feat: complete qa setup up to smardigo management

4 years ago · d97bedc8f1
parent c87717f07d
commit d97bedc8f1
17 changed files with 71 additions and 87 deletions
--- a/create-database.yml
+++ b/create-database.yml
@ -101,6 +101,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
--- a/create-realm.yml
+++ b/create-realm.yml
@ -76,6 +76,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
--- a/create-server.yml
+++ b/create-server.yml
@ -135,6 +135,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
--- a/create-service.yml
+++ b/create-service.yml
@ -88,6 +88,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
--- a/group_vars/connect/plain.yml
+++ b/group_vars/connect/plain.yml
@ -1,9 +1,7 @@
 ---
 hetzner_server_type: cx21
-hetzner_server_labels: "stage={{ stage }} service=connect{{ tenant_id | ternary(' tenant=' + tenant_id, '', omit) }}"
+hetzner_server_labels: "stage={{ stage }} service=connect{% if tenant_id is defined %} tenant={{ tenant_id }}{% endif %}"
 connect_image_version: "8.3.0"
 # unique id for a service, will be used for service access management as well (e.g. keycloak realm)
 connect_client_id: "{{ cluster_name }}"
--- a/group_vars/stage_dev/plain.yml
+++ b/group_vars/stage_dev/plain.yml
@ -97,6 +97,8 @@ docker_registry_oidc_client_id: "docker-registry"
 postgres_listen_addresses: "listen_addresses = 'localhost,{{ stage_server_ip }},{{ stage_private_server_ip }}'"
 connect_image_version: "8.3.7"
 smardigo_management_oidc_realm: "smardigo"
 smardigo_management_oidc_client_id: "management-smardigo"
--- a/group_vars/stage_qa/plain.yml
+++ b/group_vars/stage_qa/plain.yml
@ -24,6 +24,11 @@ shared_service_logstash_01: "{{ stage_server_infos
  | map(attribute='private_ip')
  | list
  | first }}"
 shared_service_docker_ip: "{{ stage_server_infos
  | selectattr('name', 'match', stage + '-docker-registry-01' )
  | map(attribute='private_ip')
  | list
  | first }}"
 shared_service_mail_ip: "{{ stage_server_infos
  | selectattr('name', 'match', stage + '-mail-01' )
  | map(attribute='private_ip')
@ -49,6 +54,16 @@ shared_service_keycloak_ip: "{{ stage_server_infos
  | map(attribute='private_ip')
  | list
  | first }}"
 shared_service_iam_ip: "{{ stage_server_infos
  | selectattr('name', 'match', stage + '-iam-01' )
  | map(attribute='private_ip')
  | list
  | first }}"
 shared_service_webdav_ip: "{{ stage_server_infos
  | selectattr('name', 'match', stage + '-webdav-01' )
  | map(attribute='private_ip')
  | list
  | first }}"
 shared_service_maria_hostname: "{{ stage }}-maria-01"
 shared_service_postgres_01_hostname: "{{ stage }}-postgres-01"
@ -57,7 +72,9 @@ shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain }}"
 shared_service_webdav_hostname: "{{ stage }}-webdav-01.{{ domain }}"
 shared_service_keycloak_hostname: "{{ stage }}-keycloak-01.{{ domain }}"
 shared_service_docker_registry_hostname: "{{ stage }}-docker-registry-01.{{ domain }}"
@ -83,6 +100,10 @@ shared_service_hosts: [
    ip: "{{ shared_service_logstash_01 }}",
    name: "{{ shared_service_elastic_stack_logstash_01_hostname }}"
  },
  {
    ip: "{{ shared_service_docker_ip }}",
    name: "{{ shared_service_docker_registry_hostname }}"
  },
  {
    ip: "{{ shared_service_maria_ip }}",
    name: "{{ shared_service_maria_hostname }}"
@ -99,6 +120,14 @@ shared_service_hosts: [
    ip: "{{ shared_service_keycloak_ip }}",
    name: "{{ shared_service_keycloak_hostname }}"
  },
  {
    ip: "{{ shared_service_iam_ip }}",
    name: "{{ shared_service_iam_hostname }}"
  },
  {
    ip: "{{ shared_service_webdav_ip }}",
    name: "{{ shared_service_webdav_hostname }}"
  }
 ]
 # TODO read configuration with hetzner rest api
@ -111,12 +140,18 @@ elastic_stack_network: {
 docker_registry_oidc_realm: "docker"
 docker_registry_oidc_client_id: "docker-registry"
 postgres_listen_addresses: "listen_addresses = 'localhost,{{ stage_server_ip }},{{ stage_private_server_ip }}'"
 connect_image_version: "8.3.7"
 smardigo_management_oidc_realm: "smardigo"
 smardigo_management_oidc_client_id: "management-smardigo"
