use the same playbook for all integrations

7 years ago · 64509930fa
6 changed files with 72 additions and 124 deletions
--- a/support/awx/README.md
+++ b/support/awx/README.md
@ -26,9 +26,9 @@ You can now provision an API from your favourite CI/CD tool. For example, from J

 ```groovy
 def towerExtraVars = [
-    git_repo: "https://github.com/nmasse-itix/rhte-api.git",
-    git_branch: "master",
-    openapi_file: "openapi-spec.yaml",
+    git_repository: "https://github.com/nmasse-itix/rhte-api.git",
+    git_ref: "master",
+    threescale_cicd_openapi_file: "openapi-spec.yaml",
    threescale_cicd_api_base_system_name: "event_api",
    threescale_cicd_private_base_url: "https://echo-api.3scale.net",
    threescale_cicd_api_environment_name: "prod",
--- a/support/awx/deploy-api.yaml
+++ b/support/awx/deploy-api.yaml
@ -0,0 +1 @@
+../docker/deploy-api.yaml
--- a/support/awx/deploy-api.yml
+++ b/support/awx/deploy-api.yml
@ -1,23 +0,0 @@
---
-
- name: Deploy an API to 3scale
-  hosts: threescale
-  gather_facts: no
-  pre_tasks:
-
-  - assert:
-      that:
-      - "git_repo is defined"
-
-  - name: Clone the git repo containing the API Definition
-    git:
-      repo: '{{ git_repo }}'
-      dest: '{{ playbook_dir }}/api'
-      version: '{{ git_branch|default(''master'') }}'
-    delegate_to: localhost
-
-  - set_fact:
-      threescale_cicd_openapi_file: '{{ playbook_dir }}/api/{{ openapi_file|default(''openapi-spec.yaml'') }}'
-
-  roles:
-  - nmasse-itix.threescale-cicd
--- a/support/awx/tower-assets.yaml
+++ b/support/awx/tower-assets.yaml
@ -17,7 +17,7 @@
    survey_spec: {}
  asset_type: job_template
  name: Deploy an API to 3scale
-  playbook: support/awx/deploy-api.yml
+  playbook: support/awx/deploy-api.yaml
  inventory: 3scale
  project: Deploy API to 3scale
  verbosity: 1
--- a/support/docker/deploy-api.yaml
+++ b/support/docker/deploy-api.yaml
@ -4,30 +4,53 @@
  hosts: localhost
  gather_facts: no
  vars:
-    # By default, the 3scale admin portal hostname and its access token are taken
-    # from a Kubernetes secret but they can be overriden from the command line
+    # By default, the 3scale admin portal hostname and its access token are taken 
+    # from a Kubernetes secret but they can also be passed from the command line
    # as extra vars (-e threescale_portal_hostname=... -e threescale_cicd_access_token=...)
-    threescale_portal_hostname: '{{ lookup(''file'', ''/tmp/secrets/hostname'') }}'
-    threescale_cicd_access_token: '{{ lookup(''file'', ''/tmp/secrets/access_token'') }}'
+    # or from environment variables (THREESCALE_PORTAL_HOSTNAME=..., THREESCALE_CICD_ACCESS_TOKEN=...)
+    threescale_portal_hostname: '{{ lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'') if lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'')|length > 0 else lookup(''env'', ''threescale_portal_hostname'') }}'
+    threescale_cicd_access_token: '{{ lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'') if lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'')|length > 0 else lookup(''env'', ''threescale_cicd_access_token'') }}'
  tasks:
-  - assert:
-      that: threescale_portal_hostname is defined
-      msg: >
-        Please pass the hostname of your 3scale Admin Portal in "hostname" key of the
-        "3scale-admin-portal" secret.
+  - block:
+    - name: Check if /tmp/secrets/hostname exists
+      stat: 
+        path: /tmp/secrets/hostname
+      register: secrets

-  - assert:
-      that: threescale_cicd_access_token is defined
-      msg: >
-        Please pass the access token of your 3scale Admin Portal in "access_token" key of the
-        "3scale-admin-portal" secret.
