mirror of
https://github.com/ansible/awx-operator.git
synced 2026-04-27 08:56:41 +00:00
f04017ca95
This is the full implementation of the OpenAPI schema that maps to the currently existing roles defaults variable. Prior to this commit, all variables specified at the spec level that didn't have an entry in the OpenAPI schema at the CRD level were simply ignored, unless --validate=false was specified. This commit fixes that and provide a mapping between the CRD level OpenAPI schema and the variables availabe in <roles>/defaults/main.yml. This commit is simply about ensuring one can provide all the available variables. A follow up commit will come to add logic in the OpenAPI schema definition as it can be shown here[1] [1] https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#specifying-a-structural-schema
396 lines
12 KiB
YAML
396 lines
12 KiB
YAML
# This file is generated by Ansible. Changes will be lost.
|
|
# Update templates under ansible/templates/
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
creationTimestamp: null
|
|
name: awx-operator
|
|
rules:
|
|
- apiGroups:
|
|
- route.openshift.io
|
|
resources:
|
|
- routes
|
|
- routes/custom-host
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
- services
|
|
- services/finalizers
|
|
- endpoints
|
|
- persistentvolumeclaims
|
|
- events
|
|
- configmaps
|
|
- secrets
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- apps
|
|
- extensions
|
|
resources:
|
|
- deployments
|
|
- daemonsets
|
|
- replicasets
|
|
- statefulsets
|
|
- ingresses
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- monitoring.coreos.com
|
|
resources:
|
|
- servicemonitors
|
|
verbs:
|
|
- get
|
|
- create
|
|
- apiGroups:
|
|
- apps
|
|
resourceNames:
|
|
- awx-operator
|
|
resources:
|
|
- deployments/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods/exec
|
|
verbs:
|
|
- create
|
|
- get
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- replicasets
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- awx.ansible.com
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
|
|
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: awx-operator
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: awx-operator
|
|
namespace: default
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: awx-operator
|
|
apiGroup: rbac.authorization.k8s.io
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: awx-operator
|
|
namespace: default
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: awx-operator
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
name: awx-operator
|
|
template:
|
|
metadata:
|
|
labels:
|
|
name: awx-operator
|
|
spec:
|
|
serviceAccountName: awx-operator
|
|
containers:
|
|
- name: awx-operator
|
|
image: "quay.io/ansible/awx-operator:0.6.0"
|
|
imagePullPolicy: "Always"
|
|
volumeMounts:
|
|
- mountPath: /tmp/ansible-operator/runner
|
|
name: runner
|
|
env:
|
|
# Watch all namespaces (cluster-scoped).
|
|
- name: WATCH_NAMESPACE
|
|
value: ""
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: OPERATOR_NAME
|
|
value: awx-operator
|
|
- name: ANSIBLE_GATHERING
|
|
value: explicit
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 6789
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 3
|
|
volumes:
|
|
- name: runner
|
|
emptyDir: {}
|
|
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
name: awxs.awx.ansible.com
|
|
spec:
|
|
group: awx.ansible.com
|
|
names:
|
|
kind: AWX
|
|
listKind: AWXList
|
|
plural: awxs
|
|
singular: awx
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1beta1
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Schema validation for the AWX CRD
|
|
properties:
|
|
spec:
|
|
properties:
|
|
deployment_type:
|
|
description: Name of the deployment type
|
|
type: string
|
|
api_version:
|
|
description: API version identified
|
|
type: string
|
|
tower_task_privileged:
|
|
description: If a privileged security context should be enabled
|
|
type: boolean
|
|
tower_admin_user:
|
|
description: Username to use for the admin account
|
|
type: string
|
|
tower_hostname:
|
|
description: The hostname of the instance
|
|
type: string
|
|
tower_admin_email:
|
|
description: The admin user email
|
|
type: string
|
|
tower_admin_password_secret:
|
|
description: Secret where the admin password can be found
|
|
type: string
|
|
tower_postgres_configuration_secret:
|
|
description: Secret where the database configuration can be found
|
|
type: string
|
|
