csv: Fix metrics utility fields (#1783)

The metrics utility fields were configured under the statusDescriptors
section rather than specDescriptors so displaying those fields in the
UI wasn't done correctly (not under the Advanced section nor using the
correct field type).

This also changes the `metrics_utility_configmap` descriptor from
`urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap` to
`urn:alm:descriptor:io.kubernetes:ConfigMap` because the first value
doesn't work.

Finally, all metrics utility fields are only displayed (in the Advanced
section) when `metrics_utility_enabled` is enabled (not default).

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>

.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/docs"
+    groups:
+      dependencies:
+        patterns:
+          - "*"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "component:docs"
+      - "dependencies"

config/crd/bases/awx.ansible.com_awxs.yaml

@@ -1923,6 +1923,40 @@ spec:
                 description: Disable web container's nginx ipv6 listener
                 type: boolean
                 default: false
+              metrics_utility_enabled:
+                description: Enable metrics utility
+                type: boolean
+                default: false
+              metrics_utility_image:
+                description: Metrics-Utility Image
+                type: string
+              metrics_utility_image_version:
+                description: Metrics-Utility Image Version
+                type: string
+              metrics_utility_image_pull_policy:
+                description: Metrics-Utility Image PullPolicy
+                type: string
+              metrics_utility_configmap:
+                description: Metrics-Utlity ConfigMap
+                type: string
+              metrics_utility_cronjob_gather_schedule:
+                description: Metrics-Utlity Gather Data CronJob Schedule
+                type: string
+                default: '@hourly'
+              metrics_utility_cronjob_report_schedule:
+                description: Metrics-Utlity Report CronJob Schedule
+                type: string
+                default: '@monthly'
+              metrics_utility_pvc_claim:
+                description: Metrics-Utlity PVC Claim
+                type: string
+              metrics_utility_pvc_claim_size:
+                description: Metrics-Utlity PVC Claim Size
+                type: string
+                default: 5Gi
+              metrics_utility_pvc_claim_storage_class:
+                description: Metrics-Utlity PVC Claim Storage Class
+                type: string
             type: object
           status:
             properties:

config/manager/manager.yaml

@@ -39,7 +39,7 @@ spec:
         - --leader-elect
         - --leader-election-id=awx-operator
         image: controller:latest
-        imagePullPolicy: Always
+        imagePullPolicy: IfNotPresent
         name: awx-manager
         env:
         - name: ANSIBLE_GATHERING

config/manifests/bases/awx-operator.clusterserviceversion.yaml

@@ -1024,6 +1024,64 @@ spec:
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
+      - displayName: Metrics-Utility Enabled
+        path: metrics_utility_enabled
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
+      - displayName: Metrics-Utility Image
+        path: metrics_utility_image
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+      - displayName: Metrics-Utlity Image Version
+        path: metrics_utility_image_version
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utility Image PullPolicy
+        path: metrics_utility_image_pull_policy
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity ConfigMap
+        path: metrics_utility_configmap
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:io.kubernetes:ConfigMap
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity Gather Data CronJob Schedule
+        path: metrics_utility_cronjob_gather_schedule
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity Report CronJob Schedule
+        path: metrics_utility_cronjob_report_schedule
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity PVC Claim
+        path: metrics_utility_pvc_claim
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity PVC Claim Size
+        path: metrics_utility_pvc_claim_size
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:text
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
+      - displayName: Metrics-Utlity PVC Claim Storage Class
+        path: metrics_utility_pvc_claim_storage_class
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:io.kubernetes:StorageClass
+        - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true
       statusDescriptors:
       - description: Route to access the instance deployed
         displayName: URL

config/rbac/role.yaml

@@ -81,6 +81,7 @@ rules:
   - apiGroups:
       - batch
     resources:
+      - cronjobs
       - jobs
     verbs:
       - get

