrieve LDAP CA Certificate Secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ ldap_cacert_secret }}' register: ldap_cacert no_log: true diff --git a/roles/installer/tasks/load_route_tls_secret.yml b/roles/installer/tasks/load_route_tls_secret.yml index 0abc1371..912c12e6 100644 --- a/roles/installer/tasks/load_route_tls_secret.yml +++ b/roles/installer/tasks/load_route_tls_secret.yml @@ -2,7 +2,7 @@ - name: Retrieve Route TLS Secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ route_tls_secret }}' register: route_tls no_log: true diff --git a/roles/installer/tasks/main.yml b/roles/installer/tasks/main.yml index b072e255..3b2e3895 100644 --- a/roles/installer/tasks/main.yml +++ b/roles/installer/tasks/main.yml @@ -5,14 +5,14 @@ definition: apiVersion: '{{ api_version }}' kind: '{{ kind }}' - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -50,9 +50,9 @@ - name: Check for pending migrations k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage showmigrations | grep -v '[X]' | grep '[ ]' | wc -l" changed_when: false @@ -60,9 +60,9 @@ - name: Migrate the database if the K8s resources were updated. # noqa 305 k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage migrate --noinput" register: migrate_result diff --git a/roles/installer/tasks/migrate_data.yml b/roles/installer/tasks/migrate_data.yml index 735002d0..d8db0fcd 100644 --- a/roles/installer/tasks/migrate_data.yml +++ b/roles/installer/tasks/migrate_data.yml @@ -15,14 +15,14 @@ - name: Default label selector to custom resource generated postgres set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ meta.name }}" + postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ ansible_operator_meta.name }}" when: postgres_label_selector is not defined - name: Get the postgres pod information k8s_info: kind: Pod - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-postgres-0' # using name to keep compatibility + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres-0' # using name to keep compatibility field_selectors: - status.phase=Running register: postgres_pod @@ -60,7 +60,7 @@ - name: Stream backup from pg_dump to the new postgresql container k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ postgres_pod_name }}" command: | bash -c """ diff --git a/roles/installer/tasks/resources_configuration.yml b/roles/installer/tasks/resources_configuration.yml index 778646ed..a578b5ef 100644 --- a/roles/installer/tasks/resources_configuration.yml +++ b/roles/installer/tasks/resources_configuration.yml @@ -4,9 +4,9 @@ k8s_info: api_version: v1 kind: Pod - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' label_selectors: - - "app.kubernetes.io/name={{ meta.name }}" + - "app.kubernetes.io/name={{ ansible_operator_meta.name }}" - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - "app.kubernetes.io/component={{ deployment_type }}" field_selectors: @@ -30,7 +30,7 @@ - 'persistent' - 'service' - 'ingress' - no_log: true + # no_log: true - name: Apply deployment resources k8s: @@ -45,7 +45,7 @@ api_version: v1 state: absent kind: Pod - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ tower_pod_name }}' wait: yes when: @@ -55,9 +55,9 @@ - name: Get the new resource pod information after updating resource. k8s_info: kind: Pod - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' label_selectors: - - "app.kubernetes.io/name={{ meta.name }}" + - "app.kubernetes.io/name={{ ansible_operator_meta.name }}" - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - "app.kubernetes.io/component={{ deployment_type }}" field_selectors: diff --git a/roles/installer/tasks/scale_down_deployment.yml b/roles/installer/tasks/scale_down_deployment.yml index 83a3a304..91182610 100644 --- a/roles/installer/tasks/scale_down_deployment.yml +++ b/roles/installer/tasks/scale_down_deployment.yml @@ -4,16 +4,16 @@ k8s_info: api_version: v1 kind: Deployment - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: tower_deployment - name: Scale down Deployment for migration kubernetes.core.k8s_scale: api_version: v1 kind: Deployment - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 wait: yes when: tower_deployment['resources'] | length diff --git a/roles/installer/tasks/secret_key_configuration.yml b/roles/installer/tasks/secret_key_configuration.yml index 