From ce182c844641bbd63aa9666d849ef712d32219d7 Mon Sep 17 00:00:00 2001 From: "ansible-code-bot[bot]" <145416087+ansible-code-bot[bot]@users.noreply.github.com> Date: Wed, 8 May 2024 15:40:54 +0000 Subject: [PATCH] Fix ansible-lint rule violations --- .ansible-lint | 6 +- .helm/starter/Chart.yaml | 4 +- .helm/starter/values.yaml | 1 + .readthedocs.yml | 3 +- ansible/helm-release.yml | 28 +- ansible/instantiate-awx-deployment.yml | 8 +- .../crd/bases/awx.ansible.com_awxbackups.yaml | 248 +- .../awx.ansible.com_awxmeshingresses.yaml | 138 +- .../bases/awx.ansible.com_awxrestores.yaml | 251 +- config/crd/bases/awx.ansible.com_awxs.yaml | 3708 ++++++++--------- config/crd/kustomization.yaml | 9 +- config/default/kustomization.yaml | 9 +- config/default/manager_auth_proxy_patch.yaml | 59 +- config/default/manager_config_patch.yaml | 21 +- config/manager/controller_manager_config.yaml | 1 + config/manager/kustomization.yaml | 15 +- .../awx-operator.clusterserviceversion.yaml | 2270 +++++----- config/manifests/kustomization.yaml | 9 +- config/prometheus/kustomization.yaml | 3 +- config/prometheus/monitor.yaml | 1 + .../rbac/auth_proxy_client_clusterrole.yaml | 9 +- config/rbac/auth_proxy_role.yaml | 25 +- config/rbac/auth_proxy_role_binding.yaml | 7 +- config/rbac/auth_proxy_service.yaml | 9 +- config/rbac/awx_editor_role.yaml | 37 +- config/rbac/awx_viewer_role.yaml | 29 +- config/rbac/awxbackup_editor_role.yaml | 37 +- config/rbac/awxbackup_viewer_role.yaml | 29 +- config/rbac/awxmeshingress_editor_role.yaml | 37 +- config/rbac/awxmeshingress_viewer_role.yaml | 29 +- config/rbac/awxrestore_editor_role.yaml | 37 +- config/rbac/awxrestore_viewer_role.yaml | 29 +- config/rbac/kustomization.yaml | 35 +- config/rbac/leader_election_role.yaml | 63 +- config/rbac/leader_election_role_binding.yaml | 7 +- config/rbac/role.yaml | 10 +- config/rbac/service_account.yaml | 1 + config/samples/awx_v1beta1_awxbackup.yaml | 9 +- config/samples/awx_v1beta1_awxrestore.yaml | 9 +- config/samples/kustomization.yaml | 9 +- config/scorecard/bases/config.yaml | 5 +- config/scorecard/kustomization.yaml | 27 +- config/scorecard/patches/basic.config.yaml | 5 +- config/scorecard/patches/olm.config.yaml | 21 +- config/testing/kustomization.yaml | 18 +- mkdocs.yml | 5 +- molecule/default/converge.yml | 4 +- molecule/default/destroy.yml | 6 +- molecule/default/kustomize.yml | 12 +- molecule/default/molecule.yml | 2 +- molecule/default/prepare.yml | 12 +- .../default/tasks/_test_case_replicas.yml | 4 +- molecule/default/tasks/apply_awx_spec.yml | 4 +- molecule/default/tasks/awx_replicas_test.yml | 6 +- molecule/default/tasks/awx_test.yml | 180 +- .../output_all_container_logs_for_pod.yml | 6 +- .../default/utils/output_k8s_resources.yml | 14 +- molecule/default/verify.yml | 16 +- molecule/kind/converge.yml | 15 +- molecule/kind/destroy.yml | 4 +- molecule/kind/molecule.yml | 4 +- molecule/kind/prepare.yml | 6 +- playbooks/awx.yml | 6 +- requirements.yml | 2 +- roles/backup/defaults/main.yml | 25 +- roles/backup/tasks/awx-cro.yml | 13 +- roles/backup/tasks/cleanup.yml | 1 - roles/backup/tasks/creation.yml | 22 +- roles/backup/tasks/dump_generated_secret.yml | 33 +- .../backup/tasks/dump_ingress_tls_secrets.yml | 3 +- roles/backup/tasks/dump_receptor_secrets.yml | 3 +- roles/backup/tasks/dump_secret.yml | 37 +- roles/backup/tasks/error_handling.yml | 1 - roles/backup/tasks/init.yml | 4 +- roles/backup/tasks/postgres.yml | 27 +- roles/backup/tasks/secrets.yml | 7 +- roles/backup/tasks/update_status.yml | 3 +- roles/backup/vars/main.yml | 4 +- roles/common/defaults/main.yml | 4 +- roles/common/meta/main.yml | 1 - roles/common/tasks/main.yml | 9 +- roles/installer/defaults/main.yml | 155 +- .../tasks/admin_password_configuration.yml | 12 +- .../broadcast_websocket_configuration.yml | 17 +- roles/installer/tasks/cleanup.yml | 24 +- .../tasks/database_configuration.yml | 52 +- .../tasks/enable_metrics_utility.yml | 9 +- roles/installer/tasks/initialize_django.yml | 6 +- roles/installer/tasks/install.yml | 59 +- .../tasks/load_bundle_cacert_secret.yml | 4 +- .../tasks/load_ldap_cacert_secret.yml | 4 +- .../tasks/load_ldap_password_secret.yml | 4 +- .../installer/tasks/load_route_tls_secret.yml | 4 +- roles/installer/tasks/migrate_data.yml | 3 +- roles/installer/tasks/migrate_schema.yml | 3 +- .../tasks/resources_configuration.yml | 71 +- .../installer/tasks/scale_down_deployment.yml | 8 +- .../tasks/secret_key_configuration.yml | 12 +- roles/installer/tasks/update_status.yml | 28 +- roles/installer/tasks/upgrade_postgres.yml | 23 +- roles/installer/vars/main.yml | 12 +- roles/mesh_ingress/defaults/main.yml | 11 +- roles/mesh_ingress/tasks/creation.yml | 47 +- roles/mesh_ingress/tasks/finalizer.yml | 10 +- roles/restore/defaults/main.yml | 27 +- roles/restore/tasks/cleanup.yml | 15 +- roles/restore/tasks/deploy_awx.yml | 13 +- roles/restore/tasks/error_handling.yml | 1 - roles/restore/tasks/import_vars.yml | 28 +- roles/restore/tasks/init.yml | 3 +- roles/restore/tasks/main.yml | 36 +- roles/restore/tasks/postgres.yml | 20 +- roles/restore/tasks/secrets.yml | 24 +- roles/restore/tasks/update_status.yml | 3 +- roles/restore/vars/main.yml | 16 +- watches.yaml | 8 +- 116 files changed, 4283 insertions(+), 4319 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 712a34e0e..e39a72bf8 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,8 +1,8 @@ --- skip_list: - - '306' - - '602' - - '503' + - "306" + - "602" + - "503" exclude_paths: - deploy/ diff --git a/.helm/starter/Chart.yaml b/.helm/starter/Chart.yaml index efc98d552..276326deb 100644 --- a/.helm/starter/Chart.yaml +++ b/.helm/starter/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v2 -appVersion: 0.1.0 +appVersion: "0.1.0" description: A Helm chart for Kubernetes name: starter type: application -version: 0.1.0 +version: "0.1.0" diff --git a/.helm/starter/values.yaml b/.helm/starter/values.yaml index f6c6db524..27e8c6743 100644 --- a/.helm/starter/values.yaml +++ b/.helm/starter/values.yaml @@ -1,3 +1,4 @@ +--- AWX: # enable use of awx-deploy template enabled: false diff --git a/.readthedocs.yml b/.readthedocs.yml index 5a1337af9..e4d681b98 100644 --- a/.readthedocs.yml +++ b/.readthedocs.yml @@ -1,3 +1,4 @@ +--- # Read the Docs configuration file # See https://docs.readthedocs.io/en/stable/config-file/v2.html for details @@ -14,4 +15,4 @@ mkdocs: python: install: - - requirements: ./docs/requirements.txt + - requirements: ./docs/requirements.txt diff --git a/ansible/helm-release.yml b/ansible/helm-release.yml index aeb788d68..8581955bf 100644 --- a/ansible/helm-release.yml +++ b/ansible/helm-release.yml @@ -7,9 +7,9 @@ tasks: - name: Look up release uri: - url: "https://api.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/tags/{{ tag }}" + url: https://api.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/tags/{{ tag }} register: release - ignore_errors: yes + ignore_errors: true - fail: msg: | @@ -18,13 +18,13 @@ - name: Set helm filename and commit message set_fact: - asset_already_attached: False - helm_file_name: "awx-operator-{{ tag }}.tgz" - commit_message: "Updated index.yaml for release {{ release.json.tag_name }}" + asset_already_attached: false + helm_file_name: awx-operator-{{ tag }}.tgz + commit_message: Updated index.yaml for release {{ release.json.tag_name }} - name: See if file is already attached set_fact: - asset_already_attached: True + asset_already_attached: true loop: "{{ release.json.get('assets', []) }}" loop_control: label: "{{ item.name }}" @@ -44,11 +44,11 @@ # Move to chart releaser after https://github.com/helm/chart-releaser/issues/122 exists - name: Upload helm chart uri: - url: "https://uploads.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/{{ release.json.id }}/assets?name={{ helm_file_name }}" + url: https://uploads.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/{{ release.json.id }}/assets?name={{ helm_file_name }} src: "{{ playbook_dir }}/../.cr-release-packages/{{ tag }}/awx-operator-{{ tag }}.tgz" headers: - Authorization: "token {{ gh_token }}" - Content-Type: "application/octet-stream" + Authorization: token {{ gh_token }} + Content-Type: application/octet-stream status_code: - 200 - 201 @@ -62,7 +62,7 @@ - name: Check if we have published the release command: - cmd: "git log --grep='{{ commit_message }}'" + cmd: git log --grep='{{ commit_message }}' chdir: "{{ playbook_dir }}/../gh-pages" register: commits_for_release @@ -77,11 +77,11 @@ git: repo: "{{ ((repo_type | default('http')) == 'ssh') | ternary(ssh_repo, http_repo) }}" dest: "{{ temp_dir.path }}" - single_branch: yes + single_branch: true version: gh-pages vars: - http_repo: "https://github.com/{{ chart_owner }}/{{ chart_repo }}" - ssh_repo: "git@github.com:{{ chart_owner }}/{{ chart_repo }}.git" + http_repo: https://github.com/{{ chart_owner }}/{{ chart_repo }} + ssh_repo: git@github.com:{{ chart_owner }}/{{ chart_repo }}.git - name: Publish helm index ansible.builtin.command: @@ -95,7 +95,7 @@ - name: Set url base swap in gitconfig command: - cmd: "git config --local url.https://{{ gh_user }}:{{ gh_token }}@github.com/.insteadOf https://github.com/" + cmd: git config --local url.https://{{ gh_user }}:{{ gh_token }}@github.com/.insteadOf https://github.com/ args: chdir: "{{ temp_dir.path }}/" no_log: true diff --git a/ansible/instantiate-awx-deployment.yml b/ansible/instantiate-awx-deployment.yml index d0af582d1..522de9175 100644 --- a/ansible/instantiate-awx-deployment.yml +++ b/ansible/instantiate-awx-deployment.yml @@ -10,8 +10,8 @@ k8s: state: "{{ state | default('present') }}" namespace: "{{ namespace | default('default') }}" - apply: yes - wait: yes + apply: true + wait: true definition: apiVersion: awx.ansible.com/v1beta1 kind: AWX @@ -20,8 +20,8 @@ spec: admin_user: admin admin_email: admin@localhost - service_type: "{{ service_type | default(omit) }}" # Either clusterIP, Loadbalancer or NodePort - ingress_type: "{{ ingress_type | default(omit) }}" # Either none, Ingress, Route + service_type: "{{ service_type | default(omit) }}" # Either clusterIP, Loadbalancer or NodePort + ingress_type: "{{ ingress_type | default(omit) }}" # Either none, Ingress, Route image: "{{ image | default(omit) }}" image_version: "{{ image_version | default(omit) }}" development_mode: "{{ development_mode | default(omit) | bool }}" diff --git a/config/crd/bases/awx.ansible.com_awxbackups.yaml b/config/crd/bases/awx.ansible.com_awxbackups.yaml index 74d325d0a..c5938d970 100644 --- a/config/crd/bases/awx.ansible.com_awxbackups.yaml +++ b/config/crd/bases/awx.ansible.com_awxbackups.yaml @@ -12,136 +12,132 @@ spec: singular: awxbackup scope: Namespaced versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: Schema validation for the AWXBackup CRD - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - deployment_name - properties: - deployment_name: - description: Name of the deployment to be backed up - type: string - backup_pvc: - description: Name of the backup PVC - type: string - backup_pvc_namespace: - description: (Deprecated) Namespace the PVC is in - type: string - backup_storage_requirements: - description: Storage requirements for backup PVC (may be similar to existing postgres PVC backing up from) - type: string - backup_resource_requirements: - description: Resource requirements for the management pod used to create a backup - properties: - requests: + - name: v1beta1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + description: Schema validation for the AWXBackup CRD + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal + value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - deployment_name + properties: + deployment_name: + description: Name of the deployment to be backed up + type: string + backup_pvc: + description: Name of the backup PVC + type: string + backup_pvc_namespace: + description: (Deprecated) Namespace the PVC is in + type: string + backup_storage_requirements: + description: Storage requirements for backup PVC (may be similar to existing postgres PVC backing up from) + type: string + backup_resource_requirements: + description: Resource requirements for the management pod used to create a backup + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + type: object + type: object + backup_storage_class: + description: Storage class to use when creating PVC for backup + type: string + clean_backup_on_delete: + description: Flag to indicate if backup should be deleted on PVC if AWXBackup object is deleted + type: boolean + pg_dump_suffix: + description: Additional parameters for the pg_dump command + type: string + postgres_label_selector: + description: Label selector used to identify postgres pod for backing up data + type: string + postgres_image: + description: Registry path to the PostgreSQL container to use + type: string + postgres_image_version: + description: PostgreSQL container image version to use + type: string + precreate_partition_hours: + description: Number of hours worth of events table partitions to precreate before backup to avoid pg_dump locks. + type: integer + format: int32 + image_pull_policy: + description: The image pull policy + type: string + default: IfNotPresent + enum: + - Always + - always + - Never + - never + - IfNotPresent + - ifnotpresent + db_management_pod_node_selector: + description: nodeSelector for the Postgres pods to backup + type: string + no_log: + description: Configure no_log for no_log tasks + type: boolean + default: true + additional_labels: + description: Additional labels defined on the resource, which should be propagated to child resources + type: array + items: + type: string + set_self_labels: + description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) + type: boolean + default: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: + conditions: + description: The resulting conditions when a Service Telemetry is instantiated + items: properties: - cpu: + lastTransitionTime: type: string - memory: + reason: type: string - type: object - limits: - properties: - cpu: + status: type: string - memory: + type: type: string type: object - type: object - backup_storage_class: - description: Storage class to use when creating PVC for backup - type: string - clean_backup_on_delete: - description: Flag to indicate if backup should be deleted on PVC if AWXBackup object is deleted - type: boolean - pg_dump_suffix: - description: Additional parameters for the pg_dump command - type: string - postgres_label_selector: - description: Label selector used to identify postgres pod for backing up data - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - precreate_partition_hours: - description: Number of hours worth of events table partitions to precreate before backup to avoid pg_dump locks. - type: integer - format: int32 - image_pull_policy: - description: The image pull policy - type: string - default: IfNotPresent - enum: - - Always - - always - - Never - - never - - IfNotPresent - - ifnotpresent - db_management_pod_node_selector: - description: nodeSelector for the Postgres pods to backup - type: string - no_log: - description: Configure no_log for no_log tasks - type: boolean - default: true - additional_labels: - description: Additional labels defined on the resource, which should be propagated to child resources - type: array - items: + type: array + backupDirectory: + description: Backup directory name on the specified pvc + type: string + backupClaim: + description: Backup persistent volume claim type: string - set_self_labels: - description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) - type: boolean - default: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - conditions: - description: The resulting conditions when a Service Telemetry is instantiated - items: - properties: - lastTransitionTime: - type: string - reason: - type: string - status: - type: string - type: - type: string - type: object - type: array - backupDirectory: - description: Backup directory name on the specified pvc - type: string - backupClaim: - description: Backup persistent volume claim - type: string diff --git a/config/crd/bases/awx.ansible.com_awxmeshingresses.yaml b/config/crd/bases/awx.ansible.com_awxmeshingresses.yaml index 6ab6da8e5..c53d8c4cb 100644 --- a/config/crd/bases/awx.ansible.com_awxmeshingresses.yaml +++ b/config/crd/bases/awx.ansible.com_awxmeshingresses.yaml @@ -12,75 +12,71 @@ spec: singular: awxmeshingress scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: AWXMeshIngress is the Schema for the awxmeshingresses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of AWXMeshIngress - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - deployment_name - properties: - deployment_name: - description: Name of the AWX deployment to create the Mesh Ingress for. - type: string - image_pull_secrets: - description: Image pull secrets for Mesh Ingress containers. - type: array - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: AWXMeshIngress is the Schema for the awxmeshingresses API + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal + value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of AWXMeshIngress + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - deployment_name + properties: + deployment_name: + description: Name of the AWX deployment to create the Mesh Ingress for. type: string - external_hostname: - description: External hostname to use for the Mesh Ingress. - type: string - external_ipaddress: - description: External IP address to use for the Mesh Ingress. - type: string - ingress_type: - description: The ingress type to use to reach the deployed instance - type: string - enum: - - none - - Ingress - - ingress - - IngressRouteTCP - - ingressroutetcp - - Route - - route - ingress_api_version: - description: The Ingress API version to use - type: string - ingress_annotations: - description: Annotations to add to the Ingress Controller - type: string - ingress_class_name: - description: The name of ingress class to use instead of the cluster default. - type: string - ingress_controller: - description: Special configuration for specific Ingress Controllers - type: string - status: - description: Status defines the observed state of AWXMeshIngress - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: true - subresources: - status: {} + image_pull_secrets: + description: Image pull secrets for Mesh Ingress containers. + type: array + items: + type: string + external_hostname: + description: External hostname to use for the Mesh Ingress. + type: string + external_ipaddress: + description: External IP address to use for the Mesh Ingress. + type: string + ingress_type: + description: The ingress type to use to reach the deployed instance + type: string + enum: + - none + - Ingress + - ingress + - IngressRouteTCP + - ingressroutetcp + - Route + - route + ingress_api_version: + description: The Ingress API version to use + type: string + ingress_annotations: + description: Annotations to add to the Ingress Controller + type: string + ingress_class_name: + description: The name of ingress class to use instead of the cluster default. + type: string + ingress_controller: + description: Special configuration for specific Ingress Controllers + type: string + status: + description: Status defines the observed state of AWXMeshIngress + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/bases/awx.ansible.com_awxrestores.yaml b/config/crd/bases/awx.ansible.com_awxrestores.yaml index 0192a1e86..3c072f5eb 100644 --- a/config/crd/bases/awx.ansible.com_awxrestores.yaml +++ b/config/crd/bases/awx.ansible.com_awxrestores.yaml @@ -12,137 +12,132 @@ spec: singular: awxrestore scope: Namespaced versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: Schema validation for the AWXRestore CRD - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - deployment_name - properties: - backup_source: - description: Backup source - type: string - enum: - - Backup CR - - PVC - deployment_name: - description: Name of the restored deployment. This should be different from the original deployment name - if the original deployment still exists. - type: string - cluster_name: - description: Cluster name - type: string - backup_name: - description: AWXBackup object name - type: string - backup_pvc: - description: Name of the PVC to be restored from, set as a status found on the awxbackup object (backupClaim) - type: string - backup_pvc_namespace: - description: (Deprecated) Namespace the PVC is in - type: string - backup_dir: - description: Backup directory name, set as a status found on the awxbackup object (backupDirectory) - type: string - restore_resource_requirements: - description: Resource requirements for the management pod that restores AWX from a backup - properties: - requests: + - name: v1beta1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + description: Schema validation for the AWXRestore CRD + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal + value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - deployment_name + properties: + backup_source: + description: Backup source + type: string + enum: + - Backup CR + - PVC + deployment_name: + description: Name of the restored deployment. This should be different from the original deployment name if the original deployment still exists. + type: string + cluster_name: + description: Cluster name + type: string + backup_name: + description: AWXBackup object name + type: string + backup_pvc: + description: Name of the PVC to be restored from, set as a status found on the awxbackup object (backupClaim) + type: string + backup_pvc_namespace: + description: (Deprecated) Namespace the PVC is in + type: string + backup_dir: + description: Backup directory name, set as a status found on the awxbackup object (backupDirectory) + type: string + restore_resource_requirements: + description: Resource requirements for the management pod that restores AWX from a backup + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + type: object + type: object + postgres_label_selector: + description: Label selector used to identify postgres pod for backing up data + type: string + postgres_image: + description: Registry path to the PostgreSQL container to use + type: string + postgres_image_version: + description: PostgreSQL container image version to use + type: string + image_pull_policy: + description: The image pull policy + type: string + default: IfNotPresent + enum: + - Always + - always + - Never + - never + - IfNotPresent + - ifnotpresent + db_management_pod_node_selector: + description: nodeSelector for the Postgres pods to backup + type: string + no_log: + description: Configure no_log for no_log tasks + type: boolean + default: true + additional_labels: + description: Additional labels defined on the resource, which should be propagated to child resources + type: array + items: + type: string + set_self_labels: + description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) + type: boolean + default: true + force_drop_db: + description: Force drop the database before restoring. USE WITH CAUTION! + type: boolean + default: false + status: + type: object + x-kubernetes-preserve-unknown-fields: true + properties: + conditions: + description: The resulting conditions when a Service Telemetry is instantiated + items: properties: - cpu: + lastTransitionTime: type: string - memory: + reason: type: string - type: object - limits: - properties: - cpu: + status: type: string - memory: + type: type: string type: object - type: object - postgres_label_selector: - description: Label selector used to identify postgres pod for backing up data - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - image_pull_policy: - description: The image pull policy - type: string - default: IfNotPresent - enum: - - Always - - always - - Never - - never - - IfNotPresent - - ifnotpresent - db_management_pod_node_selector: - description: nodeSelector for the Postgres pods to backup - type: string - no_log: - description: Configure no_log for no_log tasks - type: boolean - default: true - additional_labels: - description: Additional labels defined on the resource, which should be propagated to child resources - type: array - items: - type: string - set_self_labels: - description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) - type: boolean - default: true - force_drop_db: - description: Force drop the database before restoring. USE WITH CAUTION! - type: boolean - default: false - status: - type: object - x-kubernetes-preserve-unknown-fields: true - properties: - conditions: - description: The resulting conditions when a Service Telemetry is instantiated - items: - properties: - lastTransitionTime: - type: string - reason: - type: string - status: - type: string - type: - type: string - type: object - type: array - restoreComplete: - description: Restore process complete - type: boolean + type: array + restoreComplete: + description: Restore process complete + type: boolean diff --git a/config/crd/bases/awx.ansible.com_awxs.yaml b/config/crd/bases/awx.ansible.com_awxs.yaml index cced65bc2..4385f83ee 100644 --- a/config/crd/bases/awx.ansible.com_awxs.yaml +++ b/config/crd/bases/awx.ansible.com_awxs.yaml @@ -12,2013 +12,2009 @@ spec: singular: awx scope: Namespaced versions: - - name: v1beta1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - description: Schema validation for the AWX CRD - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - deployment_type: - description: Name of the deployment type - type: string - kind: - description: Kind of the deployment type - type: string - api_version: - description: apiVersion of the deployment type - type: string - task_privileged: - description: If a privileged security context should be enabled - type: boolean - default: false - admin_user: - description: Username to use for the admin account - type: string - default: admin - hostname: # deprecated - description: (Deprecated) The hostname of the instance - type: string - admin_email: - description: The admin user email - type: string - admin_password_secret: - description: Secret where the admin password can be found - type: string - maxLength: 255 - pattern: '^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$' - postgres_configuration_secret: - description: Secret where the database configuration can be found - type: string - old_postgres_configuration_secret: - description: Secret where the old database configuration can be found for data migration - type: string - maxLength: 255 - pattern: '^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$' - postgres_label_selector: - description: Label selector used to identify postgres pod for data migration - type: string - secret_key_secret: - description: Secret where the secret key can be found - type: string - maxLength: 255 - pattern: '^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$' - broadcast_websocket_secret: - description: Secret where the broadcast websocket secret can be found - type: string - maxLength: 255 - pattern: '^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$' - extra_volumes: - description: Specify extra volumes to add to the application pod - type: string - service_annotations: - description: Annotations to add to the service - type: string - service_type: - description: The service type to be used on the deployed instance - type: string - enum: - - LoadBalancer - - loadbalancer - - ClusterIP - - clusterip - - NodePort - - nodeport - ingress_type: - description: The ingress type to use to reach the deployed instance - type: string - enum: - - none - - Ingress - - ingress - - Route - - route - ingress_api_version: - description: The Ingress API version to use - type: string - ingress_path: - description: The ingress path used to reach the deployed service - type: string - ingress_path_type: - description: The ingress path type for the deployed service - type: string - ingress_annotations: - description: Annotations to add to the Ingress Controller - type: string - ingress_tls_secret: # deprecated - description: (Deprecated) Secret where the Ingress TLS secret can be found - type: string - ingress_class_name: - description: The name of ingress class to use instead of the cluster default. - type: string - ingress_hosts: - description: Ingress hostnames of the instance - type: array - items: - type: object - properties: - hostname: - description: Hostname of the instance - type: string - tls_secret: - description: Secret where the Ingress TLS secret can be found - type: string - ingress_controller: - description: Special configuration for specific Ingress Controllers - type: string - api_urlpattern_prefix: - description: An optional configuration to add a prefix in the API URL path - type: string - loadbalancer_protocol: - description: Protocol to use for the loadbalancer - type: string - default: http - enum: - - http - - https - loadbalancer_port: - description: Port to use for the loadbalancer - type: integer - default: 80 - loadbalancer_ip: - description: Assign LoadBalancer IP address - type: string - default: '' - loadbalancer_class: - description: Class of LoadBalancer to use - type: string - default: '' - route_host: - description: The DNS to use to points to the instance - type: string - route_tls_termination_mechanism: - description: The secure TLS termination mechanism to use - type: string - default: Edge - enum: - - Edge - - edge - - Passthrough - - passthrough - route_api_version: - description: The route API version to use - type: string - route_tls_secret: - description: Secret where the TLS related credentials are stored - type: string - nodeport_port: - description: Port to use for the nodeport - type: integer - node_selector: - description: nodeSelector for the pods - type: string - web_node_selector: - description: nodeSelector for the web pods - type: string - task_node_selector: - description: nodeSelector for the task pods - type: string - topology_spread_constraints: - description: topology rule(s) for the pods - type: string - task_topology_spread_constraints: - description: topology rule(s) for the task pods - type: string - web_topology_spread_constraints: - description: topology rule(s) for the web pods - type: string - termination_grace_period_seconds: - description: Optional duration in seconds pods needs to terminate gracefully - type: integer - format: int32 - service_labels: - description: Additional labels to apply to the service - type: string - annotations: - description: Common annotations for both Web and Task deployments. - type: string - task_annotations: - description: Task deployment annotations. This will override the general annotations parameter for the Task deployment. - type: string - web_annotations: - description: Web deployment annotations. This will override the general annotations parameter for the Web deployment. - type: string - tolerations: - description: node tolerations for the pods - type: string - task_tolerations: - description: node tolerations for the task pods - type: string - web_tolerations: - description: node tolerations for the web pods - type: string - affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: + - name: v1beta1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + description: Schema validation for the AWX CRD + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal + value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + type: string + kind: + description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + type: string + metadata: + type: object + spec: + properties: + deployment_type: + description: Name of the deployment type + type: string + kind: + description: Kind of the deployment type + type: string + api_version: + description: apiVersion of the deployment type + type: string + task_privileged: + description: If a privileged security context should be enabled + type: boolean + default: false + admin_user: + description: Username to use for the admin account + type: string + default: admin + hostname: # deprecated + description: (Deprecated) The hostname of the instance + type: string + admin_email: + description: The admin user email + type: string + admin_password_secret: + description: Secret where the admin password can be found + type: string + maxLength: 255 + pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ + postgres_configuration_secret: + description: Secret where the database configuration can be found + type: string + old_postgres_configuration_secret: + description: Secret where the old database configuration can be found for data migration + type: string + maxLength: 255 + pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ + postgres_label_selector: + description: Label selector used to identify postgres pod for data migration + type: string + secret_key_secret: + description: Secret where the secret key can be found + type: string + maxLength: 255 + pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ + broadcast_websocket_secret: + description: Secret where the broadcast websocket secret can be found + type: string + maxLength: 255 + pattern: ^[a-zA-Z0-9][-a-zA-Z0-9]{0,253}[a-zA-Z0-9]$ + extra_volumes: + description: Specify extra volumes to add to the application pod + type: string + service_annotations: + description: Annotations to add to the service + type: string + service_type: + description: The service type to be used on the deployed instance + type: string + enum: + - LoadBalancer + - loadbalancer + - ClusterIP + - clusterip + - NodePort + - nodeport + ingress_type: + description: The ingress type to use to reach the deployed instance + type: string + enum: + - none + - Ingress + - ingress + - Route + - route + ingress_api_version: + description: The Ingress API version to use + type: string + ingress_path: + description: The ingress path used to reach the deployed service + type: string + ingress_path_type: + description: The ingress path type for the deployed service + type: string + ingress_annotations: + description: Annotations to add to the Ingress Controller + type: string + ingress_tls_secret: # deprecated + description: (Deprecated) Secret where the Ingress TLS secret can be found + type: string + ingress_class_name: + description: The name of ingress class to use instead of the cluster default. + type: string + ingress_hosts: + description: Ingress hostnames of the instance + type: array + items: + type: object properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + hostname: + description: Hostname of the instance + type: string + tls_secret: + description: Secret where the Ingress TLS secret can be found + type: string + ingress_controller: + description: Special configuration for specific Ingress Controllers + type: string + api_urlpattern_prefix: + description: An optional configuration to add a prefix in the API URL path + type: string + loadbalancer_protocol: + description: Protocol to use for the loadbalancer + type: string + default: http + enum: + - http + - https + loadbalancer_port: + description: Port to use for the loadbalancer + type: integer + default: 80 + loadbalancer_ip: + description: Assign LoadBalancer IP address + type: string + default: "" + loadbalancer_class: + description: Class of LoadBalancer to use + type: string + default: "" + route_host: + description: The DNS to use to points to the instance + type: string + route_tls_termination_mechanism: + description: The secure TLS termination mechanism to use + type: string + default: Edge + enum: + - Edge + - edge + - Passthrough + - passthrough + route_api_version: + description: The route API version to use + type: string + route_tls_secret: + description: Secret where the TLS related credentials are stored + type: string + nodeport_port: + description: Port to use for the nodeport + type: integer + node_selector: + description: nodeSelector for the pods + type: string + web_node_selector: + description: nodeSelector for the web pods + type: string + task_node_selector: + description: nodeSelector for the task pods + type: string + topology_spread_constraints: + description: topology rule(s) for the pods + type: string + task_topology_spread_constraints: + description: topology rule(s) for the task pods + type: string + web_topology_spread_constraints: + description: topology rule(s) for the web pods + type: string + termination_grace_period_seconds: + description: Optional duration in seconds pods needs to terminate gracefully + type: integer + format: int32 + service_labels: + description: Additional labels to apply to the service + type: string + annotations: + description: Common annotations for both Web and Task deployments. + type: string + task_annotations: + description: Task deployment annotations. This will override the general annotations parameter for the Task deployment. + type: string + web_annotations: + description: Web deployment annotations. This will override the general annotations parameter for the Web deployment. + type: string + tolerations: + description: node tolerations for the pods + type: string + task_tolerations: + description: node tolerations for the task pods + type: string + web_tolerations: + description: node tolerations for the web pods + type: string + affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - operator: + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer + type: array + type: object + x-kubernetes-map-type: atomic + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: type: string - required: + type: array + topologyKey: + type: string + required: - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - web_affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string type: object - type: array - type: object - x-kubernetes-map-type: atomic - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + web_affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - operator: + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - operator: + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer + type: array + type: object + x-kubernetes-map-type: atomic + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: type: string - required: + type: array + topologyKey: + type: string + required: - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - task_affinity: - description: If specified, the pod's scheduling constraints - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string type: object - type: array - type: object - x-kubernetes-map-type: atomic - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + operator: type: string - type: array - required: - - key - - operator + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + task_affinity: + description: If specified, the pod's scheduling constraints + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - operator: + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: + type: array + type: object + x-kubernetes-map-type: atomic + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - operator: + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer + type: array + type: object + x-kubernetes-map-type: atomic + type: array required: - - podAffinityTerm - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - values: - items: - type: string - type: array - required: + type: array + required: - key - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: type: string - required: + type: array + topologyKey: + type: string + required: - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: + x-kubernetes-map-type: atomic + namespaceSelector: properties: - key: - type: string - operator: - type: string - values: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + items: + type: string + type: array + topologyKey: type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - image: - description: Registry path to the application container to use - type: string - image_version: - description: Application container image version to use - type: string - ee_images: - description: Registry path to the Execution Environment container to use - type: array - items: - type: object - properties: - name: - type: string - image: - type: string - control_plane_ee_image: - description: Registry path to the Execution Environment container image to use on control plane pods - type: string - control_plane_priority_class: - description: Assign a preexisting priority class to the control plane pods - type: string - ee_pull_credentials_secret: - description: Secret where pull credentials for registered ees can be found - type: string - image_pull_policy: - description: The image pull policy - type: string - default: IfNotPresent - enum: - - Always - - always - - Never - - never - - IfNotPresent - - ifnotpresent - image_pull_secrets: - description: Image pull secrets for app and database containers - type: array - items: - type: string - image_pull_secret: # deprecated - description: (Deprecated) Image pull secret for app and database containers - type: string - host_aliases: - description: HostAliases for app containers - type: array - items: + required: + - topologyKey + type: object + type: array + type: object type: object - properties: - ip: - type: string - hostnames: - type: array - items: - type: string - task_resource_requirements: - description: Resource requirements for the task container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - type: object - web_resource_requirements: - description: Resource requirements for the web container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - type: object - ee_resource_requirements: - description: Resource requirements for the ee container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - type: object - postgres_init_container_resource_requirements: - description: (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - type: object - type: object - redis_resource_requirements: - description: Resource requirements for the redis container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - type: object - rsyslog_resource_requirements: - description: Resource requirements for the rsyslog container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - limits: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string - type: object - type: object - init_container_resource_requirements: - description: Resource requirements for the init container - properties: - requests: - properties: - cpu: - type: string - memory: - type: string - storage: - type: string - ephemeral-storage: - type: string + image: + description: Registry path to the application container to use + type: string + image_version: + description: Application container image version to use + type: string + ee_images: + description: Registry path to the Execution Environment container to use + type: array + items: type: object - limits: properties: - cpu: - type: string - memory: + name: type: string - storage: - type: string - ephemeral-storage: + image: type: string + control_plane_ee_image: + description: Registry path to the Execution Environment container image to use on control plane pods + type: string + control_plane_priority_class: + description: Assign a preexisting priority class to the control plane pods + type: string + ee_pull_credentials_secret: + description: Secret where pull credentials for registered ees can be found + type: string + image_pull_policy: + description: The image pull policy + type: string + default: IfNotPresent + enum: + - Always + - always + - Never + - never + - IfNotPresent + - ifnotpresent + image_pull_secrets: + description: Image pull secrets for app and database containers + type: array + items: + type: string + image_pull_secret: # deprecated + description: (Deprecated) Image pull secret for app and database containers + type: string + host_aliases: + description: HostAliases for app containers + type: array + items: type: object - type: object - service_account_annotations: - description: ServiceAccount annotations - type: string - replicas: - description: Number of instance replicas - type: integer - default: 1 - format: int32 - web_replicas: - description: Number of web instance replicas - type: integer - format: int32 - task_replicas: - description: Number of task instance replicas - type: integer - format: int32 - web_liveness_initial_delay: - description: Initial delay before starting liveness checks on web pod - type: integer - default: 5 - format: int32 - task_liveness_initial_delay: - description: Initial delay before starting liveness checks on task pod - type: integer - default: 5 - format: int32 - web_liveness_period: - description: Time period in seconds between each liveness check for the web pod - type: integer - default: 0 - format: int32 - task_liveness_period: - description: Time period in seconds between each liveness check for the task pod - type: integer - default: 0 - format: int32 - web_liveness_failure_threshold: - description: Number of consecutive failure events to identify failure of web pod - type: integer - default: 3 - format: int32 - task_liveness_failure_threshold: - description: Number of consecutive failure events to identify failure of task pod - type: integer - default: 3 - format: int32 - web_liveness_timeout: - description: Number of seconds to wait for a probe response from web pod - type: integer - default: 1 - format: int32 - task_liveness_timeout: - description: Number of seconds to wait for a probe response from task pod - type: integer - default: 1 - format: int32 - web_readiness_initial_delay: - description: Initial delay before starting readiness checks on web pod - type: integer - default: 20 - format: int32 - task_readiness_initial_delay: - description: Initial delay before starting readiness checks on task pod - type: integer - default: 20 - format: int32 - web_readiness_period: - description: Time period in seconds between each readiness check for the web pod - type: integer - default: 0 - format: int32 - task_readiness_period: - description: Time period in seconds between each readiness check for the task pod - type: integer - default: 0 - format: int32 - web_readiness_failure_threshold: - description: Number of consecutive failure events to identify failure of web pod - type: integer - default: 3 - format: int32 - task_readiness_failure_threshold: - description: Number of consecutive failure events to identify failure of task pod - type: integer - default: 3 - format: int32 - web_readiness_timeout: - description: Number of seconds to wait for a probe response from web pod - type: integer - default: 1 - format: int32 - task_readiness_timeout: - description: Number of seconds to wait for a probe response from task pod - type: integer - default: 1 - format: int32 - garbage_collect_secrets: - description: Whether or not to remove secrets upon instance removal - default: false - type: boolean - create_preload_data: - description: Whether or not to preload data upon instance creation - default: true - type: boolean - task_args: - type: array - items: - type: string - task_command: - type: array - items: - type: string - web_args: - type: array - items: - type: string - web_command: - type: array - items: - type: string - rsyslog_args: - type: array - items: - type: string - rsyslog_command: - type: array - items: - type: string - task_extra_env: - type: string - web_extra_env: - type: string - rsyslog_extra_env: - type: string - ee_extra_env: - type: string - ee_extra_volume_mounts: - description: Specify volume mounts to be added to Execution container - type: string - task_extra_volume_mounts: - description: Specify volume mounts to be added to Task container - type: string - web_extra_volume_mounts: - description: Specify volume mounts to be added to the Web container - type: string - postgres_extra_volume_mounts: - description: Specify volume mounts to be added to Postgres container - type: string - uwsgi_processes: - description: Set the number of uwsgi processes to run in a web container - type: integer - uwsgi_listen_queue_size: - description: Set the socket listen queue size for uwsgi - type: integer - nginx_worker_processes: - description: Set the number of workers for nginx - type: integer - nginx_worker_connections: - description: Set the number of connections per worker for nginx - type: integer - nginx_worker_cpu_affinity: - description: Set the CPU affinity for nginx workers - type: string - nginx_listen_queue_size: - description: Set the socket listen queue size for nginx (defaults to same as uwsgi) - type: integer - rsyslog_extra_volume_mounts: - description: Specify volume mounts to be added to the Rsyslog container - type: string - redis_image: - description: Registry path to the redis container to use - type: string - redis_image_version: - description: Redis container image version to use - type: string - redis_capabilities: - description: Redis container capabilities - type: array - items: - type: string - init_container_image: - description: Registry path to the init container to use - type: string - init_container_image_version: - description: Init container image version to use - type: string - init_container_extra_commands: - description: Extra commands for the init container - type: string - init_container_extra_volume_mounts: - description: Specify volume mounts to be added to the init container - type: string - init_projects_container_image: - description: Registry path to the init projects container to use - type: string - postgres_image: - description: Registry path to the PostgreSQL container to use - type: string - postgres_image_version: - description: PostgreSQL container image version to use - type: string - postgres_selector: - description: nodeSelector for the Postgres pods - type: string - postgres_keep_pvc_after_upgrade: - description: Specify whether or not to keep the old PVC after PostgreSQL upgrades - type: boolean - postgres_tolerations: - description: node tolerations for the Postgres pods - type: string - postgres_storage_requirements: - description: Storage requirements for the PostgreSQL container - properties: - requests: properties: - storage: + ip: type: string - type: object - limits: + hostnames: + type: array + items: + type: string + task_resource_requirements: + description: Resource requirements for the task container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + web_resource_requirements: + description: Resource requirements for the web container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + ee_resource_requirements: + description: Resource requirements for the ee container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + postgres_init_container_resource_requirements: + description: (Deprecated, use postgres_resource_requirements parameter) Resource requirements for the postgres init container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + type: object + type: object + redis_resource_requirements: + description: Resource requirements for the redis container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + rsyslog_resource_requirements: + description: Resource requirements for the rsyslog container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + init_container_resource_requirements: + description: Resource requirements for the init container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + ephemeral-storage: + type: string + type: object + type: object + service_account_annotations: + description: ServiceAccount annotations + type: string + replicas: + description: Number of instance replicas + type: integer + default: 1 + format: int32 + web_replicas: + description: Number of web instance replicas + type: integer + format: int32 + task_replicas: + description: Number of task instance replicas + type: integer + format: int32 + web_liveness_initial_delay: + description: Initial delay before starting liveness checks on web pod + type: integer + default: 5 + format: int32 + task_liveness_initial_delay: + description: Initial delay before starting liveness checks on task pod + type: integer + default: 5 + format: int32 + web_liveness_period: + description: Time period in seconds between each liveness check for the web pod + type: integer + default: 0 + format: int32 + task_liveness_period: + description: Time period in seconds between each liveness check for the task pod + type: integer + default: 0 + format: int32 + web_liveness_failure_threshold: + description: Number of consecutive failure events to identify failure of web pod + type: integer + default: 3 + format: int32 + task_liveness_failure_threshold: + description: Number of consecutive failure events to identify failure of task pod + type: integer + default: 3 + format: int32 + web_liveness_timeout: + description: Number of seconds to wait for a probe response from web pod + type: integer + default: 1 + format: int32 + task_liveness_timeout: + description: Number of seconds to wait for a probe response from task pod + type: integer + default: 1 + format: int32 + web_readiness_initial_delay: + description: Initial delay before starting readiness checks on web pod + type: integer + default: 20 + format: int32 + task_readiness_initial_delay: + description: Initial delay before starting readiness checks on task pod + type: integer + default: 20 + format: int32 + web_readiness_period: + description: Time period in seconds between each readiness check for the web pod + type: integer + default: 0 + format: int32 + task_readiness_period: + description: Time period in seconds between each readiness check for the task pod + type: integer + default: 0 + format: int32 + web_readiness_failure_threshold: + description: Number of consecutive failure events to identify failure of web pod + type: integer + default: 3 + format: int32 + task_readiness_failure_threshold: + description: Number of consecutive failure events to identify failure of task pod + type: integer + default: 3 + format: int32 + web_readiness_timeout: + description: Number of seconds to wait for a probe response from web pod + type: integer + default: 1 + format: int32 + task_readiness_timeout: + description: Number of seconds to wait for a probe response from task pod + type: integer + default: 1 + format: int32 + garbage_collect_secrets: + description: Whether or not to remove secrets upon instance removal + default: false + type: boolean + create_preload_data: + description: Whether or not to preload data upon instance creation + default: true + type: boolean + task_args: + type: array + items: + type: string + task_command: + type: array + items: + type: string + web_args: + type: array + items: + type: string + web_command: + type: array + items: + type: string + rsyslog_args: + type: array + items: + type: string + rsyslog_command: + type: array + items: + type: string + task_extra_env: + type: string + web_extra_env: + type: string + rsyslog_extra_env: + type: string + ee_extra_env: + type: string + ee_extra_volume_mounts: + description: Specify volume mounts to be added to Execution container + type: string + task_extra_volume_mounts: + description: Specify volume mounts to be added to Task container + type: string + web_extra_volume_mounts: + description: Specify volume mounts to be added to the Web container + type: string + postgres_extra_volume_mounts: + description: Specify volume mounts to be added to Postgres container + type: string + uwsgi_processes: + description: Set the number of uwsgi processes to run in a web container + type: integer + uwsgi_listen_queue_size: + description: Set the socket listen queue size for uwsgi + type: integer + nginx_worker_processes: + description: Set the number of workers for nginx + type: integer + nginx_worker_connections: + description: Set the number of connections per worker for nginx + type: integer + nginx_worker_cpu_affinity: + description: Set the CPU affinity for nginx workers + type: string + nginx_listen_queue_size: + description: Set the socket listen queue size for nginx (defaults to same as uwsgi) + type: integer + rsyslog_extra_volume_mounts: + description: Specify volume mounts to be added to the Rsyslog container + type: string + redis_image: + description: Registry path to the redis container to use + type: string + redis_image_version: + description: Redis container image version to use + type: string + redis_capabilities: + description: Redis container capabilities + type: array + items: + type: string + init_container_image: + description: Registry path to the init container to use + type: string + init_container_image_version: + description: Init container image version to use + type: string + init_container_extra_commands: + description: Extra commands for the init container + type: string + init_container_extra_volume_mounts: + description: Specify volume mounts to be added to the init container + type: string + init_projects_container_image: + description: Registry path to the init projects container to use + type: string + postgres_image: + description: Registry path to the PostgreSQL container to use + type: string + postgres_image_version: + description: PostgreSQL container image version to use + type: string + postgres_selector: + description: nodeSelector for the Postgres pods + type: string + postgres_keep_pvc_after_upgrade: + description: Specify whether or not to keep the old PVC after PostgreSQL upgrades + type: boolean + postgres_tolerations: + description: node tolerations for the Postgres pods + type: string + postgres_storage_requirements: + description: Storage requirements for the PostgreSQL container + properties: + requests: + properties: + storage: + type: string + type: object + limits: + properties: + storage: + type: string + type: object + type: object + postgres_resource_requirements: + description: Resource requirements for the PostgreSQL container + properties: + requests: + properties: + cpu: + type: string + memory: + type: string + type: object + limits: + properties: + cpu: + type: string + memory: + type: string + type: object + type: object + postgres_storage_class: + description: Storage class to use for the PostgreSQL PVC + type: string + postgres_priority_class: + description: Assign a preexisting priority class to the postgres pod + type: string + postgres_extra_args: + type: array + items: + type: string + postgres_data_volume_init: + description: Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift) + type: boolean + postgres_init_container_commands: + description: Customize the postgres init container commands (Non Openshift) + type: string + postgres_extra_volumes: + description: Specify extra volumes to add to the application pod + type: string + postgres_keepalives: + description: Controls whether client-side TCP keepalives are used for Postgres connections. + default: true + type: boolean + postgres_keepalives_count: + description: Controls the number of TCP keepalives that can be lost before the client's connection to the server is considered dead. + type: integer + default: 5 + format: int32 + postgres_keepalives_idle: + description: Controls the number of seconds of inactivity after which TCP should send a keepalive message to the server. + type: integer + default: 5 + format: int32 + postgres_keepalives_interval: + description: Controls the number of seconds after which a TCP keepalive message that is not acknowledged by the server should be retransmitted. + type: integer + default: 5 + format: int32 + ca_trust_bundle: + description: Path where the trusted CA bundle is available + type: string + development_mode: + description: If the deployment should be done in development mode + type: boolean + ldap_cacert_secret: + description: Secret where can be found the LDAP trusted Certificate Authority Bundle + type: string + ldap_password_secret: + description: Secret where can be found the LDAP bind password + type: string + bundle_cacert_secret: + description: Secret where can be found the trusted Certificate Authority Bundle + type: string + projects_persistence: + description: Whether or not the /var/lib/projects directory will be persistent + default: false + type: boolean + projects_use_existing_claim: + description: Using existing PersistentVolumeClaim + type: string + enum: + - _Yes_ + - _No_ + projects_existing_claim: + description: PersistentVolumeClaim to mount /var/lib/projects directory + type: string + projects_storage_class: + description: Storage class for the /var/lib/projects PersistentVolumeClaim + type: string + projects_storage_size: + description: Size for the /var/lib/projects PersistentVolumeClaim + default: 8Gi + type: string + projects_storage_access_mode: + description: AccessMode for the /var/lib/projects PersistentVolumeClaim + default: ReadWriteMany + type: string + csrf_cookie_secure: + description: Set csrf cookie secure mode for web + type: string + session_cookie_secure: + description: Set session cookie secure mode for web + type: string + postgres_security_context_settings: + description: Key/values that will be set under the pod-level securityContext field + type: object + x-kubernetes-preserve-unknown-fields: true + receptor_log_level: + description: Set log level of receptor service + type: string + extra_settings: + description: Extra settings to specify for AWX + items: properties: - storage: + setting: type: string + value: + x-kubernetes-preserve-unknown-fields: true type: object - type: object - postgres_resource_requirements: - description: Resource requirements for the PostgreSQL container - properties: - requests: + type: array + no_log: + description: Configure no_log for no_log tasks + type: boolean + default: true + security_context_settings: + description: Key/values that will be set under the pod-level securityContext field + type: object + x-kubernetes-preserve-unknown-fields: true + auto_upgrade: + description: Should AWX instances be automatically upgraded when operator gets upgraded + type: boolean + default: true + set_self_labels: + description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) + type: boolean + default: true + additional_labels: + description: Additional labels defined on the resource, which should be propagated to child resources + type: array + items: + type: string + ipv6_disabled: + description: Disable web container's nginx ipv6 listener + type: boolean + default: false + metrics_utility_enabled: + description: Enable metrics utility + type: boolean + default: false + metrics_utility_image: + description: Metrics-Utility Image + type: string + metrics_utility_image_version: + description: Metrics-Utility Image Version + type: string + metrics_utility_image_pull_policy: + description: Metrics-Utility Image PullPolicy + type: string + metrics_utility_configmap: + description: Metrics-Utility ConfigMap + type: string + metrics_utility_secret: + description: Metrics-Utility Secret + type: string + metrics_utility_cronjob_gather_schedule: + description: Metrics-Utility Gather Data CronJob Schedule + type: string + default: "@hourly" + metrics_utility_cronjob_report_schedule: + description: Metrics-Utility Report CronJob Schedule + type: string + default: "@monthly" + metrics_utility_ship_target: + description: Metrics-Utility Ship Target + type: string + metrics_utility_pvc_claim: + description: Metrics-Utility PVC Claim + type: string + metrics_utility_pvc_claim_size: + description: Metrics-Utility PVC Claim Size + type: string + default: 5Gi + metrics_utility_pvc_claim_storage_class: + description: Metrics-Utility PVC Claim Storage Class + type: string + metrics_utility_console_enabled: + description: Enable metrics utility shipping to Red Hat Hybrid Cloud Console + type: boolean + default: false + type: object + status: + properties: + URL: + description: URL to access the deployed instance + type: string + adminUser: + description: Admin user of the deployed instance + type: string + adminPasswordSecret: + description: Admin password secret name of the deployed instance + type: string + postgresConfigurationSecret: + description: Postgres Configuration secret name of the deployed instance + type: string + broadcastWebsocketSecret: + description: Broadcast websocket secret name of the deployed instance + type: string + secretKeySecret: + description: Secret key secret name of the deployed instance + type: string + migratedFromSecret: + description: The secret used for migrating an old instance + type: string + upgradedPostgresVersion: + description: Status to indicate that the database has been upgraded to the version in the status + type: string + version: + description: Version of the deployed instance + type: string + image: + description: URL of the image used for the deployed instance + type: string + conditions: + description: The resulting conditions when a Service Telemetry is instantiated + items: properties: - cpu: + status: type: string - memory: + type: type: string - type: object - limits: - properties: - cpu: + reason: type: string - memory: + lastTransitionTime: type: string type: object - type: object - postgres_storage_class: - description: Storage class to use for the PostgreSQL PVC - type: string - postgres_priority_class: - description: Assign a preexisting priority class to the postgres pod - type: string - postgres_extra_args: - type: array - items: - type: string - postgres_data_volume_init: - description: Sets permissions on the /var/lib/pgdata/data for postgres container using an init container (not Openshift) - type: boolean - postgres_init_container_commands: - description: Customize the postgres init container commands (Non Openshift) - type: string - postgres_extra_volumes: - description: Specify extra volumes to add to the application pod - type: string - postgres_keepalives: - description: Controls whether client-side TCP keepalives are used for Postgres connections. - default: true - type: boolean - postgres_keepalives_count: - description: Controls the number of TCP keepalives that can be lost before the client's connection to the server is considered dead. - type: integer - default: 5 - format: int32 - postgres_keepalives_idle: - description: Controls the number of seconds of inactivity after which TCP should send a keepalive message to the server. - type: integer - default: 5 - format: int32 - postgres_keepalives_interval: - description: Controls the number of seconds after which a TCP keepalive message that is not acknowledged by the server should be retransmitted. - type: integer - default: 5 - format: int32 - ca_trust_bundle: - description: Path where the trusted CA bundle is available - type: string - development_mode: - description: If the deployment should be done in development mode - type: boolean - ldap_cacert_secret: - description: Secret where can be found the LDAP trusted Certificate Authority Bundle - type: string - ldap_password_secret: - description: Secret where can be found the LDAP bind password - type: string - bundle_cacert_secret: - description: Secret where can be found the trusted Certificate Authority Bundle - type: string - projects_persistence: - description: Whether or not the /var/lib/projects directory will be persistent - default: false - type: boolean - projects_use_existing_claim: - description: Using existing PersistentVolumeClaim - type: string - enum: - - _Yes_ - - _No_ - projects_existing_claim: - description: PersistentVolumeClaim to mount /var/lib/projects directory - type: string - projects_storage_class: - description: Storage class for the /var/lib/projects PersistentVolumeClaim - type: string - projects_storage_size: - description: Size for the /var/lib/projects PersistentVolumeClaim - default: 8Gi - type: string - projects_storage_access_mode: - description: AccessMode for the /var/lib/projects PersistentVolumeClaim - default: ReadWriteMany - type: string - csrf_cookie_secure: - description: Set csrf cookie secure mode for web - type: string - session_cookie_secure: - description: Set session cookie secure mode for web - type: string - postgres_security_context_settings: - description: Key/values that will be set under the pod-level securityContext field - type: object - x-kubernetes-preserve-unknown-fields: true - receptor_log_level: - description: Set log level of receptor service - type: string - extra_settings: - description: Extra settings to specify for AWX - items: - properties: - setting: - type: string - value: - x-kubernetes-preserve-unknown-fields: true - type: object - type: array - no_log: - description: Configure no_log for no_log tasks - type: boolean - default: true - security_context_settings: - description: Key/values that will be set under the pod-level securityContext field - type: object - x-kubernetes-preserve-unknown-fields: true - auto_upgrade: - description: Should AWX instances be automatically upgraded when operator gets upgraded - type: boolean - default: true - set_self_labels: - description: Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) - type: boolean - default: true - additional_labels: - description: Additional labels defined on the resource, which should be propagated to child resources - type: array - items: - type: string - ipv6_disabled: - description: Disable web container's nginx ipv6 listener - type: boolean - default: false - metrics_utility_enabled: - description: Enable metrics utility - type: boolean - default: false - metrics_utility_image: - description: Metrics-Utility Image - type: string - metrics_utility_image_version: - description: Metrics-Utility Image Version - type: string - metrics_utility_image_pull_policy: - description: Metrics-Utility Image PullPolicy - type: string - metrics_utility_configmap: - description: Metrics-Utility ConfigMap - type: string - metrics_utility_secret: - description: Metrics-Utility Secret - type: string - metrics_utility_cronjob_gather_schedule: - description: Metrics-Utility Gather Data CronJob Schedule - type: string - default: '@hourly' - metrics_utility_cronjob_report_schedule: - description: Metrics-Utility Report CronJob Schedule - type: string - default: '@monthly' - metrics_utility_ship_target: - description: Metrics-Utility Ship Target - type: string - metrics_utility_pvc_claim: - description: Metrics-Utility PVC Claim - type: string - metrics_utility_pvc_claim_size: - description: Metrics-Utility PVC Claim Size - type: string - default: 5Gi - metrics_utility_pvc_claim_storage_class: - description: Metrics-Utility PVC Claim Storage Class - type: string - metrics_utility_console_enabled: - description: Enable metrics utility shipping to Red Hat Hybrid Cloud Console - type: boolean - default: false - type: object - status: - properties: - URL: - description: URL to access the deployed instance - type: string - adminUser: - description: Admin user of the deployed instance - type: string - adminPasswordSecret: - description: Admin password secret name of the deployed instance - type: string - postgresConfigurationSecret: - description: Postgres Configuration secret name of the deployed instance - type: string - broadcastWebsocketSecret: - description: Broadcast websocket secret name of the deployed instance - type: string - secretKeySecret: - description: Secret key secret name of the deployed instance - type: string - migratedFromSecret: - description: The secret used for migrating an old instance - type: string - upgradedPostgresVersion: - description: Status to indicate that the database has been upgraded to the version in the status - type: string - version: - description: Version of the deployed instance - type: string - image: - description: URL of the image used for the deployed instance - type: string - conditions: - description: The resulting conditions when a Service Telemetry is instantiated - items: - properties: - status: - type: string - type: - type: string - reason: - type: string - lastTransitionTime: - type: string - type: object - type: array - type: object - type: object + type: array + type: object + type: object diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index d8d563eda..b7262e06c 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -1,9 +1,10 @@ +--- # This kustomization.yaml is not intended to be run by itself, # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/awx.ansible.com_awxs.yaml -- bases/awx.ansible.com_awxbackups.yaml -- bases/awx.ansible.com_awxrestores.yaml -- bases/awx.ansible.com_awxmeshingresses.yaml + - bases/awx.ansible.com_awxs.yaml + - bases/awx.ansible.com_awxbackups.yaml + - bases/awx.ansible.com_awxrestores.yaml + - bases/awx.ansible.com_awxmeshingresses.yaml #+kubebuilder:scaffold:crdkustomizeresource diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 1bc1b049d..14c8bcfcd 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,3 +1,4 @@ +--- # Adds namespace to all resources. namespace: awx @@ -15,9 +16,9 @@ namePrefix: awx-operator- # someName: someValue resources: -- ../crd -- ../rbac -- ../manager + - ../crd + - ../rbac + - ../manager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus @@ -27,4 +28,4 @@ resources: apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization patches: -- path: manager_auth_proxy_patch.yaml + - path: manager_auth_proxy_patch.yaml diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index 8e0b05221..b14d22e00 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -1,3 +1,4 @@ +--- # This patch inject a sidecar container which is a HTTP proxy for the # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. apiVersion: apps/v1 @@ -9,32 +10,32 @@ spec: template: spec: containers: - - name: kube-rbac-proxy - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: awx-manager - args: - - "--health-probe-bind-address=:6789" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" - - "--leader-election-id=awx-operator" + - name: kube-rbac-proxy + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 + args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + ports: + - containerPort: 8443 + protocol: TCP + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - name: awx-manager + args: + - --health-probe-bind-address=:6789 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=awx-operator diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml index f99057d22..063d1c0d6 100644 --- a/config/default/manager_config_patch.yaml +++ b/config/default/manager_config_patch.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -7,14 +8,14 @@ spec: template: spec: containers: - - name: awx-manager - args: - - "--config=controller_manager_config.yaml" - volumeMounts: - - name: awx-manager-config - mountPath: /controller_manager_config.yaml - subPath: controller_manager_config.yaml + - name: awx-manager + args: + - --config=controller_manager_config.yaml + volumeMounts: + - name: awx-manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml volumes: - - name: awx-manager-config - configMap: - name: awx-manager-config + - name: awx-manager-config + configMap: + name: awx-manager-config diff --git a/config/manager/controller_manager_config.yaml b/config/manager/controller_manager_config.yaml index 2e9b6bae9..c39726030 100644 --- a/config/manager/controller_manager_config.yaml +++ b/config/manager/controller_manager_config.yaml @@ -1,3 +1,4 @@ +--- apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 kind: ControllerManagerConfig health: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 0f2dccf3d..1f556de88 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,17 +1,18 @@ +--- resources: -- manager.yaml + - manager.yaml generatorOptions: disableNameSuffixHash: true configMapGenerator: -- files: - - controller_manager_config.yaml - name: awx-manager-config + - files: + - controller_manager_config.yaml + name: awx-manager-config apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: -- name: controller - newName: quay.io/ansible/awx-operator - newTag: latest + - name: controller + newName: quay.io/ansible/awx-operator + newTag: latest diff --git a/config/manifests/bases/awx-operator.clusterserviceversion.yaml b/config/manifests/bases/awx-operator.clusterserviceversion.yaml index f7af28f4e..8409de67d 100644 --- a/config/manifests/bases/awx-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/awx-operator.clusterserviceversion.yaml @@ -1,14 +1,14 @@ +--- apiVersion: operators.coreos.com/v1beta1 kind: ClusterServiceVersion metadata: annotations: - alm-examples: '[]' + alm-examples: "[]" capabilities: Basic Install categories: Integration & Delivery containerImage: quay.io/ansible/awx-operator:devel createdAt: "2019-10-30" - description: AWX provides a web-based user interface, REST API, and task engine - built on top of Ansible. + description: AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. repository: https://github.com/ansible/awx-operator support: forum.ansible.com name: awx-operator.v0.0.0 @@ -17,1126 +17,1113 @@ spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - description: Deploy a instance of AWX Mesh ingress to allow inbound connection - to the AWX Receptor Mesh. - displayName: AWX Mesh Ingress - kind: AWXMeshIngress - name: awxmeshingresses.awx.ansible.com - specDescriptors: - - displayName: Deployment Name - path: deployment_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: External Hostname - path: external_hostname - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: External IP Address - path: external_ipaddress - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Type - path: ingress_type - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:select:none - - urn:alm:descriptor:com.tectonic.ui:select:Ingress - - urn:alm:descriptor:com.tectonic.ui:select:IngressRouteTCP - - urn:alm:descriptor:com.tectonic.ui:select:Route - - displayName: Ingress API Version - path: ingress_api_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Annotations - path: ingress_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Class Name - path: ingress_class_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Controller - path: ingress_controller - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Optional API URLPATTERN Prefix - path: api_urlpattern_prefix - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Image Pull Secrets - path: image_pull_secrets - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - version: v1alpha1 - - description: Back up a deployment of the awx, including jobs, inventories, and - credentials - displayName: AWX Backup - kind: AWXBackup - name: awxbackups.awx.ansible.com - specDescriptors: - - displayName: Deployment Name - path: deployment_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Backup Persistent Volume Claim - path: backup_pvc - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Backup Persistent Volume Claim Namespace - path: backup_pvc_namespace - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Backup PVC Storage Requirements - path: backup_storage_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Backup Management Pod Resource Requirements - path: backup_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: Backup PVC Storage Class - path: backup_storage_class - x-descriptors: - - urn:alm:descriptor:io.kubernetes:StorageClass - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Precreate Partition Hours - path: precreate_partition_hours - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Database Backup Label Selector - path: postgres_label_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Security Context Settings - path: postgres_security_context_settings - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image - path: postgres_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image Version - path: postgres_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Image Pull Policy - path: image_pull_policy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - displayName: No Log Configuration - path: no_log - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Set default labels on AWX resource? - path: set_self_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Additional labels defined on the resource, which should be propagated - to child resources - path: additional_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Node Selector for backup management pod - path: db_management_pod_node_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - statusDescriptors: - - description: Persistent volume claim name used during backup - displayName: Backup Claim - path: backupClaim - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - description: The directory that data is backed up to on the PVC - displayName: Backup Directory - path: backupDirectory - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - version: v1beta1 - - description: Restore a previous awx deployment from an AWXBackup. The deployment - name you provide will be the name of the new AWX CR that will be created. - displayName: AWX Restore - kind: AWXRestore - name: awxrestores.awx.ansible.com - specDescriptors: - - description: Select what type of backup to specify. Backup CR, allows you - to specify the name of an AWXBackup object (recommended approach). The - PVC option allows you to specify a custom PVC and directory to backup from. - displayName: Backup Source to restore from - path: backup_source - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:select:Backup CR - - urn:alm:descriptor:com.tectonic.ui:select:PVC - - displayName: Backup Name - path: backup_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:Backup - CR - - displayName: New Deployment Name - path: deployment_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Backup Persistent Volume Claim - path: backup_pvc - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC - - displayName: Backup Namespace - path: backup_pvc_namespace - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: This is the directory inside the PVC that your backup is stored - in. - displayName: Backup Directory - path: backup_dir - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC - - displayName: Postgres Restore Label Selector - path: postgres_label_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image - path: postgres_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image Version - path: postgres_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Image Pull Policy - path: image_pull_policy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - displayName: Restore Management Pod Resource Requirements - path: restore_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: No Log Configuration - path: no_log - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Set default labels on AWX resource? - path: set_self_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Additional labels defined on the resource, which should be propagated - to child resources - path: additional_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Node Selector for backup management pod - path: db_management_pod_node_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Force drop database before restore - path: force_drop_db - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - statusDescriptors: - - description: The state of the restore - displayName: Restore Status - path: restoreComplete - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - version: v1beta1 - - description: Deploy a new instance of AWX. A standardized way to define, operate - and scale automation with Ansible. - displayName: AWX - kind: AWX - name: awxs.awx.ansible.com - specDescriptors: - - displayName: Hostname (Deprecated) - path: hostname - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Admin Account Username - path: admin_user - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Admin E-mail Address - path: admin_email - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Admin Password Secret - path: admin_password_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Database Configuration Secret - path: postgres_configuration_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Old Database Configuration Secret - path: old_postgres_configuration_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - description: Name of the k8s secret the symmetric encryption key is stored - in. - displayName: Secret Key - path: secret_key_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Broadcast Websocket Secret - path: broadcast_websocket_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Service Account Annotations - path: service_account_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Service Type - path: service_type - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:select:ClusterIP - - urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer - - urn:alm:descriptor:com.tectonic.ui:select:NodePort - - displayName: Ingress Type - path: ingress_type - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:select:none - - urn:alm:descriptor:com.tectonic.ui:select:Ingress - - urn:alm:descriptor:com.tectonic.ui:select:Route - - displayName: Ingress Class Name - path: ingress_class_name - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: Ingress API Version - path: ingress_api_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Path - path: ingress_path - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: Ingress Path Type - path: ingress_path_type - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: Ingress Annotations - path: ingress_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: Ingress TLS Secret (Deprecated) - path: ingress_tls_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: Ingress Hosts - path: ingress_hosts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Ingress Controller - path: ingress_controller - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress - - displayName: LoadBalancer Annotations - path: service_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer - - displayName: LoadBalancer Protocol - path: loadbalancer_protocol - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:select:http - - urn:alm:descriptor:com.tectonic.ui:select:https - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer - - displayName: LoadBalancer Port - path: loadbalancer_port - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer - - displayName: LoadBalancer IP - path: loadbalancer_ip - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:string - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer - - displayName: LoadBalancer Class - path: loadbalancer_class - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:string - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer - - displayName: Route API Version - path: route_api_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Route DNS host - path: route_host - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route - - displayName: Route TLS Termination Mechanism - path: route_tls_termination_mechanism - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:select:Edge - - urn:alm:descriptor:com.tectonic.ui:select:Passthrough - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route - - displayName: Route TLS Credential Secret - path: route_tls_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route - - displayName: Image Pull Policy - path: image_pull_policy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - displayName: Image Pull Secrets - path: image_pull_secrets - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Image Pull Secret (Deprecated) - path: image_pull_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: HostAliases for app containers - path: host_aliases - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Web Container Resource Requirements - path: web_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: Task Container Resource Requirements - path: task_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: EE Control Plane Container Resource Requirements - path: ee_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - description: Sets permissions on the /var/lib/pgsql/data for postgres container using an init container (not Openshift) - displayName: PostgreSQL initialize data volume - path: postgres_data_volume_init - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Customize the postgres init container commands (Non Openshift) - displayName: PostgreSQL Init Container Commands - path: postgres_init_container_commands - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: (Deprecated, use postgres_resource_requirements parameter instead) - displayName: PostgreSQL Init Container Resource Requirements - path: postgres_init_container_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:hidden - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: Redis Container Resource Requirements - path: redis_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: Rsyslog Container Resource Requirements - path: rsyslog_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - description: The PostgreSQL container is not used when an external DB is configured - displayName: PostgreSQL Container Resource Requirements - path: postgres_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - description: The PostgreSQL container is not used when an external DB is configured - displayName: PostgreSQL Container Storage Requirements - path: postgres_storage_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - description: Init Container resource requirements - path: init_container_resource_requirements - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:resourceRequirements - - displayName: Replicas - path: replicas - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - displayName: Web Replicas - path: web_replicas - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - displayName: Uwsgi Listen Queue Length - path: uwsgi_listen_queue_size - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Uwsgi Processes - path: uwsgi_processes - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: NGINX Worker Processes - path: nginx_worker_processes - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: NGINX Worker Connections - path: nginx_worker_connections - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: NGINX Worker Process CPU Affinity - path: nginx_worker_cpu_affinity - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:string - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: NGINX Listen Queue Length - path: nginx_listen_queue_size - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Replicas - path: task_replicas - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:number - - displayName: Remove used secrets on instance removal? - path: garbage_collect_secrets - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Preload instance with data upon creation? - path: create_preload_data - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Deploy the instance in development mode? - path: development_mode - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Should the task container deployed with privileged level? - path: task_privileged - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Deployment Type - path: deployment_type - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Deployment Kind - path: kind - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Deployment apiVersion - path: api_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Image - path: image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Image Version - path: image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Redis Image - path: redis_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Redis Image Version - path: redis_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Redis Capabilities - path: redis_capabilities - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image - path: postgres_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: PostgreSQL Image Version - path: postgres_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Selector - path: postgres_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Label Selector - path: postgres_label_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Should PostgreSQL data for managed databases be kept after upgrades? - path: postgres_keep_pvc_after_upgrade - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Tolerations - path: postgres_tolerations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Storage Class - path: postgres_storage_class - x-descriptors: - - urn:alm:descriptor:io.kubernetes:StorageClass - - urn:alm:descriptor:com.tectonic.ui:advanced - - displayName: Postgres Extra Arguments - path: postgres_extra_args - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify extra volumes to add to the postgres pod - displayName: Postgres Extra Volumes - path: postgres_extra_volumes - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify volume mounts to be added to Postgres container - displayName: Postgres Extra Volume Mounts - path: postgres_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Enable Postgres Keepalives - path: postgres_keepalives - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Keepalives Count - path: postgres_keepalives_count - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Keepalives Idle - path: postgres_keepalives_idle - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Keepalives Interval - path: postgres_keepalives_interval - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Certificate Authorirty Trust Bundle - path: ca_trust_bundle - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: LDAP Certificate Authority Trust Bundle - path: ldap_cacert_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: LDAP Password Secret - path: ldap_password_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Task Args - path: task_args - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Enable persistence for /var/lib/projects directory? - path: projects_persistence - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Use existing Persistent Claim? - path: projects_use_existing_claim - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:select:_Yes_ - - urn:alm:descriptor:com.tectonic.ui:select:_No_ - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_persistence:true - - displayName: Projects Existing Persistent Claim - path: projects_existing_claim - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_Yes_ - - urn:alm:descriptor:io.kubernetes:PersistentVolumeClaim - - description: Projects Storage Class Name. If not present, the default storage - class will be used. - displayName: Projects Storage Class Name - path: projects_storage_class - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ - - urn:alm:descriptor:io.kubernetes:StorageClass - - description: Projects Storage Size - displayName: Projects Storage Size - path: projects_storage_size - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ - - urn:alm:descriptor:com.tectonic.ui:text - - description: Projects Storage Access Mode - displayName: Projects Storage Access Mode - path: projects_storage_access_mode - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ - - urn:alm:descriptor:com.tectonic.ui:text - - displayName: Task Command - path: task_command - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Environment variables to be added to Task container - displayName: Task Extra Env - path: task_extra_env - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify volume mounts to be added to Execution container - displayName: EE Extra Volume Mounts - path: ee_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Registry path to the Execution Environment container to use - displayName: EE Images - path: ee_images - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Environment variables to be added to EE container - displayName: EE Extra Env - path: ee_extra_env - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Registry path to the Execution Environment container to use on - control plane pods - displayName: Control Plane EE Image - path: control_plane_ee_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: EE Images Pull Credentials Secret - displayName: EE Images Pull Credentials Secret - path: ee_pull_credentials_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - description: Specify volume mounts to be added to Task container - displayName: Task Extra Volume Mounts - path: task_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Args - path: web_args - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Command - path: web_command - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Environment variables to be added to Web container - displayName: Web Extra Env - path: web_extra_env - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify volume mounts to be added to Web container - displayName: Web Extra Volume Mounts - path: web_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Rsyslog Args - path: rsyslog_args - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Rsyslog Command - path: rsyslog_command - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Environment variables to be added to Rsyslog container - displayName: Rsyslog Extra Env - path: rsyslog_extra_env - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify volume mounts to be added to Rsyslog container - displayName: Rsyslog Extra Volume Mounts - path: rsyslog_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify extra volumes to add to the application pod - displayName: Extra Volumes - path: extra_volumes - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Node Selector - path: node_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Node Selector - path: web_node_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Node Selector - path: task_node_selector - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Topology Spread Constraints - path: topology_spread_constraints - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Topology Spread Constraints - path: web_topology_spread_constraints - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Topology Spread Constraints - path: task_topology_spread_constraints - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Affinity - path: affinity - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Affinity - path: web_affinity - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Affinity - path: task_affinity - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Control Plane Priority Class - path: control_plane_priority_class - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Postgres Priority Class - path: postgres_priority_class - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Termination Grace Period Seconds - path: termination_grace_period_seconds - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Service Labels - path: service_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Annotations - path: annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Annotations - path: task_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Annotations - path: web_annotations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Tolerations - path: tolerations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Web Tolerations - path: web_tolerations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Task Tolerations - path: task_tolerations - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: CSRF Cookie Secure Setting - path: csrf_cookie_secure - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Session Cookie Secure Setting - path: session_cookie_secure - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Receptor Log Level - path: receptor_log_level - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Extra Settings - path: extra_settings - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: No Log Configuration - path: no_log - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Security Context Settings - path: security_context_settings - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Init Container image to use - displayName: Init Container Image - path: init_container_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Init container image version to use - displayName: Init Container Image Version - path: init_container_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify Extra commands for the Init container - displayName: Init Container Extra Commands - path: init_container_extra_commands - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Specify volume mounts to be added to Init container - displayName: Init Container Extra Volume Mounts - path: init_container_extra_volume_mounts - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Init Projects Container image to use - displayName: Init Projects Container Image - path: init_projects_container_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - description: Secret where can be found the trusted Certificate Authority Bundle - path: bundle_cacert_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - displayName: Nodeport Port - path: nodeport_port - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Automatically upgrade AWX instances when Operator is upgraded? - path: auto_upgrade - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Set default labels on AWX resource? - path: set_self_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Additional labels defined on the resource, which should be propagated - to child resources - path: additional_labels - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:hidden - - displayName: Disable IPv6 listener? - path: ipv6_disabled - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Metrics-Utility Enabled - path: metrics_utility_enabled - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - displayName: Metrics-Utility Image - path: metrics_utility_image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Image Version - path: metrics_utility_image_version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Image PullPolicy - path: metrics_utility_image_pull_policy - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility ConfigMap - path: metrics_utility_configmap - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:ConfigMap - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Secret - path: metrics_utility_secret - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:Secret - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Gather Data CronJob Schedule - path: metrics_utility_cronjob_gather_schedule - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Report CronJob Schedule - path: metrics_utility_cronjob_report_schedule - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Ship Target - path: metrics_utility_ship_target - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility PVC Claim - path: metrics_utility_pvc_claim - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility PVC Claim Size - path: metrics_utility_pvc_claim_size - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:text - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility PVC Claim Storage Class - path: metrics_utility_pvc_claim_storage_class - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:io.kubernetes:StorageClass - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - - displayName: Metrics-Utility Enabled Shipping to Red Hat Hybrid Cloud Console - path: metrics_utility_console_enabled - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:advanced - - urn:alm:descriptor:com.tectonic.ui:booleanSwitch - - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true - statusDescriptors: - - description: Route to access the instance deployed - displayName: URL - path: URL - x-descriptors: - - urn:alm:descriptor:org.w3:link - - description: Admin user for the instance deployed - displayName: Admin User - path: adminUser - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - description: Admin password for the instance deployed - displayName: Admin Password - path: adminPasswordSecret - x-descriptors: - - urn:alm:descriptor:io.kubernetes:Secret - - description: Version of the instance deployed - displayName: Version - path: version - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - - description: Image of the instance deployed - displayName: Image - path: image - x-descriptors: - - urn:alm:descriptor:com.tectonic.ui:text - version: v1beta1 + - description: Deploy a instance of AWX Mesh ingress to allow inbound connection to the AWX Receptor Mesh. + displayName: AWX Mesh Ingress + kind: AWXMeshIngress + name: awxmeshingresses.awx.ansible.com + specDescriptors: + - displayName: Deployment Name + path: deployment_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: External Hostname + path: external_hostname + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: External IP Address + path: external_ipaddress + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Type + path: ingress_type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:none + - urn:alm:descriptor:com.tectonic.ui:select:Ingress + - urn:alm:descriptor:com.tectonic.ui:select:IngressRouteTCP + - urn:alm:descriptor:com.tectonic.ui:select:Route + - displayName: Ingress API Version + path: ingress_api_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Annotations + path: ingress_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Class Name + path: ingress_class_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Controller + path: ingress_controller + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Optional API URLPATTERN Prefix + path: api_urlpattern_prefix + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Image Pull Secrets + path: image_pull_secrets + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + version: v1alpha1 + - description: Back up a deployment of the awx, including jobs, inventories, and credentials + displayName: AWX Backup + kind: AWXBackup + name: awxbackups.awx.ansible.com + specDescriptors: + - displayName: Deployment Name + path: deployment_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Backup Persistent Volume Claim + path: backup_pvc + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Backup Persistent Volume Claim Namespace + path: backup_pvc_namespace + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Backup PVC Storage Requirements + path: backup_storage_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Backup Management Pod Resource Requirements + path: backup_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: Backup PVC Storage Class + path: backup_storage_class + x-descriptors: + - urn:alm:descriptor:io.kubernetes:StorageClass + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Precreate Partition Hours + path: precreate_partition_hours + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Database Backup Label Selector + path: postgres_label_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Security Context Settings + path: postgres_security_context_settings + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image + path: postgres_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image Version + path: postgres_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Image Pull Policy + path: image_pull_policy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - displayName: No Log Configuration + path: no_log + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Set default labels on AWX resource? + path: set_self_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Additional labels defined on the resource, which should be propagated to child resources + path: additional_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Node Selector for backup management pod + path: db_management_pod_node_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + statusDescriptors: + - description: Persistent volume claim name used during backup + displayName: Backup Claim + path: backupClaim + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The directory that data is backed up to on the PVC + displayName: Backup Directory + path: backupDirectory + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + version: v1beta1 + - description: Restore a previous awx deployment from an AWXBackup. The deployment name you provide will be the name of the new AWX CR that will be created. + displayName: AWX Restore + kind: AWXRestore + name: awxrestores.awx.ansible.com + specDescriptors: + - description: Select what type of backup to specify. Backup CR, allows you to specify the name of an AWXBackup object (recommended approach). The PVC + option allows you to specify a custom PVC and directory to backup from. + displayName: Backup Source to restore from + path: backup_source + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:select:Backup CR + - urn:alm:descriptor:com.tectonic.ui:select:PVC + - displayName: Backup Name + path: backup_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:Backup CR + - displayName: New Deployment Name + path: deployment_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Backup Persistent Volume Claim + path: backup_pvc + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC + - displayName: Backup Namespace + path: backup_pvc_namespace + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: This is the directory inside the PVC that your backup is stored in. + displayName: Backup Directory + path: backup_dir + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:backup_source:PVC + - displayName: Postgres Restore Label Selector + path: postgres_label_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image + path: postgres_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image Version + path: postgres_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Image Pull Policy + path: image_pull_policy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - displayName: Restore Management Pod Resource Requirements + path: restore_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: No Log Configuration + path: no_log + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Set default labels on AWX resource? + path: set_self_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Additional labels defined on the resource, which should be propagated to child resources + path: additional_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Node Selector for backup management pod + path: db_management_pod_node_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Force drop database before restore + path: force_drop_db + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + statusDescriptors: + - description: The state of the restore + displayName: Restore Status + path: restoreComplete + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + version: v1beta1 + - description: Deploy a new instance of AWX. A standardized way to define, operate and scale automation with Ansible. + displayName: AWX + kind: AWX + name: awxs.awx.ansible.com + specDescriptors: + - displayName: Hostname (Deprecated) + path: hostname + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Admin Account Username + path: admin_user + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Admin E-mail Address + path: admin_email + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Admin Password Secret + path: admin_password_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Database Configuration Secret + path: postgres_configuration_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Old Database Configuration Secret + path: old_postgres_configuration_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - description: Name of the k8s secret the symmetric encryption key is stored in. + displayName: Secret Key + path: secret_key_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Broadcast Websocket Secret + path: broadcast_websocket_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Service Account Annotations + path: service_account_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Service Type + path: service_type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:ClusterIP + - urn:alm:descriptor:com.tectonic.ui:select:LoadBalancer + - urn:alm:descriptor:com.tectonic.ui:select:NodePort + - displayName: Ingress Type + path: ingress_type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:none + - urn:alm:descriptor:com.tectonic.ui:select:Ingress + - urn:alm:descriptor:com.tectonic.ui:select:Route + - displayName: Ingress Class Name + path: ingress_class_name + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: Ingress API Version + path: ingress_api_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Path + path: ingress_path + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: Ingress Path Type + path: ingress_path_type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: Ingress Annotations + path: ingress_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: Ingress TLS Secret (Deprecated) + path: ingress_tls_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: Ingress Hosts + path: ingress_hosts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Ingress Controller + path: ingress_controller + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Ingress + - displayName: LoadBalancer Annotations + path: service_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer + - displayName: LoadBalancer Protocol + path: loadbalancer_protocol + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:http + - urn:alm:descriptor:com.tectonic.ui:select:https + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer + - displayName: LoadBalancer Port + path: loadbalancer_port + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer + - displayName: LoadBalancer IP + path: loadbalancer_ip + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:string + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer + - displayName: LoadBalancer Class + path: loadbalancer_class + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:string + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:service_type:LoadBalancer + - displayName: Route API Version + path: route_api_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Route DNS host + path: route_host + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route + - displayName: Route TLS Termination Mechanism + path: route_tls_termination_mechanism + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:Edge + - urn:alm:descriptor:com.tectonic.ui:select:Passthrough + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route + - displayName: Route TLS Credential Secret + path: route_tls_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:ingress_type:Route + - displayName: Image Pull Policy + path: image_pull_policy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - displayName: Image Pull Secrets + path: image_pull_secrets + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Image Pull Secret (Deprecated) + path: image_pull_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: HostAliases for app containers + path: host_aliases + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Web Container Resource Requirements + path: web_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: Task Container Resource Requirements + path: task_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: EE Control Plane Container Resource Requirements + path: ee_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: Sets permissions on the /var/lib/pgsql/data for postgres container using an init container (not Openshift) + displayName: PostgreSQL initialize data volume + path: postgres_data_volume_init + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Customize the postgres init container commands (Non Openshift) + displayName: PostgreSQL Init Container Commands + path: postgres_init_container_commands + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: (Deprecated, use postgres_resource_requirements parameter instead) + displayName: PostgreSQL Init Container Resource Requirements + path: postgres_init_container_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:hidden + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: Redis Container Resource Requirements + path: redis_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: Rsyslog Container Resource Requirements + path: rsyslog_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: The PostgreSQL container is not used when an external DB is configured + displayName: PostgreSQL Container Resource Requirements + path: postgres_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: The PostgreSQL container is not used when an external DB is configured + displayName: PostgreSQL Container Storage Requirements + path: postgres_storage_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - description: Init Container resource requirements + path: init_container_resource_requirements + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - displayName: Replicas + path: replicas + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - displayName: Web Replicas + path: web_replicas + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - displayName: Uwsgi Listen Queue Length + path: uwsgi_listen_queue_size + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Uwsgi Processes + path: uwsgi_processes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: NGINX Worker Processes + path: nginx_worker_processes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: NGINX Worker Connections + path: nginx_worker_connections + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: NGINX Worker Process CPU Affinity + path: nginx_worker_cpu_affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:string + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: NGINX Listen Queue Length + path: nginx_listen_queue_size + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Replicas + path: task_replicas + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:number + - displayName: Remove used secrets on instance removal? + path: garbage_collect_secrets + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Preload instance with data upon creation? + path: create_preload_data + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Deploy the instance in development mode? + path: development_mode + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Should the task container deployed with privileged level? + path: task_privileged + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Deployment Type + path: deployment_type + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Deployment Kind + path: kind + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Deployment apiVersion + path: api_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Image + path: image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Image Version + path: image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Redis Image + path: redis_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Redis Image Version + path: redis_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Redis Capabilities + path: redis_capabilities + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image + path: postgres_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: PostgreSQL Image Version + path: postgres_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Selector + path: postgres_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Label Selector + path: postgres_label_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Should PostgreSQL data for managed databases be kept after upgrades? + path: postgres_keep_pvc_after_upgrade + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Tolerations + path: postgres_tolerations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Storage Class + path: postgres_storage_class + x-descriptors: + - urn:alm:descriptor:io.kubernetes:StorageClass + - urn:alm:descriptor:com.tectonic.ui:advanced + - displayName: Postgres Extra Arguments + path: postgres_extra_args + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify extra volumes to add to the postgres pod + displayName: Postgres Extra Volumes + path: postgres_extra_volumes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify volume mounts to be added to Postgres container + displayName: Postgres Extra Volume Mounts + path: postgres_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Enable Postgres Keepalives + path: postgres_keepalives + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Keepalives Count + path: postgres_keepalives_count + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Keepalives Idle + path: postgres_keepalives_idle + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Keepalives Interval + path: postgres_keepalives_interval + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Certificate Authorirty Trust Bundle + path: ca_trust_bundle + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: LDAP Certificate Authority Trust Bundle + path: ldap_cacert_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: LDAP Password Secret + path: ldap_password_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Task Args + path: task_args + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Enable persistence for /var/lib/projects directory? + path: projects_persistence + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Use existing Persistent Claim? + path: projects_use_existing_claim + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:select:_Yes_ + - urn:alm:descriptor:com.tectonic.ui:select:_No_ + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_persistence:true + - displayName: Projects Existing Persistent Claim + path: projects_existing_claim + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_Yes_ + - urn:alm:descriptor:io.kubernetes:PersistentVolumeClaim + - description: Projects Storage Class Name. If not present, the default storage class will be used. + displayName: Projects Storage Class Name + path: projects_storage_class + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ + - urn:alm:descriptor:io.kubernetes:StorageClass + - description: Projects Storage Size + displayName: Projects Storage Size + path: projects_storage_size + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ + - urn:alm:descriptor:com.tectonic.ui:text + - description: Projects Storage Access Mode + displayName: Projects Storage Access Mode + path: projects_storage_access_mode + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:projects_use_existing_claim:_No_ + - urn:alm:descriptor:com.tectonic.ui:text + - displayName: Task Command + path: task_command + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Environment variables to be added to Task container + displayName: Task Extra Env + path: task_extra_env + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify volume mounts to be added to Execution container + displayName: EE Extra Volume Mounts + path: ee_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Registry path to the Execution Environment container to use + displayName: EE Images + path: ee_images + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Environment variables to be added to EE container + displayName: EE Extra Env + path: ee_extra_env + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Registry path to the Execution Environment container to use on control plane pods + displayName: Control Plane EE Image + path: control_plane_ee_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: EE Images Pull Credentials Secret + displayName: EE Images Pull Credentials Secret + path: ee_pull_credentials_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - description: Specify volume mounts to be added to Task container + displayName: Task Extra Volume Mounts + path: task_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Args + path: web_args + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Command + path: web_command + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Environment variables to be added to Web container + displayName: Web Extra Env + path: web_extra_env + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify volume mounts to be added to Web container + displayName: Web Extra Volume Mounts + path: web_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Rsyslog Args + path: rsyslog_args + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Rsyslog Command + path: rsyslog_command + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Environment variables to be added to Rsyslog container + displayName: Rsyslog Extra Env + path: rsyslog_extra_env + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify volume mounts to be added to Rsyslog container + displayName: Rsyslog Extra Volume Mounts + path: rsyslog_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify extra volumes to add to the application pod + displayName: Extra Volumes + path: extra_volumes + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Node Selector + path: node_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Node Selector + path: web_node_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Node Selector + path: task_node_selector + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Topology Spread Constraints + path: topology_spread_constraints + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Topology Spread Constraints + path: web_topology_spread_constraints + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Topology Spread Constraints + path: task_topology_spread_constraints + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Affinity + path: affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Affinity + path: web_affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Affinity + path: task_affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Control Plane Priority Class + path: control_plane_priority_class + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Postgres Priority Class + path: postgres_priority_class + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Termination Grace Period Seconds + path: termination_grace_period_seconds + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Service Labels + path: service_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Annotations + path: annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Annotations + path: task_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Annotations + path: web_annotations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Tolerations + path: tolerations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Web Tolerations + path: web_tolerations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Task Tolerations + path: task_tolerations + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: CSRF Cookie Secure Setting + path: csrf_cookie_secure + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Session Cookie Secure Setting + path: session_cookie_secure + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Receptor Log Level + path: receptor_log_level + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Extra Settings + path: extra_settings + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: No Log Configuration + path: no_log + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Security Context Settings + path: security_context_settings + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Init Container image to use + displayName: Init Container Image + path: init_container_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Init container image version to use + displayName: Init Container Image Version + path: init_container_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify Extra commands for the Init container + displayName: Init Container Extra Commands + path: init_container_extra_commands + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Specify volume mounts to be added to Init container + displayName: Init Container Extra Volume Mounts + path: init_container_extra_volume_mounts + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Init Projects Container image to use + displayName: Init Projects Container Image + path: init_projects_container_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - description: Secret where can be found the trusted Certificate Authority Bundle + path: bundle_cacert_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - displayName: Nodeport Port + path: nodeport_port + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Automatically upgrade AWX instances when Operator is upgraded? + path: auto_upgrade + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Set default labels on AWX resource? + path: set_self_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Additional labels defined on the resource, which should be propagated to child resources + path: additional_labels + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:hidden + - displayName: Disable IPv6 listener? + path: ipv6_disabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Metrics-Utility Enabled + path: metrics_utility_enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - displayName: Metrics-Utility Image + path: metrics_utility_image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Image Version + path: metrics_utility_image_version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Image PullPolicy + path: metrics_utility_image_pull_policy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility ConfigMap + path: metrics_utility_configmap + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:ConfigMap + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Secret + path: metrics_utility_secret + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:Secret + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Gather Data CronJob Schedule + path: metrics_utility_cronjob_gather_schedule + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Report CronJob Schedule + path: metrics_utility_cronjob_report_schedule + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Ship Target + path: metrics_utility_ship_target + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility PVC Claim + path: metrics_utility_pvc_claim + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility PVC Claim Size + path: metrics_utility_pvc_claim_size + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:text + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility PVC Claim Storage Class + path: metrics_utility_pvc_claim_storage_class + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:io.kubernetes:StorageClass + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + - displayName: Metrics-Utility Enabled Shipping to Red Hat Hybrid Cloud Console + path: metrics_utility_console_enabled + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:advanced + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - urn:alm:descriptor:com.tectonic.ui:fieldDependency:metrics_utility_enabled:true + statusDescriptors: + - description: Route to access the instance deployed + displayName: URL + path: URL + x-descriptors: + - urn:alm:descriptor:org.w3:link + - description: Admin user for the instance deployed + displayName: Admin User + path: adminUser + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Admin password for the instance deployed + displayName: Admin Password + path: adminPasswordSecret + x-descriptors: + - urn:alm:descriptor:io.kubernetes:Secret + - description: Version of the instance deployed + displayName: Version + path: version + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Image of the instance deployed + displayName: Image + path: image + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + version: v1beta1 description: | AWX is designed to help accelerate and scale your business through automation. @@ -1160,33 +1147,34 @@ spec: When you are ready to upgrade to the next major or minor version, you can do so by changing the channel and approving the installPlan as needed. displayName: AWX icon: - - base64data: PHN2ZyB2ZXJzaW9uPSIxLjEiIGlkPSJMYXllcl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgNTQ3LjIxIDM4OS40NyIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgNTQ3LjIxIDM4OS40NzsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtkaXNwbGF5Om5vbmU7fQoJLnN0MXtkaXNwbGF5OmlubGluZTtmaWxsOiNGQUVEQTE7fQoJLnN0MntkaXNwbGF5OmlubGluZTtmaWxsOiM1RDI4MTU7fQoJLnN0M3tmaWxsOiNGQUVEQTE7fQoJLnN0NHtmaWxsOiM1RDI4MTU7fQoJLnN0NXtmaWxsOiMyRDhDQ0U7fQoJLnN0NntmaWxsOiM3OTQ1MzI7fQoJLnN0N3tmaWxsOiMwMjZEQUU7fQoJLnN0OHtmaWxsOiNGRjRCNEI7fQoJLnN0OXtmaWxsOiNBQkRCRjc7fQoJLnN0MTB7ZmlsbDojQ0IyRDJGO30KCS5zdDExe2ZpbGw6I0ZDQTJBMzt9Cgkuc3QxMntmaWxsOm5vbmU7c3Ryb2tlOiM1RDI4MTU7c3Ryb2tlLXdpZHRoOjU7c3Ryb2tlLW1pdGVybGltaXQ6MTA7fQoJLnN0MTN7ZmlsbDojRkZGRkZGO30KCS5zdDE0e2ZpbGw6I0E0Q0UzOTt9Cjwvc3R5bGU+CjxnIGNsYXNzPSJzdDAiPgoJPHBvbHlnb24gY2xhc3M9InN0MSIgcG9pbnRzPSIxNzYuMTIsMzc3IDEzMC4xOCwzMDMuNSAxNzYuMTIsMjMwIDI0OS43OSwyMzAgMjk1LjcyLDMwMy41IDI0OS43OSwzNzcgCSIvPgoJPHBhdGggY2xhc3M9InN0MiIgZD0iTTI0OC45NSwyMzEuNWw0NSw3MmwtNDUsNzJoLTcybC00NS03Mmw0NS03MkgyNDguOTUgTTI1MC42MiwyMjguNWgtMS42NmgtNzJoLTEuNjZsLTAuODgsMS40MWwtNDUsNzIKCQlsLTAuOTksMS41OWwwLjk5LDEuNTlsNDUsNzJsMC44OCwxLjQxaDEuNjZoNzJoMS42NmwwLjg4LTEuNDFsNDUtNzJsMC45OS0xLjU5bC0wLjk5LTEuNTlsLTQ1LTcyTDI1MC42MiwyMjguNUwyNTAuNjIsMjI4LjV6Ii8+CjwvZz4KPGc+Cgk8cG9seWdvbiBjbGFzcz0ic3QzIiBwb2ludHM9IjQxNi41NywzNzggMzcwLjAxLDMwMy41IDQxNi41NywyMjkgNDkxLjM0LDIyOSA1MzcuOSwzMDMuNSA0OTEuMzQsMzc4IAkiLz4KCTxwYXRoIGNsYXNzPSJzdDQiIGQ9Ik00ODkuOTUsMjMxLjVsNDUsNzJsLTQ1LDcyaC03MmwtNDUtNzJsNDUtNzJINDg5Ljk1IE00OTIuNzMsMjI2LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03Mkw0OTIuNzMsMjI2LjVMNDkyLjczLDIyNi41eiIvPgo8L2c+CjxnPgoJPHBvbHlnb24gY2xhc3M9InN0MyIgcG9pbnRzPSI0MTYuNTcsMjMxIDM3MC4wMSwxNTYuNSA0MTYuNTcsODIgNDkxLjM0LDgyIDUzNy45LDE1Ni41IDQ5MS4zNCwyMzEgCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTQ4OS45NSw4NC41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDQ4OS45NSBNNDkyLjczLDc5LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03Mkw0OTIuNzMsNzkuNUw0OTIuNzMsNzkuNXoiLz4KPC9nPgo8ZyBjbGFzcz0ic3QwIj4KCTxwb2x5Z29uIGNsYXNzPSJzdDEiIHBvaW50cz0iNTcuMTIsNDUxIDExLjE4LDM3Ny41IDU3LjEyLDMwNCAxMzAuNzksMzA0IDE3Ni43MiwzNzcuNSAxMzAuNzksNDUxIAkiLz4KCTxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0xMjkuOTUsMzA1LjVsNDUsNzJsLTQ1LDcyaC03MmwtNDUtNzJsNDUtNzJIMTI5Ljk1IE0xMzEuNjIsMzAyLjVoLTEuNjZoLTcyaC0xLjY2bC0wLjg4LDEuNDFsLTQ1LDcyCgkJbC0wLjk5LDEuNTlsMC45OSwxLjU5bDQ1LDcybDAuODgsMS40MWgxLjY2aDcyaDEuNjZsMC44OC0xLjQxbDQ1LTcybDAuOTktMS41OWwtMC45OS0xLjU5bC00NS03MkwxMzEuNjIsMzAyLjVMMTMxLjYyLDMwMi41eiIvPgo8L2c+CjxnPgoJPHBvbHlnb24gY2xhc3M9InN0MyIgcG9pbnRzPSIxNzYuNTcsMjMxIDEzMC4wMSwxNTYuNSAxNzYuNTcsODIgMjUxLjM0LDgyIDI5Ny45LDE1Ni41IDI1MS4zNCwyMzEgCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTI0OS45NSw4NC41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDI0OS45NSBNMjUyLjczLDc5LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03MkwyNTIuNzMsNzkuNUwyNTIuNzMsNzkuNXoiLz4KPC9nPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDMiIHBvaW50cz0iNTYuNTcsMTU4IDEwLjAxLDgzLjUgNTYuNTcsOSAxMzEuMzQsOSAxNzcuOSw4My41IDEzMS4zNCwxNTggCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTEyOS45NSwxMS41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDEyOS45NSBNMTMyLjczLDYuNWgtMi43N2gtNzJoLTIuNzdsLTEuNDcsMi4zNWwtNDUsNzJMNy4wNiw4My41CgkJbDEuNjYsMi42NWw0NSw3MmwxLjQ3LDIuMzVoMi43N2g3MmgyLjc3bDEuNDctMi4zNWw0NS03MmwxLjY2LTIuNjVsLTEuNjYtMi42NWwtNDUtNzJMMTMyLjczLDYuNUwxMzIuNzMsNi41eiIvPgo8L2c+CjxyZWN0IHg9IjI1MC45NSIgeT0iMzIwLjUiIGNsYXNzPSJzdDQiIHdpZHRoPSI0MCIgaGVpZ2h0PSI1NSIvPgo8cGF0aCBjbGFzcz0ic3Q1IiBkPSJNNDMwLjQ1LDM0MWgtMzIwYy04LjI1LDAtMTUtNi43NS0xNS0xNVYxMzZjMC04LjI1LDYuNzUtMTUsMTUtMTVoMzIwYzguMjUsMCwxNSw2Ljc1LDE1LDE1djE5MAoJQzQ0NS40NSwzMzQuMjUsNDM4LjcsMzQxLDQzMC40NSwzNDF6Ii8+CjxwYXRoIGNsYXNzPSJzdDQiIGQ9Ik0zMTguNDUsMzg0aC05NWMtNC4xMiwwLTcuNS0zLjM4LTcuNS03LjVsMCwwYzAtNC4xMiwzLjM4LTcuNSw3LjUtNy41aDk1YzQuMTIsMCw3LjUsMy4zOCw3LjUsNy41bDAsMAoJQzMyNS45NSwzODAuNjIsMzIyLjU4LDM4NCwzMTguNDUsMzg0eiIvPgo8cmVjdCB4PSIyODAuOTUiIHk9IjMyMC4wMiIgY2xhc3M9InN0NiIgd2lkdGg9IjEwIiBoZWlnaHQ9IjQ5Ii8+CjxwYXRoIGNsYXNzPSJzdDciIGQ9Ik05NS45NSwyNzIuNXY1NGwzNDksMXYtNmMwLDAtMTMyLTQtMjQyLTEzUzk1Ljk1LDI3Mi41LDk1Ljk1LDI3Mi41eiIvPgo8cGF0aCBjbGFzcz0ic3Q4IiBkPSJNNDQ1LjQ1LDMyNmMwLDguMjUtNi43NSwxNS0xNSwxNWgtMzIwYy04LjI1LDAtMTUtNi43NS0xNS0xNSIvPgo8cGF0aCBjbGFzcz0ic3Q5IiBkPSJNNDQ0Ljk1LDE4NS41di01NGMtNS45OS0xMC0xMy45OS05LTI5Ljk5LTljLTQ2Ljg2LDAtOTcuMTQtMC44Ny0xNDQtMWMtNDUuNDEtMC4xMy05MC41OSwwLjEzLTEzNiwwCgljLTEzLTAuMDQtMzQsMC0zOS4wMSw5YzAsMiwwLDQsMCw2YzAsMCwxMzIsNCwyNDIsMTNTNDQ0Ljk1LDE4NS41LDQ0NC45NSwxODUuNXoiLz4KPHBvbHlnb24gY2xhc3M9InN0MTAiIHBvaW50cz0iOTUuNzcsMzI1Ljk1IDE0Ni42NiwzMjUuOTUgMTU0LjgzLDMzOS42NiAxMDcuNzcsMzM5Ljk1IDk4Ljc3LDMzNC45NSAiLz4KPHBvbHlnb24gY2xhc3M9InN0MTEiIHBvaW50cz0iNDQ1LjUzLDMyNi4xMyAzODUuMzIsMzI2LjEzIDM5NC41OCwzNDAuODQgNDMzLjU0LDM0MS4xMSA0NDEuOTgsMzM1LjY2ICIvPgo8cGF0aCBjbGFzcz0ic3QxMiIgZD0iTTQzMC40NSwzNDFoLTMyMGMtOC4yNSwwLTE1LTYuNzUtMTUtMTVWMTM2YzAtOC4yNSw2Ljc1LTE1LDE1LTE1aDMyMGM4LjI1LDAsMTUsNi43NSwxNSwxNXYxOTAKCUM0NDUuNDUsMzM0LjI1LDQzOC43LDM0MSw0MzAuNDUsMzQxeiIvPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDEzIiBkPSJNMjA3LjkzLDE4OC43MmgyNC4xNmw4LjcsNDYuMDhsMTIuNzMtNDYuMDhoMjQuMDdsMTIuNzYsNDYuMDJsOC43MS00Ni4wMmgyNC4wNGwtMTguMTUsODIuMzJoLTI0Ljk0CgkJbC0xNC40NC01MS44M2wtMTQuMzgsNTEuODNoLTI0Ljk1TDIwNy45MywxODguNzJ6Ii8+Cgk8cGF0aCBjbGFzcz0ic3QxMyIgZD0iTTMyNS43OSwxODguNzJoMjguMDJsMTQuNTcsMjUuMzJsMTQuMTgtMjUuMzJoMjcuNzRsLTI1LjYyLDM5Ljg3bDI4LjA0LDQyLjQ1aC0yOC41OGwtMTYuMjYtMjYuNDUKCQlsLTE2LjI2LDI2LjQ1aC0yOC40MWwyOC40LTQyLjlMMzI1Ljc5LDE4OC43MnoiLz4KPC9nPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDEzIiBkPSJNMTg3LjAyLDI1Ny40NWgtMjguODhsLTQuMDEsMTMuNTloLTI1Ljk3bDMwLjk0LTgyLjMyaDI3Ljc1bDMwLjkzLDgyLjMyaC0yNi42NEwxODcuMDIsMjU3LjQ1egoJCSBNMTgxLjc0LDIzOS42NWwtOS4wOS0yOS41OWwtOC45OSwyOS41OUgxODEuNzR6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDE0IiBjeD0iNDkwLjQ1IiBjeT0iODMiIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNDkwLjQ1LDc0LjVjNC42OSwwLDguNSwzLjgxLDguNSw4LjVzLTMuODEsOC41LTguNSw4LjVzLTguNS0zLjgxLTguNS04LjVTNDg1Ljc3LDc0LjUsNDkwLjQ1LDc0LjUKCQkgTTQ5MC40NSw2OS41Yy03LjQ2LDAtMTMuNSw2LjA0LTEzLjUsMTMuNXM2LjA0LDEzLjUsMTMuNSwxMy41czEzLjUtNi4wNCwxMy41LTEzLjVTNDk3LjkxLDY5LjUsNDkwLjQ1LDY5LjVMNDkwLjQ1LDY5LjV6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDE0IiBjeD0iNTcuNDUiIGN5PSIxNTciIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNTcuNDUsMTQ4LjVjNC42OSwwLDguNSwzLjgxLDguNSw4LjVzLTMuODEsOC41LTguNSw4LjVzLTguNS0zLjgxLTguNS04LjVTNTIuNzcsMTQ4LjUsNTcuNDUsMTQ4LjUKCQkgTTU3LjQ1LDE0My41Yy03LjQ2LDAtMTMuNSw2LjA0LTEzLjUsMTMuNXM2LjA0LDEzLjUsMTMuNSwxMy41czEzLjUtNi4wNCwxMy41LTEzLjVTNjQuOTEsMTQzLjUsNTcuNDUsMTQzLjVMNTcuNDUsMTQzLjV6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDgiIGN4PSI0OTEuNDUiIGN5PSIyMzEiIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNDkxLjQ1LDIyMi41YzQuNjksMCw4LjUsMy44MSw4LjUsOC41cy0zLjgxLDguNS04LjUsOC41cy04LjUtMy44MS04LjUtOC41UzQ4Ni43NywyMjIuNSw0OTEuNDUsMjIyLjUKCQkgTTQ5MS40NSwyMTcuNWMtNy40NiwwLTEzLjUsNi4wNC0xMy41LDEzLjVzNi4wNCwxMy41LDEzLjUsMTMuNXMxMy41LTYuMDQsMTMuNS0xMy41UzQ5OC45MSwyMTcuNSw0OTEuNDUsMjE3LjVMNDkxLjQ1LDIxNy41eiIvPgo8L2c+Cjwvc3ZnPgo= - mediatype: image/svg+xml + - base64data: + PHN2ZyB2ZXJzaW9uPSIxLjEiIGlkPSJMYXllcl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgNTQ3LjIxIDM4OS40NyIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgNTQ3LjIxIDM4OS40NzsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtkaXNwbGF5Om5vbmU7fQoJLnN0MXtkaXNwbGF5OmlubGluZTtmaWxsOiNGQUVEQTE7fQoJLnN0MntkaXNwbGF5OmlubGluZTtmaWxsOiM1RDI4MTU7fQoJLnN0M3tmaWxsOiNGQUVEQTE7fQoJLnN0NHtmaWxsOiM1RDI4MTU7fQoJLnN0NXtmaWxsOiMyRDhDQ0U7fQoJLnN0NntmaWxsOiM3OTQ1MzI7fQoJLnN0N3tmaWxsOiMwMjZEQUU7fQoJLnN0OHtmaWxsOiNGRjRCNEI7fQoJLnN0OXtmaWxsOiNBQkRCRjc7fQoJLnN0MTB7ZmlsbDojQ0IyRDJGO30KCS5zdDExe2ZpbGw6I0ZDQTJBMzt9Cgkuc3QxMntmaWxsOm5vbmU7c3Ryb2tlOiM1RDI4MTU7c3Ryb2tlLXdpZHRoOjU7c3Ryb2tlLW1pdGVybGltaXQ6MTA7fQoJLnN0MTN7ZmlsbDojRkZGRkZGO30KCS5zdDE0e2ZpbGw6I0E0Q0UzOTt9Cjwvc3R5bGU+CjxnIGNsYXNzPSJzdDAiPgoJPHBvbHlnb24gY2xhc3M9InN0MSIgcG9pbnRzPSIxNzYuMTIsMzc3IDEzMC4xOCwzMDMuNSAxNzYuMTIsMjMwIDI0OS43OSwyMzAgMjk1LjcyLDMwMy41IDI0OS43OSwzNzcgCSIvPgoJPHBhdGggY2xhc3M9InN0MiIgZD0iTTI0OC45NSwyMzEuNWw0NSw3MmwtNDUsNzJoLTcybC00NS03Mmw0NS03MkgyNDguOTUgTTI1MC42MiwyMjguNWgtMS42NmgtNzJoLTEuNjZsLTAuODgsMS40MWwtNDUsNzIKCQlsLTAuOTksMS41OWwwLjk5LDEuNTlsNDUsNzJsMC44OCwxLjQxaDEuNjZoNzJoMS42NmwwLjg4LTEuNDFsNDUtNzJsMC45OS0xLjU5bC0wLjk5LTEuNTlsLTQ1LTcyTDI1MC42MiwyMjguNUwyNTAuNjIsMjI4LjV6Ii8+CjwvZz4KPGc+Cgk8cG9seWdvbiBjbGFzcz0ic3QzIiBwb2ludHM9IjQxNi41NywzNzggMzcwLjAxLDMwMy41IDQxNi41NywyMjkgNDkxLjM0LDIyOSA1MzcuOSwzMDMuNSA0OTEuMzQsMzc4IAkiLz4KCTxwYXRoIGNsYXNzPSJzdDQiIGQ9Ik00ODkuOTUsMjMxLjVsNDUsNzJsLTQ1LDcyaC03MmwtNDUtNzJsNDUtNzJINDg5Ljk1IE00OTIuNzMsMjI2LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03Mkw0OTIuNzMsMjI2LjVMNDkyLjczLDIyNi41eiIvPgo8L2c+CjxnPgoJPHBvbHlnb24gY2xhc3M9InN0MyIgcG9pbnRzPSI0MTYuNTcsMjMxIDM3MC4wMSwxNTYuNSA0MTYuNTcsODIgNDkxLjM0LDgyIDUzNy45LDE1Ni41IDQ5MS4zNCwyMzEgCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTQ4OS45NSw4NC41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDQ4OS45NSBNNDkyLjczLDc5LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03Mkw0OTIuNzMsNzkuNUw0OTIuNzMsNzkuNXoiLz4KPC9nPgo8ZyBjbGFzcz0ic3QwIj4KCTxwb2x5Z29uIGNsYXNzPSJzdDEiIHBvaW50cz0iNTcuMTIsNDUxIDExLjE4LDM3Ny41IDU3LjEyLDMwNCAxMzAuNzksMzA0IDE3Ni43MiwzNzcuNSAxMzAuNzksNDUxIAkiLz4KCTxwYXRoIGNsYXNzPSJzdDIiIGQ9Ik0xMjkuOTUsMzA1LjVsNDUsNzJsLTQ1LDcyaC03MmwtNDUtNzJsNDUtNzJIMTI5Ljk1IE0xMzEuNjIsMzAyLjVoLTEuNjZoLTcyaC0xLjY2bC0wLjg4LDEuNDFsLTQ1LDcyCgkJbC0wLjk5LDEuNTlsMC45OSwxLjU5bDQ1LDcybDAuODgsMS40MWgxLjY2aDcyaDEuNjZsMC44OC0xLjQxbDQ1LTcybDAuOTktMS41OWwtMC45OS0xLjU5bC00NS03MkwxMzEuNjIsMzAyLjVMMTMxLjYyLDMwMi41eiIvPgo8L2c+CjxnPgoJPHBvbHlnb24gY2xhc3M9InN0MyIgcG9pbnRzPSIxNzYuNTcsMjMxIDEzMC4wMSwxNTYuNSAxNzYuNTcsODIgMjUxLjM0LDgyIDI5Ny45LDE1Ni41IDI1MS4zNCwyMzEgCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTI0OS45NSw4NC41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDI0OS45NSBNMjUyLjczLDc5LjVoLTIuNzdoLTcyaC0yLjc3bC0xLjQ3LDIuMzVsLTQ1LDcyCgkJbC0xLjY2LDIuNjVsMS42NiwyLjY1bDQ1LDcybDEuNDcsMi4zNWgyLjc3aDcyaDIuNzdsMS40Ny0yLjM1bDQ1LTcybDEuNjYtMi42NWwtMS42Ni0yLjY1bC00NS03MkwyNTIuNzMsNzkuNUwyNTIuNzMsNzkuNXoiLz4KPC9nPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDMiIHBvaW50cz0iNTYuNTcsMTU4IDEwLjAxLDgzLjUgNTYuNTcsOSAxMzEuMzQsOSAxNzcuOSw4My41IDEzMS4zNCwxNTggCSIvPgoJPHBhdGggY2xhc3M9InN0NCIgZD0iTTEyOS45NSwxMS41bDQ1LDcybC00NSw3MmgtNzJsLTQ1LTcybDQ1LTcySDEyOS45NSBNMTMyLjczLDYuNWgtMi43N2gtNzJoLTIuNzdsLTEuNDcsMi4zNWwtNDUsNzJMNy4wNiw4My41CgkJbDEuNjYsMi42NWw0NSw3MmwxLjQ3LDIuMzVoMi43N2g3MmgyLjc3bDEuNDctMi4zNWw0NS03MmwxLjY2LTIuNjVsLTEuNjYtMi42NWwtNDUtNzJMMTMyLjczLDYuNUwxMzIuNzMsNi41eiIvPgo8L2c+CjxyZWN0IHg9IjI1MC45NSIgeT0iMzIwLjUiIGNsYXNzPSJzdDQiIHdpZHRoPSI0MCIgaGVpZ2h0PSI1NSIvPgo8cGF0aCBjbGFzcz0ic3Q1IiBkPSJNNDMwLjQ1LDM0MWgtMzIwYy04LjI1LDAtMTUtNi43NS0xNS0xNVYxMzZjMC04LjI1LDYuNzUtMTUsMTUtMTVoMzIwYzguMjUsMCwxNSw2Ljc1LDE1LDE1djE5MAoJQzQ0NS40NSwzMzQuMjUsNDM4LjcsMzQxLDQzMC40NSwzNDF6Ii8+CjxwYXRoIGNsYXNzPSJzdDQiIGQ9Ik0zMTguNDUsMzg0aC05NWMtNC4xMiwwLTcuNS0zLjM4LTcuNS03LjVsMCwwYzAtNC4xMiwzLjM4LTcuNSw3LjUtNy41aDk1YzQuMTIsMCw3LjUsMy4zOCw3LjUsNy41bDAsMAoJQzMyNS45NSwzODAuNjIsMzIyLjU4LDM4NCwzMTguNDUsMzg0eiIvPgo8cmVjdCB4PSIyODAuOTUiIHk9IjMyMC4wMiIgY2xhc3M9InN0NiIgd2lkdGg9IjEwIiBoZWlnaHQ9IjQ5Ii8+CjxwYXRoIGNsYXNzPSJzdDciIGQ9Ik05NS45NSwyNzIuNXY1NGwzNDksMXYtNmMwLDAtMTMyLTQtMjQyLTEzUzk1Ljk1LDI3Mi41LDk1Ljk1LDI3Mi41eiIvPgo8cGF0aCBjbGFzcz0ic3Q4IiBkPSJNNDQ1LjQ1LDMyNmMwLDguMjUtNi43NSwxNS0xNSwxNWgtMzIwYy04LjI1LDAtMTUtNi43NS0xNS0xNSIvPgo8cGF0aCBjbGFzcz0ic3Q5IiBkPSJNNDQ0Ljk1LDE4NS41di01NGMtNS45OS0xMC0xMy45OS05LTI5Ljk5LTljLTQ2Ljg2LDAtOTcuMTQtMC44Ny0xNDQtMWMtNDUuNDEtMC4xMy05MC41OSwwLjEzLTEzNiwwCgljLTEzLTAuMDQtMzQsMC0zOS4wMSw5YzAsMiwwLDQsMCw2YzAsMCwxMzIsNCwyNDIsMTNTNDQ0Ljk1LDE4NS41LDQ0NC45NSwxODUuNXoiLz4KPHBvbHlnb24gY2xhc3M9InN0MTAiIHBvaW50cz0iOTUuNzcsMzI1Ljk1IDE0Ni42NiwzMjUuOTUgMTU0LjgzLDMzOS42NiAxMDcuNzcsMzM5Ljk1IDk4Ljc3LDMzNC45NSAiLz4KPHBvbHlnb24gY2xhc3M9InN0MTEiIHBvaW50cz0iNDQ1LjUzLDMyNi4xMyAzODUuMzIsMzI2LjEzIDM5NC41OCwzNDAuODQgNDMzLjU0LDM0MS4xMSA0NDEuOTgsMzM1LjY2ICIvPgo8cGF0aCBjbGFzcz0ic3QxMiIgZD0iTTQzMC40NSwzNDFoLTMyMGMtOC4yNSwwLTE1LTYuNzUtMTUtMTVWMTM2YzAtOC4yNSw2Ljc1LTE1LDE1LTE1aDMyMGM4LjI1LDAsMTUsNi43NSwxNSwxNXYxOTAKCUM0NDUuNDUsMzM0LjI1LDQzOC43LDM0MSw0MzAuNDUsMzQxeiIvPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDEzIiBkPSJNMjA3LjkzLDE4OC43MmgyNC4xNmw4LjcsNDYuMDhsMTIuNzMtNDYuMDhoMjQuMDdsMTIuNzYsNDYuMDJsOC43MS00Ni4wMmgyNC4wNGwtMTguMTUsODIuMzJoLTI0Ljk0CgkJbC0xNC40NC01MS44M2wtMTQuMzgsNTEuODNoLTI0Ljk1TDIwNy45MywxODguNzJ6Ii8+Cgk8cGF0aCBjbGFzcz0ic3QxMyIgZD0iTTMyNS43OSwxODguNzJoMjguMDJsMTQuNTcsMjUuMzJsMTQuMTgtMjUuMzJoMjcuNzRsLTI1LjYyLDM5Ljg3bDI4LjA0LDQyLjQ1aC0yOC41OGwtMTYuMjYtMjYuNDUKCQlsLTE2LjI2LDI2LjQ1aC0yOC40MWwyOC40LTQyLjlMMzI1Ljc5LDE4OC43MnoiLz4KPC9nPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDEzIiBkPSJNMTg3LjAyLDI1Ny40NWgtMjguODhsLTQuMDEsMTMuNTloLTI1Ljk3bDMwLjk0LTgyLjMyaDI3Ljc1bDMwLjkzLDgyLjMyaC0yNi42NEwxODcuMDIsMjU3LjQ1egoJCSBNMTgxLjc0LDIzOS42NWwtOS4wOS0yOS41OWwtOC45OSwyOS41OUgxODEuNzR6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDE0IiBjeD0iNDkwLjQ1IiBjeT0iODMiIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNDkwLjQ1LDc0LjVjNC42OSwwLDguNSwzLjgxLDguNSw4LjVzLTMuODEsOC41LTguNSw4LjVzLTguNS0zLjgxLTguNS04LjVTNDg1Ljc3LDc0LjUsNDkwLjQ1LDc0LjUKCQkgTTQ5MC40NSw2OS41Yy03LjQ2LDAtMTMuNSw2LjA0LTEzLjUsMTMuNXM2LjA0LDEzLjUsMTMuNSwxMy41czEzLjUtNi4wNCwxMy41LTEzLjVTNDk3LjkxLDY5LjUsNDkwLjQ1LDY5LjVMNDkwLjQ1LDY5LjV6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDE0IiBjeD0iNTcuNDUiIGN5PSIxNTciIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNTcuNDUsMTQ4LjVjNC42OSwwLDguNSwzLjgxLDguNSw4LjVzLTMuODEsOC41LTguNSw4LjVzLTguNS0zLjgxLTguNS04LjVTNTIuNzcsMTQ4LjUsNTcuNDUsMTQ4LjUKCQkgTTU3LjQ1LDE0My41Yy03LjQ2LDAtMTMuNSw2LjA0LTEzLjUsMTMuNXM2LjA0LDEzLjUsMTMuNSwxMy41czEzLjUtNi4wNCwxMy41LTEzLjVTNjQuOTEsMTQzLjUsNTcuNDUsMTQzLjVMNTcuNDUsMTQzLjV6Ii8+CjwvZz4KPGc+Cgk8Y2lyY2xlIGNsYXNzPSJzdDgiIGN4PSI0OTEuNDUiIGN5PSIyMzEiIHI9IjExIi8+Cgk8cGF0aCBjbGFzcz0ic3Q0IiBkPSJNNDkxLjQ1LDIyMi41YzQuNjksMCw4LjUsMy44MSw4LjUsOC41cy0zLjgxLDguNS04LjUsOC41cy04LjUtMy44MS04LjUtOC41UzQ4Ni43NywyMjIuNSw0OTEuNDUsMjIyLjUKCQkgTTQ5MS40NSwyMTcuNWMtNy40NiwwLTEzLjUsNi4wNC0xMy41LDEzLjVzNi4wNCwxMy41LDEzLjUsMTMuNXMxMy41LTYuMDQsMTMuNS0xMy41UzQ5OC45MSwyMTcuNSw0OTEuNDUsMjE3LjVMNDkxLjQ1LDIxNy41eiIvPgo8L2c+Cjwvc3ZnPgo= + mediatype: image/svg+xml install: spec: - deployments: null + deployments: strategy: deployment installModes: - - supported: true - type: OwnNamespace - - supported: true - type: SingleNamespace - - supported: true - type: MultiNamespace - - supported: false - type: AllNamespaces + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: false + type: AllNamespaces keywords: - - automation - - ansible + - automation + - ansible links: - - name: AWX Operator - url: https://github.com/ansible/awx-operator + - name: AWX Operator + url: https://github.com/ansible/awx-operator maintainers: - - email: awx-project@googlegroups.com - name: AWX Team + - email: awx-project@googlegroups.com + name: AWX Team maturity: alpha minKubeVersion: 1.22.15 provider: name: Ansible url: github.com/ansible/awx-operator - version: 0.0.0 + version: "0.0.0" diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index b484d72d1..777156ba9 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -1,7 +1,8 @@ +--- # These resources constitute the fully configured set of manifests # used to generate the 'manifests/' directory in a bundle. resources: -- bases/awx-operator.clusterserviceversion.yaml -- ../default -- ../samples -- ../scorecard + - bases/awx-operator.clusterserviceversion.yaml + - ../default + - ../samples + - ../scorecard diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml index ed137168a..c4aaaee08 100644 --- a/config/prometheus/kustomization.yaml +++ b/config/prometheus/kustomization.yaml @@ -1,2 +1,3 @@ +--- resources: -- monitor.yaml + - monitor.yaml diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index 6812d4d5e..a5bd8b17a 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -1,3 +1,4 @@ +--- # Prometheus Monitor Service (Metrics) apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml index 51a75db47..40c33347c 100644 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -1,9 +1,10 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: metrics-reader rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get + - nonResourceURLs: + - /metrics + verbs: + - get diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml index 80e1857c5..449cb4bfb 100644 --- a/config/rbac/auth_proxy_role.yaml +++ b/config/rbac/auth_proxy_role.yaml @@ -1,17 +1,18 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml index ec7acc0a1..08cb903f7 100644 --- a/config/rbac/auth_proxy_role_binding.yaml +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -7,6 +8,6 @@ roleRef: kind: ClusterRole name: proxy-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml index 71f179727..bb2ed2cf5 100644 --- a/config/rbac/auth_proxy_service.yaml +++ b/config/rbac/auth_proxy_service.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -7,9 +8,9 @@ metadata: namespace: system spec: ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https + - name: https + port: 8443 + protocol: TCP + targetPort: https selector: control-plane: controller-manager diff --git a/config/rbac/awx_editor_role.yaml b/config/rbac/awx_editor_role.yaml index 908ba1f21..8994f52f2 100644 --- a/config/rbac/awx_editor_role.yaml +++ b/config/rbac/awx_editor_role.yaml @@ -1,24 +1,25 @@ +--- # permissions for end users to edit awxs. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awx-editor-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxs/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxs/status + verbs: + - get diff --git a/config/rbac/awx_viewer_role.yaml b/config/rbac/awx_viewer_role.yaml index 925b51751..d5e31a6bb 100644 --- a/config/rbac/awx_viewer_role.yaml +++ b/config/rbac/awx_viewer_role.yaml @@ -1,20 +1,21 @@ +--- # permissions for end users to view awxs. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awx-viewer-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxs - verbs: - - get - - list - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxs/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxs + verbs: + - get + - list + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxs/status + verbs: + - get diff --git a/config/rbac/awxbackup_editor_role.yaml b/config/rbac/awxbackup_editor_role.yaml index 95261725f..db98650a9 100644 --- a/config/rbac/awxbackup_editor_role.yaml +++ b/config/rbac/awxbackup_editor_role.yaml @@ -1,24 +1,25 @@ +--- # permissions for end users to edit awxbackups. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awxbackup-editor-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxbackups - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxbackups/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxbackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxbackups/status + verbs: + - get diff --git a/config/rbac/awxbackup_viewer_role.yaml b/config/rbac/awxbackup_viewer_role.yaml index d0a6d589b..0865a2ed7 100644 --- a/config/rbac/awxbackup_viewer_role.yaml +++ b/config/rbac/awxbackup_viewer_role.yaml @@ -1,20 +1,21 @@ +--- # permissions for end users to view awxbackups. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awxbackup-viewer-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxbackups - verbs: - - get - - list - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxbackups/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxbackups + verbs: + - get + - list + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxbackups/status + verbs: + - get diff --git a/config/rbac/awxmeshingress_editor_role.yaml b/config/rbac/awxmeshingress_editor_role.yaml index eb40935b2..cdb61b95f 100644 --- a/config/rbac/awxmeshingress_editor_role.yaml +++ b/config/rbac/awxmeshingress_editor_role.yaml @@ -1,3 +1,4 @@ +--- # permissions for end users to edit awxmeshingresses. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -11,21 +12,21 @@ metadata: app.kubernetes.io/managed-by: kustomize name: awxmeshingress-editor-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxmeshingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxmeshingresses/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxmeshingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxmeshingresses/status + verbs: + - get diff --git a/config/rbac/awxmeshingress_viewer_role.yaml b/config/rbac/awxmeshingress_viewer_role.yaml index 4a2d0acd3..fad06a587 100644 --- a/config/rbac/awxmeshingress_viewer_role.yaml +++ b/config/rbac/awxmeshingress_viewer_role.yaml @@ -1,3 +1,4 @@ +--- # permissions for end users to view awxmeshingresses. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -11,17 +12,17 @@ metadata: app.kubernetes.io/managed-by: kustomize name: awxmeshingress-viewer-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxmeshingresses - verbs: - - get - - list - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxmeshingresses/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxmeshingresses + verbs: + - get + - list + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxmeshingresses/status + verbs: + - get diff --git a/config/rbac/awxrestore_editor_role.yaml b/config/rbac/awxrestore_editor_role.yaml index 7878c1d2c..6770f8a08 100644 --- a/config/rbac/awxrestore_editor_role.yaml +++ b/config/rbac/awxrestore_editor_role.yaml @@ -1,24 +1,25 @@ +--- # permissions for end users to edit awxrestores. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awxrestore-editor-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxrestores - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxrestores/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxrestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxrestores/status + verbs: + - get diff --git a/config/rbac/awxrestore_viewer_role.yaml b/config/rbac/awxrestore_viewer_role.yaml index d905a08c2..44e41cb48 100644 --- a/config/rbac/awxrestore_viewer_role.yaml +++ b/config/rbac/awxrestore_viewer_role.yaml @@ -1,20 +1,21 @@ +--- # permissions for end users to view awxrestores. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: awxrestore-viewer-role rules: -- apiGroups: - - awx.ansible.com - resources: - - awxrestores - verbs: - - get - - list - - watch -- apiGroups: - - awx.ansible.com - resources: - - awxrestores/status - verbs: - - get + - apiGroups: + - awx.ansible.com + resources: + - awxrestores + verbs: + - get + - list + - watch + - apiGroups: + - awx.ansible.com + resources: + - awxrestores/status + verbs: + - get diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a6a..f4afe7a42 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,18 +1,19 @@ +--- resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. -- service_account.yaml -- role.yaml -- role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml + # All RBAC will be applied under this service account in + # the deployment namespace. You may comment out this resource + # if your manager will use a service account that exists at + # runtime. Be sure to update RoleBinding and ClusterRoleBinding + # subjects if changing service account names. + - service_account.yaml + - role.yaml + - role_binding.yaml + - leader_election_role.yaml + - leader_election_role_binding.yaml + # Comment the following 4 lines if you want to disable + # the auth proxy (https://github.com/brancz/kube-rbac-proxy) + # which protects your /metrics endpoint. + - auth_proxy_service.yaml + - auth_proxy_role.yaml + - auth_proxy_role_binding.yaml + - auth_proxy_client_clusterrole.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml index 4190ec805..19d177622 100644 --- a/config/rbac/leader_election_role.yaml +++ b/config/rbac/leader_election_role.yaml @@ -1,37 +1,38 @@ +--- # permissions to do leader election. apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index 1d1321ed4..c536feb4f 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -7,6 +8,6 @@ roleRef: kind: Role name: leader-election-role subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system + - kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index fc09d1803..257a2f1d3 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - creationTimestamp: null + creationTimestamp: name: awx-manager-role rules: - apiGroups: @@ -39,7 +39,7 @@ rules: - update - watch - apiGroups: - - "rbac.authorization.k8s.io" + - rbac.authorization.k8s.io resources: - roles - rolebindings @@ -117,7 +117,7 @@ rules: resources: - pods/exec - pods/attach - - pods/log # log & attach rules needed to be able to grant them to AWX service account + - pods/log # log & attach rules needed to be able to grant them to AWX service account verbs: - create - get @@ -131,11 +131,11 @@ rules: - apiGroups: - awx.ansible.com resources: - - '*' + - "*" - awxbackups - awxrestores verbs: - - '*' + - "*" - apiGroups: - traefik.containo.us - traefik.io diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml index 7cd6025bf..a1ae812dc 100644 --- a/config/rbac/service_account.yaml +++ b/config/rbac/service_account.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/config/samples/awx_v1beta1_awxbackup.yaml b/config/samples/awx_v1beta1_awxbackup.yaml index b13a69656..b27ddaf70 100644 --- a/config/samples/awx_v1beta1_awxbackup.yaml +++ b/config/samples/awx_v1beta1_awxbackup.yaml @@ -1,3 +1,4 @@ +--- apiVersion: awx.ansible.com/v1beta1 kind: AWXBackup metadata: @@ -6,8 +7,8 @@ spec: deployment_name: example-awx backup_resource_requirements: limits: - cpu: "1000m" - memory: "4096Mi" + cpu: 1000m + memory: 4096Mi requests: - cpu: "25m" - memory: "32Mi" + cpu: 25m + memory: 32Mi diff --git a/config/samples/awx_v1beta1_awxrestore.yaml b/config/samples/awx_v1beta1_awxrestore.yaml index 512d2fda7..212f38610 100644 --- a/config/samples/awx_v1beta1_awxrestore.yaml +++ b/config/samples/awx_v1beta1_awxrestore.yaml @@ -1,3 +1,4 @@ +--- apiVersion: awx.ansible.com/v1beta1 kind: AWXRestore metadata: @@ -7,8 +8,8 @@ spec: backup_name: example-awx-backup restore_resource_requirements: limits: - cpu: "1000m" - memory: "4096Mi" + cpu: 1000m + memory: 4096Mi requests: - cpu: "25m" - memory: "32Mi" + cpu: 25m + memory: 32Mi diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 61466cecd..c29373c2b 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,7 +1,8 @@ +--- ## Append samples you want in your CSV to this file as resources ## resources: -- awx_v1beta1_awx.yaml -- awx_v1beta1_awxbackup.yaml -- awx_v1beta1_awxrestore.yaml -- awx_v1alpha1_awxmeshingress.yaml + - awx_v1beta1_awx.yaml + - awx_v1beta1_awxbackup.yaml + - awx_v1beta1_awxrestore.yaml + - awx_v1alpha1_awxmeshingress.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/scorecard/bases/config.yaml b/config/scorecard/bases/config.yaml index c77047841..0907f0f71 100644 --- a/config/scorecard/bases/config.yaml +++ b/config/scorecard/bases/config.yaml @@ -1,7 +1,8 @@ +--- apiVersion: scorecard.operatorframework.io/v1alpha3 kind: Configuration metadata: name: config stages: -- parallel: true - tests: [] + - parallel: true + tests: [] diff --git a/config/scorecard/kustomization.yaml b/config/scorecard/kustomization.yaml index 50cd2d084..241e98178 100644 --- a/config/scorecard/kustomization.yaml +++ b/config/scorecard/kustomization.yaml @@ -1,16 +1,17 @@ +--- resources: -- bases/config.yaml + - bases/config.yaml patchesJson6902: -- path: patches/basic.config.yaml - target: - group: scorecard.operatorframework.io - version: v1alpha3 - kind: Configuration - name: config -- path: patches/olm.config.yaml - target: - group: scorecard.operatorframework.io - version: v1alpha3 - kind: Configuration - name: config + - path: patches/basic.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config + - path: patches/olm.