diff --git a/roles/3scale/tasks/main.yml b/roles/3scale/tasks/main.yml index 090d03b..f820b45 100644 --- a/roles/3scale/tasks/main.yml +++ b/roles/3scale/tasks/main.yml @@ -151,30 +151,19 @@ project: "{{ threescale_project }}" tags: status - - name: Deploy apicast-staging, apicast-production - command: oc scale dc "{{ item }}" --replicas=1 -n "{{ threescale_project }}" + - include: configure_apicast_for_oauth.yml with_items: - apicast-staging - apicast-production - when: item not in replication_controllers - tags: rollout - - - include: common/wait_for.yml - static: no - vars: - pod_to_wait: - - apicast-staging - - apicast-production - delay: "{{ threescale_delay }}" - retries: "{{ threescale_retries }}" - project: "{{ threescale_project }}" - tags: status + tags: oauth - - include: configure_apicast_for_oauth.yml + - name: Deploy apicast-staging, apicast-production + command: oc scale dc "{{ item }}" --replicas=1 -n "{{ threescale_project }}" with_items: - apicast-staging - apicast-production - tags: oauth + when: item not in replication_controllers + tags: rollout - include: common/wait_for.yml static: no @@ -221,6 +210,9 @@ - include: oauth-client.yml tags: oauth-client + - include: webhooks.yml + tags: webhooks + - name: Get Admin Username command: oc get dc system-app -n "{{ threescale_project }}" -o 'jsonpath={.spec.template.spec.containers[0].env[?(@.name=="USER_LOGIN")].value}' register: username diff --git a/roles/3scale/tasks/webhooks.yml b/roles/3scale/tasks/webhooks.yml new file mode 100644 index 0000000..c1d1b6f --- /dev/null +++ b/roles/3scale/tasks/webhooks.yml @@ -0,0 +1,52 @@ +--- + + - include: "common/status.yml" + vars: + project: "{{ threescale_project }}" + tags: status + + - set_fact: + deploy_needed: '{{ deployment_configs|intersect([ "webhooks" ])|length < 1 }}' + tags: status + + - name: Deploy the Webhooks service + command: oc new-app -n '{{ threescale_project }}' https://github.com/nmasse-itix/3scale-webhooks-sample.git --name=webhooks -e SSO_REALM={{ sso_realm }} -e SSO_HOSTNAME={{ sso_route_name }} -e SSO_SERVICE_USERNAME={{ sso_service_username }} -e SSO_SERVICE_PASSWORD={{ sso_service_password }} -e SSO_CLIENT_ID={{ sso_default_client_id }} -e SHARED_SECRET={{ threescale_webhooks_secret }} -e WEBHOOKS_MODULES=log,sso + when: deploy_needed + + - name: Expose the Webhooks service + command: oc expose service webhooks -n '{{ threescale_project }}' + when: deploy_needed + + - name: Get Webhooks service URL + command: oc get route webhooks -n "{{ threescale_project }}" -o 'jsonpath={.spec.host}' + register: route + changed_when: false + tags: status + + - set_fact: + webhooks_hostname: '{{ route.stdout }}' + tags: vars + + - set_fact: + body_set_webhook: '{{ "access_token=" ~ access_token|urlencode }}' + + - set_fact: + body_set_webhook: '{{ body_set_webhook ~ "&" ~ (param.key|urlencode) ~ "=" ~ (param.value|urlencode) }}' + with_dict: + url: http://{{ webhooks_hostname }}/webhook?shared_secret={{ threescale_webhooks_secret }} + active: "true" + provider_actions: "true" + application_created_on: "true" + application_updated_on: "true" + application_deleted_on: "true" + loop_control: + loop_var: param + + - name: Update the webhooks settings + uri: + url: https://{{ threescale_admin_hostname }}/admin/api/webhooks.json + validate_certs: no + method: PUT + body: '{{ body_set_webhook }}' + status_code: 200 + register: response diff --git a/roles/3scale/vars/main.yml b/roles/3scale/vars/main.yml index 652b17e..652bdda 100644 --- a/roles/3scale/vars/main.yml +++ b/roles/3scale/vars/main.yml @@ -8,6 +8,7 @@ threescale_retries: 30 threescale_apicast_cors_lua: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/apicast_cors.lua threescale_apicast_cors_conf: https://raw.githubusercontent.com/3scale/apicast/cors-example/examples/cors/cors.conf + threescale_webhooks_secret: supersecret threescale_expected_deployment_configs: - apicast-staging - apicast-production