mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-27 05:43:11 +00:00
Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
e3c2720681 | ||
|
23a3266b4a | ||
|
e271515385 | ||
|
13abaab1b3 | ||
|
01bde2cebb | ||
|
c696eda50a | ||
|
a260ab6873 | ||
|
|
9fa46bea43 |
2
.github/workflows/reusable-nox.yml
vendored
2
.github/workflows/reusable-nox.yml
vendored
@@ -18,7 +18,7 @@ jobs:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@v4
|
||||
- name: Setup nox
|
||||
uses: wntrblm/nox@2024.03.02
|
||||
uses: wntrblm/nox@2024.04.15
|
||||
with:
|
||||
python-versions: "${{ matrix.python-versions }}"
|
||||
- name: "Run nox -s ${{ matrix.session }}"
|
||||
|
||||
@@ -75,6 +75,381 @@ spec:
|
||||
ingress_controller:
|
||||
description: Special configuration for specific Ingress Controllers
|
||||
type: string
|
||||
node_selector:
|
||||
description: Assign the Mesh Ingress Pod to the specified node.
|
||||
type: string
|
||||
tolerations:
|
||||
description: Scheduling tolerations for the Mesh Ingress instance.
|
||||
type: string
|
||||
topology_spread_constraints:
|
||||
description: Topology spread constraints for the Mesh Ingress instance.
|
||||
type: string
|
||||
affinity:
|
||||
description: Scheduling constraints to apply to the Pod definition
|
||||
properties:
|
||||
nodeAffinity:
|
||||
properties:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
items:
|
||||
properties:
|
||||
preference:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchFields:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
weight:
|
||||
format: int32
|
||||
type: integer
|
||||
required:
|
||||
- preference
|
||||
- weight
|
||||
type: object
|
||||
type: array
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
properties:
|
||||
nodeSelectorTerms:
|
||||
items:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchFields:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
type: array
|
||||
required:
|
||||
- nodeSelectorTerms
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
type: object
|
||||
podAffinity:
|
||||
properties:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
items:
|
||||
properties:
|
||||
podAffinityTerm:
|
||||
properties:
|
||||
labelSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaceSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaces:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
topologyKey:
|
||||
type: string
|
||||
required:
|
||||
- topologyKey
|
||||
type: object
|
||||
weight:
|
||||
format: int32
|
||||
type: integer
|
||||
required:
|
||||
- podAffinityTerm
|
||||
- weight
|
||||
type: object
|
||||
type: array
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
items:
|
||||
properties:
|
||||
labelSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaceSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaces:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
topologyKey:
|
||||
type: string
|
||||
required:
|
||||
- topologyKey
|
||||
type: object
|
||||
type: array
|
||||
type: object
|
||||
podAntiAffinity:
|
||||
properties:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
items:
|
||||
properties:
|
||||
podAffinityTerm:
|
||||
properties:
|
||||
labelSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaceSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaces:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
topologyKey:
|
||||
type: string
|
||||
required:
|
||||
- topologyKey
|
||||
type: object
|
||||
weight:
|
||||
format: int32
|
||||
type: integer
|
||||
required:
|
||||
- podAffinityTerm
|
||||
- weight
|
||||
type: object
|
||||
type: array
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
items:
|
||||
properties:
|
||||
labelSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaceSelector:
|
||||
properties:
|
||||
matchExpressions:
|
||||
items:
|
||||
properties:
|
||||
key:
|
||||
type: string
|
||||
operator:
|
||||
type: string
|
||||
values:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- key
|
||||
- operator
|
||||
type: object
|
||||
type: array
|
||||
matchLabels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
namespaces:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
topologyKey:
|
||||
type: string
|
||||
required:
|
||||
- topologyKey
|
||||
type: object
|
||||
type: array
|
||||
type: object
|
||||
type: object
|
||||
status:
|
||||
description: Status defines the observed state of AWXMeshIngress
|
||||
type: object
|
||||
|
||||
@@ -58,6 +58,26 @@ spec:
|
||||
path: ingress_controller
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:text
|
||||
- displayName: Node Selector
|
||||
path: node_selector
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Tolerations
|
||||
path: tolerations