docs/user-guide/advanced-configuration/mesh-ingress.md

@@ -83,6 +83,11 @@ spec:
   external_hostname: <fqdn for mesh ingress>
 ```
 
+!!! tip
+    AWX Operator supports both API groups `traefik.io` and `traefik.containo.us` in `ingress_api_version` for Traefik, but it is recommended to use `traefik.io` since `traefik.containo.us` is deprecated in Traefik v2.10 and is removed in Traefik v3. Refer to [Traefik documentation](https://doc.traefik.io/traefik/migration/v2/#v210) for more information about deprecation.
+
+    If you can't see any IngressRouteTCP resources by `kubectl` command after deploying mesh ingress, you should fully qualify the resource name with API group, `kubectl get ingressroutetcp.traefik.io` or `kubectl get traefik.containo.us` for example.
+
 ### On Kubernetes with User managed Ingress
 
 To deploy a mesh ingress on Kubernetes cluster, create the AWXMeshIngress resource on the namespace where your AWX instance is running on.

molecule/default/tasks/awx_replicas_test.yml

@@ -49,16 +49,16 @@
 ####
 
     - debug:
-        msg: test - replicas=3 should give 3 of each
+        msg: test - replicas=2 should give 2 of each
 
     - include_tasks: apply_awx_spec.yml
       vars:
         additional_fields:
-          replicas: 3
+          replicas: 2
 
     - include_tasks: _test_case_replicas.yml
       vars:
-        expected_web_replicas: 3
-        expected_task_replicas: 3
+        expected_web_replicas: 2
+        expected_task_replicas: 2
   tags:
     - replicas

molecule/default/verify.yml

@@ -14,7 +14,8 @@
         - name: Import all test files from tasks/
           include_tasks: '{{ item }}'
           with_fileglob:
-            - tasks/*_test.yml
+            - tasks/awx_test.yml
+            - tasks/awx_replicas_test.yml
           tags:
             - always
       rescue:

roles/installer/defaults/main.yml

@@ -401,7 +401,7 @@ postgres_init_container_resource_requirements:
     memory: 64Mi
 # Assign a preexisting priority class to the postgres pod
 postgres_priority_class: ''
-postgres_data_path: '/var/lib/postgresql/data/pgdata'
+postgres_data_path: '/var/lib/pgsql/data/pgdata'
 
 # Persistence to the AWX project data folder
 # Whether or not the /var/lib/projects directory will be persistent
@@ -484,3 +484,14 @@ nginx_worker_processes: 1
 nginx_worker_connections: "{{ uwsgi_listen_queue_size }}"
 nginx_worker_cpu_affinity: 'auto'
 nginx_listen_queue_size: "{{ uwsgi_listen_queue_size }}"
+
+# metrics-utility (github.com/ansible/metrics-utility)
+_metrics_utility_enabled: "{{ metrics_utility_enabled | default(false) }}"
+_metrics_utility_configmap: "{{ metrics_utility_configmap | default(deployment_type + '-metrics-utility-configmap') }}"
+_metrics_utility_image: "{{ metrics_utility_image | default(_image) }}"
+_metrics_utility_image_version: "{{ metrics_utility_image_version | default(_image_version) }}"
+_metrics_utility_image_pull_policy: "{{ metrics_utility_image_pull_policy | default('IfNotPresent') }}"
+_metrics_utility_pvc_claim: "{{ metrics_utility_pvc_claim | default(deployment_type + '-metrics-utility') }}"
+_metrics_utility_pvc_claim_size: "{{ metrics_utility_pvc_claim_size | default('5Gi') }}"
+_metrics_utility_cronjob_gather_schedule: "{{ metrics_utility_cronjob_gather_schedule | default('@hourly') }}"
+_metrics_utility_cronjob_report_schedule: "{{ metrics_utility_cronjob_report_schedule | default('@monthly') }}"

roles/installer/tasks/database_configuration.yml

@@ -156,17 +156,17 @@
 
 - name: Check if postgres pod is running an older version
   block:
-    - name: Set path to PG_VERSION file for given container image
-      set_fact:
-        path_to_pg_version: '{{ postgres_data_path }}/PG_VERSION'
-
     - name: Get old PostgreSQL version
       k8s_exec:
         namespace: "{{ ansible_operator_meta.namespace }}"
         pod: "{{ old_postgres_pod['metadata']['name'] }}"
         command: |
           bash -c """
-          cat {{ path_to_pg_version }}
+          if [ -f "{{ postgres_data_path }}/PG_VERSION" ]; then
+            cat "{{ postgres_data_path }}/PG_VERSION"
+          elif [ -f '/var/lib/postgresql/data/pgdata/PG_VERSION' ]; then
+            cat '/var/lib/postgresql/data/pgdata/PG_VERSION'
+          fi
           """
       register: _old_pg_version
 

roles/installer/tasks/enable_metrics_utility.yml

@@ -0,0 +1,23 @@
+---
+# Check to make sure provided pvc exists, error loudly if not.  Otherwise, the management pod will just stay in pending state forever.
+- name: Check provided PVC claim exists
+  kubernetes.core.k8s_info:
+    name: "{{ _metrics_utility_pvc_claim }}"
+    kind: PersistentVolumeClaim