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config #+kubebuilder:scaffold:patchesJson6902 diff --git a/config/scorecard/patches/basic.config.yaml b/config/scorecard/patches/basic.config.yaml index ccd4bf738..e649322bb 100644 --- a/config/scorecard/patches/basic.config.yaml +++ b/config/scorecard/patches/basic.config.yaml @@ -1,9 +1,10 @@ +--- - op: add path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - basic-check-spec + - scorecard-test + - basic-check-spec image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: basic diff --git a/config/scorecard/patches/olm.config.yaml b/config/scorecard/patches/olm.config.yaml index 06d968676..636ef84dd 100644 --- a/config/scorecard/patches/olm.config.yaml +++ b/config/scorecard/patches/olm.config.yaml @@ -1,9 +1,10 @@ +--- - op: add path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-bundle-validation + - scorecard-test + - olm-bundle-validation image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: olm @@ -12,8 +13,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-crds-have-validation + - scorecard-test + - olm-crds-have-validation image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: olm @@ -22,8 +23,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-crds-have-resources + - scorecard-test + - olm-crds-have-resources image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: olm @@ -32,8 +33,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-spec-descriptors + - scorecard-test + - olm-spec-descriptors image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: olm @@ -42,8 +43,8 @@ path: /stages/0/tests/- value: entrypoint: - - scorecard-test - - olm-status-descriptors + - scorecard-test + - olm-status-descriptors image: quay.io/operator-framework/scorecard-test:v1.26.0 labels: suite: olm diff --git a/config/testing/kustomization.yaml b/config/testing/kustomization.yaml index 866bc70b6..d164531a4 100644 --- a/config/testing/kustomization.yaml +++ b/config/testing/kustomization.yaml @@ -1,3 +1,4 @@ +--- # Adds namespace to all resources. namespace: osdk-test @@ -7,17 +8,16 @@ namePrefix: osdk- #commonLabels: # someName: someValue - apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- ../crd -- ../rbac -- ../manager + - ../crd + - ../rbac + - ../manager images: -- name: testing - newName: testing-operator + - name: testing + newName: testing-operator patches: -- path: manager_image.yaml -- path: debug_logs_patch.yaml -- path: ../default/manager_auth_proxy_patch.yaml + - path: manager_image.yaml + - path: debug_logs_patch.yaml + - path: ../default/manager_auth_proxy_patch.yaml diff --git a/mkdocs.yml b/mkdocs.yml index f8c7f8a9a..fd22b8dd8 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -8,7 +8,7 @@ strict: true use_directory_urls: false theme: - name: "ansible" + name: ansible features: - content.code.copy - content.action.edit @@ -89,8 +89,7 @@ nav: - Troubleshooting: - troubleshooting/debugging.md -exclude_docs: - README.md +exclude_docs: README.md plugins: - autorefs diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 988cf1227..ad0dfeb18 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -2,7 +2,7 @@ - name: Converge hosts: localhost connection: local - gather_facts: no + gather_facts: false collections: - kubernetes.core @@ -11,7 +11,7 @@ k8s: api_version: v1 kind: Namespace - name: '{{ namespace }}' + name: "{{ namespace }}" tags: - always diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml index 51548b5d8..ca8c8dd86 100644 --- a/molecule/default/destroy.yml +++ b/molecule/default/destroy.yml @@ -17,14 +17,14 @@ k8s: api_version: v1 kind: Namespace - name: '{{ namespace }}' + name: "{{ namespace }}" state: absent tags: - always - name: Unset pull policy - command: '{{ kustomize }} edit remove patch --path pull_policy/{{ operator_pull_policy }}.yaml' + command: "{{ kustomize }} edit remove patch --path pull_policy/{{ operator_pull_policy }}.yaml" args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" tags: - always diff --git a/molecule/default/kustomize.yml b/molecule/default/kustomize.yml index c9c7a64da..ff3d3e529 100644 --- a/molecule/default/kustomize.yml +++ b/molecule/default/kustomize.yml @@ -1,9 +1,9 @@ --- - name: Build kustomize testing overlay # load-restrictor must be set to none so we can load patch files from the default overlay - command: '{{ kustomize }} build --load-restrictor LoadRestrictionsNone .' + command: "{{ kustomize }} build --load-restrictor LoadRestrictionsNone ." args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" register: resources changed_when: false tags: @@ -11,9 +11,9 @@ - name: Set resources to {{ state }} k8s: - definition: '{{ item }}' - state: '{{ state }}' - wait: yes - loop: '{{ resources.stdout | from_yaml_all | list }}' + definition: "{{ item }}" + state: "{{ state }}" + wait: true + loop: "{{ resources.stdout | from_yaml_all | list }}" tags: - always diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 9a1898f2f..bc91eb962 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -25,7 +25,7 @@ provisioner: awx_image: ${AWX_TEST_IMAGE:-""} awx_version: ${AWX_TEST_VERSION:-""} default_awx_version: "{{ lookup('url', 'https://api.github.com/repos/ansible/awx/releases/latest') | from_json | json_query('tag_name') }}" - ansible_python_interpreter: '{{ ansible_playbook_python }}' + ansible_python_interpreter: "{{ ansible_playbook_python }}" config_dir: ${MOLECULE_PROJECT_DIRECTORY}/config samples_dir: ${MOLECULE_PROJECT_DIRECTORY}/config/samples operator_image: ${OPERATOR_IMAGE:-""} diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index b05ec5753..b83734710 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -15,22 +15,22 @@ - always - name: Set testing image - command: '{{ kustomize }} edit set image testing={{ operator_image }}' + command: "{{ kustomize }} edit set image testing={{ operator_image }}" args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" tags: - always - name: Set pull policy - command: '{{ kustomize }} edit add patch --path pull_policy/{{ operator_pull_policy }}.yaml' + command: "{{ kustomize }} edit add patch --path pull_policy/{{ operator_pull_policy }}.yaml" args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" tags: - always - name: Set testing namespace - command: '{{ kustomize }} edit set namespace {{ namespace }}' + command: "{{ kustomize }} edit set namespace {{ namespace }}" args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" tags: - always diff --git a/molecule/default/tasks/_test_case_replicas.yml b/molecule/default/tasks/_test_case_replicas.yml index c99d03391..2bb86aa05 100644 --- a/molecule/default/tasks/_test_case_replicas.yml +++ b/molecule/default/tasks/_test_case_replicas.yml @@ -1,7 +1,7 @@ --- - name: Get web pod details k8s_info: - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" kind: Pod label_selectors: - app.kubernetes.io/name = example-awx-web @@ -14,7 +14,7 @@ - name: Get task pod details k8s_info: - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" kind: Pod label_selectors: - app.kubernetes.io/name = example-awx-task diff --git a/molecule/default/tasks/apply_awx_spec.yml b/molecule/default/tasks/apply_awx_spec.yml index 01aff07b5..a226fc5f7 100644 --- a/molecule/default/tasks/apply_awx_spec.yml +++ b/molecule/default/tasks/apply_awx_spec.yml @@ -2,10 +2,10 @@ - name: Create or update the awx.ansible.com/v1beta1.AWX k8s: state: present - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" definition: "{{ lookup('template', 'awx_cr_molecule.yml.j2') | from_yaml }}" apply: true - wait: yes + wait: true wait_timeout: 900 wait_condition: type: Running diff --git a/molecule/default/tasks/awx_replicas_test.yml b/molecule/default/tasks/awx_replicas_test.yml index 674c723d3..9476b8c67 100644 --- a/molecule/default/tasks/awx_replicas_test.yml +++ b/molecule/default/tasks/awx_replicas_test.yml @@ -15,7 +15,7 @@ expected_web_replicas: 0 expected_task_replicas: 0 -#### + #### - debug: msg: test - replicas should act as a default @@ -31,7 +31,7 @@ expected_web_replicas: 1 expected_task_replicas: 2 -#### + #### - debug: msg: test - replicas=0 should kill all pods @@ -46,7 +46,7 @@ expected_web_replicas: 0 expected_task_replicas: 0 -#### + #### - debug: msg: test - replicas=2 should give 2 of each diff --git a/molecule/default/tasks/awx_test.yml b/molecule/default/tasks/awx_test.yml index aaac0b828..e998fc6dc 100644 --- a/molecule/default/tasks/awx_test.yml +++ b/molecule/default/tasks/awx_test.yml @@ -6,14 +6,14 @@ - name: Look up details for this AWX instance k8s_info: namespace: "{{ namespace }}" - api_version: "awx.ansible.com/v1beta1" + api_version: awx.ansible.com/v1beta1 kind: AWX name: example-awx register: this_awx - name: Get web pod details k8s_info: - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" kind: Pod label_selectors: - app.kubernetes.io/name = example-awx-web @@ -21,7 +21,7 @@ - name: Get task pod details k8s_info: - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" kind: Pod label_selectors: - app.kubernetes.io/name = example-awx-task @@ -29,100 +29,100 @@ - name: Validate DEFAULT_AWX_VERSION block: - - name: Extract tags from images from web pod - set_fact: - web_image_tags: | - {{ awx_web_pod.resources[0].spec.containers | - map(attribute='image') | - map('regex_search', default_awx_version) }} - - name: Extract tags from images from task pod - set_fact: - task_image_tags: | - {{ awx_task_pod.resources[0].spec.containers | - map(attribute='image') | - map('regex_search', default_awx_version) }} - - fail: - msg: | - It looks like you may have broken the DEFAULT_AWX_VERSION functionality. - This is an environment variable that is set via build arg when releasing awx-operator. - when: - - default_awx_version not in web_image_tags - - default_awx_version not in task_image_tags + - name: Extract tags from images from web pod + set_fact: + web_image_tags: | + {{ awx_web_pod.resources[0].spec.containers | + map(attribute='image') | + map('regex_search', default_awx_version) }} + - name: Extract tags from images from task pod + set_fact: + task_image_tags: | + {{ awx_task_pod.resources[0].spec.containers | + map(attribute='image') | + map('regex_search', default_awx_version) }} + - fail: + msg: | + It looks like you may have broken the DEFAULT_AWX_VERSION functionality. + This is an environment variable that is set via build arg when releasing awx-operator. + when: + - default_awx_version not in web_image_tags + - default_awx_version not in task_image_tags when: not awx_version - name: Validate additional_labels block: - - name: Extract additional_labels from AWX spec - set_fact: - awx_additional_labels: >- - {{ this_awx.resources[0].metadata.labels - | dict2items | selectattr('key', 'in', this_awx.resources[0].spec.additional_labels) - | list - }} - - - name: Extract additional_labels from AWX web Pod - set_fact: - awx_web_pod_additional_labels: >- - {{ awx_web_pod.resources[0].metadata.labels - | dict2items | selectattr('key', 'in', this_awx.resources[0].spec.additional_labels) - | list - }} - - - name: Extract additional_labels from AWX task Pod - set_fact: - awx_task_pod_additional_labels: >- - {{ awx_task_pod.resources[0].metadata.labels + - name: Extract additional_labels from AWX spec + set_fact: + awx_additional_labels: >- + {{ this_awx.resources[0].metadata.labels + | dict2items | selectattr('key', 'in', this_awx.resources[0].spec.additional_labels) + | list + }} + + - name: Extract additional_labels from AWX web Pod + set_fact: + awx_web_pod_additional_labels: >- + {{ awx_web_pod.resources[0].metadata.labels | dict2items | selectattr('key', 'in', this_awx.resources[0].spec.additional_labels) | list - }} - - - name: Assert AWX web Pod contains additional_labels - ansible.builtin.assert: - that: - - awx_web_pod_additional_labels == awx_additional_labels - - - name: Assert AWX task Pod contains additional_labels - ansible.builtin.assert: - that: - - awx_task_pod_additional_labels == awx_additional_labels - - - name: Extract web Pod labels which shouldn't have been propagated to it from AWX - set_fact: - awx_web_pod_extra_labels: >- - {{ awx_web_pod.resources[0].metadata.labels - | dict2items | selectattr('key', 'in', ["my/do-not-inherit"]) - | list - }} - - - name: AWX web Pod doesn't contain AWX labels not in additional_labels - ansible.builtin.assert: - that: - - awx_web_pod_extra_labels == [] - - - name: Extract task Pod labels which shouldn't have been propagated to it from AWX - set_fact: - awx_task_pod_extra_labels: >- - {{ awx_task_pod.resources[0].metadata.labels - | dict2items | selectattr('key', 'in', ["my/do-not-inherit"]) - | list - }} - - - name: AWX task Pod doesn't contain AWX labels not in additional_labels - ansible.builtin.assert: - that: - - awx_task_pod_extra_labels == [] + }} + + - name: Extract additional_labels from AWX task Pod + set_fact: + awx_task_pod_additional_labels: >- + {{ awx_task_pod.resources[0].metadata.labels + | dict2items | selectattr('key', 'in', this_awx.resources[0].spec.additional_labels) + | list + }} + + - name: Assert AWX web Pod contains additional_labels + ansible.builtin.assert: + that: + - awx_web_pod_additional_labels == awx_additional_labels + + - name: Assert AWX task Pod contains additional_labels + ansible.builtin.assert: + that: + - awx_task_pod_additional_labels == awx_additional_labels + + - name: Extract web Pod labels which shouldn't have been propagated to it from AWX + set_fact: + awx_web_pod_extra_labels: >- + {{ awx_web_pod.resources[0].metadata.labels + | dict2items | selectattr('key', 'in', ["my/do-not-inherit"]) + | list + }} + + - name: AWX web Pod doesn't contain AWX labels not in additional_labels + ansible.builtin.assert: + that: + - awx_web_pod_extra_labels == [] + + - name: Extract task Pod labels which shouldn't have been propagated to it from AWX + set_fact: + awx_task_pod_extra_labels: >- + {{ awx_task_pod.resources[0].metadata.labels + | dict2items | selectattr('key', 'in', ["my/do-not-inherit"]) + | list + }} + + - name: AWX task Pod doesn't contain AWX labels not in additional_labels + ansible.builtin.assert: + that: + - awx_task_pod_extra_labels == [] rescue: - name: Re-emit failure vars: failed_task: - result: '{{ ansible_failed_result }}' + result: "{{ ansible_failed_result }}" fail: - msg: '{{ failed_task }}' + msg: "{{ failed_task }}" - name: Obtain generated admin password k8s_info: - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" kind: Secret name: example-awx-admin-password register: admin_pw_secret @@ -132,8 +132,8 @@ - name: Launch Demo Job Template awx.awx.job_launch: name: Demo Job Template - wait: yes - validate_certs: no + wait: true + validate_certs: false controller_host: localhost/awx/ controller_username: admin controller_password: "{{ admin_pw_secret.resources[0].data.password | b64decode }}" @@ -141,10 +141,10 @@ rescue: - name: Get list of project updates and jobs uri: - url: "http://localhost/awx/api/v2/{{ resource }}/" + url: http://localhost/awx/api/v2/{{ resource }}/ user: admin password: "{{ admin_pw_secret.resources[0].data.password | b64decode }}" - force_basic_auth: yes + force_basic_auth: true register: job_lists loop: - project_updates @@ -160,10 +160,10 @@ - name: Get all job and project details uri: - url: "http://localhost{{ endpoint }}" + url: http://localhost{{ endpoint }} user: admin password: "{{ admin_pw_secret.resources[0].data.password | b64decode }}" - force_basic_auth: yes + force_basic_auth: true loop: | {{ job_lists.results | map(attribute='json') | map(attribute='results') | flatten | map(attribute='url') }} loop_control: @@ -189,6 +189,6 @@ - name: Re-emit failure vars: failed_task: - result: '{{ ansible_failed_result }}' + result: "{{ ansible_failed_result }}" fail: - msg: '{{ failed_task }}' + msg: "{{ failed_task }}" diff --git a/molecule/default/utils/output_all_container_logs_for_pod.yml b/molecule/default/utils/output_all_container_logs_for_pod.yml index d4e32461c..fd7cbd28a 100644 --- a/molecule/default/utils/output_all_container_logs_for_pod.yml +++ b/molecule/default/utils/output_all_container_logs_for_pod.yml @@ -1,15 +1,15 @@ --- - name: Get all container log in pod kubernetes.core.k8s_log: - namespace: '{{ namespace }}' - name: '{{ item.metadata.name }}' + namespace: "{{ namespace }}" + name: "{{ item.metadata.name }}" all_containers: true register: all_container_logs - name: Store logs in file ansible.builtin.copy: content: "{{ all_container_logs.log_lines | join('\n') }}" - dest: '{{ debug_output_dir }}/{{ item.metadata.name }}.log' + dest: "{{ debug_output_dir }}/{{ item.metadata.name }}.log" # TODO: all_containser option dump all of the output in a single output make it hard to read we probably should iterate through each of the container to get specific logs # also we should probably investigate toolings to do OpenShift style sosreport/must-gather for kind cluster or switch to microshift where sosreport is supported diff --git a/molecule/default/utils/output_k8s_resources.yml b/molecule/default/utils/output_k8s_resources.yml index 71fb1374d..d37ed829d 100644 --- a/molecule/default/utils/output_k8s_resources.yml +++ b/molecule/default/utils/output_k8s_resources.yml @@ -1,9 +1,9 @@ --- - name: Retrieve relevant k8s resources kubernetes.core.k8s_info: - api_version: '{{ item.api_version }}' - kind: '{{ item.kind }}' - namespace: '{{ namespace }}' + api_version: "{{ item.api_version }}" + kind: "{{ item.kind }}" + namespace: "{{ namespace }}" loop: - api_version: v1 kind: Pod @@ -13,17 +13,17 @@ kind: Secret - api_version: v1 kind: ConfigMap - - api_version: "awx.ansible.com/v1beta1" + - api_version: awx.ansible.com/v1beta1 kind: AWX register: debug_resources - name: debug print item.kind and item.metadata.name debug: - msg: '{{ item.kind }}-{{ item.metadata.name }}' + msg: "{{ item.kind }}-{{ item.metadata.name }}" loop: "{{ debug_resources.results | map(attribute='resources') | flatten }}" - name: Output gathered resource to files ansible.builtin.copy: - content: '{{ item | to_nice_json }}' - dest: '{{ debug_output_dir }}/{{ item.kind }}-{{ item.metadata.name }}.json' + content: "{{ item | to_nice_json }}" + dest: "{{ debug_output_dir }}/{{ item.kind }}-{{ item.metadata.name }}.json" loop: "{{ debug_resources.results | map(attribute='resources') | flatten }}" diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 31b95d3f3..6cb645bc3 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -2,7 +2,7 @@ - name: Verify hosts: localhost connection: local - gather_facts: no + gather_facts: false collections: - kubernetes.core @@ -13,7 +13,7 @@ - name: Perform awx tests block: - name: Import all test files from tasks/ - ansible.builtin.include_tasks: '{{ item }}' + ansible.builtin.include_tasks: "{{ item }}" with_fileglob: - tasks/awx_test.yml - tasks/awx_replicas_test.yml @@ -22,7 +22,7 @@ rescue: - name: Create debug output directory ansible.builtin.file: - path: '{{ debug_output_dir }}' + path: "{{ debug_output_dir }}" state: directory tags: - always @@ -36,23 +36,23 @@ kubernetes.core.k8s_info: api_version: v1 kind: Pod - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" register: all_pods tags: - always - name: Get all container logs for all pods ansible.builtin.include_tasks: utils/output_all_container_logs_for_pod.yml - loop: '{{ all_pods.resources }}' - ignore_errors: yes + loop: "{{ all_pods.resources }}" + ignore_errors: true tags: - always - name: Re-emit failure vars: failed_task: - result: '{{ ansible_failed_result }}' + result: "{{ ansible_failed_result }}" ansible.builtin.fail: - msg: '{{ failed_task }}' + msg: "{{ failed_task }}" tags: - always diff --git a/molecule/kind/converge.yml b/molecule/kind/converge.yml index 4e2f6cf80..994562218 100644 --- a/molecule/kind/converge.yml +++ b/molecule/kind/converge.yml @@ -2,21 +2,21 @@ - name: Converge hosts: localhost connection: local - gather_facts: no + gather_facts: false tasks: - name: Build operator image community.docker.docker_image: build: - path: '{{ project_dir }}' - pull: no + path: "{{ project_dir }}" + pull: false args: - DEFAULT_AWX_VERSION: '{{ default_awx_version }}' - name: '{{ operator_image }}' + DEFAULT_AWX_VERSION: "{{ default_awx_version }}" + name: "{{ operator_image }}" tag: latest - push: no + push: false source: build - force_source: yes + force_source: true tags: - always @@ -27,7 +27,6 @@ tags: - always - - name: Load awx image into kind cluster command: kind load docker-image --name osdk-test '{{ awx_image }}:{{ awx_version }}' register: result diff --git a/molecule/kind/destroy.yml b/molecule/kind/destroy.yml index 6fe3abfdd..5b4b65afc 100644 --- a/molecule/kind/destroy.yml +++ b/molecule/kind/destroy.yml @@ -13,8 +13,8 @@ - always - name: Unset pull policy - command: '{{ kustomize }} edit remove patch --path pull_policy/{{ operator_pull_policy }}.yaml' + command: "{{ kustomize }} edit remove patch --path pull_policy/{{ operator_pull_policy }}.yaml" args: - chdir: '{{ config_dir }}/testing' + chdir: "{{ config_dir }}/testing" tags: - always diff --git a/molecule/kind/molecule.yml b/molecule/kind/molecule.yml index e38231239..8a716004d 100644 --- a/molecule/kind/molecule.yml +++ b/molecule/kind/molecule.yml @@ -26,13 +26,13 @@ provisioner: awx_ee_image: ${AWX_EE_TEST_IMAGE:-""} awx_image: ${AWX_TEST_IMAGE:-""} awx_version: ${AWX_TEST_VERSION:-""} - ansible_python_interpreter: '{{ ansible_playbook_python }}' + ansible_python_interpreter: "{{ ansible_playbook_python }}" default_awx_version: "{{ lookup('url', 'https://api.github.com/repos/ansible/awx/releases/latest') | from_json | json_query('tag_name') }}" config_dir: ${MOLECULE_PROJECT_DIRECTORY}/config samples_dir: ${MOLECULE_PROJECT_DIRECTORY}/config/samples project_dir: ${MOLECULE_PROJECT_DIRECTORY} operator_image: testing-operator - operator_pull_policy: "Never" + operator_pull_policy: Never kubeconfig: "{{ lookup('env', 'KUBECONFIG') }}" kustomize: ${KUSTOMIZE_PATH:-kustomize} store_debug_output: ${STORE_DEBUG_OUTPUT:-false} diff --git a/molecule/kind/prepare.yml b/molecule/kind/prepare.yml index 4c8f6a1f2..c6be06052 100644 --- a/molecule/kind/prepare.yml +++ b/molecule/kind/prepare.yml @@ -6,7 +6,7 @@ collections: - kubernetes.core vars: - nginx_ingress_definition: 'https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml' + nginx_ingress_definition: https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml tasks: - name: Install NGINX ingress k8s: @@ -21,11 +21,11 @@ namespace: ingress-nginx label_selectors: - app.kubernetes.io/component=controller - wait: yes + wait: true wait_timeout: 30 wait_condition: type: Ready - register: result # For some reason, this task always fails on the first try... + register: result # For some reason, this task always fails on the first try... until: result is not failed tags: - always diff --git a/playbooks/awx.yml b/playbooks/awx.yml index a84f438d5..afe790605 100644 --- a/playbooks/awx.yml +++ b/playbooks/awx.yml @@ -1,6 +1,6 @@ --- - hosts: localhost - gather_facts: no + gather_facts: false collections: - kubernetes.core - operator_sdk.util @@ -10,7 +10,7 @@ - name: Verify imagePullSecrets k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" name: redhat-operators-pull-secret register: _rh_ops_secret no_log: "{{ no_log }}" @@ -22,7 +22,7 @@ kind: Secret metadata: name: redhat-operators-pull-secret - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" stringData: operator: awx when: diff --git a/requirements.yml b/requirements.yml index a4349c61a..8f107ef79 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,6 +1,6 @@ --- collections: - name: kubernetes.core - version: '>=2.3.2' + version: ">=2.3.2" - name: operator_sdk.util version: "0.5.0" diff --git a/roles/backup/defaults/main.yml b/roles/backup/defaults/main.yml index 255a1f011..fd236d766 100644 --- a/roles/backup/defaults/main.yml +++ b/roles/backup/defaults/main.yml @@ -1,15 +1,15 @@ --- # Required: specify name of tower deployment to backup from -deployment_name: '' -kind: 'AWXBackup' -api_version: '{{ deployment_type }}.ansible.com/v1beta1' +deployment_name: "" +kind: AWXBackup +api_version: "{{ deployment_type }}.ansible.com/v1beta1" # Specify a pre-created PVC (name) to backup to -backup_pvc: '' +backup_pvc: "" backup_pvc_namespace: "{{ ansible_operator_meta.namespace }}" # Size of backup PVC if created dynamically -backup_storage_requirements: '' +backup_storage_requirements: "" # Set no_log settings on certain tasks no_log: true @@ -17,13 +17,12 @@ no_log: true # Variable to set when you want backups to be cleaned up when the CRD object is deleted clean_backup_on_delete: false - # Add a nodeSelector for the Postgres pods to backup. # Specify as literal block. E.g.: # db_management_pod_node_selector: | # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -db_management_pod_node_selector: '' +db_management_pod_node_selector: "" # Variable to signal that this role is being run as a finalizer finalizer_run: false @@ -31,20 +30,18 @@ finalizer_run: false # Default resource requirements backup_resource_requirements: limits: - cpu: "1000m" - memory: "4096Mi" + cpu: 1000m + memory: 4096Mi requests: - cpu: "25m" - memory: "32Mi" + cpu: 25m + memory: 32Mi # Allow additional parameters to be added to the pg_dump backup command -pg_dump_suffix: '' +pg_dump_suffix: "" # Labels defined on the resource, which should be propagated to child resources additional_labels: [] - # Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) set_self_labels: true # Number of whole hours worth of events table partitions to precreate before starting backup to avoid pg_dump locks. precreate_partition_hours: 3 -... diff --git a/roles/backup/tasks/awx-cro.yml b/roles/backup/tasks/awx-cro.yml index 974a1b4f6..e2a395d23 100644 --- a/roles/backup/tasks/awx-cro.yml +++ b/roles/backup/tasks/awx-cro.yml @@ -1,11 +1,10 @@ --- - - name: Get AWX custom resource object k8s_info: version: v1beta1 kind: AWX - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ deployment_name }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ deployment_name }}" register: _awx_cro - name: Set AWX object @@ -16,10 +15,10 @@ set_fact: _awx: "{{ _awx | combine ({ item.key : item.value }) }}" with_items: - - {"key": "secret_key_secret", "value": "{{ this_awx['resources'][0]['status']['secretKeySecret'] }}"} - - {"key": "admin_password_secret", "value": "{{ this_awx['resources'][0]['status']['adminPasswordSecret'] }}"} - - {"key": "broadcast_websocket_secret", "value": "{{ this_awx['resources'][0]['status']['broadcastWebsocketSecret'] }}"} - - {"key": "postgres_configuration_secret", "value": "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}"} + - { key: secret_key_secret, value: "{{ this_awx['resources'][0]['status']['secretKeySecret'] }}" } + - { key: admin_password_secret, value: "{{ this_awx['resources'][0]['status']['adminPasswordSecret'] }}" } + - { key: broadcast_websocket_secret, value: "{{ this_awx['resources'][0]['status']['broadcastWebsocketSecret'] }}" } + - { key: postgres_configuration_secret, value: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}" } - name: Set AWX object set_fact: diff --git a/roles/backup/tasks/cleanup.yml b/roles/backup/tasks/cleanup.yml index 77172a541..86bf87bde 100644 --- a/roles/backup/tasks/cleanup.yml +++ b/roles/backup/tasks/cleanup.yml @@ -1,5 +1,4 @@ --- - - name: Delete any existing management pod k8s: name: "{{ ansible_operator_meta.name }}-db-management" diff --git a/roles/backup/tasks/creation.yml b/roles/backup/tasks/creation.yml index d4cdffc32..ab54d1705 100644 --- a/roles/backup/tasks/creation.yml +++ b/roles/backup/tasks/creation.yml @@ -28,26 +28,26 @@ | dict2items | selectattr('key', 'in', additional_labels) }} when: - - additional_labels | length - - this_backup['resources'][0]['metadata']['labels'] + - additional_labels | length + - this_backup['resources'][0]['metadata']['labels'] - block: - - include_tasks: init.yml + - include_tasks: init.yml - - include_tasks: postgres.yml + - include_tasks: postgres.yml - - include_tasks: awx-cro.yml + - include_tasks: awx-cro.yml - - include_tasks: secrets.yml + - include_tasks: secrets.yml - - name: Set flag signifying this backup was successful - set_fact: - backup_complete: true + - name: Set flag signifying this backup was successful + set_fact: + backup_complete: true - - include_tasks: cleanup.yml + - include_tasks: cleanup.yml when: - - this_backup['resources'][0]['status']['backupDirectory'] is not defined + - this_backup['resources'][0]['status']['backupDirectory'] is not defined - name: Update status variables include_tasks: update_status.yml diff --git a/roles/backup/tasks/dump_generated_secret.yml b/roles/backup/tasks/dump_generated_secret.yml index aba8a81c9..146dbe637 100644 --- a/roles/backup/tasks/dump_generated_secret.yml +++ b/roles/backup/tasks/dump_generated_secret.yml @@ -1,39 +1,38 @@ --- - - name: Get secret name set_fact: - _name: "{{ this_awx['resources'][0]['status'][item] }}" + _name: "{{ this_awx['resources'][0]['status'][item] }}" - name: Fail if status is not set on AWX CR block: - - name: Set error message - set_fact: - error_msg: "{{ item }} status is not set on AWX object yet" + - name: Set error message + set_fact: + error_msg: "{{ item }} status is not set on AWX object yet" - - name: Handle error - import_tasks: error_handling.yml + - name: Handle error + import_tasks: error_handling.yml - - name: Fail early if secret name status is not set - fail: - msg: "{{ error_msg }}" + - name: Fail early if secret name status is not set + fail: + msg: "{{ error_msg }}" when: _name is not defined or _name == '' - name: Get secret k8s_info: - version: v1 - kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: "{{ _name }}" + version: v1 + kind: Secret + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ _name }}" register: _secret no_log: "{{ no_log }}" - name: Set secret data set_fact: - _data: "{{ _secret['resources'][0]['data'] }}" - _type: "{{ _secret['resources'][0]['type'] }}" + _data: "{{ _secret['resources'][0]['data'] }}" + _type: "{{ _secret['resources'][0]['type'] }}" no_log: "{{ no_log }}" - name: Create and Add secret names and data to dictionary set_fact: - secret_dict: "{{ secret_dict | default({}) | combine({ item: {'name': _name, 'data': _data, 'type': _type }}) }}" + secret_dict: "{{ secret_dict | default({}) | combine({ item: {'name': _name, 'data': _data, 'type': _type }}) }}" no_log: "{{ no_log }}" diff --git a/roles/backup/tasks/dump_ingress_tls_secrets.yml b/roles/backup/tasks/dump_ingress_tls_secrets.yml index dd82dcfa2..d33c52697 100644 --- a/roles/backup/tasks/dump_ingress_tls_secrets.yml +++ b/roles/backup/tasks/dump_ingress_tls_secrets.yml @@ -1,10 +1,9 @@ --- - - name: Get secret k8s_info: version: v1 kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" name: "{{ item }}" register: _secret no_log: "{{ no_log }}" diff --git a/roles/backup/tasks/dump_receptor_secrets.yml b/roles/backup/tasks/dump_receptor_secrets.yml index dd82dcfa2..d33c52697 100644 --- a/roles/backup/tasks/dump_receptor_secrets.yml +++ b/roles/backup/tasks/dump_receptor_secrets.yml @@ -1,10 +1,9 @@ --- - - name: Get secret k8s_info: version: v1 kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" name: "{{ item }}" register: _secret no_log: "{{ no_log }}" diff --git a/roles/backup/tasks/dump_secret.yml b/roles/backup/tasks/dump_secret.yml index d6b05bb71..3a22ec98c 100644 --- a/roles/backup/tasks/dump_secret.yml +++ b/roles/backup/tasks/dump_secret.yml @@ -1,28 +1,27 @@ --- - - name: Get Secret Name set_fact: - _name: "{{ awx_spec.spec[item] | default('') }}" + _name: "{{ awx_spec.spec[item] | default('') }}" - name: Backup secret if defined block: - - name: Get secret - k8s_info: - version: v1 - kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: "{{ _name }}" - register: _secret - no_log: "{{ no_log }}" + - name: Get secret + k8s_info: + version: v1 + kind: Secret + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ _name }}" + register: _secret + no_log: "{{ no_log }}" - - name: Set secret key - set_fact: - _data: "{{ _secret['resources'][0]['data'] }}" - _type: "{{ _secret['resources'][0]['type'] }}" - no_log: "{{ no_log }}" + - name: Set secret key + set_fact: + _data: "{{ _secret['resources'][0]['data'] }}" + _type: "{{ _secret['resources'][0]['type'] }}" + no_log: "{{ no_log }}" - - name: Create and Add secret names and data to dictionary - set_fact: - secret_dict: "{{ secret_dict | default({}) | combine({item: { 'name': _name, 'data': _data, 'type': _type }}) }}" - no_log: "{{ no_log }}" + - name: Create and Add secret names and data to dictionary + set_fact: + secret_dict: "{{ secret_dict | default({}) | combine({item: { 'name': _name, 'data': _data, 'type': _type }}) }}" + no_log: "{{ no_log }}" when: _name != '' diff --git a/roles/backup/tasks/error_handling.yml b/roles/backup/tasks/error_handling.yml index bc881b45d..658451b43 100644 --- a/roles/backup/tasks/error_handling.yml +++ b/roles/backup/tasks/error_handling.yml @@ -1,5 +1,4 @@ --- - - name: Determine the timestamp set_fact: now: '{{ lookup("pipe", "date +%FT%TZ") }}' diff --git a/roles/backup/tasks/init.yml b/roles/backup/tasks/init.yml index 6061346e7..5fae80c83 100644 --- a/roles/backup/tasks/init.yml +++ b/roles/backup/tasks/init.yml @@ -58,7 +58,7 @@ metadata: name: "{{ deployment_name }}-backup-claim" namespace: "{{ backup_pvc_namespace }}" - ownerReferences: null + ownerReferences: when: - backup_pvc == '' or backup_pvc is not defined @@ -88,7 +88,7 @@ - name: Look up details for this deployment k8s_info: api_version: "{{ api_version }}" - kind: "AWX" + kind: AWX name: "{{ deployment_name }}" namespace: "{{ ansible_operator_meta.namespace }}" register: this_awx diff --git a/roles/backup/tasks/postgres.yml b/roles/backup/tasks/postgres.yml index b885abbf3..a728628ff 100644 --- a/roles/backup/tasks/postgres.yml +++ b/roles/backup/tasks/postgres.yml @@ -1,16 +1,15 @@ --- - - name: Get PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" name: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}" register: pg_config no_log: "{{ no_log }}" - name: Fail if postgres configuration secret status does not exist fail: - msg: "The postgresConfigurationSecret status is not set on the AWX object yet or the secret has been deleted." + msg: The postgresConfigurationSecret status is not set on the AWX object yet or the secret has been deleted. when: not pg_config | default([]) | length - name: Store Database Configuration @@ -26,20 +25,20 @@ - block: - name: Delete pod to reload a resource configuration set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ deployment_name }}" + postgres_label_selector: app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ deployment_name }} when: postgres_label_selector is not defined - name: Get the postgres pod information k8s_info: kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - "{{ postgres_label_selector }}" register: postgres_pod until: - - "postgres_pod['resources'] | length" - - "postgres_pod['resources'][0]['status']['phase'] == 'Running'" - - "postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true" + - postgres_pod['resources'] | length + - postgres_pod['resources'][0]['status']['phase'] == 'Running' + - postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true delay: 5 retries: 60 @@ -54,7 +53,7 @@ - name: Set backup directory name set_fact: - backup_dir: "/backups/tower-openshift-backup-{{ now }}" + backup_dir: /backups/tower-openshift-backup-{{ now }} - name: Create directory for backup k8s_exec: @@ -72,18 +71,18 @@ - name: Set full resolvable host name for postgres pod set_fact: - resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc", awx_postgres_host) }}' # yamllint disable-line rule:line-length + resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc", awx_postgres_host) }}' # yamllint disable-line rule:line-length no_log: "{{ no_log }}" - name: Get the current resource task pod information. k8s_info: api_version: v1 kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/name={{ deployment_name }}-task" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" + - app.kubernetes.io/name={{ deployment_name }}-task + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} field_selectors: - status.phase=Running register: awx_task_pod diff --git a/roles/backup/tasks/secrets.yml b/roles/backup/tasks/secrets.yml index 134698fe4..47ecb2eec 100644 --- a/roles/backup/tasks/secrets.yml +++ b/roles/backup/tasks/secrets.yml @@ -1,5 +1,4 @@ --- - - name: Dump (generated) secret names from statuses and data into file include_tasks: dump_generated_secret.yml with_items: @@ -25,8 +24,8 @@ - name: Dump receptor secret names and data into file include_tasks: dump_receptor_secrets.yml loop: - - '{{ deployment_name }}-receptor-ca' - - '{{ deployment_name }}-receptor-work-signing' + - "{{ deployment_name }}-receptor-ca" + - "{{ deployment_name }}-receptor-work-signing" # image_pull_secret is deprecated in favor of image_pull_secrets - name: Dump image_pull_secret into file @@ -43,7 +42,7 @@ - name: Nest secrets under a single variable set_fact: - secrets: {"secrets": '{{ secret_dict }}'} + secrets: { secrets: "{{ secret_dict }}" } no_log: "{{ no_log }}" - name: Write postgres configuration to pvc diff --git a/roles/backup/tasks/update_status.yml b/roles/backup/tasks/update_status.yml index 8130a85de..a9ea8bacf 100644 --- a/roles/backup/tasks/update_status.yml +++ b/roles/backup/tasks/update_status.yml @@ -1,9 +1,8 @@ --- - # The backup directory in this