mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-27 22:03:11 +00:00
Compare commits
25 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
4fe482b77b | ||
|
194340688d | ||
|
b517b0a2a6 | ||
|
1dc56803e8 | ||
|
85da1aa1f3 | ||
|
|
6378836706 | ||
|
|
e829dafbd2 | ||
|
|
1023718b87 | ||
|
|
4a5141933c | ||
|
084841f549 | ||
|
76ab4a8342 | ||
|
2d6aa5815f | ||
|
d69b57c014 | ||
|
562a171de6 | ||
|
2118c6f49c | ||
|
|
9c759bfe88 | ||
|
|
d0205f4e5e | ||
|
d914edf3e0 | ||
|
be4fd1364c | ||
|
|
599b1e387d | ||
|
732ff9c02c | ||
|
|
d0e30a6878 | ||
|
|
a213b60008 | ||
|
768327ea3b | ||
|
4908ecfd5d |
2
.github/workflows/feature.yml
vendored
2
.github/workflows/feature.yml
vendored
@@ -8,7 +8,7 @@ on:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-18.04
|
||||
runs-on: ubuntu-latest
|
||||
name: Push devel image
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
8
.github/workflows/promote.yaml
vendored
8
.github/workflows/promote.yaml
vendored
@@ -12,11 +12,6 @@ jobs:
|
||||
with:
|
||||
depth: 0
|
||||
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
ref: gh-pages
|
||||
path: gh-pages
|
||||
|
||||
- name: Log in to GHCR
|
||||
run: |
|
||||
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
|
||||
@@ -40,4 +35,5 @@ jobs:
|
||||
-e chart_owner=${{ github.repository_owner }} \
|
||||
-e tag=${{ github.event.release.tag_name }} \
|
||||
-e gh_token=${{ secrets.GITHUB_TOKEN }} \
|
||||
-e gh_user=${{ github.actor }}
|
||||
-e gh_user=${{ github.actor }} \
|
||||
-e repo_type=https
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
AWX:
|
||||
AWX:
|
||||
# enable use of awx-deploy template
|
||||
enabled: false
|
||||
name: awx
|
||||
|
||||
@@ -7,6 +7,7 @@ ignore: |
|
||||
awx-operator.clusterserviceversion.yaml
|
||||
bundle
|
||||
.helm/starter
|
||||
hacking/
|
||||
|
||||
rules:
|
||||
truthy: disable
|
||||
|
||||
@@ -31,7 +31,7 @@ Have questions about this document or anything not covered here? Please file a n
|
||||
```
|
||||
2. Make your changes.
|
||||
3. Test your changes according described on the Testing section.
|
||||
4. If everylooks looks correct, commit your changes.
|
||||
4. If everything looks correct, commit your changes.
|
||||
```sh
|
||||
#> git add <FILES>
|
||||
#> git commit -m "My message here"
|
||||
@@ -56,14 +56,17 @@ Running `molecule test` sets up a clean environment, builds the operator, runs a
|
||||
|
||||
If you want to actively develop the operator, use `molecule converge`, which does everything but tear down the environment at the end.
|
||||
|
||||
#### Testing in Docker
|
||||
#### Testing in Kind
|
||||
|
||||
Testing with a kind cluster is the recommended way to test the awx-operator locally. First, you need to install kind if you haven't already. Please see these docs for setting that up:
|
||||
* https://kind.sigs.k8s.io/docs/user/quick-start/
|
||||
|
||||
To run the tests, from the root of your checkout, run the following command:
|
||||
|
||||
```sh
|
||||
#> molecule test -s test-local
|
||||
#> molecule test -s kind
|
||||
```
|
||||
|
||||
This environment is meant for headless testing (e.g. in a CI environment, or when making smaller changes which don't need to be verified through a web interface). It is difficult to test things like AWX's web UI or to connect other applications on your local machine to the services running inside the cluster, since it is inside a Docker container with no static IP address.
