-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathplaybook.yml
150 lines (140 loc) · 5.15 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
- hosts: localhost
vars:
state: present
osb_operators_image: docker.io/automationbroker/osb-operators
tasks:
- name: service-catalog via marketplace state={{ state }}
vars:
name: svcat
namespace: openshift-operators
source: svcat
source_namespace: openshift-operators
package_name: svcat
starting_csv: svcat.v0.1.34
channel: alpha
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', item) | from_yaml }}"
loop:
- catalogsourceconfig.yaml.j2
- subscription.yaml.j2
loop_control:
pause: 2
tags: svcat
- name: Wait for kube-service-catalog
when: state == 'present'
action: shell oc api-versions | grep 'servicecatalog.k8s.io'
register: cmd_result
until: cmd_result.rc == 0
retries: 10
delay: 60
tags: svcat
# TODO: Remove this when marketplace supports grpc catalogsource
- name: Create svcat rbac
vars:
action: "{{ 'apply' if state == 'present' else 'delete' }}"
block:
# TODO: Uncomment when svcat master is fixed
# - name: Get aggregated roles
# get_url:
# url: https://raw.githubusercontent.com/openshift/service-catalog/master/manifests/02-aggregated-roles.yaml
# dest: "{{ playbook_dir }}/files/svcat-aggregated-roles.yaml"
- name: Use kubectl
action: "shell sed 's|kube-service-catalog|openshift-operators|g' {{ playbook_dir }}/files/svcat-aggregated-roles.yaml | kubectl {{ action }} -f -"
tags: svcat
# TODO: Remove this when move to install from marketplace
- name: osb-operators catalog source state={{ state }}
vars:
name: osb-operators
image: "{{ osb_operators_image }}"
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', 'catalogsource.yaml.j2') | from_yaml }}"
# TODO: Replace this with an install from marketplace
- name: ansible-service-broker state={{ state }}
vars:
name: ansible-service-broker
namespace: openshift-ansible-service-broker
source: osb-operators
source_namespace: openshift-operator-lifecycle-manager
package_name: automationbroker
starting_csv: automationbrokeroperator.v0.2.0
channel: alpha
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', item) | from_yaml }}"
loop:
- namespace.yaml.j2
- operatorgroup.yaml.j2
- subscription.yaml.j2
loop_control:
pause: 2
tags: asb
# HACK: Create a ClusterRoleBinding that grants the ASB admin so that it can,
# in turn, grant APB SAs either admin or edit privileges. This was expected
# to be supported with OLM, but the current plan is for Marketplace to
# ship with this specific rule. Until that is implemented and available
# in marketplace, we need to add the workaround here.
# TODO: Rip this out once marketplace has support for granting the broker admin.
- name: Grant ansible-service-broker the admin clusterrole
vars:
broker_name: ansible-service-broker
broker_namespace: openshift-ansible-service-broker
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', 'broker-admin.clusterrolebinding.yaml.j2') | from_yaml }}"
tags: asb
- name: Wait for automationbroker
when: state == 'present'
action: shell oc get crds | grep 'automationbrokers.osb.openshift.io'
register: cmd_result
until: cmd_result.rc == 0
retries: 10
delay: 60
tags: asb
- name: ansible-service-broker CR state={{ state }}
vars:
kind: AutomationBroker
name: ansible-service-broker
namespace: openshift-ansible-service-broker
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', 'customresource.yaml.j2')}}"
tags: asb
# TODO: Replace this with an install from marketplace
- name: template-service-broker state={{ state }}
vars:
name: template-service-broker
namespace: openshift-template-service-broker
source: osb-operators
source_namespace: openshift-operator-lifecycle-manager
package_name: templateservicebroker
starting_csv: templateservicebrokeroperator.v0.2.0
channel: alpha
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', item) | from_yaml }}"
loop:
- namespace.yaml.j2
- operatorgroup.yaml.j2
- subscription.yaml.j2
loop_control:
pause: 2
tags: tsb
- name: Wait for templateservicebroker
when: state == 'present'
action: shell oc get crds | grep 'templateservicebrokers.osb.openshift.io'
register: cmd_result
until: cmd_result.rc == 0
retries: 10
delay: 60
tags: tsb
- name: template-service-broker CR state={{ state }}
vars:
kind: TemplateServiceBroker
name: template-service-broker
namespace: openshift-template-service-broker
k8s:
state: "{{ state }}"
definition: "{{ lookup('template', 'customresource.yaml.j2')}}"
tags: tsb