+    namespace: "{{ ansible_operator_meta.namespace }}"
+  when:
+    - _metrics_utility_pvc_claim | length
+
+- name: Create PVC for metrics-utility
+  kubernetes.core.k8s:
+    kind: PersistentVolumeClaim
+    definition: "{{ lookup('template', 'storage/metrics-utility.yaml.j2') }}"
+
+- name: Create Kubernetes CronJobs for metrics-utility
+  kubernetes.core.k8s:
+    definition: "{{ lookup('template', item) }}"
+    apply: true
+    wait: true
+  loop:
+    - cronjobs/metrics-utility-gather.yaml.j2
+    - cronjobs/metrics-utility-report.yaml.j2

roles/installer/tasks/install.yml

@@ -102,6 +102,10 @@
   include_tasks: initialize_django.yml
   when: awx_web_pod_name != ''
 
+- name: Enable optional metrics-utility
+  include_tasks: enable_metrics_utility.yml
+  when: metrics_utility_enabled | bool
+
 - name: Update status variables
   include_tasks: update_status.yml
 

roles/installer/tasks/upgrade_postgres.yml

@@ -153,16 +153,3 @@
   loop:
     - "{{ ansible_operator_meta.name }}-postgres"
     - "{{ ansible_operator_meta.name }}-postgres-13"
-
-- name: Remove old persistent volume claim
-  k8s:
-    kind: PersistentVolumeClaim
-    api_version: v1
-    namespace: "{{ ansible_operator_meta.namespace }}"
-    name: "{{ item }}"
-    state: absent
-  loop:
-    - "postgres-{{ ansible_operator_meta.name }}-postgres-0"
-    - "postgres-{{ ansible_operator_meta.name }}-postgres-13-0"
-    - "postgres-13-{{ ansible_operator_meta.name }}-postgres-13-0"
-  when: postgres_keep_pvc_after_upgrade

roles/installer/templates/cronjobs/metrics-utility-gather.yaml.j2

@@ -0,0 +1,76 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ ansible_operator_meta.name }}-metrics-utility-gather
+  namespace: '{{ ansible_operator_meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ ansible_operator_meta.name }}-metrics-utility-gather'
+    {{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=4) | trim }}
+    {{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=4) | trim }}
+spec:
+  schedule: "{{ _metrics_utility_cronjob_gather_schedule }}"
+  jobTemplate:
+    spec:
+      backoffLimit: 2
+      template:
+        metadata:
+          labels:
+            app.kubernetes.io/name: '{{ ansible_operator_meta.name }}-metrics-utility-gather'
+            {{ lookup("template", "../common/templates/labels/common.yaml.j2")  | indent(width=12) | trim }}
+            {{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=12) | trim }}
+        spec:
+{% if image_pull_secret is defined %}
+          imagePullSecrets:
+            - name: {{ image_pull_secret }}
+{% elif image_pull_secrets | length > 0 %}
+          imagePullSecrets:
+{% for secret in image_pull_secrets %}
+            - name: {{ secret }}
+{% endfor %}
+{% endif %}
+          containers:
+          - name: {{ ansible_operator_meta.name }}-metrics-utility-gather
+            image: "{{ _metrics_utility_image }}"
+            imagePullPolicy: "{{ image_pull_policy }}"
+            resources:
+              requests:
+                memory: "100Mi"
+                cpu: "100m"
+            command:
+              - /bin/sh
+              - -c
+              - metrics-utility gather_automation_controller_billing_data --ship --until=10m
+            envFrom:
+            - configMapRef:
+                name: {{ _metrics_utility_configmap }}
+            volumeMounts:
+            - name: {{ ansible_operator_meta.name }}-metrics-utility
+              mountPath: /metrics-utility
+              readOnly: false
+            - name: "{{ ansible_operator_meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/credentials.py"
+              subPath: credentials.py
+              readOnly: true
+            - name: {{ ansible_operator_meta.name }}-settings
+              mountPath: /etc/tower/settings.py
+              subPath: settings.py
+              readOnly: true
+          volumes:
+          - name: {{ ansible_operator_meta.name }}-metrics-utility
+            persistentVolumeClaim:
+              claimName: {{ _metrics_utility_pvc_claim }}
+              readOnly: false
+          - name: "{{ ansible_operator_meta.name }}-application-credentials"
+            secret:
+              secretName: "{{ ansible_operator_meta.name }}-app-credentials"
+              items:
+                - key: credentials.py
+                  path: 'credentials.py'
+          - name: {{ ansible_operator_meta.name }}-settings
+            configMap:
+              name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
+              items:
+                - key: settings
+                  path: settings.py