|
||||
|
||||
#### Testing in Minikube
|
||||
|
||||
```sh
|
||||
@@ -137,4 +140,4 @@ Applying this template will do it. Once the CatalogSource is in a READY state, t
|
||||
|
||||
## Reporting Issues
|
||||
|
||||
We welcome your feedback, and encourage you to file an issue when you run into a problem.
|
||||
We welcome your feedback, and encourage you to file an issue when you run into a problem.
|
||||
|
||||
11
Makefile
11
Makefile
@@ -65,6 +65,7 @@ CHART_DESCRIPTION ?= A Helm chart for the AWX Operator
|
||||
CHART_OWNER ?= $(GH_REPO_OWNER)
|
||||
CHART_REPO ?= awx-operator
|
||||
CHART_BRANCH ?= gh-pages
|
||||
CHART_DIR ?= gh-pages
|
||||
CHART_INDEX ?= index.yaml
|
||||
|
||||
.PHONY: all
|
||||
@@ -140,7 +141,7 @@ ifeq (,$(shell which kustomize 2>/dev/null))
|
||||
@{ \
|
||||
set -e ;\
|
||||
mkdir -p $(dir $(KUSTOMIZE)) ;\
|
||||
curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.5.7/kustomize_v4.5.7_$(OS)_$(ARCHA).tar.gz | \
|
||||
curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.1/kustomize_v5.0.1_$(OS)_$(ARCHA).tar.gz | \
|
||||
tar xzf - -C bin/ ;\
|
||||
}
|
||||
else
|
||||
@@ -227,7 +228,7 @@ ifeq (,$(shell which kubectl-slice 2>/dev/null))
|
||||
@{ \
|
||||
set -e ;\
|
||||
mkdir -p $(dir $(KUBECTL_SLICE)) ;\
|
||||
curl -sSLo - https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.1.0/kubectl-slice_1.1.0_$(OS)_$(ARCHX).tar.gz | \
|
||||
curl -sSLo - https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.6/kubectl-slice_$(OS)_$(ARCHX).tar.gz | \
|
||||
tar xzf - -C bin/ kubectl-slice ;\
|
||||
}
|
||||
else
|
||||
@@ -364,7 +365,7 @@ TAGS := $(shell git ls-remote --tags --sort=version:refname --refs -q | cut -d/
|
||||
# that is contained within a larger repo, where a tag may not require a new chart version
|
||||
.PHONY: helm-index
|
||||
helm-index:
|
||||
# when running in CI this gh-pages are already checked out with github action to 'gh-pages' directory
|
||||
# when running in CI the gh-pages branch is checked out by the ansible playbook
|
||||
# TODO: test if gh-pages directory exists and if not exist
|
||||
|
||||
@echo "== GENERATE INDEX FILE =="
|
||||
@@ -392,6 +393,6 @@ helm-index:
|
||||
# generate the index file in the root of the gh-pages branch
|
||||
# --merge will leave any values in index.yaml that don't get generated by this command, but
|
||||
# it is likely that all values are overridden
|
||||
$(HELM) repo index .cr-release-packages --url https://github.com/$(CHART_OWNER)/$(CHART_REPO)/releases/download/ --merge gh-pages/index.yaml
|
||||
$(HELM) repo index .cr-release-packages --url https://github.com/$(CHART_OWNER)/$(CHART_REPO)/releases/download/ --merge $(CHART_DIR)/index.yaml
|
||||
|
||||
mv .cr-release-packages/index.yaml gh-pages/index.yaml
|
||||
mv .cr-release-packages/index.yaml $(CHART_DIR)/index.yaml
|
||||
|
||||
10
README.md
10
README.md
@@ -131,7 +131,7 @@ $ alias kubectl="minikube kubectl --"
|
||||
|
||||
### Basic Install
|
||||
|
||||
Once you have a running Kubernetes cluster, you can deploy AWX Operator into your cluster using [Kustomize](https://kubectl.docs.kubernetes.io/guides/introduction/kustomize/). Follow the instructions here to install the latest version of Kustomize: https://kubectl.docs.kubernetes.io/installation/kustomize/
|
||||
Once you have a running Kubernetes cluster, you can deploy AWX Operator into your cluster using [Kustomize](https://kubectl.docs.kubernetes.io/guides/introduction/kustomize/). Since kubectl version 1.14 kustomize functionality is built-in (otherwise, follow the instructions here to install the latest version of Kustomize: https://kubectl.docs.kubernetes.io/installation/kustomize/ )
|
||||
|
||||
First, create a file called `kustomization.yaml` with the following content:
|
||||
|
||||
@@ -156,7 +156,7 @@ namespace: awx
|
||||
Install the manifests by running this:
|
||||
|
||||
```
|
||||
$ kustomize build . | kubectl apply -f -
|
||||
$ kubectl apply -k .