 smardigo_management_url: "{{ http_s }}://{{ management_service_connect_hostname }}/api/v1/scopes/{{ scope_id }}/processes/{{ process_instance_id }}/messages"
 smardigo_management_token: "eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..rCRO1cVFgkyZ45D5cJNK5g.fc6JVOo5ja5sqe-0PQTfJGOivJ6tyiD-rwgY6rXJ3-U.tOgqgJ2zTjB3_M9BGtvVjQ"
 connect_external_task_script_worker_enabled: "true"
 #awx_admin_username: "< see vault >"
 #awx_admin_password: "< see vault >"
--- a/import-database.yml
+++ b/import-database.yml
@ -80,6 +80,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
--- a/roles/awx/tasks/awx-config.yml
+++ b/roles/awx/tasks/awx-config.yml
@ -270,12 +270,12 @@
  tags:
    - awx_config
- name: "Search <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
+- name: "Search <Container Registry> credentials <{{ shared_service_docker_registry_hostname }}>"
  include_tasks: awx-config-get-typ-id.yml
  vars:
    awx_rest_api_type: credentials
    awx_search_key: name
-    awx_search_name: "dev-docker-registry-01.smardigo.digital"
+    awx_search_name: "{{ shared_service_docker_registry_hostname }}"
  tags:
    - awx_config
@ -287,7 +287,7 @@
  tags:
    - awx_config
- name: "Add <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
+- name: "Add <Container Registry> credentials <{{ shared_service_docker_registry_hostname }}>"
  vars:
    name: "{{ shared_service_docker_registry_hostname }}"
    description: "{{ shared_service_docker_registry_hostname }}"
@ -316,12 +316,12 @@
  tags:
    - awx_config
- name: "Search <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
+- name: "Search <Container Registry> credentials <{{ shared_service_docker_registry_hostname }}>"
  include_tasks: awx-config-get-typ-id.yml
  vars:
    awx_rest_api_type: credentials
    awx_search_key: name
-    awx_search_name: "dev-docker-registry-01.smardigo.digital"
+    awx_search_name: "{{ shared_service_docker_registry_hostname }}"
  when: awx_credential_docker_registry_id is not defined
  tags:
    - awx_config
@ -362,7 +362,7 @@
  vars:
    name: "hetzner-ansible"
    description: "hetzner-ansible"
-    image: "dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee"
+    image: "{{ shared_service_docker_registry_hostname }}/awx/awx-custom-ee"
    credential: "{{ awx_credential_docker_registry_id }}"
    pull: "always"
  uri:
--- a/roles/iam/defaults/main.yml
+++ b/roles/iam/defaults/main.yml
@ -1,5 +1,4 @@
 ---
-iam_image_name: 'dev-docker-registry-01.smardigo.digital/smardigo/iam-app'
+iam_image_name: '{{ shared_service_docker_registry_hostname }}/smardigo/iam-app'
-
+iam_image_version: '8.2.0'
 iam_version: '8.1.0-SNAPSHOT'
--- a/roles/iam/vars/main.yml
+++ b/roles/iam/vars/main.yml
@ -44,7 +44,7 @@ iam_docker: {
    {
      name: "{{ iam_id }}",
      image_name: "{{ iam_image_name }}",
-      image_version: "{{ iam_version }}",
+      image_version: "{{ iam_image_version }}",
      labels: "{{ iam_labels + ( iam_labels_additional | default([])) }}",
      restart: "{{ iam_service_restart | default('always') }}",
      environment: [
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -5,6 +5,7 @@
 ###   create_groups
 ###   update_realms
 ###   update_deployment
 ###   configure_container
 - name: "Setup DNS configuration for {{ inventory_hostname }}"
  include_role:
@ -123,9 +124,9 @@
 - name: "Activate event listeners"
  shell: |
-    docker exec "{{ keycloak_id }} /bin/sh -c '/opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD'"
+    docker exec {{ keycloak_id }} /bin/sh -c "/opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD"
-    docker exec "{{ keycloak_id }} /bin/sh -c '/opt/jboss/keycloak/bin/kcadm.sh update events/config -s "eventsEnabled=true" -s "adminEventsEnabled=true" -s "eventsListeners+=metrics-listener"'"
+    docker exec {{ keycloak_id }} /bin/sh -c "/opt/jboss/keycloak/bin/kcadm.sh update events/config -s 'eventsEnabled=true' -s 'adminEventsEnabled=true' -s 'eventsListeners+=metrics-listener'"
-    docker exec "{{ keycloak_id }} /bin/sh -c 'usr/bin/rm -f /opt/jboss/.keycloak/kcadm.config'"
+    docker exec {{ keycloak_id }} /bin/sh -c "usr/bin/rm -f /opt/jboss/.keycloak/kcadm.config"