593f3a21..96a6fa37 100644 --- a/roles/installer/tasks/secret_key_configuration.yml +++ b/roles/installer/tasks/secret_key_configuration.yml @@ -2,7 +2,7 @@ - name: Check for specified secret key configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ secret_key_secret }}' register: _custom_secret_key no_log: true @@ -11,8 +11,8 @@ - name: Check for default secret key configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-secret-key' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-secret-key' register: _default_secret_key no_log: true @@ -31,8 +31,8 @@ - name: Read secret key secret k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}-secret-key' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-secret-key' register: _generated_secret_key no_log: true diff --git a/roles/installer/tasks/update_status.yml b/roles/installer/tasks/update_status.yml index fd6f3cdc..92d7f953 100644 --- a/roles/installer/tasks/update_status.yml +++ b/roles/installer/tasks/update_status.yml @@ -3,8 +3,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: adminPasswordSecret: "{{ __admin_password_secret['resources'][0]['metadata']['name'] }}" @@ -12,8 +12,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: adminUser: "{{ admin_user }}" @@ -21,8 +21,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: postgresConfigurationSecret: "{{ pg_config['resources'][0]['metadata']['name'] }}" @@ -30,8 +30,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: broadcastWebsocketSecret: "{{ __broadcast_websocket_secret['resources'][0]['metadata']['name'] }}" @@ -39,16 +39,16 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: secretKeySecret: "{{ secret_key_secret_name }}" - name: Retrieve instance version k8s_exec: - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ tower_pod_name }}" - container: "{{ meta.name }}-task" + container: "{{ ansible_operator_meta.name }}-task" command: >- bash -c "awx-manage --version" register: instance_version @@ -58,8 +58,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: version: "{{ instance_version.stdout | trim }}" @@ -67,8 +67,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: image: "{{ image }}" @@ -77,16 +77,16 @@ k8s_info: api_version: 'route.openshift.io/v1' kind: Route - namespace: '{{ meta.namespace }}' - name: '{{ meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' register: route_url - name: Update URL status operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: URL: "https://{{ route_url['resources'][0]['status']['ingress'][0]['host'] }}" @@ -96,8 +96,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: migratedFromSecret: "{{ tower_migrated_from_secret }}" when: tower_migrated_from_secret is defined diff --git a/roles/installer/templates/admin_password_secret.yaml.j2 b/roles/installer/templates/admin_password_secret.yaml.j2 index 2b93390d..693c5d22 100644 --- a/roles/installer/templates/admin_password_secret.yaml.j2 +++ b/roles/installer/templates/admin_password_secret.yaml.j2 @@ -2,11 +2,11 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ meta.name }}-admin-password' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-admin-password' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/app_credentials.yaml.j2 b/roles/installer/templates/app_credentials.yaml.j2 index 56052173..9776b879 100644 --- a/roles/installer/templates/app_credentials.yaml.j2 +++ b/roles/installer/templates/app_credentials.yaml.j2 @@ -3,11 +3,11 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ meta.name }}-app-credentials' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-app-credentials' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/broadcast_websocket_secret.yaml.j2 b/roles/installer/templates/broadcast_websocket_secret.yaml.j2 index 852f8cb8..724f6f75 100644 --- a/roles/installer/templates/broadcast_websocket_secret.yaml.j2 +++ b/roles/installer/templates/broadcast_websocket_secret.yaml.j2 @@ -2,11 +2,11 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ meta.name }}-broadcast-websocket' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-broadcast-websocket' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/config.yaml.j2 b/roles/installer/templates/config.yaml.j2 index fb493311..903994d1 100644 --- a/roles/installer/templates/config.yaml.j2 +++ b/roles/installer/templates/config.yaml.j2 @@ -3,11 +3,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: '{{ meta.name }}-{{ deployment_type }}-configmap' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/deployment.yaml.j2 b/roles/installer/templates/deployment.yaml.j2 index 3c27418a..667c6e40 100644 --- a/roles/installer/templates/deployment.yaml.j2 +++ b/roles/installer/templates/deployment.yaml.j2 @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' app.kubernetes.io/version: '{{ image_version }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -16,19 +16,19 @@ spec: replicas: {{ replicas }} selector: matchLabels: - app.kubernetes.io/name: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' template: metadata: labels: - app.kubernetes.io/name: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' app.kubernetes.io/version: '{{ image_version }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' spec: - serviceAccountName: '{{ meta.name }}' + serviceAccountName: '{{ ansible_operator_meta.name }}' {% if image_pull_secret %} imagePullSecrets: - name: {{ image_pull_secret }} @@ -57,13 +57,13 @@ spec: {% if bundle_ca_crt %} - name: "ca-trust-extracted" mountPath: "/etc/pki/ca-trust/extracted" - - name: "{{ meta.name }}-bundle-cacert" + - name: "{{ ansible_operator_meta.name }}-bundle-cacert" mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt subPath: bundle-ca.crt readOnly: true {% endif %} {% if projects_persistence|bool %} - - name: "{{ meta.name }}-projects" + - name: "{{ ansible_operator_meta.name }}-projects" mountPath: "/var/lib/awx/projects" {% endif %} {% if init_container_extra_volume_mounts -%} @@ -76,16 +76,16 @@ spec: name: redis args: ["redis-server", "/etc/redis.conf"] volumeMounts: - - name: {{ meta.name }}-redis-config + - name: {{ ansible_operator_meta.name }}-redis-config mountPath: "/etc/redis.conf" subPath: redis.conf readOnly: true - - name: {{ meta.name }}-redis-socket + - name: {{ ansible_operator_meta.name }}-redis-socket mountPath: "/var/run/redis" - - name: "{{ meta.name }}-redis-data" + - name: "{{ ansible_operator_meta.name }}-redis-data" mountPath: "/data" - image: '{{ image }}:{{ image_version }}' - name: '{{ meta.name }}-web' + name: '{{ ansible_operator_meta.name }}-web' {% if web_command %} command: {{ web_command }} {% endif %} @@ -102,30 +102,30 @@ spec: {% if bundle_ca_crt %} - name: "ca-trust-extracted" mountPath: "/etc/pki/ca-trust/extracted" - - name: "{{ meta.name }}-bundle-cacert" + - name: "{{ ansible_operator_meta.name }}-bundle-cacert" mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt subPath: bundle-ca.crt readOnly: true {% endif %} - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/execution_environments.py" subPath: execution_environments.py readOnly: true - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/credentials.py" subPath: credentials.py readOnly: true - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/ldap.py" subPath: ldap.py readOnly: true {% if ingress_type | lower == 'route' and route_tls_termination_mechanism | lower == 'passthrough' %} - - name: "{{ meta.name }}-nginx-certs" + - name: "{{ ansible_operator_meta.name }}-nginx-certs" mountPath: "/etc/nginx/pki" readOnly: true {% endif %} {% if ldap_cacert_ca_crt %} - - name: "{{ meta.name }}-ldap-cacert" + - name: "{{ ansible_operator_meta.name }}-ldap-cacert" mountPath: /etc/openldap/certs/ldap-ca.crt subPath: ldap-ca.crt readOnly: true @@ -134,15 +134,15 @@ spec: mountPath: /etc/tower/SECRET_KEY subPath: SECRET_KEY readOnly: true - - name: {{ meta.name }}-settings + - name: {{ ansible_operator_meta.name }}-settings mountPath: /etc/tower/settings.py subPath: settings.py readOnly: true - - name: {{ meta.name }}-nginx-conf + - name: {{ ansible_operator_meta.name }}-nginx-conf mountPath: /etc/nginx/nginx.conf subPath: nginx.conf readOnly: true - - name: {{ meta.name }}-redis-socket + - name: {{ ansible_operator_meta.name }}-redis-socket mountPath: "/var/run/redis" - name: supervisor-socket mountPath: "/var/run/supervisor" @@ -150,7 +150,7 @@ spec: mountPath: "/var/run/awx-rsyslog" - name: rsyslog-dir mountPath: "/var/lib/awx/rsyslog" - - name: "{{ meta.name }}-projects" + - name: "{{ ansible_operator_meta.name }}-projects" mountPath: "/var/lib/awx/projects" {% if