|
||||
namespace/awx created
|
||||
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
|
||||
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
|
||||
@@ -229,10 +229,10 @@ resources:
|
||||
...
|
||||
```
|
||||
|
||||
Finally, run `kustomize` again to create the AWX instance in your cluster:
|
||||
Finally, apply the changes to create the AWX instance in your cluster:
|
||||
|
||||
```
|
||||
kustomize build . | kubectl apply -f -
|
||||
kubectl apply -k .
|
||||
```
|
||||
|
||||
After a few minutes, the new AWX instance will be deployed. You can look at the operator pod logs in order to know where the installation process is at:
|
||||
@@ -911,7 +911,7 @@ A sample of extra settings can be found as below. All possible options can be fo
|
||||
value: 'LDAPSearch("OU=Groups,DC=abc,DC=com",ldap.SCOPE_SUBTREE,"(objectClass=group)",)'
|
||||
|
||||
- setting: AUTH_LDAP_GROUP_TYPE
|
||||
value: 'GroupOfNamesType'
|
||||
value: 'GroupOfNamesType()'
|
||||
|
||||
- setting: AUTH_LDAP_USER_ATTR_MAP
|
||||
value: '{"first_name": "givenName","last_name": "sn","email": "mail"}'
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
- hosts: localhost
|
||||
vars:
|
||||
chart_repo: awx-operator
|
||||
environment:
|
||||
CHART_OWNER: "{{ chart_owner }}"
|
||||
tasks:
|
||||
- name: Look up release
|
||||
uri:
|
||||
@@ -43,7 +45,7 @@
|
||||
- name: Upload helm chart
|
||||
uri:
|
||||
url: "https://uploads.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/{{ release.json.id }}/assets?name={{ helm_file_name }}"
|
||||
src: "{{ playbook_dir }}/../.cr-release-packages/awx-operator-{{ tag }}.tgz"
|
||||
src: "{{ playbook_dir }}/../.cr-release-packages/{{ tag }}/awx-operator-{{ tag }}.tgz"
|
||||
headers:
|
||||
Authorization: "token {{ gh_token }}"
|
||||
Content-Type: "application/octet-stream"
|
||||
@@ -66,26 +68,48 @@
|
||||
|
||||
- when: commits_for_release.stdout == ''
|
||||
block:
|
||||
- name: Configure git config
|
||||
shell: |
|
||||
git config user.name {{ gh_user }}
|
||||
git config user.email {{ gh_user }}@users.noreply.github.com
|
||||
args:
|
||||
chdir: "{{ playbook_dir }}/../gh-pages"
|
||||
- name: Make a temp dir
|
||||
tempfile:
|
||||
state: directory
|
||||
register: temp_dir
|
||||
|
||||
- name: Clone the gh-pages branch from {{ chart_owner }}
|
||||
git:
|
||||
repo: "{{ ((repo_type | default('http')) == 'ssh') | ternary(ssh_repo, http_repo) }}"
|
||||
dest: "{{ temp_dir.path }}"
|
||||
single_branch: yes
|
||||
version: gh-pages
|
||||
vars:
|
||||
http_repo: "https://github.com/{{ chart_owner }}/{{ chart_repo }}"
|
||||
ssh_repo: "git@github.com:{{ chart_owner }}/{{ chart_repo }}.git"
|
||||
|
||||
- name: Publish helm index
|
||||
command: |
|
||||
make helm-index
|
||||
ansible.builtin.command:
|
||||
cmd: make helm-index
|
||||
environment:
|
||||
CHART_OWNER: "{{ chart_owner }}"
|
||||
CR_TOKEN: "{{ gh_token }}"
|
||||
CHART_DIR: "{{ temp_dir.path }}"
|
||||
args:
|
||||
chdir: "{{ playbook_dir }}/../"
|
||||
chdir: "{{ playbook_dir }}/.."