+    - name: Fetch the threescale_portal_hostname variable from /tmp/secrets/hostname
+      set_fact:
+        threescale_portal_hostname: '{{ lookup(''file'', ''/tmp/secrets/hostname'') }}'
+      when: secrets.stat.exists

-  # Generate dynamically a one host inventory
-  - add_host:
-      hostname: '{{ threescale_portal_hostname }}'
-      groups:
-      - threescale
-      threescale_cicd_access_token: '{{ threescale_cicd_access_token }}'
+    - name: Check if /tmp/secrets/access_token exists
+      stat: 
+        path: /tmp/secrets/access_token
+      register: secrets
+
+    - name: Fetch the threescale_cicd_access_token variable from /tmp/secrets/access_token
+      set_fact:
+        threescale_cicd_access_token: '{{ lookup(''file'', ''/tmp/secrets/access_token'') }}'
+      when: secrets.stat.exists
+
+    - assert:
+        that: threescale_portal_hostname|length > 0
+        msg: >
+          Please pass the hostname of your 3scale Admin Portal in "hostname" key of the
+          "3scale-admin-portal" secret.
+
+    - assert:
+        that: threescale_cicd_access_token|length > 0
+        msg: >
+          Please pass the access token of your 3scale Admin Portal in "access_token" key of the
+          "3scale-admin-portal" secret.
+
+    # Generate dynamically a one host inventory
+    - add_host:
+        hostname: '{{ threescale_portal_hostname }}'
+        groups:
+        - threescale
+        threescale_cicd_access_token: '{{ threescale_cicd_access_token }}'
+  when: groups['threescale']|default([])|length == 0

 - name: Deploy an API to 3scale
  hosts: threescale
@ -37,8 +60,8 @@
    #
    # The git_repository, git_context_dir and git_ref are taken from the OpenShift build definition
    # but they can be overriden from the command line as extra vars (-e git_repository=... 
-    # -e git_ref=... -e git_context_dir=...). If you choose to pass those vars on the command line,
-    # you need to pass all those three variables.
+    # -e git_ref=... -e git_context_dir=...) or environment variables (GIT_REPOSITORY=..., GIT_REF=...,
+    # GIT_CONTEXT_DIR=...)
    build: '{{ lookup(''env'', ''BUILD'')|from_json if lookup(''env'', ''BUILD'')|length > 0 else {} }}'
    git_repository: '{{ build.spec.source.git.uri if ''spec'' in build and ''uri'' in build.spec.source.git else '''' }}'
    git_context_dir: '{{ build.spec.source.git.contextDir if ''spec'' in build and ''contextDir'' in build.spec.source.git else '''' }}'
@ -46,6 +69,9 @@

    ansible_connection: local
    parameter_whitelist:
+    - git_repository
+    - git_ref
+    - git_context_dir
    - threescale_cicd_openapi_file
    - threescale_cicd_openapi_file_format
    - threescale_cicd_api_system_name
@ -61,20 +87,8 @@
    - threescale_cicd_validate_openapi
    - threescale_cicd_apicast_sandbox_endpoint
    - threescale_cicd_apicast_production_endpoint
+    - threescale_cicd_sso_issuer_endpoint
  pre_tasks:
-
-  - name: Check if /tmp/secrets/sso_issuer_endpoint exists
-    stat: 
-      path: /tmp/secrets/sso_issuer_endpoint
-    register: secrets
-
-  # By default, the Red Hat SSO Issuer Endpoint are taken from a Kubernetes secret
-  # but they can be overriden from the command line as extra vars (-e threescale_cicd_sso_issuer_endpoint=...)