development_mode | bool %} - name: awx-devel @@ -173,7 +173,7 @@ spec: {% endif %} resources: {{ web_resource_requirements }} - image: '{{ image }}:{{ image_version }}' - name: '{{ meta.name }}-task' + name: '{{ ansible_operator_meta.name }}-task' imagePullPolicy: '{{ image_pull_policy }}' {% if task_privileged == true %} securityContext: @@ -189,20 +189,20 @@ spec: {% if bundle_ca_crt %} - name: "ca-trust-extracted" mountPath: "/etc/pki/ca-trust/extracted" - - name: "{{ meta.name }}-bundle-cacert" + - name: "{{ ansible_operator_meta.name }}-bundle-cacert" mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt subPath: bundle-ca.crt readOnly: true {% endif %} - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/execution_environments.py" subPath: execution_environments.py readOnly: true - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/credentials.py" subPath: credentials.py readOnly: true - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" mountPath: "/etc/tower/conf.d/ldap.py" subPath: ldap.py readOnly: true @@ -210,11 +210,11 @@ spec: mountPath: /etc/tower/SECRET_KEY subPath: SECRET_KEY readOnly: true - - name: {{ meta.name }}-settings + - name: {{ ansible_operator_meta.name }}-settings mountPath: /etc/tower/settings.py subPath: settings.py readOnly: true - - name: {{ meta.name }}-redis-socket + - name: {{ ansible_operator_meta.name }}-redis-socket mountPath: "/var/run/redis" - name: supervisor-socket mountPath: "/var/run/supervisor" @@ -222,13 +222,13 @@ spec: mountPath: "/var/run/awx-rsyslog" - name: rsyslog-dir mountPath: "/var/lib/awx/rsyslog" - - name: "{{ meta.name }}-receptor-config" + - name: "{{ ansible_operator_meta.name }}-receptor-config" mountPath: "/etc/receptor/receptor.conf" subPath: receptor.conf readOnly: true - name: receptor-socket mountPath: "/var/run/receptor" - - name: "{{ meta.name }}-projects" + - name: "{{ ansible_operator_meta.name }}-projects" mountPath: "/var/lib/awx/projects" {% if development_mode | bool %} - name: awx-devel @@ -263,7 +263,7 @@ spec: {% endif %} resources: {{ task_resource_requirements }} - image: '{{ control_plane_ee_image }}' - name: '{{ meta.name }}-ee' + name: '{{ ansible_operator_meta.name }}-ee' imagePullPolicy: '{{ image_pull_policy }}' resources: {{ ee_resource_requirements }} args: ['receptor', '--config', '/etc/receptor/receptor.conf'] @@ -271,18 +271,18 @@ spec: {% if bundle_ca_crt %} - name: "ca-trust-extracted" mountPath: "/etc/pki/ca-trust/extracted" - - name: "{{ meta.name }}-bundle-cacert" + - name: "{{ ansible_operator_meta.name }}-bundle-cacert" mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt subPath: bundle-ca.crt readOnly: true {% endif %} - - name: "{{ meta.name }}-receptor-config" + - name: "{{ ansible_operator_meta.name }}-receptor-config" mountPath: "/etc/receptor/receptor.conf" subPath: receptor.conf readOnly: true - name: receptor-socket mountPath: "/var/run/receptor" - - name: "{{ meta.name }}-projects" + - name: "{{ ansible_operator_meta.name }}-projects" mountPath: "/var/lib/awx/projects" {% if ee_extra_volume_mounts -%} {{ ee_extra_volume_mounts | indent(width=12, indentfirst=True) }} @@ -313,7 +313,7 @@ spec: {% if bundle_ca_crt %} - name: "ca-trust-extracted" emptyDir: {} - - name: "{{ meta.name }}-bundle-cacert" + - name: "{{ ansible_operator_meta.name }}-bundle-cacert" secret: secretName: "{{ bundle_cacert_secret }}" items: @@ -321,7 +321,7 @@ spec: path: 'bundle-ca.crt' {% endif %} {% if ingress_type | lower == 'route' and route_tls_termination_mechanism | lower == 'passthrough' %} - - name: "{{ meta.name }}-nginx-certs" + - name: "{{ ansible_operator_meta.name }}-nginx-certs" secret: secretName: "{{ route_tls_secret }}" items: @@ -331,16 +331,16 @@ spec: path: 'web.crt' {% endif %} {% if ldap_cacert_ca_crt %} - - name: "{{ meta.name }}-ldap-cacert" + - name: "{{ ansible_operator_meta.name }}-ldap-cacert" secret: secretName: "{{ ldap_cacert_secret }}" items: - key: ldap-ca.crt path: 'ldap-ca.crt' {% endif %} - - name: "{{ meta.name }}-application-credentials" + - name: "{{ ansible_operator_meta.name }}-application-credentials" secret: - secretName: "{{ meta.name }}-app-credentials" + secretName: "{{ ansible_operator_meta.name }}-app-credentials" items: - key: credentials.py path: 'credentials.py' @@ -354,27 +354,27 @@ spec: items: - key: secret_key path: SECRET_KEY - - name: {{ meta.name }}-settings + - name: {{ ansible_operator_meta.name }}-settings configMap: - name: '{{ meta.name }}-{{ deployment_type }}-configmap' + name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap' items: - key: settings path: settings.py - - name: {{ meta.name }}-nginx-conf + - name: {{ ansible_operator_meta.name }}-nginx-conf configMap: - name: '{{ meta.name }}-{{ deployment_type }}-configmap' + name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap' items: - key: nginx_conf path: nginx.conf - - name: {{ meta.name }}-redis-config + - name: {{ ansible_operator_meta.name }}-redis-config configMap: - name: {{ meta.name }}-{{ deployment_type }}-configmap + name: {{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap items: - key: redis_conf path: redis.conf - - name: {{ meta.name }}-redis-socket + - name: {{ ansible_operator_meta.name }}-redis-socket emptyDir: {} - - name: {{ meta.name }}-redis-data + - name: {{ ansible_operator_meta.name }}-redis-data emptyDir: {} - name: supervisor-socket emptyDir: {} @@ -384,19 +384,19 @@ spec: emptyDir: {} - name: rsyslog-dir emptyDir: {} - - name: {{ meta.name }}-receptor-config + - name: {{ ansible_operator_meta.name }}-receptor-config configMap: - name: '{{ meta.name }}-{{ deployment_type }}-configmap' + name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap' items: - key: receptor_conf path: receptor.conf - - name: "{{ meta.name }}-projects" + - name: "{{ ansible_operator_meta.name }}-projects" {% if projects_persistence|bool %} persistentVolumeClaim: {% if projects_existing_claim %} claimName: {{ projects_existing_claim }} {% else %} - claimName: '{{ meta.name }}-projects-claim' + claimName: '{{ ansible_operator_meta.name }}-projects-claim' {% endif %} {% else %} emptyDir: {} diff --git a/roles/installer/templates/ingress.yaml.j2 b/roles/installer/templates/ingress.yaml.j2 index f4f8ee93..f03b2af4 100644 --- a/roles/installer/templates/ingress.yaml.j2 +++ b/roles/installer/templates/ingress.yaml.j2 @@ -3,11 +3,11 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: '{{ meta.name }}-ingress' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-ingress' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -24,7 +24,7 @@ spec: pathType: Prefix backend: service: - name: '{{ meta.name }}-service' + name: '{{ ansible_operator_meta.name }}-service' port: number: 80 {% if ingress_tls_secret %} @@ -40,11 +40,11 @@ spec: apiVersion: route.openshift.io/v1 kind: Route metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -69,7 +69,7 @@ spec: {% endif %} to: kind: Service - name: {{ meta.name }}-service + name: {{ ansible_operator_meta.name }}-service weight: 100 wildcardPolicy: None {% endif %} diff --git a/roles/installer/templates/persistent.yaml.j2 b/roles/installer/templates/persistent.yaml.j2 index c24efc6f..b1ad19df 100644 --- a/roles/installer/templates/persistent.yaml.j2 +++ b/roles/installer/templates/persistent.yaml.j2 @@ -2,11 +2,11 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: '{{ meta.name }}-projects-claim' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-projects-claim' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/postgres.yaml.j2 b/roles/installer/templates/postgres.yaml.j2 index d17ee12a..f9d67fba 100644 --- a/roles/installer/templates/postgres.yaml.j2 +++ b/roles/installer/templates/postgres.yaml.j2 @@ -3,13 +3,13 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: '{{ meta.name }}-postgres' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres' + namespace: '{{ ansible_operator_meta.namespace }}' labels: app.kubernetes.io/name: 'postgres' - app.kubernetes.io/instance: 'postgres-{{ meta.name }}' + app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' app.kubernetes.io/component: database @@ -17,10 +17,10 @@ spec: selector: matchLabels: app.kubernetes.io/name: 'postgres' - app.kubernetes.io/instance: 'postgres-{{ meta.name }}' + app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' - serviceName: '{{ meta.name }}' + serviceName: '{{ ansible_operator_meta.name }}' replicas: 1 updateStrategy: type: RollingUpdate @@ -28,9 +28,9 @@ spec: metadata: labels: app.kubernetes.io/name: 'postgres' - app.kubernetes.io/instance: 