|
||||
|
||||
- name: Stage and Push commit to gh-pages branch
|
||||
shell: |
|
||||
git add index.yaml
|
||||
git commit -m "{{ commit_message }}"
|
||||
git push
|
||||
command:
|
||||
cmd: "{{ item }}"
|
||||
loop:
|
||||
- git add index.yaml
|
||||
- git commit -m "{{ commit_message }}"
|
||||
#- git push
|
||||
args:
|
||||
chdir: "{{ playbook_dir }}/../gh-pages"
|
||||
chdir: "{{ temp_dir.path }}/"
|
||||
environment:
|
||||
GIT_AUTHOR_NAME: "{{ gh_user }}"
|
||||
GIT_AUTHOR_EMAIL: "{{ gh_user }}@users.noreply.github.com"
|
||||
GIT_COMMITTER_NAME: "{{ gh_user }}"
|
||||
GIT_COMMITTER_EMAIL: "{{ gh_user }}@users.noreply.github.com"
|
||||
|
||||
always:
|
||||
- name: Remove temp dir
|
||||
file:
|
||||
path: "{{ temp_dir.path }}"
|
||||
state: absent
|
||||
|
||||
@@ -21,12 +21,10 @@ resources:
|
||||
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
|
||||
#- ../prometheus
|
||||
|
||||
patchesStrategicMerge:
|
||||
# Protect the /metrics endpoint by putting it behind auth.
|
||||
# If you want your controller-manager to expose the /metrics
|
||||
# endpoint w/o any authn/z, please comment the following line.
|
||||
- manager_auth_proxy_patch.yaml
|
||||
|
||||
# Mount the controller config file for loading manager configurations
|
||||
# through a ComponentConfig type
|
||||
#- manager_config_patch.yaml
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
patches:
|
||||
- path: manager_auth_proxy_patch.yaml
|
||||
|
||||
@@ -14,7 +14,7 @@ spec:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- "ALL"
|
||||
- "ALL"
|
||||
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0
|
||||
args:
|
||||
- "--secure-listen-address=0.0.0.0:8443"
|
||||
|
||||
@@ -88,10 +88,10 @@ spec:
|
||||
kind: AWXRestore
|
||||
name: awxrestores.awx.ansible.com
|
||||
specDescriptors:
|
||||
- displayName: Backup Source to restore from
|
||||
description: Select what type of backup to specify. Backup CR, allows you to specify
|
||||
the name of an AWXBackup object (recommended approach). The PVC option allows you to
|
||||
specify a custom PVC and directory to backup from.
|
||||
- description: Select what type of backup to specify. Backup CR, allows you
|
||||
to specify the name of an AWXBackup object (recommended approach). The
|
||||
PVC option allows you to specify a custom PVC and directory to backup from.
|
||||
displayName: Backup Source to restore from
|
||||
path: backup_source
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:select:Backup CR
|
||||
@@ -115,8 +115,9 @@ spec:
|
||||
path: backup_pvc_namespace
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Backup Directory
|
||||
description: This is the directory inside the PVC that your backup is stored in.
|
||||
- description: This is the directory inside the PVC that your backup is stored
|
||||
in.
|
||||
displayName: Backup Directory
|
||||
path: backup_dir
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
@@ -151,7 +152,8 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
version: v1beta1
|
||||
- description: Deploy a new instance of AWX. A standardized way to define, operate and scale automation with Ansible.