  tags:
    - update_deployment
-
+    - configure_container
--- a/roles/webdav/defaults/main.yaml
+++ b/roles/webdav/defaults/main.yaml
@ -1,4 +1,4 @@
 ---
-webdav_image_name: "dev-docker-registry-01.smardigo.digital/smardigo/smardigo-webdav-app"
+webdav_image_name: "{{ shared_service_docker_registry_hostname }}/smardigo/smardigo-webdav-app"
-webdav_image_version: "8.2.2"
+webdav_image_version: "8.2.6"
--- a/scripts/update-docker-image.sh
+++ b/scripts/update-docker-image.sh
@ -1,9 +1,9 @@
 # update a docker image with remote docker deamon (ssh) (pull/tag/push)
-# update-docker-image.sh smardigo/keycloak 12.0.4.2
+# update-docker-image.sh dev smardigo/keycloak 12.0.4.2
-# update-docker-image.sh smardigo/connect-whitelabel-app latest
+# update-docker-image.sh qa smardigo/connect-whitelabel-app latest
-FROM="docker.dev-at.de/$1:$2"
+FROM="docker.dev-at.de/$2:$3"
-TO="dev-docker-registry-01.smardigo.digital/$1:$2"
+TO="$1-docker-registry-01.smardigo.digital/$2:$3"
 echo
 echo updating $TO with image from $FROM
--- a/send-message.yml
+++ b/send-message.yml
@ -1,64 +0,0 @@
 ---
 # Parameters:
 #   playbook inventory
 #     stage := the type of the stage (e.g. dev, int, qa, prod)
 #     tenant_id := (unique key for the tenant, e.g. customer)
 #     cluster_name := (business name for the cluster, e.g. product, department )
 #     cluster_size := (WIP node count for the cluster)
 #     cluster_services := (services to setup, e.g. ['connect', 'wordpress', ...])
 #   smardigo message callback
 #     scope_id := (scope id of the management process)
 #     process_instance_id := (process instance id of the management process)
 #     smardigo_management_action := (smardigo management action anme of the management process)
 #############################################################
 #   Creating inventory dynamically for given parameters
 #############################################################
 - hosts: localhost
  connection: local
  gather_facts: false
  pre_tasks:
    - name: "Check if ansible version is at least 2.10.x"
      assert:
        that:
          - ansible_version.major >= 2
          - ansible_version.minor >= 10
        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
  tasks:
    - name: Add hosts
      add_host:
        name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-{{ '%02d' | format(item|int) }}"
        groups:
        - "stage_{{ stage }}"
        - "{{ cluster_service }}"
      with_sequence: start=1 end={{ cluster_count | default(1) }}
      changed_when: False
 #############################################################
 # Sending smardigo management message to process
 #############################################################
 - hosts: "stage_{{ stage }}"
  serial: "{{ serial_number | default(5) }}"
  connection: local
  gather_facts: false
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
      uri:
        url: "{{ smardigo_management_url }}"
        method: POST
        body_format: json
        body: "{{ lookup('template','smardigo-management-message.json.j2') }}"
        headers:
          accept: "*/*"
          Content-Type: "application/json"
          Smardigo-User-Token: "{{ smardigo_management_token }}"
        status_code: [200]
      retries: 5
      delay: 5
      delegate_to: 127.0.0.1
--- a/7
+++ b/7
@ -2,6 +2,7 @@
 qa-awx-01
 [connect]
 qa-management-smardigo-01
 [elastic]
 qa-elastic-stack-elastic-01
@ -12,6 +13,7 @@ qa-elastic-stack-elastic-03
 qa-docker-registry-01
 [iam]
 qa-iam-01
 [keycloak]
 qa-keycloak-01
@ -28,6 +30,9 @@ qa-maria-01
 [postfix]
 qa-mail-01
 [pgadmin4]
 qa-pgadmin4-01
 [postgres]
 qa-postgres-01
 qa-postgres-02
@ -36,6 +41,7 @@ qa-postgres-02
 qa-prometheus-01
 [webdav]
 qa-webdav-01
 [stage_qa:children]
 awx
@ -47,6 +53,7 @@ keycloak
 kibana
 logstash
 maria
 pgadmin4
 postfix
 postgres
 prometheus
--- a/upload-database-dumb.yml
+++ b/upload-database-dumb.yml
@ -84,6 +84,7 @@
  serial: "{{ serial_number | default(1) }}"
  connection: local
  gather_facts: false
  run_once: true
  post_tasks:
    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"