'postgres-{{ meta.name }}' + app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' spec: {% if image_pull_secret %} @@ -113,13 +113,13 @@ spec: apiVersion: v1 kind: Service metadata: - name: '{{ meta.name }}-postgres' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres' + namespace: '{{ ansible_operator_meta.namespace }}' labels: app.kubernetes.io/name: 'postgres' - app.kubernetes.io/instance: 'postgres-{{ meta.name }}' + app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' app.kubernetes.io/component: database @@ -129,7 +129,7 @@ spec: clusterIP: None selector: app.kubernetes.io/name: 'postgres' - app.kubernetes.io/instance: 'postgres-{{ meta.name }}' + app.kubernetes.io/instance: 'postgres-{{ ansible_operator_meta.name }}' app.kubernetes.io/component: 'database' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' diff --git a/roles/installer/templates/postgres_secret.yaml.j2 b/roles/installer/templates/postgres_secret.yaml.j2 index 5e803c16..7175f391 100644 --- a/roles/installer/templates/postgres_secret.yaml.j2 +++ b/roles/installer/templates/postgres_secret.yaml.j2 @@ -3,11 +3,11 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ meta.name }}-postgres-configuration' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-postgres-configuration' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -16,5 +16,5 @@ stringData: username: '{{ database_username }}' database: '{{ database_name }}' port: '5432' - host: {{ meta.name }}-postgres + host: {{ ansible_operator_meta.name }}-postgres type: 'managed' diff --git a/roles/installer/templates/secret_key.yaml.j2 b/roles/installer/templates/secret_key.yaml.j2 index 015be735..c274d035 100644 --- a/roles/installer/templates/secret_key.yaml.j2 +++ b/roles/installer/templates/secret_key.yaml.j2 @@ -2,11 +2,11 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ meta.name }}-secret-key' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-secret-key' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' diff --git a/roles/installer/templates/service.yaml.j2 b/roles/installer/templates/service.yaml.j2 index 6faa0a6e..5eac078f 100644 --- a/roles/installer/templates/service.yaml.j2 +++ b/roles/installer/templates/service.yaml.j2 @@ -2,11 +2,11 @@ apiVersion: v1 kind: Service metadata: - name: '{{ meta.name }}-service' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}-service' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -39,19 +39,15 @@ spec: protocol: TCP targetPort: 8052 name: http -{% elif service_type | lower == "nodeport" %} - - port: {{ nodeport_port }} - protocol: TCP - targetPort: 8052 - name: http - type: NodePort {% endif %} selector: - app.kubernetes.io/name: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' {% if service_type | lower == "loadbalancer" %} type: LoadBalancer +{% elif service_type | lower == "nodeport" %} + type: NodePort {% else %} type: ClusterIP {% endif %} diff --git a/roles/installer/templates/service_account.yaml.j2 b/roles/installer/templates/service_account.yaml.j2 index 5119864b..55c3a86a 100644 --- a/roles/installer/templates/service_account.yaml.j2 +++ b/roles/installer/templates/service_account.yaml.j2 @@ -2,11 +2,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -18,8 +18,8 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' rules: - apiGroups: [""] # "" indicates the core API group resources: ["pods"] @@ -38,12 +38,12 @@ rules: kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' subjects: - kind: ServiceAccount - name: '{{ meta.name }}' + name: '{{ ansible_operator_meta.name }}' roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: '{{ meta.name }}' + name: '{{ ansible_operator_meta.name }}' diff --git a/roles/restore/defaults/main.yml b/roles/restore/defaults/main.yml index ee06115d..4b425835 100644 --- a/roles/restore/defaults/main.yml +++ b/roles/restore/defaults/main.yml @@ -6,7 +6,7 @@ api_version: '{{ deployment_type }}.ansible.com/v1beta1' # Required: specify a pre-created PVC (name) to restore from backup_pvc: '' -backup_pvc_namespace: '{{ meta.namespace }}' +backup_pvc_namespace: '{{ ansible_operator_meta.namespace }}' # Required: backup name, found on the awxbackup object backup_dir: '' diff --git a/roles/restore/tasks/cleanup.yml b/roles/restore/tasks/cleanup.yml index 8d7345d6..aceefd05 