|
||||
- description: Deploy a new instance of AWX. A standardized way to define, operate
|
||||
and scale automation with Ansible.
|
||||
displayName: AWX
|
||||
kind: AWX
|
||||
name: awxs.awx.ansible.com
|
||||
@@ -186,8 +188,9 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:io.kubernetes:Secret
|
||||
- displayName: Secret Key
|
||||
description: Name of the k8s secret the symmetric encryption key is stored in.
|
||||
- description: Name of the k8s secret the symmetric encryption key is stored
|
||||
in.
|
||||
displayName: Secret Key
|
||||
path: secret_key_secret
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
@@ -226,7 +229,7 @@ spec:
|
||||
path: ingress_api_version
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- displayName: Ingress Path
|
||||
path: ingress_path
|
||||
x-descriptors:
|
||||
@@ -335,9 +338,9 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
|
||||
- displayName: PostgreSQL Init Container Resource Requirements
|
||||
description: The PostgreSQL init container is not used when an external DB
|
||||
- description: The PostgreSQL init container is not used when an external DB
|
||||
is configured
|
||||
displayName: PostgreSQL Init Container Resource Requirements
|
||||
path: postgres_init_container_resource_requirements
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
@@ -347,20 +350,17 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
|
||||
- displayName: PostgreSQL Container Resource Requirements
|
||||
description: The PostgreSQL container is not used when an external DB
|
||||
is configured
|
||||
- description: The PostgreSQL container is not used when an external DB is configured
|
||||
displayName: PostgreSQL Container Resource Requirements
|
||||
path: postgres_resource_requirements
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
|
||||
- displayName: PostgreSQL Container Storage Requirements
|
||||
description: The PostgreSQL container is not used when an external DB
|
||||
is configured
|
||||
- description: The PostgreSQL container is not used when an external DB is configured
|
||||
displayName: PostgreSQL Container Storage Requirements
|
||||
path: postgres_storage_requirements
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:resourceRequirements
|
||||
- displayName: Replicas
|
||||
path: replicas
|
||||
x-descriptors:
|
||||
@@ -471,8 +471,8 @@ spec:
|
||||
- displayName: Postgres Storage Class
|
||||
path: postgres_storage_class
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:io.kubernetes:StorageClass
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Postgres Datapath
|
||||
path: postgres_data_path
|
||||
x-descriptors:
|
||||
@@ -790,8 +790,8 @@ spec:
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:booleanSwitch
|
||||
- displayName: Additional labels defined on the resource, which should be
|
||||
propagated to child resources
|
||||
- displayName: Additional labels defined on the resource, which should be propagated
|
||||
to child resources
|
||||
path: additional_labels
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
@@ -876,7 +876,7 @@ spec:
|
||||
- email: awx-project@googlegroups.com
|
||||
name: AWX Team
|
||||
maturity: alpha
|
||||
MinKubeVersion: 1.22.15
|
||||
minKubeVersion: 1.22.15
|
||||
provider:
|
||||
name: Ansible
|
||||
url: github.com/ansible/awx-operator
|
||||
|
||||
@@ -7,10 +7,6 @@ namePrefix: osdk-
|
||||
#commonLabels:
|
||||
# someName: someValue
|
||||
|
||||
patchesStrategicMerge:
|
||||
- manager_image.yaml
|
||||
- debug_logs_patch.yaml
|
||||
- ../default/manager_auth_proxy_patch.yaml
|
||||
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
@@ -21,3 +17,7 @@ resources:
|
||||
images:
|
||||
- name: testing
|
||||
newName: testing-operator
|
||||
patches:
|
||||
- path: manager_image.yaml
|
||||
- path: debug_logs_patch.yaml
|
||||
- path: ../default/manager_auth_proxy_patch.yaml
|
||||
|
||||
29
docs/doc-proposal.md
Normal file
29
docs/doc-proposal.md
Normal file
@@ -0,0 +1,29 @@
|
||||
# Docs Breakdown for AWX Operator
|
||||
|
||||
## Introduction
|
||||
|
||||
This table below is aimed at breaking down the ReadME documentation for Ansible AWX Operator and structure it in the way it can be moved to the Read The Docs module.