-  - name: Fetch the threescale_cicd_sso_issuer_endpoint variable from /tmp/secrets/sso_issuer_endpoint
-    set_fact:
-      threescale_cicd_sso_issuer_endpoint: '{{ lookup(''file'', ''/tmp/secrets/sso_issuer_endpoint'') }}'
-    when: secrets.stat.exists
-
  - name: Clone the git repo containing the API Definition
    git:
      repo: '{{ git_repository }}'
@ -82,7 +96,13 @@
      version: '{{ git_ref }}'
    when: 'git_repository|length > 0'

-  - name: Accept threescale_cicd_* variables from environment variables
+  - name: Accept threescale_cicd_* variables from environment variables (lowercase)
+    set_fact:
+        '{{ item|lower }}': '{{ lookup(''env'', item|lower) }}'
+    with_items: '{{ parameter_whitelist }}'
+    when: 'lookup(''env'', item|lower)|length > 0'
+
+  - name: Accept threescale_cicd_* variables from environment variables (uppercase)
    set_fact:
        '{{ item|lower }}': '{{ lookup(''env'', item|upper) }}'
    with_items: '{{ parameter_whitelist }}'
@ -93,5 +113,15 @@
      threescale_cicd_openapi_file: '{{ playbook_dir }}/api/{{ git_context_dir }}/{{ threescale_cicd_openapi_file }}'
    when: 'git_repository|length > 0'

+  - name: Check if /tmp/secrets/sso_issuer_endpoint exists
+    stat: 
+      path: /tmp/secrets/sso_issuer_endpoint
+    register: secrets
+
+  - name: Fetch the threescale_cicd_sso_issuer_endpoint variable from /tmp/secrets/sso_issuer_endpoint
+    set_fact:
+      threescale_cicd_sso_issuer_endpoint: '{{ lookup(''file'', ''/tmp/secrets/sso_issuer_endpoint'') }}'
+    when: secrets.stat.exists
+
  roles:
  - nmasse-itix.threescale-cicd
--- a/support/jenkins/deploy-api.yaml
+++ b/support/jenkins/deploy-api.yaml
@ -1,61 +0,0 @@
---
-
- name: Prepare the Ansible inventory
-  hosts: localhost
-  gather_facts: no
-  tasks:
-  - assert:
-      that: >
-        threescale_portal_hostname is defined 
-          or lookup('env', 'THREESCALE_PORTAL_HOSTNAME')|length > 0
-      msg: >
-        Please pass the hostname of your 3scale Admin Portal in the THREESCALE_PORTAL_HOSTNAME
-        environment variable or the threescale_portal_hostname extra variable.
-
-  - assert:
-      that: >
-        threescale_cicd_access_token is defined
-          or lookup('env', 'THREESCALE_CICD_ACCESS_TOKEN')|length > 0
-      msg: >
-        Please pass the access token of your 3scale Admin Portal in the THREESCALE_CICD_ACCESS_TOKEN
-        environment variable or the threescale_cicd_access_token extra variable.
-
-  # Generate dynamically a one host inventory
-  - add_host:
-      hostname: '{{ threescale_portal_hostname|default(lookup(''env'', ''THREESCALE_PORTAL_HOSTNAME'')) }}'
-      groups:
-      - threescale
-      threescale_cicd_access_token: '{{ threescale_cicd_access_token|default(lookup(''env'', ''THREESCALE_CICD_ACCESS_TOKEN'')) }}'
-
- name: Deploy an API to 3scale
-  hosts: threescale
-  gather_facts: no
-  vars:
-    ansible_connection: local
-    parameter_whitelist:
-    - threescale_cicd_openapi_file
-    - threescale_cicd_openapi_file_format
-    - threescale_cicd_api_system_name
-    - threescale_cicd_api_base_system_name
-    - threescale_cicd_wildcard_domain
-    - threescale_cicd_api_basepath
-    - threescale_cicd_api_backend_hostname
-    - threescale_cicd_api_backend_scheme
-    - threescale_cicd_private_base_url
-    - threescale_cicd_apicast_policies_cors
-    - threescale_cicd_openapi_smoketest_operation
-    - threescale_cicd_api_environment_name
-    - threescale_cicd_validate_openapi
-    - threescale_cicd_apicast_sandbox_endpoint
-    - threescale_cicd_apicast_production_endpoint
-    - threescale_cicd_sso_issuer_endpoint
-  pre_tasks:
-  
-  - name: Accept threescale_cicd_* variables from environment variables
-    set_fact:
-        '{{ item|lower }}': '{{ lookup(''env'', item|upper) }}'
-    with_items: '{{ parameter_whitelist }}'
-    when: 'lookup(''env'', item|upper)|length > 0'
-
-  roles:
-  - nmasse-itix.threescale-cicd
--- a/support/jenkins/deploy-api.yaml
+++ b/support/jenkins/deploy-api.yaml
@ -0,0 +1 @@
+../docker/deploy-api.yaml