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Topology Spread Constraints
|
||||
path: topology_spread_constraints
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Affinity
|
||||
path: affinity
|
||||
x-descriptors:
|
||||
- urn:alm:descriptor:com.tectonic.ui:advanced
|
||||
- urn:alm:descriptor:com.tectonic.ui:hidden
|
||||
- displayName: Optional API URLPATTERN Prefix
|
||||
path: api_urlpattern_prefix
|
||||
x-descriptors:
|
||||
|
||||
@@ -127,6 +127,17 @@
|
||||
name: example-awx-admin-password
|
||||
register: admin_pw_secret
|
||||
|
||||
- name: Wait for instance to be ready
|
||||
uri:
|
||||
url: "http://localhost/awx/api/v2/instances/?node_type=control&node_state=ready"
|
||||
user: admin
|
||||
password: "{{ admin_pw_secret.resources[0].data.password | b64decode }}"
|
||||
force_basic_auth: yes
|
||||
register: instances
|
||||
until: instances['json']['count'] | int > 0
|
||||
retries: 20
|
||||
delay: 2
|
||||
|
||||
- name: Validate demo job launch
|
||||
block:
|
||||
- name: Launch Demo Job Template
|
||||
|
||||
@@ -45,6 +45,7 @@ spec:
|
||||
extra_settings:
|
||||
- setting: LOG_AGGREGATOR_LEVEL
|
||||
value: "'DEBUG'"
|
||||
task_readiness_period: 15
|
||||
{% if additional_fields is defined %}
|
||||
{{ additional_fields | to_nice_yaml | indent(2) }}
|
||||
{% endif %}
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
|
||||
- name: Sanitize instance version
|
||||
set_fact:
|
||||
version: "{{ version_check.stdout.split('+')[0] | trim }}"
|
||||
version: "{{ version_check.stdout | replace('+', '-') | trim }}"
|
||||
|
||||
# It is possible to do a wait on this task to create the job and wait
|
||||
# until it completes. Unfortunately, if the job doesn't wait finish within
|
||||
|
||||
@@ -8,9 +8,9 @@ metadata:
|
||||
{{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=4) | trim }}
|
||||
{{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=4) | trim }}
|
||||
spec:
|
||||
{% if task_replicas != '' and task_manage_replicas is true %}
|
||||
{% if task_replicas != '' and task_manage_replicas | bool %}
|
||||
replicas: {{ task_replicas }}
|
||||
{% elif replicas != '' and task_manage_replicas is true %}
|
||||
{% elif replicas != '' and task_manage_replicas | bool %}
|
||||
replicas: {{ replicas }}
|
||||
{% endif %}
|
||||
selector:
|
||||
@@ -74,6 +74,25 @@ spec:
|
||||
priorityClassName: '{{ control_plane_priority_class }}'
|
||||
{% endif %}
|
||||
initContainers:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: init-bundle-ca-trust
|
||||
image: '{{ _init_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ init_container_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
mkdir -p /etc/pki/ca-trust/extracted/{java,pem,openssl,edk2}
|
||||
update-ca-trust extract
|
||||
volumeMounts:
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
- name: init-database
|
||||
image: '{{ _image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
@@ -96,6 +115,10 @@ spec:
|
||||
subPath: settings.py
|
||||
readOnly: true
|
||||
{{ lookup("template", "common/volume_mounts/extra_settings_files.yaml.j2") | indent(width=12) | trim }}
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
mountPath: "/awx_devel"
|
||||
@@ -123,10 +146,6 @@ spec:
|
||||
outcert=/etc/receptor/tls/receptor.crt \
|
||||
notafter=$(date --iso-8601=seconds --utc --date "10 years") \
|
||||
verify=yes
|
||||
{% if bundle_ca_crt %}
|
||||
mkdir -p /etc/pki/ca-trust/extracted/{java,pem,openssl,edk2}
|
||||
update-ca-trust
|
||||
{% endif %}
|
||||
{% if init_container_extra_commands %}
|
||||
{{ init_container_extra_commands | indent(width=14) }}
|
||||
{% endif %}
|
||||
@@ -149,10 +168,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
{% if init_container_extra_volume_mounts -%}
|
||||
{{ init_container_extra_volume_mounts | indent(width=12, first=True) }}
|
||||
@@ -255,10 +270,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
- name: "{{ ansible_operator_meta.name }}-application-credentials"
|
||||
mountPath: "/etc/tower/conf.d/execution_environments.py"
|
||||
@@ -358,10 +369,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
- name: "{{ ansible_operator_meta.name }}-default-receptor-config"
|
||||
mountPath: "/etc/receptor/receptor-default.conf"
|
||||
@@ -438,10 +445,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
{{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=4) | trim }}
|
||||
{{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=4) | trim }}
|
||||
spec:
|
||||
{% if web_replicas != '' and web_manage_replicas is true %}
|
||||
{% if web_replicas != '' and web_manage_replicas | bool %}
|
||||
replicas: {{ web_replicas }}
|
||||
{% elif replicas != '' and web_manage_replicas is true %}
|
||||
