From 64509930faafa567ae72a0ea8c6182ddd8ad0cc3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= Date: Tue, 5 Mar 2019 15:44:59 +0100 Subject: [PATCH] use the same playbook for all integrations --- support/awx/README.md | 6 +- support/awx/deploy-api.yaml | 1 + support/awx/deploy-api.yml | 23 ------- support/awx/tower-assets.yaml | 2 +- support/docker/deploy-api.yaml | 102 +++++++++++++++++++++----------- support/jenkins/deploy-api.yaml | 62 +------------------ 6 files changed, 72 insertions(+), 124 deletions(-) create mode 120000 support/awx/deploy-api.yaml delete mode 100644 support/awx/deploy-api.yml mode change 100644 => 120000 support/jenkins/deploy-api.yaml diff --git a/support/awx/README.md b/support/awx/README.md index c4833d3..357b029 100644 --- a/support/awx/README.md +++ b/support/awx/README.md @@ -26,9 +26,9 @@ You can now provision an API from your favourite CI/CD tool. For example, from J ```groovy def towerExtraVars = [ - git_repo: "https://github.com/nmasse-itix/rhte-api.git", - git_branch: "master", - openapi_file: "openapi-spec.yaml", + git_repository: "https://github.com/nmasse-itix/rhte-api.git", + git_ref: "master", + threescale_cicd_openapi_file: "openapi-spec.yaml", threescale_cicd_api_base_system_name: "event_api", threescale_cicd_private_base_url: "https://echo-api.3scale.net", threescale_cicd_api_environment_name: "prod", diff --git a/support/awx/deploy-api.yaml b/support/awx/deploy-api.yaml new file mode 120000 index 0000000..a9db7df --- /dev/null +++ b/support/awx/deploy-api.yaml @@ -0,0 +1 @@ +../docker/deploy-api.yaml \ No newline at end of file diff --git a/support/awx/deploy-api.yml b/support/awx/deploy-api.yml deleted file mode 100644 index 95e93d5..0000000 --- a/support/awx/deploy-api.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -- name: Deploy an API to 3scale - hosts: threescale - gather_facts: no - pre_tasks: - - - assert: - that: - - "git_repo is defined" - - - name: Clone the git repo containing the API Definition - git: - repo: '{{ git_repo }}' - dest: '{{ playbook_dir }}/api' - version: '{{ git_branch|default(''master'') }}' - delegate_to: localhost - - - set_fact: - threescale_cicd_openapi_file: '{{ playbook_dir }}/api/{{ openapi_file|default(''openapi-spec.yaml'') }}' - - roles: - - nmasse-itix.threescale-cicd diff --git a/support/awx/tower-assets.yaml b/support/awx/tower-assets.yaml index 25fee17..dae54bf 100644 --- a/support/awx/tower-assets.yaml +++ b/support/awx/tower-assets.yaml @@ -17,7 +17,7 @@ survey_spec: {} asset_type: job_template name: Deploy an API to 3scale - playbook: support/awx/deploy-api.yml + playbook: support/awx/deploy-api.yaml inventory: 3scale project: Deploy API to 3scale verbosity: 1 diff --git a/support/docker/deploy-api.yaml b/support/docker/deploy-api.yaml index 266054e..00083e3 100644 --- a/support/docker/deploy-api.yaml +++ b/support/docker/deploy-api.yaml @@ -4,30 +4,53 @@ hosts: localhost gather_facts: no vars: - # By default, the 3scale admin portal hostname and its access token are taken - # from a Kubernetes secret but they can be overriden from the command line + # By default, the 3scale admin portal hostname and its access token are taken + # from a Kubernetes secret but they can also be passed from the command line # as extra vars (-e threescale_portal_hostname=... -e threescale_cicd_access_token=...) - threescale_portal_hostname: '{{ lookup(''file'', ''/tmp/secrets/hostname'') }}' - threescale_cicd_access_token: '{{ lookup(''file'', ''/tmp/secrets/access_token'') }}' + # or from environment variables (THREESCALE_PORTAL_HOSTNAME=..., THREESCALE_CICD_ACCESS_TOKEN=...) + threescale_portal_hostname: '{{ lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'') if lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'')|length > 0 else lookup(''env'', ''threescale_portal_hostname'') }}' + threescale_cicd_access_token: '{{ lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'') if lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'')|length > 0 else lookup(''env'', ''threescale_cicd_access_token'') }}' tasks: - - assert: - that: threescale_portal_hostname is defined - msg: > - Please pass the hostname of your 3scale Admin Portal in "hostname" key of the - "3scale-admin-portal" secret. + - block: + - name: Check if /tmp/secrets/hostname exists + stat: + path: /tmp/secrets/hostname + register: secrets - - assert: - that: threescale_cicd_access_token is defined - msg: > - Please pass the access token of your 3scale Admin Portal in "access_token" key of the - "3scale-admin-portal" secret. + - name: Fetch the threescale_portal_hostname variable from /tmp/secrets/hostname + set_fact: + threescale_portal_hostname: '{{ lookup(''file'', ''/tmp/secrets/hostname'') }}' + when: secrets.stat.exists - # Generate dynamically a one host inventory - - add_host: - hostname: '{{ threescale_portal_hostname }}' - groups: - - threescale - threescale_cicd_access_token: '{{ threescale_cicd_access_token }}' + - name: Check if /tmp/secrets/access_token exists + stat: + path: /tmp/secrets/access_token + register: secrets + + - name: Fetch the threescale_cicd_access_token variable from /tmp/secrets/access_token + set_fact: + threescale_cicd_access_token: '{{ lookup(''file'', ''/tmp/secrets/access_token'') }}' + when: secrets.stat.exists + + - assert: + that: threescale_portal_hostname|length > 0 + msg: > + Please pass the hostname of your 3scale Admin Portal in "hostname" key of the + "3scale-admin-portal" secret. + + - assert: + that: threescale_cicd_access_token|length > 0 + msg: > + Please pass the access token of your 3scale Admin Portal in "access_token" key of the + "3scale-admin-portal" secret. + + # Generate dynamically a one host inventory + - add_host: + hostname: '{{ threescale_portal_hostname }}' + groups: + - threescale + threescale_cicd_access_token: '{{ threescale_cicd_access_token }}' + when: groups['threescale']|default([])|length == 0 - name: Deploy an API to 3scale hosts: threescale @@ -37,8 +60,8 @@ # # The git_repository, git_context_dir and git_ref are taken from the OpenShift build definition # but they can be overriden from the command line as extra vars (-e git_repository=... - # -e git_ref=... -e git_context_dir=...). If you choose to pass those vars on the command line, - # you need to pass all those three variables. + # -e git_ref=... -e git_context_dir=...) or environment variables (GIT_REPOSITORY=..., GIT_REF=..., + # GIT_CONTEXT_DIR=...) build: '{{ lookup(''env'', ''BUILD'')|from_json if lookup(''env'', ''BUILD'')|length > 0 else {} }}' git_repository: '{{ build.spec.source.git.uri if ''spec'' in build and ''uri'' in build.spec.source.git else '''' }}' git_context_dir: '{{ build.spec.source.git.contextDir if ''spec'' in build and ''contextDir'' in build.spec.source.git else '''' }}' @@ -46,6 +69,9 @@ ansible_connection: local parameter_whitelist: + - git_repository + - git_ref + - git_context_dir - threescale_cicd_openapi_file - threescale_cicd_openapi_file_format - threescale_cicd_api_system_name @@ -61,20 +87,8 @@ - threescale_cicd_validate_openapi - threescale_cicd_apicast_sandbox_endpoint - threescale_cicd_apicast_production_endpoint + - threescale_cicd_sso_issuer_endpoint pre_tasks: - - - name: Check if /tmp/secrets/sso_issuer_endpoint exists - stat: - path: /tmp/secrets/sso_issuer_endpoint - register: secrets - - # By default, the Red Hat SSO Issuer Endpoint are taken from a Kubernetes secret - # but they can be overriden from the command line as extra vars (-e threescale_cicd_sso_issuer_endpoint=...) - - name: Fetch the threescale_cicd_sso_issuer_endpoint variable from /tmp/secrets/sso_issuer_endpoint - set_fact: - threescale_cicd_sso_issuer_endpoint: '{{ lookup(''file'', ''/tmp/secrets/sso_issuer_endpoint'') }}' - when: secrets.stat.exists - - name: Clone the git repo containing the API Definition git: repo: '{{ git_repository }}' @@ -82,7 +96,13 @@ version: '{{ git_ref }}' when: 'git_repository|length > 0' - - name: Accept threescale_cicd_* variables from environment variables + - name: Accept threescale_cicd_* variables from environment variables (lowercase) + set_fact: + '{{ item|lower }}': '{{ lookup(''env'', item|lower) }}' + with_items: '{{ parameter_whitelist }}' + when: 'lookup(''env'', item|lower)|length > 0' + + - name: Accept threescale_cicd_* variables from environment variables (uppercase) set_fact: '{{ item|lower }}': '{{ lookup(''env'', item|upper) }}' with_items: '{{ parameter_whitelist }}' @@ -93,5 +113,15 @@ threescale_cicd_openapi_file: '{{ playbook_dir }}/api/{{ git_context_dir }}/{{ threescale_cicd_openapi_file }}' when: 'git_repository|length > 0' + - name: Check if /tmp/secrets/sso_issuer_endpoint exists + stat: + path: /tmp/secrets/sso_issuer_endpoint + register: secrets + + - name: Fetch the threescale_cicd_sso_issuer_endpoint variable from /tmp/secrets/sso_issuer_endpoint + set_fact: + threescale_cicd_sso_issuer_endpoint: '{{ lookup(''file'', ''/tmp/secrets/sso_issuer_endpoint'') }}' + when: secrets.stat.exists + roles: - nmasse-itix.threescale-cicd diff --git a/support/jenkins/deploy-api.yaml b/support/jenkins/deploy-api.yaml deleted file mode 100644 index df270de..0000000 --- a/support/jenkins/deploy-api.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- - -- name: Prepare the Ansible inventory - hosts: localhost - gather_facts: no - tasks: - - assert: - that: > - threescale_portal_hostname is defined - or lookup('env', 'THREESCALE_PORTAL_HOSTNAME')|length > 0 - msg: > - Please pass the hostname of your 3scale Admin Portal in the THREESCALE_PORTAL_HOSTNAME - environment variable or the threescale_portal_hostname extra variable. - - - assert: - that: > - threescale_cicd_access_token is defined - or lookup('env', 'THREESCALE_CICD_ACCESS_TOKEN')|length > 0 - msg: > - Please pass the access token of your 3scale Admin Portal in the THREESCALE_CICD_ACCESS_TOKEN - environment variable or the threescale_cicd_access_token extra variable. - - # Generate dynamically a one host inventory - - add_host: - hostname: '{{ threescale_portal_hostname|default(lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'')) }}' - groups: - - threescale - threescale_cicd_access_token: '{{ threescale_cicd_access_token|default(lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'')) }}' - -- name: Deploy an API to 3scale - hosts: threescale - gather_facts: no - vars: - ansible_connection: local - parameter_whitelist: - - threescale_cicd_openapi_file - - threescale_cicd_openapi_file_format - - threescale_cicd_api_system_name - - threescale_cicd_api_base_system_name - - threescale_cicd_wildcard_domain - - threescale_cicd_api_basepath - - threescale_cicd_api_backend_hostname - - threescale_cicd_api_backend_scheme - - threescale_cicd_private_base_url - - threescale_cicd_apicast_policies_cors - - threescale_cicd_openapi_smoketest_operation - - threescale_cicd_api_environment_name - - threescale_cicd_validate_openapi - - threescale_cicd_apicast_sandbox_endpoint - - threescale_cicd_apicast_production_endpoint - - threescale_cicd_sso_issuer_endpoint - pre_tasks: - - - name: Accept threescale_cicd_* variables from environment variables - set_fact: - '{{ item|lower }}': '{{ lookup(''env'', item|upper) }}' - with_items: '{{ parameter_whitelist }}' - when: 'lookup(''env'', item|upper)|length > 0' - - roles: - - nmasse-itix.threescale-cicd diff --git a/support/jenkins/deploy-api.yaml b/support/jenkins/deploy-api.yaml new file mode 120000 index 0000000..a9db7df --- /dev/null +++ b/support/jenkins/deploy-api.yaml @@ -0,0 +1 @@ +../docker/deploy-api.yaml \ No newline at end of file