100644 --- a/roles/restore/tasks/cleanup.yml +++ b/roles/restore/tasks/cleanup.yml @@ -2,7 +2,7 @@ - name: Delete any existing management pod k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Pod namespace: "{{ backup_pvc_namespace }}" state: absent @@ -15,7 +15,7 @@ kind: Secret metadata: name: '{{ item }}' - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' ownerReferences: null loop: - '{{ secret_key_secret }}' diff --git a/roles/restore/tasks/deploy_awx.yml b/roles/restore/tasks/deploy_awx.yml index 71bc96cd..a61e3d5e 100644 --- a/roles/restore/tasks/deploy_awx.yml +++ b/roles/restore/tasks/deploy_awx.yml @@ -3,7 +3,7 @@ - name: Get AWX object definition from pvc k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "cat '{{ backup_dir }}/awx_object'" register: awx_object @@ -25,7 +25,7 @@ - name: Deploy AWX k8s: state: "{{ state | default('present') }}" - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" apply: yes definition: "{{ lookup('template', 'awx_object.yml.j2') }}" wait: true @@ -40,5 +40,5 @@ kind: AWX metadata: name: '{{ deployment_name }}' - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' ownerReferences: null diff --git a/roles/restore/tasks/error_handling.yml b/roles/restore/tasks/error_handling.yml index 1d41721d..679f1cea 100644 --- a/roles/restore/tasks/error_handling.yml +++ b/roles/restore/tasks/error_handling.yml @@ -7,5 +7,5 @@ - name: Emit ocp event with error k8s: kind: Event - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" template: "event.yml.j2" diff --git a/roles/restore/tasks/init.yml b/roles/restore/tasks/init.yml index ad406699..be5bc387 100644 --- a/roles/restore/tasks/init.yml +++ b/roles/restore/tasks/init.yml @@ -64,7 +64,7 @@ - name: Delete any existing management pod k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Pod namespace: "{{ backup_pvc_namespace }}" state: absent @@ -73,7 +73,7 @@ - name: Create management pod from templated deployment config k8s: - name: "{{ meta.name }}-db-management" + name: "{{ ansible_operator_meta.name }}-db-management" kind: Deployment state: present template: "management-pod.yml.j2" @@ -82,7 +82,7 @@ - name: Check to make sure backup directory exists on PVC k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "stat {{ backup_dir }}" register: stat_backup_dir diff --git a/roles/restore/tasks/main.yml b/roles/restore/tasks/main.yml index d11b365f..44fabe9f 100644 --- a/roles/restore/tasks/main.yml +++ b/roles/restore/tasks/main.yml @@ -5,14 +5,14 @@ definition: apiVersion: '{{ api_version }}' kind: '{{ kind }}' - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' metadata: - name: '{{ meta.name }}' - namespace: '{{ meta.namespace }}' + name: '{{ ansible_operator_meta.name }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' @@ -21,8 +21,8 @@ k8s_info: api_version: "{{ api_version }}" kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: this_restore - block: diff --git a/roles/restore/tasks/postgres.yml b/roles/restore/tasks/postgres.yml index a9c17fda..c4a7927b 100644 --- a/roles/restore/tasks/postgres.yml +++ b/roles/restore/tasks/postgres.yml @@ -7,7 +7,7 @@ - name: Check for specified PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' name: '{{ postgres_configuration_secret }}' register: pg_config no_log: true @@ -30,7 +30,7 @@ - name: Get the postgres pod information k8s_info: kind: Pod - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' label_selectors: - "{{ postgres_label_selector }}" register: postgres_pod @@ -49,7 +49,7 @@ api_version: v1 kind: Deployment name: "{{ deployment_name }}" - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" register: this_deployment - name: Scale down Deployment for migration @@ -57,14 +57,14 @@ api_version: v1 kind: Deployment name: "{{ deployment_name }}" - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 wait: yes when: this_deployment['resources'] | length - name: Set full resolvable host name for postgres pod set_fact: - resolvable_db_host: "{{ awx_postgres_host }}.{{ meta.namespace }}.svc.cluster.local" + resolvable_db_host: "{{ awx_postgres_host }}.