{% elif replicas != '' and web_manage_replicas | bool %}
|
||||
replicas: {{ replicas }}
|
||||
{% endif %}
|
||||
selector:
|
||||
@@ -80,7 +80,26 @@ spec:
|
||||
priorityClassName: '{{ control_plane_priority_class }}'
|
||||
{% endif %}
|
||||
initContainers:
|
||||
{% if bundle_ca_crt or projects_persistence|bool or init_container_extra_commands %}
|
||||
{% if bundle_ca_crt %}
|
||||
- name: init-bundle-ca-trust
|
||||
image: '{{ _init_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ init_container_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
mkdir -p /etc/pki/ca-trust/extracted/{java,pem,openssl,edk2}
|
||||
update-ca-trust extract
|
||||
volumeMounts:
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
{% if init_container_extra_commands %}
|
||||
- name: init
|
||||
image: '{{ _init_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
@@ -89,21 +108,11 @@ spec:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
{% if bundle_ca_crt %}
|
||||
mkdir -p /etc/pki/ca-trust/extracted/{java,pem,openssl,edk2}
|
||||
update-ca-trust
|
||||
{% endif %}
|
||||
{% if init_container_extra_commands %}
|
||||
{{ init_container_extra_commands | indent(width=14) }}
|
||||
{% endif %}
|
||||
volumeMounts:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
{% if init_container_extra_volume_mounts -%}
|
||||
{{ init_container_extra_volume_mounts | indent(width=12, first=True) }}
|
||||
@@ -191,10 +200,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
- name: {{ ansible_operator_meta.name }}-uwsgi-config
|
||||
mountPath: "/etc/tower/uwsgi.ini"
|
||||
@@ -316,10 +321,6 @@ spec:
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
|
||||
@@ -8,7 +8,31 @@ metadata:
|
||||
{{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=4) | trim }}
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ lookup("template", "../common/templates/labels/common.yaml.j2") | indent(width=8) | trim }}
|
||||
{{ lookup("template", "../common/templates/labels/version.yaml.j2") | indent(width=8) | trim }}
|
||||
spec:
|
||||
{% if bundle_ca_crt %}
|
||||
initContainers:
|
||||
- name: init-bundle-ca-trust
|
||||
image: '{{ _init_container_image }}'
|
||||
imagePullPolicy: '{{ image_pull_policy }}'
|
||||
resources: {{ init_container_resource_requirements }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
mkdir -p /etc/pki/ca-trust/extracted/{java,pem,openssl,edk2}
|
||||
update-ca-trust extract
|
||||
volumeMounts:
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
mountPath: /etc/pki/ca-trust/source/anchors/bundle-ca.crt
|
||||
subPath: bundle-ca.crt
|
||||
readOnly: true
|
||||
{% endif %}
|
||||
containers:
|
||||
- name: "migration-job"
|
||||
image: '{{ _image }}'
|
||||
@@ -30,6 +54,10 @@ spec:
|
||||
subPath: settings.py
|
||||
readOnly: true
|
||||
{{ lookup("template", "common/volume_mounts/extra_settings_files.yaml.j2") | indent(width=12) | trim }}
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
mountPath: "/etc/pki/ca-trust/extracted"
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
mountPath: "/awx_devel"
|
||||
@@ -96,6 +124,16 @@ spec:
|
||||
- key: settings
|
||||
path: settings.py
|
||||
{{ lookup("template", "common/volumes/extra_settings_files.yaml.j2") | indent(width=8) | trim }}
|
||||
{% if bundle_ca_crt %}
|
||||
- name: "ca-trust-extracted"
|
||||
emptyDir: {}
|
||||
- name: "{{ ansible_operator_meta.name }}-bundle-cacert"
|
||||
secret:
|
||||
secretName: "{{ bundle_cacert_secret }}"
|
||||
items:
|
||||
- key: bundle-ca.crt
|
||||
path: 'bundle-ca.crt'
|
||||
{% endif %}
|
||||
{% if development_mode | bool %}
|
||||
- name: awx-devel
|
||||
hostPath:
|
||||
|
||||
@@ -14,3 +14,8 @@ _image_pull_policy: Always
|
||||
image_pull_secrets: []
|
||||
|
||||
finalizer_run: false
|
||||
|
||||
node_selector: ''
|
||||
topology_spread_constraints: ''
|
||||
tolerations: ''
|
||||
affinity: {}
|
||||
|
||||
@@ -71,6 +71,22 @@ spec:
|
||||
restartPolicy: Always
|
||||
schedulerName: default-scheduler
|
||||
serviceAccount: {{ ansible_operator_meta.name }}
|
||||
{% if node_selector %}
|
||||
nodeSelector:
|
||||
{{ node_selector | indent(width=8) }}
|
||||
{% endif %}
|
||||
{% if topology_spread_constraints %}
|
||||
topologySpreadConstraints:
|
||||
{{ topology_spread_constraints | indent(width=8) }}
|
||||
{% endif %}
|
||||
{% if tolerations %}
|
||||
tolerations:
|
||||
{{ tolerations | indent(width=8) }}
|
||||
{% endif %}
|
||||
{% if affinity %}
|
||||
affinity:
|
||||
{{ affinity | to_nice_yaml | indent(width=8) }}
|
||||
{% endif %}
|
||||
volumes:
|
||||
- name: {{ ansible_operator_meta.name }}-receptor-tls
|
||||
- name: {{ ansible_operator_meta.name }}-receptor-ca
|
||||
|
||||
Reference in New Issue
Block a user