|
||||
|
||||
From the ReadMe file, the documentation can be classified into six distinct segments which are:
|
||||
|
||||
|
||||
- Introduction/Getting Started
|
||||
- Installation
|
||||
- User Guide
|
||||
- Upgrade
|
||||
- Uninstall
|
||||
- Contributors Guide
|
||||
|
||||
Using these listed segments, we can do a proper breakdown of all the topics in the ReadMe and place each one in the segment they fall into. This table is open to any form of refactoring or modifications.
|
||||
|
||||
| Segments | Topics |
|
||||
| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| Introduction | - [Purpose](https://github.com/ansible/awx-operator#purpose) |
|
||||
| Installation | - [Creating a minikube cluster for testing](https://github.com/ansible/awx-operator#creating-a-minikube-cluster-for-testing)<br>- [Basic Install](https://github.com/ansible/awx-operator#basic-install)<br>- [Helm Install on existing cluster](https://github.com/ansible/awx-operator#helm-install-on-existing-cluster) |
|
||||
| User Guide | - [Admin user account configuration](https://github.com/ansible/awx-operator#admin-user-account-configuration)<br>- [Network and TLS Configuration](https://github.com/ansible/awx-operator#network-and-tls-configuration)<br> * [Service Type](https://github.com/ansible/awx-operator#service-type)<br> * [Ingress Type](https://github.com/ansible/awx-operator#ingress-type)<br>- [Database Configuration](https://github.com/ansible/awx-operator#database-configuration)<br> * [External PostgreSQL Service](https://github.com/ansible/awx-operator#external-postgresql-service)<br> * [Migrating data from an old AWX instance](https://github.com/ansible/awx-operator#migrating-data-from-an-old-awx-instance)<br> * [Managed PostgreSQL Service](https://github.com/ansible/awx-operator#managed-postgresql-service)<br>- [Advanced Configuration](https://github.com/ansible/awx-operator#advanced-configuration)<br> * [Deploying a specific version of AWX](https://github.com/ansible/awx-operator#deploying-a-specific-version-of-awx)<br> * [Redis container capabilities](https://github.com/ansible/awx-operator#redis-container-capabilities)<br> * [Privileged Tasks](https://github.com/ansible/awx-operator#privileged-tasks)<br> * [Containers Resource Requirements](https://github.com/ansible/awx-operator#containers-resource-requirements)<br> * [Priority Classes](https://github.com/ansible/awx-operator#priority-classes)<br> * [Assigning AWX pods to specific nodes](https://github.com/ansible/awx-operator#assigning-awx-pods-to-specific-nodes)<br> * [Trusting a Custom Certificate Authority](https://github.com/ansible/awx-operator#trusting-a-custom-certificate-authority)<br> * [Enabling LDAP Integration at AWX bootstrap](https://github.com/ansible/awx-operator#enabling-ldap-integration-at-awx-bootstrap)<br> * [Persisting Projects Directory](https://github.com/ansible/awx-operator#persisting-projects-directory)<br> * [Custom Volume and Volume Mount Options](https://github.com/ansible/awx-operator#custom-volume-and-volume-mount-options)<br> * [Default execution environments from private registries](https://github.com/ansible/awx-operator#default-execution-environments-from-private-registries)<br> * * [Control plane ee from private registry](https://github.com/ansible/awx-operator#control-plane-ee-from-private-registry)<br> * [Exporting Environment Variables to