status can be referenced when restoring - name: Update CR Backup status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" diff --git a/roles/backup/vars/main.yml b/roles/backup/vars/main.yml index b4957c476..cc52baf1d 100644 --- a/roles/backup/vars/main.yml +++ b/roles/backup/vars/main.yml @@ -1,8 +1,8 @@ --- -deployment_type: "awx" +deployment_type: awx _postgres_image: quay.io/sclorg/postgresql-15-c9s _postgres_image_version: latest backup_complete: false -database_type: "unmanaged" +database_type: unmanaged supported_pg_version: 15 image_pull_policy: IfNotPresent diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml index 3c7351a52..0266bb437 100644 --- a/roles/common/defaults/main.yml +++ b/roles/common/defaults/main.yml @@ -1,7 +1,7 @@ --- deployment_type: awx -kind: 'AWX' -api_version: '{{ deployment_type }}.ansible.com/v1beta1' +kind: AWX +api_version: "{{ deployment_type }}.ansible.com/v1beta1" # Used to determine some cluster specific logic regarding projects_persistence pvc permissions is_k8s: false diff --git a/roles/common/meta/main.yml b/roles/common/meta/main.yml index d4d75ee36..e59d13570 100644 --- a/roles/common/meta/main.yml +++ b/roles/common/meta/main.yml @@ -26,7 +26,6 @@ galaxy_info: - deployment dependencies: [] - collections: - kubernetes.core - operator_sdk.util diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 8d0d624a0..7bc89143d 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,19 +1,18 @@ --- - - name: Get information about the cluster set_fact: api_groups: "{{ lookup('k8s', cluster_info='api_groups') }}" when: - - not is_openshift | bool - - not is_k8s | bool + - not is_openshift | bool + - not is_k8s | bool - name: Determine the cluster type set_fact: is_openshift: "{{ True if 'route.openshift.io' in api_groups else False }}" is_k8s: "{{ False if 'route.openshift.io' in api_groups else True }}" when: - - not is_openshift | bool - - not is_k8s | bool + - not is_openshift | bool + - not is_k8s | bool # Indicate what kind of cluster we are in (OpenShift or Kubernetes). - debug: diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml index 4e8a7c1f4..850b2077a 100644 --- a/roles/installer/defaults/main.yml +++ b/roles/installer/defaults/main.yml @@ -1,7 +1,7 @@ --- deployment_type: awx -kind: 'AWX' -api_version: '{{ deployment_type }}.ansible.com/v1beta1' +kind: AWX +api_version: "{{ deployment_type }}.ansible.com/v1beta1" database_name: "{{ deployment_type }}" database_username: "{{ deployment_type }}" @@ -9,37 +9,37 @@ database_username: "{{ deployment_type }}" task_privileged: false service_type: ClusterIP ingress_type: none -ingress_class_name: '' -ingress_path: '/' -ingress_path_type: 'Prefix' -ingress_api_version: 'networking.k8s.io/v1' -api_urlpattern_prefix: '' +ingress_class_name: "" +ingress_path: / +ingress_path_type: Prefix +ingress_api_version: networking.k8s.io/v1 +api_urlpattern_prefix: "" # Add annotations to the service account. Specify as literal block. E.g.: # service_account_annotations: | # eks.amazonaws.com/role-arn: arn:aws:iam:::role/ -service_account_annotations: '' +service_account_annotations: "" # Custom labels for the tower service. Specify as literal block. E.g.: # service_labels: | # environment: non-production # zone: internal -service_labels: '' +service_labels: "" # Add annotations to the ingress. Specify as literal block. E.g.: # ingress_annotations: | # kubernetes.io/ingress.class: nginx # nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s -ingress_annotations: '' +ingress_annotations: "" # TLS secret for the ingress. The secret either has to exist before hand with # the corresponding cert and key or just be an indicator for where an automated # process like cert-manager (enabled via annotations) will store the TLS # certificate and key. -ingress_tls_secret: '' +ingress_tls_secret: "" # Special configuration for specific Ingress Controllers. E.g.: # ingress_controller: contour -ingress_controller: '' +ingress_controller: "" # One or multiple FQDN with optional Secret that contains the TLS information. # The TLS secret either has to exist before hand with @@ -49,12 +49,12 @@ ingress_controller: '' # ingress_hosts: # - hostname: awx-demo.example.com # tls_secret: example-com-tls -ingress_hosts: '' +ingress_hosts: "" -loadbalancer_protocol: 'http' -loadbalancer_port: '80' -loadbalancer_class: '' -service_annotations: '' +loadbalancer_protocol: http +loadbalancer_port: "80" +loadbalancer_class: "" +service_annotations: "" # Port to be used for NodePort configuration, default is to auto-assign a port between 30000-32768 # nodeport_port: '30080' @@ -67,39 +67,39 @@ route_tls_termination_mechanism: edge # Secret to lookup that provide the TLS specific # credentials to deploy # -route_tls_secret: '' +route_tls_secret: "" # Route API Version to support older version # of the kubernetes services -route_api_version: 'route.openshift.io/v1' +route_api_version: route.openshift.io/v1 # Host to create the root with. # If not specific will default to -- # -route_host: '' +route_host: "" -hostname: '' +hostname: "" # Add a nodeSelector for the AWX pods. It must match a node's labels for the pod # to be scheduled on that node. Specify as literal block. E.g.: # node_selector: | # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -node_selector: '' +node_selector: "" # Add a nodeSelector for the AWX pods. It must match a node's labels for the pod # to be scheduled on that node. Specify as literal block. E.g.: # node_selector: | # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -web_node_selector: '' +web_node_selector: "" # Add a nodeSelector for the AWX pods. It must match a node's labels for the pod # to be scheduled on that node. Specify as literal block. E.g.: # node_selector: | # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -task_node_selector: '' +task_node_selector: "" # Add a topologySpreadConstraints for the AWX pods. # Specify as literal block. E.g.: @@ -110,7 +110,7 @@ task_node_selector: '' # labelSelector: # matchLabels: # app.kubernetes.io/name: "" -topology_spread_constraints: '' +topology_spread_constraints: "" # Add a topologySpreadConstraints for the task pods. # Specify as literal block. E.g.: @@ -121,7 +121,7 @@ topology_spread_constraints: '' # labelSelector: # matchLabels: # app.kubernetes.io/name: "" -task_topology_spread_constraints: '' +task_topology_spread_constraints: "" # Add a topologySpreadConstraints for the web pods. # Specify as literal block. E.g.: @@ -132,7 +132,7 @@ task_topology_spread_constraints: '' # labelSelector: # matchLabels: # app.kubernetes.io/name: "" -web_topology_spread_constraints: '' +web_topology_spread_constraints: "" # Add node tolerations for the AWX pods. Specify as literal block. E.g.: # tolerations: | @@ -140,7 +140,7 @@ web_topology_spread_constraints: '' # operator: "Equal" # value: "AWX" # effect: "NoSchedule" -tolerations: '' +tolerations: "" # Add node tolerations for the task pods. Specify as literal block. E.g.: # task_tolerations: | @@ -148,7 +148,7 @@ tolerations: '' # operator: "Equal" # value: "AWXtask" # effect: "NoSchedule" -task_tolerations: '' +task_tolerations: "" # Add node tolerations for the web pods. Specify as literal block. E.g.: # web_tolerations: | @@ -156,7 +156,7 @@ task_tolerations: '' # operator: "Equal" # value: "AWXweb" # effect: "NoSchedule" -web_tolerations: '' +web_tolerations: "" # Add affinities for all pods # affinity: @@ -169,7 +169,6 @@ web_tolerations: '' # values: # - awx affinity: {} - # Add affinities for all task pods # affinity: # nodeAffinity: @@ -181,7 +180,6 @@ affinity: {} # values: # - awx-task task_affinity: {} - # Add affinities for all web pods # affinity: # nodeAffinity: @@ -193,63 +191,62 @@ task_affinity: {} # values: # - awx-web web_affinity: {} - # Add annotations to awx pods. Specify as literal block. E.g.: # annotations: | # my.annotation/1: value # my.annotation/2: value2 -annotations: '' +annotations: "" # Override annotations to awx task pods. Specify as literal block. E.g.: # task_annotations: | # my.task-annotation/1: value # my.task-annotation/2: value2 -task_annotations: '' +task_annotations: "" # Override annotations to awx web pods. Specify as literal block. E.g.: # web_annotations: | # my.web-annotation/1: value # my.web-annotation/2: value2 -web_annotations: '' +web_annotations: "" admin_user: admin admin_email: test@example.com # Secret to lookup that provide the admin password # -admin_password_secret: '' +admin_password_secret: "" # Secret to lookup that provide the broadcast websocket key # -broadcast_websocket_secret: '' +broadcast_websocket_secret: "" # Secret to lookup that provide the secret key # -secret_key_secret: '' +secret_key_secret: "" # Secret to lookup that provide the PostgreSQL configuration # -postgres_configuration_secret: '' +postgres_configuration_secret: "" # Secret to lookup that provides old database credentials (for migration) -old_postgres_configuration_secret: '' +old_postgres_configuration_secret: "" # Secret to lookup that provides default execution environment pull credentials # -ee_pull_credentials_secret: '' +ee_pull_credentials_secret: "" # Add extra volumes to the AWX pod. Specify as literal block. E.g.: # extra_volumes: | # - name: my-volume # emptyDir: {} -extra_volumes: '' +extra_volumes: "" # Add extra volumes to the Postgres pod. Specify as literal block. E.g.: # postgres_extra_volumes: | # - name: my-volume # emptyDir: {} -postgres_extra_volumes: '' +postgres_extra_volumes: "" # Use these image versions for Ansible AWX. @@ -261,7 +258,6 @@ _postgres_image: quay.io/sclorg/postgresql-15-c9s _postgres_image_version: latest image_pull_policy: IfNotPresent image_pull_secrets: [] - # Extra commands which will be appended to the initContainer # Make sure that each command entered return an exit code 0 # otherwise the initContainer will fail @@ -269,22 +265,22 @@ image_pull_secrets: [] # date >> /var/lib/awx/projects/timestamp # chgrp 1000 /shared # chmod 775 /shared -init_container_extra_commands: '' +init_container_extra_commands: "" # Mount extra volumes on the initContainer. # The volume used must be defined as an `extra_volumes` resource # init_container_extra_volume_mounts: | # - name: shared-vol # mountPath: /shared -init_container_extra_volume_mounts: '' +init_container_extra_volume_mounts: "" ee_images: - - name: "AWX EE (latest)" - image: "quay.io/ansible/awx-ee:latest" - - name: "AWX EE ({{ _image_version }})" - image: "quay.io/ansible/awx-ee:{{ _image_version }}" + - name: AWX EE (latest) + image: quay.io/ansible/awx-ee:latest + - name: AWX EE ({{ _image_version }}) + image: quay.io/ansible/awx-ee:{{ _image_version }} -_control_plane_ee_image: "quay.io/ansible/awx-ee:{{ _image_version }}" +_control_plane_ee_image: quay.io/ansible/awx-ee:{{ _image_version }} _init_container_image: "{{ _control_plane_ee_image.split(':')[0] }}" _init_container_image_version: "{{ _control_plane_ee_image.split(':')[1] }}" @@ -294,8 +290,8 @@ _init_projects_container_image: quay.io/centos/centos:stream9 create_preload_data: true replicas: 1 -web_replicas: '' -task_replicas: '' +web_replicas: "" +task_replicas: "" web_liveness_period: 0 web_readiness_period: 0 @@ -311,7 +307,6 @@ web_command: [] rsyslog_args: - /usr/bin/launch_awx_rsyslog.sh rsyslog_command: [] - task_resource_requirements: requests: cpu: 100m @@ -330,11 +325,11 @@ ee_resource_requirements: # TODO: validate default resource requirements # Customize CSRF options -csrf_cookie_secure: False -session_cookie_secure: False +csrf_cookie_secure: false +session_cookie_secure: false # Assign a preexisting priority class to the control plane pods -control_plane_priority_class: '' +control_plane_priority_class: "" redis_resource_requirements: requests: @@ -358,21 +353,21 @@ init_container_resource_requirements: # value: bar # - name: BAZ # value: bing -task_extra_env: '' -web_extra_env: '' -rsyslog_extra_env: '' -ee_extra_env: '' +task_extra_env: "" +web_extra_env: "" +rsyslog_extra_env: "" +ee_extra_env: "" # Mount extra volumes on the AWX task/web containers. Specify as literal block. # E.g.: # task_extra_volume_mounts: | # - name: my-volume # mountPath: /some/path -task_extra_volume_mounts: '' -web_extra_volume_mounts: '' -rsyslog_extra_volume_mounts: '' -ee_extra_volume_mounts: '' -postgres_extra_volume_mounts: '' +task_extra_volume_mounts: "" +web_extra_volume_mounts: "" +rsyslog_extra_volume_mounts: "" +ee_extra_volume_mounts: "" +postgres_extra_volume_mounts: "" # Add a nodeSelector for the Postgres pods. # It must match a node's labels for the pod to be scheduled on that node. @@ -381,10 +376,10 @@ postgres_extra_volume_mounts: '' # disktype: ssd # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -postgres_selector: '' +postgres_selector: "" # Specify whether or not to keep the old PVC after PostgreSQL upgrades -postgres_keep_pvc_after_upgrade: True +postgres_keep_pvc_after_upgrade: true # Add node tolerations for the Postgres pods. # Specify as literal block. E.g.: @@ -393,7 +388,7 @@ postgres_keep_pvc_after_upgrade: True # operator: "Equal" # value: "AWX" # effect: "NoSchedule" -postgres_tolerations: '' +postgres_tolerations: "" postgres_storage_requirements: requests: storage: 8Gi @@ -403,17 +398,17 @@ postgres_resource_requirements: memory: 64Mi # Assign a preexisting priority class to the postgres pod -postgres_priority_class: '' +postgres_priority_class: "" # Persistence to the AWX project data folder # Whether or not the /var/lib/projects directory will be persistent projects_persistence: false # # Define an existing PersistentVolumeClaim to use -projects_existing_claim: '' +projects_existing_claim: "" # # Define postgres configuration arguments to use -postgres_extra_args: '' +postgres_extra_args: "" postgres_data_volume_init: false postgres_init_container_commands: | @@ -431,17 +426,17 @@ postgres_keepalives_count: 5 projects_storage_size: 8Gi projects_storage_access_mode: ReadWriteMany -ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt" +ca_trust_bundle: /etc/pki/tls/certs/ca-bundle.crt # Secret to lookup that provides the LDAP CACert trusted bundle # -ldap_cacert_secret: '' +ldap_cacert_secret: "" # Secret to lookup that provides the LDAP bind password -ldap_password_secret: '' +ldap_password_secret: "" # Secret to lookup that provides the custom CA trusted bundle -bundle_cacert_secret: '' +bundle_cacert_secret: "" # Whether secrets should be garbage collected # on teardown @@ -452,7 +447,6 @@ development_mode: false security_context_settings: {} postgres_security_context_settings: {} - # Set no_log settings on certain tasks no_log: true @@ -462,7 +456,6 @@ auto_upgrade: true # Labels defined on the resource, which should be propagated to child resources additional_labels: [] - # Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) set_self_labels: true @@ -474,7 +467,7 @@ ipv6_disabled: false # - ip: 10.10.0.10 # hostnames: # - hostname -host_aliases: '' +host_aliases: "" receptor_log_level: info @@ -489,7 +482,7 @@ uwsgi_listen_queue_size: 128 # NGINX default values nginx_worker_processes: 1 nginx_worker_connections: "{{ uwsgi_listen_queue_size }}" -nginx_worker_cpu_affinity: 'auto' +nginx_worker_cpu_affinity: auto nginx_listen_queue_size: "{{ uwsgi_listen_queue_size }}" # metrics-utility (github.com/ansible/metrics-utility) diff --git a/roles/installer/tasks/admin_password_configuration.yml b/roles/installer/tasks/admin_password_configuration.yml index edba56398..8f10f6e3f 100644 --- a/roles/installer/tasks/admin_password_configuration.yml +++ b/roles/installer/tasks/admin_password_configuration.yml @@ -2,8 +2,8 @@ - name: Check for specified admin password configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ admin_password_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ admin_password_secret }}" register: _custom_admin_password no_log: "{{ no_log }}" when: admin_password_secret | length @@ -11,8 +11,8 @@ - name: Check for default admin password configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-admin-password' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-admin-password" register: _default_admin_password no_log: "{{ no_log }}" @@ -31,8 +31,8 @@ - name: Read admin password secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-admin-password' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-admin-password" register: _generated_admin_password no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/broadcast_websocket_configuration.yml b/roles/installer/tasks/broadcast_websocket_configuration.yml index f5ed202d0..75d6e70c8 100644 --- a/roles/installer/tasks/broadcast_websocket_configuration.yml +++ b/roles/installer/tasks/broadcast_websocket_configuration.yml @@ -2,8 +2,8 @@ - name: Check for specified broadcast websocket secret configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ broadcast_websocket_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ broadcast_websocket_secret }}" register: _custom_broadcast_websocket no_log: "{{ no_log }}" when: broadcast_websocket_secret | length @@ -11,15 +11,16 @@ - name: Check for default broadcast websocket secret configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-broadcast-websocket' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-broadcast-websocket" register: _default_broadcast_websocket no_log: "{{ no_log }}" - name: Set broadcast websocket secret set_fact: # yamllint disable-line rule:line-length - _broadcast_websocket_secret: '{{ _custom_broadcast_websocket["resources"] | default([]) | length | ternary(_custom_broadcast_websocket, _default_broadcast_websocket) }}' # noqa 204 + _broadcast_websocket_secret: '{{ _custom_broadcast_websocket["resources"] | default([]) | length | ternary(_custom_broadcast_websocket, _default_broadcast_websocket) + }}' # noqa 204 no_log: "{{ no_log }}" - block: @@ -32,8 +33,8 @@ - name: Read broadcast websocket secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-broadcast-websocket' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-broadcast-websocket" register: _generated_broadcast_websocket no_log: "{{ no_log }}" @@ -42,7 +43,7 @@ - name: Set broadcast websocket secret set_fact: # yamllint disable-line rule:line-length - __broadcast_websocket_secret: '{{ _generated_broadcast_websocket["resources"] | default([]) | length | ternary(_generated_broadcast_websocket, _broadcast_websocket_secret) }}' # noqa 204 + __broadcast_websocket_secret: '{{ _generated_broadcast_websocket["resources"] | default([]) | length | ternary(_generated_broadcast_websocket, _broadcast_websocket_secret) }}' # noqa 204 no_log: "{{ no_log }}" - name: Store broadcast websocket secret name diff --git a/roles/installer/tasks/cleanup.yml b/roles/installer/tasks/cleanup.yml index c0c41ed19..1970ea2a2 100644 --- a/roles/installer/tasks/cleanup.yml +++ b/roles/installer/tasks/cleanup.yml @@ -5,9 +5,11 @@ _admin_password: '{{ admin_password_secret | length | ternary(admin_password_secret, ansible_operator_meta.name + "-admin-password") }}' _secret_key: '{{ secret_key_secret | length | ternary(secret_key_secret, ansible_operator_meta.name + "-secret-key") }}' # yamllint disable-line rule:line-length - _broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, ansible_operator_meta.name + "-broadcast-websocket") }}' # noqa 204 + _broadcast_websocket_secret: '{{ broadcast_websocket_secret | length | ternary(broadcast_websocket_secret, ansible_operator_meta.name + "-broadcast-websocket") + }}' # noqa 204 # yamllint disable-line rule:line-length - _postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, ansible_operator_meta.name + "-postgres-configuration") }}' # noqa 204 + _postgres_configuration: '{{ postgres_configuration_secret | length | ternary(postgres_configuration_secret, ansible_operator_meta.name + "-postgres-configuration") + }}' # noqa 204 - name: Remove ownerReferences reference k8s: @@ -15,16 +17,16 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ item }}' - namespace: '{{ ansible_operator_meta.namespace }}' - ownerReferences: null + name: "{{ item }}" + namespace: "{{ ansible_operator_meta.namespace }}" + ownerReferences: loop: - - '{{ _admin_password }}' - - '{{ _secret_key }}' - - '{{ _postgres_configuration }}' - - '{{ _broadcast_websocket_secret }}' - - '{{ ansible_operator_meta.name }}-receptor-ca' - - '{{ ansible_operator_meta.name }}-receptor-work-signing' + - "{{ _admin_password }}" + - "{{ _secret_key }}" + - "{{ _postgres_configuration }}" + - "{{ _broadcast_websocket_secret }}" + - "{{ ansible_operator_meta.name }}-receptor-ca" + - "{{ ansible_operator_meta.name }}-receptor-work-signing" no_log: "{{ no_log }}" when: not garbage_collect_secrets | bool diff --git a/roles/installer/tasks/database_configuration.yml b/roles/installer/tasks/database_configuration.yml index 6f3d9a9f2..32d458cdd 100644 --- a/roles/installer/tasks/database_configuration.yml +++ b/roles/installer/tasks/database_configuration.yml @@ -2,8 +2,8 @@ - name: Check for specified PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ postgres_configuration_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ postgres_configuration_secret }}" register: _custom_pg_config_resources when: postgres_configuration_secret | length no_log: "{{ no_log }}" @@ -11,16 +11,16 @@ - name: Check for default PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-postgres-configuration' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-postgres-configuration" register: _default_pg_config_resources no_log: "{{ no_log }}" - name: Check for specified old PostgreSQL configuration secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ old_postgres_configuration_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ old_postgres_configuration_secret }}" register: _custom_old_pg_config_resources when: old_postgres_configuration_secret | length no_log: "{{ no_log }}" @@ -28,15 +28,16 @@ - name: Check for default old PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-old-postgres-configuration' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-old-postgres-configuration" register: _default_old_pg_config_resources no_log: "{{ no_log }}" - name: Set old PostgreSQL configuration set_fact: # yamllint disable-line rule:line-length - old_pg_config: '{{ _custom_old_pg_config_resources["resources"] | default([]) | length | ternary(_custom_old_pg_config_resources, _default_old_pg_config_resources) }}' # noqa 204 + old_pg_config: '{{ _custom_old_pg_config_resources["resources"] | default([]) | length | ternary(_custom_old_pg_config_resources, _default_old_pg_config_resources) + }}' # noqa 204 - name: Set proper database name when migrating from old deployment set_fact: @@ -77,8 +78,8 @@ - name: Read Database Configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-postgres-configuration' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-postgres-configuration" register: _generated_pg_config_resources no_log: "{{ no_log }}" when: not _pg_config['resources'] | default([]) | length @@ -119,20 +120,15 @@ - block: - name: Filter pods by name set_fact: - filtered_old_postgres_pods: "{{ _running_pods.resources | - selectattr('metadata.name', 'match', ansible_operator_meta.name + '-postgres.*-0') | - rejectattr('metadata.name', 'search', '-' + supported_pg_version | string + '-0') | - list }}" + filtered_old_postgres_pods: "{{ _running_pods.resources | selectattr('metadata.name', 'match', ansible_operator_meta.name + '-postgres.*-0') | rejectattr('metadata.name', + 'search', '-' + supported_pg_version | string + '-0') | list }}" - # Sort pods by name in reverse order (most recent PG version first) and set + # Sort pods by name in reverse order (most recent PG version first) and set - name: Set info for previous postgres pod set_fact: - sorted_old_postgres_pods: "{{ filtered_old_postgres_pods | - sort(attribute='metadata.name') | - reverse | list }}" + sorted_old_postgres_pods: "{{ filtered_old_postgres_pods | sort(attribute='metadata.name') | reverse | list }}" when: filtered_old_postgres_pods | length - - name: Set info for previous postgres pod set_fact: old_postgres_pod: "{{ sorted_old_postgres_pods | first }}" @@ -180,7 +176,7 @@ when: - managed_database - (_previous_upgraded_pg_version | default(false)) | ternary(_previous_upgraded_pg_version | int < supported_pg_version, true) - - old_postgres_pod | length # If empty, then old pg pod has been removed and we can assume the upgrade is complete + - old_postgres_pod | length # If empty, then old pg pod has been removed and we can assume the upgrade is complete - block: - name: Create Database if no database is specified @@ -204,7 +200,7 @@ name: "{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}" namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 - wait: yes + wait: true - name: Remove PostgreSQL statefulset for upgrade k8s: @@ -213,7 +209,7 @@ kind: StatefulSet name: "{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}" namespace: "{{ ansible_operator_meta.namespace }}" - wait: yes + wait: true when: create_statefulset_result.error == 422 - name: Recreate PostgreSQL statefulset with updated values @@ -224,7 +220,7 @@ - name: Set Default label selector for custom resource generated postgres set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}" + postgres_label_selector: app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }} when: postgres_label_selector is not defined - name: Get the postgres pod information @@ -240,16 +236,16 @@ - name: Wait for Database to initialize if managed DB k8s_info: kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - "{{ postgres_label_selector }}" field_selectors: - status.phase=Running register: postgres_pod until: - - "postgres_pod['resources'] | length" - - "postgres_pod['resources'][0]['status']['phase'] == 'Running'" - - "postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true" + - postgres_pod['resources'] | length + - postgres_pod['resources'][0]['status']['phase'] == 'Running' + - postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true delay: 5 retries: 60 when: managed_database diff --git a/roles/installer/tasks/enable_metrics_utility.yml b/roles/installer/tasks/enable_metrics_utility.yml index ffbb98344..217b3a754 100644 --- a/roles/installer/tasks/enable_metrics_utility.yml +++ b/roles/installer/tasks/enable_metrics_utility.yml @@ -1,7 +1,6 @@ --- - name: Setup PVC if using directory ship target block: - # Check to make sure provided pvc exists - name: Check provided PVC claim exists kubernetes.core.k8s_info: @@ -26,8 +25,8 @@ vars: cronjob_name: "{{ item.name }}" loop: - - {name: 'metrics-utility-gather', template: 'cronjobs/metrics-utility-gather.yaml.j2'} - - {name: 'metrics-utility-report', template: 'cronjobs/metrics-utility-report.yaml.j2'} + - { name: metrics-utility-gather, template: cronjobs/metrics-utility-gather.yaml.j2 } + - { name: metrics-utility-report, template: cronjobs/metrics-utility-report.yaml.j2 } - name: Create metrics-utility Kubernetes CronJob for Red Hat Hybrid Cloud Console kubernetes.core.k8s: @@ -36,7 +35,7 @@ wait: true vars: cronjob_name: "{{ item.name }}" - metrics_utility_ship_target: crc # TODO - Update to console when changed + metrics_utility_ship_target: crc # TODO - Update to console when changed loop: - - {name: 'metrics-utility-gather-console', template: 'cronjobs/metrics-utility-gather.yaml.j2'} + - { name: metrics-utility-gather-console, template: cronjobs/metrics-utility-gather.yaml.j2 } when: _metrics_utility_console_enabled diff --git a/roles/installer/tasks/initialize_django.yml b/roles/installer/tasks/initialize_django.yml index 3dad2cb4c..552af7f1b 100644 --- a/roles/installer/tasks/initialize_django.yml +++ b/roles/installer/tasks/initialize_django.yml @@ -59,8 +59,8 @@ - name: Check for specified default execution environment pull credentials k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ee_pull_credentials_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ee_pull_credentials_secret }}" register: _custom_execution_environments_pull_credentials when: ee_pull_credentials_secret | length @@ -108,7 +108,7 @@ no_log: "{{ no_log }}" when: _execution_environments_pull_credentials['resources'] | default([]) | length -- name: Create preload data if necessary. # noqa 305 +- name: Create preload data if necessary. # noqa 305 k8s_exec: namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ awx_web_pod_name }}" diff --git a/roles/installer/tasks/install.yml b/roles/installer/tasks/install.yml index 70495e433..65033e38f 100644 --- a/roles/installer/tasks/install.yml +++ b/roles/installer/tasks/install.yml @@ -11,34 +11,34 @@ k8s: state: present definition: - apiVersion: '{{ api_version }}' - kind: '{{ kind }}' - name: '{{ ansible_operator_meta.name }}' - namespace: '{{ ansible_operator_meta.namespace }}' + apiVersion: "{{ api_version }}" + kind: "{{ kind }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" metadata: - name: '{{ ansible_operator_meta.name }}' - namespace: '{{ ansible_operator_meta.namespace }}' + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" labels: '{{ lookup("template", "../common/templates/labels/common.yaml.j2") | from_yaml }}' when: set_self_labels | bool - name: Build `additional_labels_items` labels from `additional_labels` block: - - name: Look up details for this deployment - k8s_info: - api_version: "{{ api_version }}" - kind: "{{ kind }}" - name: "{{ ansible_operator_meta.name }}" - namespace: "{{ ansible_operator_meta.namespace }}" - register: this_awx - - - name: Select resource labels which are in `additional_labels` - set_fact: - additional_labels_items: >- - {{ this_awx['resources'][0]['metadata']['labels'] - | dict2items | selectattr('key', 'in', additional_labels) - | list - }} - when: this_awx['resources'][0]['metadata']['labels'] + - name: Look up details for this deployment + k8s_info: + api_version: "{{ api_version }}" + kind: "{{ kind }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" + register: this_awx + + - name: Select resource labels which are in `additional_labels` + set_fact: + additional_labels_items: >- + {{ this_awx['resources'][0]['metadata']['labels'] + | dict2items | selectattr('key', 'in', additional_labels) + | list + }} + when: this_awx['resources'][0]['metadata']['labels'] when: additional_labels | length - name: Include secret key configuration tasks @@ -47,17 +47,17 @@ - name: Load LDAP CAcert certificate include_tasks: load_ldap_cacert_secret.yml when: - - ldap_cacert_secret != '' + - ldap_cacert_secret != '' - name: Load ldap bind password include_tasks: load_ldap_password_secret.yml when: - - ldap_password_secret != '' + - ldap_password_secret != '' - name: Load bundle certificate authority certificate include_tasks: load_bundle_cacert_secret.yml when: - - bundle_cacert_secret != '' + - bundle_cacert_secret != '' - name: Include admin password configuration tasks include_tasks: admin_password_configuration.yml @@ -74,8 +74,8 @@ - name: Load Route TLS certificate include_tasks: load_route_tls_secret.yml when: - - ingress_type | lower == 'route' - - route_tls_secret != '' + - ingress_type | lower == 'route' + - route_tls_secret != '' - name: Wait for {{ deployment_type }}restore to complete kubernetes.core.k8s_info: @@ -85,10 +85,11 @@ register: restore_status_check until: # yamllint disable-line rule:line-length - - (restore_status_check.resources | length == 0) or (restore_status_check.resources | selectattr('spec.deployment_name', 'equalto', ansible_operator_meta.name) | map(attribute='status') | selectattr('restoreComplete', 'defined') | map(attribute='restoreComplete') | list | length > 0) + - (restore_status_check.resources | length == 0) or (restore_status_check.resources | selectattr('spec.deployment_name', 'equalto', ansible_operator_meta.name) + | map(attribute='status') | selectattr('restoreComplete', 'defined') | map(attribute='restoreComplete') | list | length > 0) delay: 10 retries: 8640 - ignore_errors: yes + ignore_errors: true changed_when: false - name: Include resources configuration tasks diff --git a/roles/installer/tasks/load_bundle_cacert_secret.yml b/roles/installer/tasks/load_bundle_cacert_secret.yml index 95c129465..3886f3b94 100644 --- a/roles/installer/tasks/load_bundle_cacert_secret.yml +++ b/roles/installer/tasks/load_bundle_cacert_secret.yml @@ -2,8 +2,8 @@ - name: Retrieve bundle Certificate Authority Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ bundle_cacert_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ bundle_cacert_secret }}" register: bundle_cacert no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/load_ldap_cacert_secret.yml b/roles/installer/tasks/load_ldap_cacert_secret.yml index 55818f4f0..819d58ced 100644 --- a/roles/installer/tasks/load_ldap_cacert_secret.yml +++ b/roles/installer/tasks/load_ldap_cacert_secret.yml @@ -2,8 +2,8 @@ - name: Retrieve LDAP CA Certificate Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ldap_cacert_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ldap_cacert_secret }}" register: ldap_cacert no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/load_ldap_password_secret.yml b/roles/installer/tasks/load_ldap_password_secret.yml index 2692dfecb..a90ce55cf 100644 --- a/roles/installer/tasks/load_ldap_password_secret.yml +++ b/roles/installer/tasks/load_ldap_password_secret.yml @@ -2,8 +2,8 @@ - name: Retrieve LDAP bind password Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ldap_password_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ldap_password_secret }}" register: ldap_password no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/load_route_tls_secret.yml b/roles/installer/tasks/load_route_tls_secret.yml index 120f4543f..c038b9861 100644 --- a/roles/installer/tasks/load_route_tls_secret.yml +++ b/roles/installer/tasks/load_route_tls_secret.yml @@ -2,8 +2,8 @@ - name: Retrieve Route TLS Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ route_tls_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ route_tls_secret }}" register: route_tls no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/migrate_data.yml b/roles/installer/tasks/migrate_data.yml index 3954d48cb..03f4c8557 100644 --- a/roles/installer/tasks/migrate_data.yml +++ b/roles/installer/tasks/migrate_data.yml @@ -1,5 +1,4 @@ --- - - name: Set actual old postgres configuration secret name set_fact: old_postgres_configuration_name: "{{ old_pg_config['resources'][0]['metadata']['name'] }}" @@ -15,7 +14,7 @@ - name: Set Default label selector for custom resource generated postgres set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}" + postgres_label_selector: app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }} when: postgres_label_selector is not defined - name: Get the postgres pod information diff --git a/roles/installer/tasks/migrate_schema.yml b/roles/installer/tasks/migrate_schema.yml index 77ffc6fc6..ff0f7fab9 100644 --- a/roles/installer/tasks/migrate_schema.yml +++ b/roles/installer/tasks/migrate_schema.yml @@ -1,5 +1,4 @@ --- - - name: Check for pending migrations k8s_exec: namespace: "{{ ansible_operator_meta.namespace }}" @@ -32,7 +31,7 @@ # error if there is an issue with creating the job. - name: Create kubernetes job to perform the migration k8s: - apply: yes + apply: true definition: "{{ lookup('template', 'jobs/migration.yaml.j2') }}" register: migrate_result diff --git a/roles/installer/tasks/resources_configuration.yml b/roles/installer/tasks/resources_configuration.yml index bf395392e..01ec47fb9 100644 --- a/roles/installer/tasks/resources_configuration.yml +++ b/roles/installer/tasks/resources_configuration.yml @@ -3,11 +3,11 @@ k8s_info: api_version: v1 kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/name={{ ansible_operator_meta.name }}-web" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" + - app.kubernetes.io/name={{ ansible_operator_meta.name }}-web + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} field_selectors: - status.phase=Running register: awx_web_pod @@ -32,13 +32,14 @@ - name: Set Control Plane EE image URL set_fact: - _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) }}" + _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) + }}" - name: Check for Receptor CA Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-ca' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-ca" register: receptor_ca no_log: "{{ no_log }}" @@ -51,8 +52,8 @@ k8s: state: absent kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-ca' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-ca" - name: Create tempfile for receptor-ca.key tempfile: state: file @@ -81,13 +82,13 @@ - name: Read New Receptor CA Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-ca' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-ca" register: _receptor_ca no_log: "{{ no_log }}" - name: Set receptor_ca variable set_fact: - receptor_ca: '{{ _receptor_ca }}' + receptor_ca: "{{ _receptor_ca }}" no_log: "{{ no_log }}" - name: Remove tempfiles file: @@ -127,13 +128,13 @@ - name: Read Receptor CA secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-ca' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-ca" register: _receptor_ca no_log: "{{ no_log }}" - name: Set receptor_ca variable set_fact: - receptor_ca: '{{ _receptor_ca }}' + receptor_ca: "{{ _receptor_ca }}" no_log: "{{ no_log }}" - name: Remove tempfiles file: @@ -147,8 +148,8 @@ - name: Check for Receptor work signing Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-work-signing' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-work-signing" register: receptor_work_signing no_log: "{{ no_log }}" @@ -183,13 +184,13 @@ - name: Read Receptor work signing Secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-receptor-work-signing' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-receptor-work-signing" register: _receptor_work_signing no_log: "{{ no_log }}" - name: Set receptor_work_signing variable set_fact: - receptor_work_signing: '{{ _receptor_work_signing }}' + receptor_work_signing: "{{ _receptor_work_signing }}" no_log: "{{ no_log }}" - name: Remove tempfiles file: @@ -202,17 +203,17 @@ - name: Apply Resources k8s: - apply: yes + apply: true definition: "{{ lookup('template', item + '.yaml.j2') }}" - wait: yes + wait: true loop: - - 'configmaps/config' - - 'configmaps/pre_stop_scripts' - - 'secrets/app_credentials' - - 'rbac/service_account' - - 'storage/persistent' - - 'networking/service' - - 'networking/ingress' + - configmaps/config + - configmaps/pre_stop_scripts + - secrets/app_credentials + - rbac/service_account + - storage/persistent + - networking/service + - networking/ingress no_log: "{{ no_log }}" - name: Set default awx app image @@ -247,7 +248,7 @@ - name: Apply deployment resources k8s: - apply: yes + apply: true definition: "{{ lookup('template', 'deployments/{{ item }}.yaml.j2') }}" loop: - web @@ -258,11 +259,11 @@ - name: Get the new resource pod information after updating resource. k8s_info: kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/name={{ ansible_operator_meta.name }}-web" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" + - app.kubernetes.io/name={{ ansible_operator_meta.name }}-web + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} field_selectors: - status.phase=Running register: _new_pod @@ -290,5 +291,5 @@ assert: that: - awx_web_pod_name != '' - fail_msg: "Could not find the tower pod's name." + fail_msg: Could not find the tower pod's name. when: web_replicas | int > 0 or (web_replicas == '' and replicas > 0) diff --git a/roles/installer/tasks/scale_down_deployment.yml b/roles/installer/tasks/scale_down_deployment.yml index 55a5bdd35..9771ae84f 100644 --- a/roles/installer/tasks/scale_down_deployment.yml +++ b/roles/installer/tasks/scale_down_deployment.yml @@ -5,9 +5,9 @@ kind: Deployment namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - 'app.kubernetes.io/part-of={{ ansible_operator_meta.name }}' - - 'app.kubernetes.io/managed-by={{ deployment_type }}-operator' - - 'app.kubernetes.io/component={{ deployment_type }}' + - app.kubernetes.io/part-of={{ ansible_operator_meta.name }} + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} register: _deployments - name: Scale down Deployment for migration @@ -17,6 +17,6 @@ name: "{{ item }}" namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 - wait: yes + wait: true loop: "{{ _deployments.resources | map(attribute='metadata.name') | list }}" when: _deployments.resources | length diff --git a/roles/installer/tasks/secret_key_configuration.yml b/roles/installer/tasks/secret_key_configuration.yml index e7d022f5f..9e89880dd 100644 --- a/roles/installer/tasks/secret_key_configuration.yml +++ b/roles/installer/tasks/secret_key_configuration.yml @@ -2,8 +2,8 @@ - name: Check for specified secret key configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ secret_key_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ secret_key_secret }}" register: _custom_secret_key no_log: "{{ no_log }}" when: secret_key_secret | length @@ -11,8 +11,8 @@ - name: Check for default secret key configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-secret-key' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-secret-key" register: _default_secret_key no_log: "{{ no_log }}" @@ -31,8 +31,8 @@ - name: Read secret key secret k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}-secret-key' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}-secret-key" register: _generated_secret_key no_log: "{{ no_log }}" diff --git a/roles/installer/tasks/update_status.yml b/roles/installer/tasks/update_status.yml index 1c0b7b6b4..cf6d2788e 100644 --- a/roles/installer/tasks/update_status.yml +++ b/roles/installer/tasks/update_status.yml @@ -1,7 +1,7 @@ --- - name: Update admin password status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -10,7 +10,7 @@ - name: Update admin user status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -19,7 +19,7 @@ - name: Update postgres configuration status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -28,7 +28,7 @@ - name: Update broadcast websocket status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -37,7 +37,7 @@ - name: Update secret key status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -57,7 +57,7 @@ - name: Update version status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -67,7 +67,7 @@ - name: Update image status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -77,26 +77,26 @@ - block: - name: Retrieve route URL k8s_info: - api_version: 'route.openshift.io/v1' + api_version: route.openshift.io/v1 kind: Route - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ ansible_operator_meta.name }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ ansible_operator_meta.name }}" register: route_url - name: Update URL status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" status: - URL: "https://{{ route_url['resources'][0]['status']['ingress'][0]['host'] }}" + URL: https://{{ route_url['resources'][0]['status']['ingress'][0]['host'] }} when: ingress_type | lower == 'route' - name: Update migratedFromSecret status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" @@ -106,7 +106,7 @@ - name: Update upgradedPostgresVersion status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" diff --git a/roles/installer/tasks/upgrade_postgres.yml b/roles/installer/tasks/upgrade_postgres.yml index f8f7a7658..6ea7b215a 100644 --- a/roles/installer/tasks/upgrade_postgres.yml +++ b/roles/installer/tasks/upgrade_postgres.yml @@ -1,12 +1,9 @@ --- - # Upgrade Posgres (Managed Databases only) # * If postgres version is not supported_pg_version, and not an external postgres instance (when managed_database is yes), # then run this playbook with include_tasks from database_configuration.yml # * Data will be streamed via a pg_dump from the postgres 12/13 pod to the postgres supported_pg_version # pod via a pg_restore. - - - name: Scale down Deployment for migration include_tasks: scale_down_deployment.yml @@ -17,7 +14,7 @@ name: "{{ ansible_operator_meta.name }}-postgres-configuration" namespace: "{{ ansible_operator_meta.namespace }}" state: absent - wait: yes + wait: true - name: Create Database configuration with new -postgres-{{ supported_pg_version }} hostname k8s: @@ -39,7 +36,7 @@ - name: Set postgres label if not defined by user set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}" + postgres_label_selector: app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }} when: postgres_label_selector is not defined - name: Get new postgres pod information @@ -52,9 +49,9 @@ - status.phase=Running register: postgres_pod until: - - "postgres_pod['resources'] | length" - - "postgres_pod['resources'][0]['status']['phase'] == 'Running'" - - "postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true" + - postgres_pod['resources'] | length + - postgres_pod['resources'][0]['status']['phase'] == 'Running' + - postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true delay: 5 retries: 60 @@ -67,14 +64,14 @@ kind: Service namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/component=database" - - "app.kubernetes.io/instance={{ old_postgres_pod.metadata.labels['app.kubernetes.io/instance'] }}" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" + - app.kubernetes.io/component=database + - app.kubernetes.io/instance={{ old_postgres_pod.metadata.labels['app.kubernetes.io/instance'] }} + - app.kubernetes.io/managed-by={{ deployment_type }}-operator register: old_postgres_svc - name: Set full resolvable host name for postgres pod set_fact: - resolvable_db_host: "{{ old_postgres_svc['resources'][0]['metadata']['name'] }}.{{ ansible_operator_meta.namespace }}.svc" # yamllint disable-line rule:line-length + resolvable_db_host: "{{ old_postgres_svc['resources'][0]['metadata']['name'] }}.{{ ansible_operator_meta.namespace }}.svc" # yamllint disable-line rule:line-length no_log: "{{ no_log }}" - name: Set pg_dump command @@ -128,7 +125,7 @@ - name: Set flag signifying that this instance has been migrated set_fact: - upgraded_postgres_version: '{{ supported_pg_version }}' + upgraded_postgres_version: "{{ supported_pg_version }}" # Cleanup old PostgreSQL resources - name: Remove old PostgreSQL StatefulSet diff --git a/roles/installer/vars/main.yml b/roles/installer/vars/main.yml index 6492f322b..dd0b19cd2 100644 --- a/roles/installer/vars/main.yml +++ b/roles/installer/vars/main.yml @@ -1,10 +1,10 @@ --- -postgres_initdb_args: '--auth-host=scram-sha-256' -postgres_host_auth_method: 'scram-sha-256' -ldap_cacert_ca_crt: '' -bundle_ca_crt: '' -projects_existing_claim: '' +postgres_initdb_args: --auth-host=scram-sha-256 +postgres_host_auth_method: scram-sha-256 +ldap_cacert_ca_crt: "" +bundle_ca_crt: "" +projects_existing_claim: "" supported_pg_version: 15 _previous_upgraded_pg_version: 0 old_postgres_pod: [] -_postgres_data_path: '/var/lib/pgsql/data/userdata' +_postgres_data_path: /var/lib/pgsql/data/userdata diff --git a/roles/mesh_ingress/defaults/main.yml b/roles/mesh_ingress/defaults/main.yml index 87ddd9bf6..73063ae20 100644 --- a/roles/mesh_ingress/defaults/main.yml +++ b/roles/mesh_ingress/defaults/main.yml @@ -2,15 +2,14 @@ deployment_type: awx ingress_type: none -ingress_api_version: 'networking.k8s.io/v1' -ingress_annotations: '' -ingress_class_name: '' -ingress_controller: '' +ingress_api_version: networking.k8s.io/v1 +ingress_annotations: "" +ingress_class_name: "" +ingress_controller: "" set_self_owneref: true -_control_plane_ee_image: "quay.io/ansible/awx-ee:{{ lookup('env', 'DEFAULT_AWX_VERSION') or 'latest' }}" +_control_plane_ee_image: quay.io/ansible/awx-ee:{{ lookup('env', 'DEFAULT_AWX_VERSION') or 'latest' }} _image_pull_policy: Always image_pull_secrets: [] - finalizer_run: false diff --git a/roles/mesh_ingress/tasks/creation.yml b/roles/mesh_ingress/tasks/creation.yml index ab8c4ccb9..8b8143665 100644 --- a/roles/mesh_ingress/tasks/creation.yml +++ b/roles/mesh_ingress/tasks/creation.yml @@ -5,7 +5,7 @@ - name: Debug is_openshift debug: - msg: "is_openshift={{ is_openshift }}" + msg: is_openshift={{ is_openshift }} - name: Check for presence of AWX instance that we will use to create the Mesh Ingress for. k8s_info: @@ -17,7 +17,7 @@ - name: Fail if awx_deployment does not exist in the same namespace fail: - msg: "AWX instance {{ deployment_name }} does not exist in the same namespace as the AWXMeshIngress instance." + msg: AWX instance {{ deployment_name }} does not exist in the same namespace as the AWXMeshIngress instance. when: awx_instance.resources | length == 0 - name: Set awx_spec @@ -36,23 +36,24 @@ name: "{{ deployment_name }}" namespace: "{{ ansible_operator_meta.namespace }}" ownerReferences: - - apiVersion: awx.ansible.com/v1beta1 - blockOwnerDeletion: true - controller: true - kind: AWX - name: "{{ deployment_name }}" - uid: "{{ awx_instance.resources[0].metadata.uid }}" + - apiVersion: awx.ansible.com/v1beta1 + blockOwnerDeletion: true + controller: true + kind: AWX + name: "{{ deployment_name }}" + uid: "{{ awx_instance.resources[0].metadata.uid }}" when: set_self_owneref | bool - name: Set user provided control plane ee image set_fact: _custom_control_plane_ee_image: "{{ awx_spec.control_plane_ee_image }}" when: - - awx_spec.control_plane_ee_image | default([]) | length + - awx_spec.control_plane_ee_image | default([]) | length - name: Set Control Plane EE image URL set_fact: - _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) }}" + _control_plane_ee_image: "{{ _custom_control_plane_ee_image | default(lookup('env', 'RELATED_IMAGE_CONTROL_PLANE_EE')) | default(_control_plane_ee_image, true) + }}" - name: Set Image Pull Policy set_fact: @@ -65,9 +66,9 @@ - name: Apply Ingress resource k8s: - apply: yes + apply: true definition: "{{ lookup('template', 'ingress.yml.j2') }}" - wait: yes + wait: true wait_timeout: "120" register: ingress @@ -81,27 +82,27 @@ - name: Create other resources k8s: - apply: yes + apply: true definition: "{{ lookup('template', '{{ item }}.yml.j2') }}" - wait: yes + wait: true wait_timeout: "120" loop: - - service_account - - receptor_conf.configmap - - service - - deployment + - service_account + - receptor_conf.configmap + - service + - deployment - name: Get the current resource task pod information. k8s_info: api_version: v1 kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/name={{ deployment_name }}-task" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" + - app.kubernetes.io/name={{ deployment_name }}-task + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} field_selectors: - - status.phase=Running + - status.phase=Running register: awx_task_pod - name: Set the resource pod as a variable. diff --git a/roles/mesh_ingress/tasks/finalizer.yml b/roles/mesh_ingress/tasks/finalizer.yml index 8a7e37746..6ac123203 100644 --- a/roles/mesh_ingress/tasks/finalizer.yml +++ b/roles/mesh_ingress/tasks/finalizer.yml @@ -3,11 +3,11 @@ k8s_info: api_version: v1 kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - - "app.kubernetes.io/name={{ deployment_name }}-task" - - "app.kubernetes.io/managed-by={{ deployment_type }}-operator" - - "app.kubernetes.io/component={{ deployment_type }}" + - app.kubernetes.io/name={{ deployment_name }}-task + - app.kubernetes.io/managed-by={{ deployment_type }}-operator + - app.kubernetes.io/component={{ deployment_type }} field_selectors: - status.phase=Running register: awx_task_pod @@ -29,5 +29,5 @@ namespace: "{{ ansible_operator_meta.namespace }}" pod: "{{ awx_task_pod_name }}" container: "{{ deployment_name }}-task" - command: "awx-manage deprovision_instance --hostname {{ ansible_operator_meta.name }}" + command: awx-manage deprovision_instance --hostname {{ ansible_operator_meta.name }} register: result diff --git a/roles/restore/defaults/main.yml b/roles/restore/defaults/main.yml index 5eaf29b46..4709c564e 100644 --- a/roles/restore/defaults/main.yml +++ b/roles/restore/defaults/main.yml @@ -1,18 +1,18 @@ --- # Required: specify name of tower deployment to restore to -deployment_name: '' -kind: 'AWXRestore' -api_version: '{{ deployment_type }}.ansible.com/v1beta1' +deployment_name: "" +kind: AWXRestore +api_version: "{{ deployment_type }}.ansible.com/v1beta1" # Required: specify a pre-created PVC (name) to restore from -backup_pvc: '' -backup_pvc_namespace: '{{ ansible_operator_meta.namespace }}' +backup_pvc: "" +backup_pvc_namespace: "{{ ansible_operator_meta.namespace }}" # Required: backup name, found on the awxbackup object -backup_dir: '' +backup_dir: "" # Default cluster name -cluster_name: 'cluster.local' +cluster_name: cluster.local # Set no_log settings on certain tasks no_log: true @@ -22,21 +22,18 @@ no_log: true # db_management_pod_node_selector: | # kubernetes.io/arch: amd64 # kubernetes.io/os: linux -db_management_pod_node_selector: '' - +db_management_pod_node_selector: "" # Default resource requirements restore_resource_requirements: limits: - cpu: "1000m" - memory: "4096Mi" + cpu: 1000m + memory: 4096Mi requests: - cpu: "25m" - memory: "32Mi" + cpu: 25m + memory: 32Mi # Labels defined on the resource, which should be propagated to child resources additional_labels: [] - # Maintain some of the recommended `app.kubernetes.io/*` labels on the resource (self) set_self_labels: true -... diff --git a/roles/restore/tasks/cleanup.yml b/roles/restore/tasks/cleanup.yml index 59770ee79..263748295 100644 --- a/roles/restore/tasks/cleanup.yml +++ b/roles/restore/tasks/cleanup.yml @@ -1,5 +1,4 @@ --- - - name: Delete any existing management pod k8s: name: "{{ ansible_operator_meta.name }}-db-management" @@ -14,14 +13,14 @@ apiVersion: v1 kind: Secret metadata: - name: '{{ item }}' - namespace: '{{ ansible_operator_meta.namespace }}' - ownerReferences: null + name: "{{ item }}" + namespace: "{{ ansible_operator_meta.namespace }}" + ownerReferences: loop: - - '{{ secret_key_secret }}' - - '{{ admin_password_secret }}' - - '{{ broadcast_websocket_secret }}' - - '{{ postgres_configuration_secret }}' + - "{{ secret_key_secret }}" + - "{{ admin_password_secret }}" + - "{{ broadcast_websocket_secret }}" + - "{{ postgres_configuration_secret }}" no_log: "{{ no_log }}" - name: Cleanup temp spec file diff --git a/roles/restore/tasks/deploy_awx.yml b/roles/restore/tasks/deploy_awx.yml index a2c138674..e7b63af8e 100644 --- a/roles/restore/tasks/deploy_awx.yml +++ b/roles/restore/tasks/deploy_awx.yml @@ -1,22 +1,21 @@ --- - - name: Deploy AWX k8s: state: "{{ state | default('present') }}" namespace: "{{ ansible_operator_meta.namespace }}" - apply: yes + apply: true definition: "{{ lookup('template', 'awx_object.yml.j2') }}" wait: true wait_condition: - type: "Running" + type: Running status: "True" - name: Remove ownerReferences to prevent garbage collection of new AWX CRO k8s: definition: - apiVersion: '{{ api_version }}' + apiVersion: "{{ api_version }}" kind: AWX metadata: - name: '{{ deployment_name }}' - namespace: '{{ ansible_operator_meta.namespace }}' - ownerReferences: null + name: "{{ deployment_name }}" + namespace: "{{ ansible_operator_meta.namespace }}" + ownerReferences: diff --git a/roles/restore/tasks/error_handling.yml b/roles/restore/tasks/error_handling.yml index bc881b45d..658451b43 100644 --- a/roles/restore/tasks/error_handling.yml +++ b/roles/restore/tasks/error_handling.yml @@ -1,5 +1,4 @@ --- - - name: Determine the timestamp set_fact: now: '{{ lookup("pipe", "date +%FT%TZ") }}' diff --git a/roles/restore/tasks/import_vars.yml b/roles/restore/tasks/import_vars.yml index a9ace5165..cefc81dda 100644 --- a/roles/restore/tasks/import_vars.yml +++ b/roles/restore/tasks/import_vars.yml @@ -1,20 +1,18 @@ --- - - name: Import awx_object variables block: + - name: Create temp file for spec dict + tempfile: + state: file + register: tmp_spec - - name: Create temp file for spec dict - tempfile: - state: file - register: tmp_spec - - - name: Get AWX object definition from pvc - k8s_cp: - namespace: "{{ backup_pvc_namespace }}" - pod: "{{ ansible_operator_meta.name }}-db-management" - remote_path: "{{ backup_dir }}/awx_object" - local_path: "{{ tmp_spec.path }}" - state: from_pod + - name: Get AWX object definition from pvc + k8s_cp: + namespace: "{{ backup_pvc_namespace }}" + pod: "{{ ansible_operator_meta.name }}-db-management" + remote_path: "{{ backup_dir }}/awx_object" + local_path: "{{ tmp_spec.path }}" + state: from_pod - - name: Include spec vars to save them as a dict - include_vars: "{{ tmp_spec.path }}" + - name: Include spec vars to save them as a dict + include_vars: "{{ tmp_spec.path }}" diff --git a/roles/restore/tasks/init.yml b/roles/restore/tasks/init.yml index cb9138874..01e92a678 100644 --- a/roles/restore/tasks/init.yml +++ b/roles/restore/tasks/init.yml @@ -1,5 +1,4 @@ --- - - name: Set variables from awxbackup object statuses if provided block: - name: Look up details for the backup @@ -14,7 +13,7 @@ block: - name: Set error message set_fact: - error_msg: "Cannot read the backup status variables for {{ backup_kind }} {{ backup_name }}." + error_msg: Cannot read the backup status variables for {{ backup_kind }} {{ backup_name }}. - name: Handle error import_tasks: error_handling.yml diff --git a/roles/restore/tasks/main.yml b/roles/restore/tasks/main.yml index 704f5da0b..e837408a7 100644 --- a/roles/restore/tasks/main.yml +++ b/roles/restore/tasks/main.yml @@ -3,13 +3,13 @@ k8s: state: present definition: - apiVersion: '{{ api_version }}' - kind: '{{ kind }}' - name: '{{ ansible_operator_meta.name }}' - namespace: '{{ ansible_operator_meta.namespace }}' + apiVersion: "{{ api_version }}" + kind: "{{ kind }}" + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" metadata: - name: '{{ ansible_operator_meta.name }}' - namespace: '{{ ansible_operator_meta.namespace }}' + name: "{{ ansible_operator_meta.name }}" + namespace: "{{ ansible_operator_meta.namespace }}" labels: '{{ lookup("template", "../common/templates/labels/common.yaml.j2") | from_yaml }}' when: set_self_labels | bool @@ -28,28 +28,28 @@ | dict2items | selectattr('key', 'in', additional_labels) }} when: - - additional_labels | length - - this_restore['resources'][0]['metadata']['labels'] + - additional_labels | length + - this_restore['resources'][0]['metadata']['labels'] - block: - - include_tasks: init.yml + - include_tasks: init.yml - - include_tasks: import_vars.yml + - include_tasks: import_vars.yml - - include_tasks: secrets.yml + - include_tasks: secrets.yml - - include_tasks: deploy_awx.yml + - include_tasks: deploy_awx.yml - - include_tasks: postgres.yml + - include_tasks: postgres.yml - - name: Set flag signifying this restore was successful - set_fact: - tower_restore_complete: True + - name: Set flag signifying this restore was successful + set_fact: + tower_restore_complete: true - - include_tasks: cleanup.yml + - include_tasks: cleanup.yml when: - - this_restore['resources'][0]['status']['restoreComplete'] is not defined + - this_restore['resources'][0]['status']['restoreComplete'] is not defined - name: Update status variables include_tasks: update_status.yml diff --git a/roles/restore/tasks/postgres.yml b/roles/restore/tasks/postgres.yml index 617a23ace..990cdae29 100644 --- a/roles/restore/tasks/postgres.yml +++ b/roles/restore/tasks/postgres.yml @@ -1,5 +1,4 @@ --- - - name: Set Postgres Configuration Secret name set_fact: postgres_configuration_secret: "{{ spec['postgres_configuration_secret'] | default(postgres_configuration_secret) }}" @@ -7,8 +6,8 @@ - name: Check for specified PostgreSQL configuration k8s_info: kind: Secret - namespace: '{{ ansible_operator_meta.namespace }}' - name: '{{ postgres_configuration_secret }}' + namespace: "{{ ansible_operator_meta.namespace }}" + name: "{{ postgres_configuration_secret }}" register: pg_config no_log: "{{ no_log }}" @@ -24,21 +23,21 @@ - name: Set Default label selector for custom resource generated postgres set_fact: - postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ deployment_name }}" + postgres_label_selector: app.kubernetes.io/instance=postgres-{{ supported_pg_version }}-{{ deployment_name }} when: postgres_label_selector is not defined - block: - name: Get the postgres pod information k8s_info: kind: Pod - namespace: '{{ ansible_operator_meta.namespace }}' + namespace: "{{ ansible_operator_meta.namespace }}" label_selectors: - "{{ postgres_label_selector }}" register: postgres_pod until: - - "postgres_pod['resources'] | length" - - "postgres_pod['resources'][0]['status']['phase'] == 'Running'" - - "postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true" + - postgres_pod['resources'] | length + - postgres_pod['resources'][0]['status']['phase'] == 'Running' + - postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true delay: 5 retries: 60 - name: Set the resource pod name as a variable. @@ -61,7 +60,7 @@ name: "{{ item }}" namespace: "{{ ansible_operator_meta.namespace }}" replicas: 0 - wait: yes + wait: true loop: - "{{ deployment_name }}-task" - "{{ deployment_name }}-web" @@ -69,7 +68,8 @@ - name: Set full resolvable host name for postgres pod set_fact: - resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc." + cluster_name, awx_postgres_host) }}' # yamllint disable-line rule:line-length + resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc." + cluster_name, awx_postgres_host) + }}' # yamllint disable-line rule:line-length no_log: "{{ no_log }}" - name: Set pg_restore command diff --git a/roles/restore/tasks/secrets.yml b/roles/restore/tasks/secrets.yml index 89a0454d8..45cec0daa 100644 --- a/roles/restore/tasks/secrets.yml +++ b/roles/restore/tasks/secrets.yml @@ -1,5 +1,4 @@ --- - - name: Create Temporary secrets file tempfile: state: file @@ -21,14 +20,13 @@ - name: If deployment is managed, set the new postgres_configuration_secret name block: - - name: Set new postgres_configuration_secret name - set_fact: - _generated_pg_secret_name: "{{ deployment_name }}-postgres-configuration" - - - name: Override postgres_configuration_secret - set_fact: - spec: - "{{ spec | combine({'postgres_configuration_secret': _generated_pg_secret_name}, recursive=True) }}" + - name: Set new postgres_configuration_secret name + set_fact: + _generated_pg_secret_name: "{{ deployment_name }}-postgres-configuration" + + - name: Override postgres_configuration_secret + set_fact: + spec: "{{ spec | combine({'postgres_configuration_secret': _generated_pg_secret_name}, recursive=True) }}" when: secrets['postgresConfigurationSecret']['data']['type'] | b64decode == 'managed' - name: If deployment is managed, set the database_host in the pg config secret @@ -100,8 +98,8 @@ k8s: state: present namespace: "{{ ansible_operator_meta.namespace }}" - apply: yes - wait: yes + apply: true + wait: true definition: "{{ lookup('template', 'secrets.yml.j2') }}" no_log: "{{ no_log }}" @@ -112,7 +110,7 @@ kind: Secret metadata: name: "{{ item.value.name }}" - namespace: '{{ ansible_operator_meta.namespace }}' - ownerReferences: null + namespace: "{{ ansible_operator_meta.namespace }}" + ownerReferences: loop: "{{ secrets | dict2items }}" no_log: "{{ no_log }}" diff --git a/roles/restore/tasks/update_status.yml b/roles/restore/tasks/update_status.yml index 53f3213a5..302306c29 100644 --- a/roles/restore/tasks/update_status.yml +++ b/roles/restore/tasks/update_status.yml @@ -1,8 +1,7 @@ --- - - name: Update CR Restore status operator_sdk.util.k8s_status: - api_version: '{{ api_version }}' + api_version: "{{ api_version }}" kind: "{{ kind }}" name: "{{ ansible_operator_meta.name }}" namespace: "{{ ansible_operator_meta.namespace }}" diff --git a/roles/restore/vars/main.yml b/roles/restore/vars/main.yml index 906627173..abbbef782 100644 --- a/roles/restore/vars/main.yml +++ b/roles/restore/vars/main.yml @@ -1,20 +1,20 @@ --- -deployment_type: "awx" +deployment_type: awx _postgres_image: quay.io/sclorg/postgresql-15-c9s _postgres_image_version: latest -backup_api_version: '{{ deployment_type }}.ansible.com/v1beta1' -backup_kind: 'AWXBackup' +backup_api_version: "{{ deployment_type }}.ansible.com/v1beta1" +backup_kind: AWXBackup # set default secret names to be used if a backup dir and claim are provided (not a backup_name) -secret_key_secret: '{{ deployment_name }}-secret-key' -admin_password_secret: '{{ deployment_name }}-admin-password' -broadcast_websocket_secret: '{{ deployment_name }}-broadcast-websocket' -postgres_configuration_secret: '{{ deployment_name }}-postgres-configuration' +secret_key_secret: "{{ deployment_name }}-secret-key" +admin_password_secret: "{{ deployment_name }}-admin-password" +broadcast_websocket_secret: "{{ deployment_name }}-broadcast-websocket" +postgres_configuration_secret: "{{ deployment_name }}-postgres-configuration" supported_pg_version: 15 image_pull_policy: IfNotPresent # If set to true, the restore process will delete the existing database and create a new one force_drop_db: false -pg_drop_create: '' +pg_drop_create: "" diff --git a/watches.yaml b/watches.yaml index 355965fe4..ac4a9e215 100644 --- a/watches.yaml +++ b/watches.yaml @@ -4,13 +4,13 @@ group: awx.ansible.com kind: AWX playbook: playbooks/awx.yml - snakeCaseParameters: False + snakeCaseParameters: false - version: v1beta1 group: awx.ansible.com kind: AWXBackup role: backup - snakeCaseParameters: False + snakeCaseParameters: false finalizer: name: awx.ansible.com/finalizer role: backup @@ -21,13 +21,13 @@ group: awx.ansible.com kind: AWXRestore role: restore - snakeCaseParameters: False + snakeCaseParameters: false - version: v1alpha1 group: awx.ansible.com kind: AWXMeshIngress role: mesh_ingress - snakeCaseParameters: False + snakeCaseParameters: false finalizer: name: awx.ansible.com/awx-mesh-ingress-finalizer role: mesh_ingress