tower_secret_key_secret:
|
|
description: Secret where the secret key can be found
|
|
type: string
|
|
tower_broadcast_websocket_secret:
|
|
description: Secret where the broadcast websocket secret can be found
|
|
type: string
|
|
tower_extra_volumes:
|
|
description: Specify extra volumes to add to the application pod
|
|
type: string
|
|
tower_ingress_type:
|
|
description: The ingress type to use to reach the deployed instance
|
|
type: string
|
|
enum:
|
|
- none
|
|
- Ingress
|
|
- ingress
|
|
- Route
|
|
- route
|
|
tower_ingress_annotations:
|
|
description: Annotations to add to the ingress
|
|
type: string
|
|
tower_ingress_tls_secret:
|
|
description: Secret where the ingress TLS secret can be found
|
|
type: string
|
|
tower_route_host:
|
|
description: The DNS to use to points to the instance
|
|
type: string
|
|
tower_route_tls_termination_mechanism:
|
|
description: The secure TLS termination mechanism to use
|
|
type: string
|
|
default: Edge
|
|
enum:
|
|
- Edge
|
|
- edge
|
|
- Passthrough
|
|
- passthrough
|
|
tower_route_tls_secret:
|
|
description: Secret where the TLS related credentials are stored
|
|
type: string
|
|
tower_image:
|
|
description: Registry path to the application container to use
|
|
type: string
|
|
tower_image_pull_policy:
|
|
description: The image pull policy
|
|
type: string
|
|
default: IfNotPresent
|
|
enum:
|
|
- Always
|
|
- always
|
|
- Never
|
|
- never
|
|
- IfNotPresent
|
|
- ifnotpresent
|
|
tower_task_resource_requirements:
|
|
description: Resource requirements for the task container
|
|
properties:
|
|
requests:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
limits:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
tower_web_resource_requirements:
|
|
description: Resource requirements for the web container
|
|
properties:
|
|
requests:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
limits:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
tower_replicas:
|
|
description: Number of instance replicas
|
|
type: integer
|
|
default: 1
|
|
format: int32
|
|
tower_garbage_collect_secrets:
|
|
description: Whether or not to remove secrets upon instance removal
|
|
default: false
|
|
type: boolean
|
|
tower_create_preload_data:
|
|
description: Whether or not to preload data upon Tower instance creation
|
|
default: true
|
|
type: boolean
|
|
tower_task_args:
|
|
type: array
|
|
items:
|
|
type: string
|
|
tower_task_command:
|
|
type: array
|
|
items:
|
|
type: string
|
|
tower_web_args:
|
|
type: array
|
|
items:
|
|
type: string
|
|
tower_web_command:
|
|
type: array
|
|
items:
|
|
type: string
|
|
tower_task_extra_env:
|
|
type: string
|
|
tower_web_extra_env:
|
|
type: string
|
|
tower_task_extra_volume_mounts:
|
|
type: string
|
|
tower_web_extra_volume_mounts:
|
|
type: string
|
|
tower_redis_image:
|
|
description: Registry path to the redis container to use
|
|
type: string
|
|
tower_postgres_image:
|
|
description: Registry path to the PostgreSQL container to use
|
|
type: string
|
|
tower_postgres_resource_requirements:
|
|
description: Resource requirements for the PostgreSQL container
|
|
properties:
|
|
requests:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
limits:
|
|
properties:
|
|
cpu:
|
|
type: string
|
|
memory:
|
|
type: string
|
|
storage:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
tower_postgres_storage_class:
|
|
description: Storage class to use for the PostgreSQL PVC
|
|
type: string
|
|
tower_postgres_data_path:
|
|
description: Path where the PostgreSQL data are located
|
|
type: string
|
|
ca_trust_bundle:
|
|
description: Path where the trusted CA bundle is available
|
|
type: string
|
|
development_mode:
|
|
description: If the deployment should be done in development mode
|
|
type: boolean
|
|
type: object
|
|
status:
|
|
properties:
|
|
towerURL:
|
|
description: URL to access the deployed instance
|
|
type: string
|
|
towerAdminUser:
|
|
description: Admin user of the deployed instance
|
|
type: string
|
|
towerAdminPasswordSecret:
|
|
description: Admin password of the deployed instance
|
|
type: string
|
|
towerVersion:
|
|
description: Version of the deployed instance
|
|
type: string
|
|
conditions:
|
|
description: The resulting conditions when a Service Telemetry is instantiated
|
|
items:
|
|
properties:
|
|
status:
|
|
type: string
|
|
type:
|
|
type: string
|
|
reason:
|
|
type: string
|
|
lastTransitionTime:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|