Containers](https://github.com/ansible/awx-operator#exporting-environment-variables-to-containers)<br> * [CSRF Cookie Secure Setting](https://github.com/ansible/awx-operator#csrf-cookie-secure-setting)<br> * [Session Cookie Secure Setting](https://github.com/ansible/awx-operator#session-cookie-secure-setting)<br> * [Extra Settings](https://github.com/ansible/awx-operator#extra-settings)<br> * [Configure no_log](https://github.com/ansible/awx-operator#no-log)<br> * [Auto Upgrade](https://github.com/ansible/awx-operator#auto-upgrade)<br> ** [Upgrade of instances without auto upgrade](https://github.com/ansible/awx-operator#upgrade-of-instances-without-auto-upgrade)<br> * [Service Account](https://github.com/ansible/awx-operator#service-account)<br> * [Labeling operator managed objects](https://github.com/ansible/awx-operator#labeling-operator-managed-objects)<br> * [Pods termination grace period](https://github.com/ansible/awx-operator#pods-termination-grace-period)<br> * [Disable IPV6](https://github.com/ansible/awx-operator#disable-ipv6)<br> * [Add Execution Nodes](https://github.com/ansible/awx-operator#adding-execution-nodes)<br> ** [Custom Receptor CA](https://github.com/ansible/awx-operator#custom-receptor-ca)<br> * [Debugging](https://github.com/ansible/awx-operator/blob/devel/docs/debugging.md)<br> * [Migration](https://github.com/ansible/awx-operator/blob/devel/docs/migration.md) |
|
||||
| Upgrade | - [Upgrading](https://github.com/ansible/awx-operator#upgrading)<br> * [Backup](https://github.com/ansible/awx-operator#backup)<br> * [v0.14.0](https://github.com/ansible/awx-operator#v0140)<br> ** [Cluster-scope to Namespace-scope considerations](https://github.com/ansible/awx-operator#cluster-scope-to-namespace-scope-considerations)<br> ** [Project is now based on v1.x of the operator-sdk project](https://github.com/ansible/awx-operator#project-is-now-based-on-v1x-of-the-operator-sdk-project)<br> ** [Steps to upgrade](https://github.com/ansible/awx-operator#steps-to-upgrade) |
|
||||
| Uninstall | - [Uninstall](https://github.com/ansible/awx-operator#uninstall) |
|
||||
| Contributors Guide | - [Contributing](https://github.com/ansible/awx-operator#contributing)<br>- [Release Process](https://github.com/ansible/awx-operator#release-process)<br>- [Author](https://github.com/ansible/awx-operator#author)<br>- [Code of Conduct](https://github.com/ansible/awx-operator#code-of-conduct)<br>- [Get Involved](https://github.com/ansible/awx-operator#get-involved) |
|
||||
|
||||
|
||||
Note: I could not get the multi-level bullet point list to work in the table so I used single asterisk `*` for one level down and double asterisk `**` for two level down.
|
||||
@@ -5,8 +5,20 @@
|
||||
gather_facts: no
|
||||
|
||||
tasks:
|
||||
# Remove after this if fixed: https://github.com/ansible-collections/community.docker/issues/611
|
||||
- name: Install docker
|
||||
become: yes
|
||||
pip:
|
||||
name:
|
||||
- websocket-client==0.59.0
|
||||
- requests==2.28.2
|
||||
- urllib3==1.26.15
|
||||
- docker
|
||||
- docker-compose
|
||||
state: present
|
||||
|
||||
- name: Build operator image
|
||||
docker_image:
|
||||
community.docker.docker_image:
|
||||
build:
|
||||
path: '{{ project_dir }}'
|
||||
pull: no
|
||||
|
||||
@@ -5,3 +5,4 @@ ansible-lint
|
||||
openshift!=0.13.0
|
||||
jmespath
|
||||
ansible-core
|
||||
ansible-compat<4 # https://github.com/ansible-community/molecule/issues/3903
|
||||
|
||||