{{ ansible_operator_meta.namespace }}.svc.cluster.local" no_log: true when: awx_postgres_type == 'managed' @@ -82,7 +82,7 @@ - name: Restore database dump to the new postgresql container k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: | bash -c """ set -e -o pipefail diff --git a/roles/restore/tasks/secrets.yml b/roles/restore/tasks/secrets.yml index 644aea28..b1de1648 100644 --- a/roles/restore/tasks/secrets.yml +++ b/roles/restore/tasks/secrets.yml @@ -3,7 +3,7 @@ - name: Get secret definition from pvc k8s_exec: namespace: "{{ backup_pvc_namespace }}" - pod: "{{ meta.name }}-db-management" + pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "cat '{{ backup_dir }}/secrets.yml'" register: _secrets @@ -57,7 +57,7 @@ - name: Apply secret k8s: state: present - namespace: "{{ meta.namespace }}" + namespace: "{{ ansible_operator_meta.namespace }}" apply: yes wait: yes template: "secrets.yml.j2" @@ -70,7 +70,7 @@ kind: Secret metadata: name: "{{ item.value.name }}" - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' ownerReferences: null loop: "{{ secrets | dict2items }}" no_log: true diff --git a/roles/restore/tasks/update_status.yml b/roles/restore/tasks/update_status.yml index 08ae27cb..53f3213a 100644 --- a/roles/restore/tasks/update_status.yml +++ b/roles/restore/tasks/update_status.yml @@ -4,8 +4,8 @@ operator_sdk.util.k8s_status: api_version: '{{ api_version }}' kind: "{{ kind }}" - name: "{{ meta.name }}" - namespace: "{{ meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" status: restoreComplete: true when: tower_restore_complete is defined diff --git a/roles/restore/templates/awx_object.yml.j2 b/roles/restore/templates/awx_object.yml.j2 index e2e434a9..14563dfa 100644 --- a/roles/restore/templates/awx_object.yml.j2 +++ b/roles/restore/templates/awx_object.yml.j2 @@ -3,6 +3,6 @@ apiVersion: '{{ api_version }}' kind: AWX metadata: name: '{{ deployment_name }}' - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' spec: {{ spec | to_yaml | indent(2) }} diff --git a/roles/restore/templates/event.yml.j2 b/roles/restore/templates/event.yml.j2 index 3670cba3..8e4f9649 100644 --- a/roles/restore/templates/event.yml.j2 +++ b/roles/restore/templates/event.yml.j2 @@ -3,12 +3,12 @@ apiVersion: v1 kind: Event metadata: name: restore-error.{{ now }} - namespace: {{ meta.namespace }} + namespace: {{ ansible_operator_meta.namespace }} involvedObject: apiVersion: awx.ansible.com/v1beta1 kind: {{ kind }} - name: {{ meta.name }} - namespace: {{ meta.namespace }} + name: {{ ansible_operator_meta.name }} + namespace: {{ ansible_operator_meta.namespace }} message: {{ error_msg }} reason: RestoreFailed type: Warning diff --git a/roles/restore/templates/management-pod.yml.j2 b/roles/restore/templates/management-pod.yml.j2 index 1430efee..5ed3fb6c 100644 --- a/roles/restore/templates/management-pod.yml.j2 +++ b/roles/restore/templates/management-pod.yml.j2 @@ -2,26 +2,26 @@ apiVersion: v1 kind: Pod metadata: - name: {{ meta.name }}-db-management + name: {{ ansible_operator_meta.name }}-db-management namespace: {{ backup_pvc_namespace }} labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}' spec: containers: - - name: {{ meta.name }}-db-management + - name: {{ ansible_operator_meta.name }}-db-management image: "{{ postgres_image }}:{{ postgres_image_version }}" imagePullPolicy: Always command: ["sleep", "infinity"] volumeMounts: - - name: {{ meta.name }}-backup + - name: {{ ansible_operator_meta.name }}-backup mountPath: /backups readOnly: false volumes: - - name: {{ meta.name }}-backup + - name: {{ ansible_operator_meta.name }}-backup persistentVolumeClaim: claimName: {{ backup_pvc }} readOnly: false diff --git a/roles/restore/templates/secrets.yml.j2 b/roles/restore/templates/secrets.yml.j2 index ec01eadb..fd0b7373 100644 --- a/roles/restore/templates/secrets.yml.j2 +++ b/roles/restore/templates/secrets.yml.j2 @@ -4,10 +4,10 @@ apiVersion: v1 kind: Secret metadata: name: '{{ secrets[secret]['name'] }}' - namespace: '{{ meta.namespace }}' + namespace: '{{ ansible_operator_meta.namespace }}' labels: - app.kubernetes.io/name: '{{ meta.name }}' - app.kubernetes.io/part-of: '{{ meta.name }}' + app.kubernetes.io/name: '{{ ansible_operator_meta.name }}' + app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}' app.kubernetes.io/managed-by: '{{ deployment_type }}-operator' app.kubernetes.io/component: '{{ deployment_type }}' app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'