nicolas
/
red-hat-kiosk
mirror of https://github.com/nmasse-itix/red-hat-kiosk.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 Commits
4 Branches
0 Tags
195 KiB
 
 
 
 
 
Tree: 6a28877971
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6a28877971'
${ noResults }
red-hat-kiosk/ansible/playbooks/blueprint_preparation.yaml

114 lines
3.7 KiB
Raw Blame History

- name: Create the initial ostree repo
hosts: all
vars_files: ../credentials.yaml
tasks:
- name: Extract userspace architecture
ansible.builtin.set_fact:
userspace_arch: "{{ ansible_facts['userspace_architecture']}}"
- name: Enable required rhocp repositories using subscription-manager
become: true
ansible.builtin.command:
cmd: "sudo subscription-manager repos --enable rhocp-4.14-for-rhel-9-{{ userspace_arch }}-rpms --enable fast-datapath-for-rhel-9-{{ userspace_arch }}-rpms"
- name: Get information about the microshift package
ansible.builtin.command:
cmd: "dnf info microshift"
register: microshift_info
- name: Display microshift package information
ansible.builtin.debug:
var: microshift_info.stdout_lines
- name: Display ssh package information
ansible.builtin.debug:
var: ADMIN_SSH_PUBLIC_KEY
- name: Display password package information
ansible.builtin.debug:
var: ADMIN_PASSWORD
- name: Install mkpasswd and podman packages
become: true
ansible.builtin.dnf:
name:
- mkpasswd
- podman
state: present
- name: Generate bcrypt hash of the admin password
command: mkpasswd -m bcrypt "{{ ADMIN_PASSWORD }}"
register: admin_password_hash
changed_when: false
- name: Update kiosk.toml with admin password hash and SSH public key
ansible.builtin.lineinfile:
path: "{{ ansible_env.HOME }}/red-hat-kiosk/imagebuilder/kiosk.toml"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: '^__ADMIN_PASSWORD__=', line: '__ADMIN_PASSWORD__={{ admin_password_hash.stdout }}' }
- { regexp: '^__ADMIN_SSH_PUBLIC_KEY__=', line: '__ADMIN_SSH_PUBLIC_KEY__={{ ADMIN_SSH_PUBLIC_KEY }}' }
- name: Add custom packages source to composer
ansible.builtin.shell: |
composer-cli sources add <<EOF
check_gpg = false
check_ssl = false
id = "custom"
name = "custom packages for RHEL"
system = false
type = "yum-baseurl"
url = "file://{{ repo_location }}"
EOF
args:
executable: /bin/bash
- name: Add rhocp-4.14 source to composer
ansible.builtin.shell: |
composer-cli sources add <<EOF
id = "rhocp-4.14"
name = "Red Hat OpenShift Container Platform 4.14 for RHEL 9"
type = "yum-baseurl"
url = "https://cdn.redhat.com/content/dist/layered/rhel9/{{ ansible_architecture }}/rhocp/4.14/os"
check_gpg = true
check_ssl = true
system = false
rhsm = true
EOF
args:
executable: /bin/bash
- name: Add fast-datapath source to composer
ansible.builtin.shell: |
composer-cli sources add <<EOF
id = "fast-datapath"
name = "Fast Datapath for RHEL 9"
type = "yum-baseurl"
url = "https://cdn.redhat.com/content/dist/layered/rhel9/{{ ansible_architecture }}/fast-datapath/os"
check_gpg = true
check_ssl = true
system = false
rhsm = true
EOF
args:
executable: /bin/bash
- name: Add EPEL source to composer
ansible.builtin.shell: |
composer-cli sources add <<EOF
id = "epel"
name = "Extra Packages for Enterprise Linux"
type = "yum-baseurl"
url = "http://mirror.in2p3.fr/pub/epel/9/Everything/{{ ansible_architecture }}/"
check_gpg = false
check_ssl = false
system = false
rhsm = false
EOF
args:
executable: /bin/bash
- name: Push Blueprint
infra.osbuild.push_blueprint:
src: "{{ ansible_env.HOME }}/red-hat-kiosk/imagebuilder/kiosk.toml"