@@ -5,4 +5,5 @@ collections:
|
||||
version: 2.3.2
|
||||
- name: operator_sdk.util
|
||||
- name: community.docker
|
||||
version: 3.4.4
|
||||
- name: awx.awx
|
||||
|
||||
@@ -283,7 +283,7 @@ task_command: []
|
||||
web_args:
|
||||
- /usr/bin/launch_awx_web.sh
|
||||
web_command: []
|
||||
ryslog_args:
|
||||
rsyslog_args:
|
||||
- /usr/bin/launch_awx_rsyslog.sh
|
||||
rsyslog_command: []
|
||||
|
||||
|
||||
@@ -236,7 +236,7 @@ data:
|
||||
bind 127.0.0.1
|
||||
receptor_conf: |
|
||||
---
|
||||
- log-level: debug
|
||||
- log-level: info
|
||||
- local-only: null
|
||||
- node:
|
||||
firewallrules:
|
||||
|
||||
@@ -112,6 +112,7 @@ spec:
|
||||
- name: init-projects
|
||||
image: '{{ _init_projects_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ task_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
@@ -337,8 +338,8 @@ spec:
|
||||
{% if rsyslog_command %}
|
||||
command: {{ rsyslog_command }}
|
||||
{% endif %}
|
||||
{% if ryslog_args %}
|
||||
args: {{ ryslog_args }}
|
||||
{% if rsyslog_args %}
|
||||
args: {{ rsyslog_args }}
|
||||
{% endif %}
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
volumeMounts:
|
||||
|
||||
@@ -32,7 +32,7 @@ spec:
|
||||
"secrets/app_credentials",
|
||||
"storage/persistent",
|
||||
] %}
|
||||
checksum-{{ template | replace('/', '-') }}: "{{ lookup('template', template + '.yaml.j2') | md5 }}"
|
||||
checksum-{{ template | replace('/', '-') }}: "{{ lookup('template', template + '.yaml.j2') | sha1 }}"
|
||||
{% endfor %}
|
||||
{% for secret in [
|
||||
"bundle_cacert",
|
||||
@@ -42,7 +42,7 @@ spec:
|
||||
"receptor_ca",
|
||||
"receptor_work_signing",
|
||||
] %}
|
||||
checksum-secret-{{ secret }}: "{{ lookup('ansible.builtin.vars', secret, default='')["resources"][0]["data"] | default('') | md5 }}"
|
||||
checksum-secret-{{ secret }}: "{{ lookup('ansible.builtin.vars', secret, default='')["resources"][0]["data"] | default('') | sha1 }}"
|
||||
{% endfor %}
|
||||
{% if web_annotations %}
|
||||
{{ web_annotations | indent(width=8) }}
|
||||
@@ -68,6 +68,7 @@ spec:
|
||||
- name: init
|
||||
image: '{{ _init_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ web_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
@@ -96,6 +97,7 @@ spec:
|
||||
- name: init-projects
|
||||
image: '{{ _init_projects_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ web_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
@@ -244,8 +246,8 @@ spec:
|
||||
{% if rsyslog_command %}
|
||||
command: {{ rsyslog_command }}
|
||||
{% endif %}
|
||||
{% if ryslog_args %}
|
||||
args: {{ ryslog_args }}
|
||||
{% if rsyslog_args %}
|
||||
args: {{ rsyslog_args }}
|
||||
{% endif %}
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
volumeMounts:
|
||||
|
||||
@@ -34,7 +34,7 @@ spec:
|
||||
port:
|
||||
number: 80
|
||||
{% if ingress_controller|lower == "contour" %}
|
||||
- path: '{{ ingress_path }}/websocket'
|
||||
- path: '{{ ingress_path.rstrip("/") }}/websocket'
|
||||
pathType: '{{ ingress_path_type }}'
|
||||
backend:
|
||||
service:
|
||||
|
||||
@@ -52,7 +52,7 @@ spec:
|
||||
type: NodePort
|
||||
{% elif service_type | lower == "loadbalancer" %}
|
||||
type: LoadBalancer
|
||||
{% if variable is defined and variable|length %}
|
||||
{% if loadbalancer_ip is defined and loadbalancer_ip|length %}
|
||||
loadbalancerip: '{{ loadbalancer_ip }}'
|
||||
{% endif %}
|
||||
{% else %}
|
||||
|
||||
Reference in New Issue
Block a user