From c6920751b7d009c5cb33c81459afac2e7445e043 Mon Sep 17 00:00:00 2001 From: Sven Ketelsen Date: Wed, 24 May 2023 09:13:21 +0200 Subject: [PATCH] DEV-1058 bugfix management configuration harbor - moved default values from role management to group all - allows override per stage --- group_vars/all/management.yml | 53 +++++++++++++++++++++++- group_vars/stage_demompmx/management.yml | 2 + group_vars/stage_demompmx/services.yml | 2 +- roles/management/defaults/main.yml | 45 -------------------- 4 files changed, 54 insertions(+), 48 deletions(-) delete mode 100644 roles/management/defaults/main.yml diff --git a/group_vars/all/management.yml b/group_vars/all/management.yml index 88ce1db..86a3c7e 100644 --- a/group_vars/all/management.yml +++ b/group_vars/all/management.yml @@ -1,4 +1,7 @@ --- +management_admin_username: "management-admin" # backwards compatibility +management_admin_password: "{{ management_admin_password_vault }}" # backwards compatibility + management_oidc_realm: "stage-connect" management_oidc_client_id: "connect" management_oidc_client_secret: "{{ management_oidc_client_secret_vault }}" @@ -6,10 +9,56 @@ management_oidc_admin_username: "management-admin" management_oidc_admin_password: "{{ management_admin_password_vault }}" management_oidc_admin_email: "{{ devops_email_address }}" -management_admin_username: "management-admin" # backwards compatibility -management_admin_password: "{{ management_admin_password_vault }}" # backwards compatibility +connect_client_admin_username: "{{ management_admin_username }}" +connect_client_admin_password: "{{ management_admin_password }}" + +current_realm_name: "{{ management_oidc_realm }}" + +current_realm_clients: + - name: "{{ management_oidc_client_id }}" + clientId: "{{ management_oidc_client_id }}" + admin_url: "{{ shared_service_url_management }}/" + root_url: "{{ shared_service_url_management }}/" + redirect_uris: + - "{{ shared_service_url_management }}/*" + secret: "{{ management_oidc_client_secret }}" + web_origins: + - "{{ shared_service_url_management }}" + +current_realm_users: + - username: "{{ management_admin_username }}" + password: "{{ management_admin_password }}" + email: "{{ connect_admin_email }}" + requiredActions: [] + +current_realm_admin_users: [] management_configurations: - pmci - backup - provisioning # legacy + +connect_connection_teams_url: "{{ netgo_msteams_hook_cd }}" +connect_connection_awx_url: "{{ shared_service_kube_url_awx }}/" +connect_connection_harbor_url: "{{ shared_service_url_harbor }}/v2/" + +connect_connections: +- id: "teams" + name: "MS Teams" + url: "{{ connect_connection_teams_url }}" + connectionType: "HTTPS" + authType: "NO_AUTH" +- id: "awx" + name: "AWX" + url: "{{ connect_connection_awx_url }}" + connectionType: "HTTP" + authType: "BASIC_AUTH" + username: "{{ awx_admin_username }}" + password: "{{ awx_admin_password }}" +- id: "harbor" + name: "Harbor" + url: "{{ connect_connection_harbor_url }}" + connectionType: "HTTP" + authType: "BASIC_AUTH" + username: "{{ harbor_admin_username }}" + password: "{{ harbor_admin_password }}" diff --git a/group_vars/stage_demompmx/management.yml b/group_vars/stage_demompmx/management.yml index c44cf70..bf5924e 100644 --- a/group_vars/stage_demompmx/management.yml +++ b/group_vars/stage_demompmx/management.yml @@ -2,3 +2,5 @@ management_configurations: - pmci - backup + +connect_connection_harbor_url: "{{ shared_service_url_harbor }}/v2/prodnso/" diff --git a/group_vars/stage_demompmx/services.yml b/group_vars/stage_demompmx/services.yml index 7c4d6d8..351ecb3 100644 --- a/group_vars/stage_demompmx/services.yml +++ b/group_vars/stage_demompmx/services.yml @@ -1,5 +1,5 @@ --- -shared_service_url_harbor: "{{ shared_service_kube_harbor_url }}" +shared_service_url_harbor: "{{ shared_service_kube_url_harbor }}" shared_service_hostname_logstash: "{{ stage }}-logstash.{{ domain_env }}" shared_service_custom_additional_hosts: diff --git a/roles/management/defaults/main.yml b/roles/management/defaults/main.yml deleted file mode 100644 index f740dde..0000000 --- a/roles/management/defaults/main.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -connect_client_admin_username: "{{ management_admin_username }}" -connect_client_admin_password: "{{ management_admin_password }}" - -current_realm_name: "{{ management_oidc_realm }}" - -current_realm_clients: - - name: "{{ management_oidc_client_id }}" - clientId: "{{ management_oidc_client_id }}" - admin_url: "{{ shared_service_url_management }}/" - root_url: "{{ shared_service_url_management }}/" - redirect_uris: - - "{{ shared_service_url_management }}/*" - secret: "{{ management_oidc_client_secret }}" - web_origins: - - "{{ shared_service_url_management }}" - -current_realm_users: - - username: "{{ management_admin_username }}" - password: "{{ management_admin_password }}" - email: "{{ connect_admin_email }}" - requiredActions: [] - -current_realm_admin_users: [] - -connect_connections: -- id: "teams" - name: "MS Teams" - url: "{{ netgo_msteams_hook_cd }}" - connectionType: "HTTPS" - authType: "NO_AUTH" -- id: "awx" - name: "AWX" - url: "https://{{ shared_service_kube_hostname_awx }}/" - connectionType: "HTTP" - authType: "BASIC_AUTH" - username: "{{ awx_admin_username }}" - password: "{{ awx_admin_password }}" -- id: "harbor" - name: "Harbor" - url: "https://{{ shared_service_hostname_harbor }}/v2/" - connectionType: "HTTP" - authType: "BASIC_AUTH" - username: "{{ harbor_admin_username }}" - password: "{{ harbor_admin_password }}"