+          restartPolicy: OnFailure

roles/installer/templates/cronjobs/metrics-utility-report.yaml.j2

@@ -0,0 +1,76 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ ansible_operator_meta.name }}-metrics-utility-report
+  namespace: '{{ ansible_operator_meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ ansible_operator_meta.name }}-metrics-utility-report'
+    {{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=4) | trim }}
+    {{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=4) | trim }}
+spec:
+  schedule: "{{ _metrics_utility_cronjob_report_schedule }}"
+  jobTemplate:
+    spec:
+      backoffLimit: 2
+      template:
+        metadata:
+          labels:
+            app.kubernetes.io/name: '{{ ansible_operator_meta.name }}-metrics-utility-report'
+            {{ lookup("template", "../common/templates/labels/common.yaml.j2")  | indent(width=12) | trim }}
+            {{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=12) | trim }}
+        spec:
+{% if image_pull_secret is defined %}
+          imagePullSecrets:
+            - name: {{ image_pull_secret }}
+{% elif image_pull_secrets | length > 0 %}
+          imagePullSecrets:
+{% for secret in image_pull_secrets %}
+            - name: {{ secret }}
+{% endfor %}
+{% endif %}
+          containers:
+          - name: {{ ansible_operator_meta.name }}-metrics-utility-report
+            image: "{{ _metrics_utility_image }}"
+            imagePullPolicy: "{{ image_pull_policy }}"
+            resources:
+              requests:
+                memory: "100Mi"
+                cpu: "100m"
+            command:
+              - /bin/sh
+              - -c
+              - metrics-utility build_report
+            envFrom:
+            - configMapRef:
+                name: {{ _metrics_utility_configmap }}
+            volumeMounts:
+            - name: {{ ansible_operator_meta.name }}-metrics-utility
+              mountPath: /metrics-utility
+              readOnly: false
+            - name: "{{ ansible_operator_meta.name }}-application-credentials"
+              mountPath: "/etc/tower/conf.d/credentials.py"
+              subPath: credentials.py
+              readOnly: true
+            - name: {{ ansible_operator_meta.name }}-settings
+              mountPath: /etc/tower/settings.py
+              subPath: settings.py
+              readOnly: true
+          volumes:
+          - name: {{ ansible_operator_meta.name }}-metrics-utility
+            persistentVolumeClaim:
+              claimName: {{ _metrics_utility_pvc_claim }}
+              readOnly: false
+          - name: "{{ ansible_operator_meta.name }}-application-credentials"
+            secret:
+              secretName: "{{ ansible_operator_meta.name }}-app-credentials"
+              items:
+                - key: credentials.py
+                  path: 'credentials.py'
+          - name: {{ ansible_operator_meta.name }}-settings
+            configMap:
+              name: '{{ ansible_operator_meta.name }}-{{ deployment_type }}-configmap'
+              items:
+                - key: settings
+                  path: settings.py
+          restartPolicy: OnFailure

roles/installer/templates/jobs/migration.yaml.j2

@@ -32,6 +32,16 @@ spec:
 {% if development_mode | bool %}
             - name: awx-devel
               mountPath: "/awx_devel"
+{% endif %}
+      serviceAccountName: '{{ ansible_operator_meta.name }}'
+{% if image_pull_secret is defined %}
+      imagePullSecrets:
+        - name: {{ image_pull_secret }}
+{% elif image_pull_secrets | length > 0 %}
+      imagePullSecrets:
+{% for secret in image_pull_secrets %}
+        - name: {{ secret }}
+{% endfor %}
 {% endif %}
       volumes:
         - name: "{{ ansible_operator_meta.name }}-application-credentials"

roles/installer/templates/statefulsets/postgres.yaml.j2

@@ -56,6 +56,7 @@ spec:
             {{ postgres_security_context_settings | to_nice_yaml | indent(12) }}
 {% endif %}
 {% if postgres_extra_args %}
+          command: ["run-postgresql"]
           args: {{ postgres_extra_args }}
 {% endif %}
           env:

roles/installer/templates/storage/metrics-utility.yaml.j2

@@ -0,0 +1,18 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ _metrics_utility_pvc_claim }}
+  namespace: {{ ansible_operator_meta.namespace }}
+  ownerReferences: null
+  labels:
+    {{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=4) | trim }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ _metrics_utility_pvc_claim_size }}
+{% if metrics_utility_pvc_claim_storage_class is defined %}
+  storageClassName: {{ metrics_utility_pvc_claim_storage_class }}
+{% endif %}