BC-7240 - add mongo rep set init

ansible/roles/mongo-repset/tasks/main.yaml

@@ -20,4 +20,22 @@
     kubernetes.core.k8s:
       kubeconfig: ~/.kube/config
       namespace: "{{ NAMESPACE }}"
-      template: statefulset.yml.j2
+      template: statefulset.yml.j2
+
+  - name: Add or Update init Secret by 1Password
+    kubernetes.core.k8s:
+      kubeconfig: ~/.kube/config
+      namespace: "{{ NAMESPACE }}"
+      template: init-onepassword.yml.j2
+
+  - name: Add or Update init Configmap
+    kubernetes.core.k8s:
+      kubeconfig: ~/.kube/config
+      namespace: "{{ NAMESPACE }}"
+      template: init-configmap.yml.j2
+
+  - name: Add or Update init Job
+    kubernetes.core.k8s:
+      kubeconfig: ~/.kube/config
+      namespace: "{{ NAMESPACE }}"
+      template: init-job.yml.j2

ansible/roles/mongo-repset/templates/init-configmap.yml.j2

@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: mongo-init-file
+  namespace: {{ NAMESPACE }}
+  labels:
+    app: mongo-init
+data:
+  update.sh: |
+    #! /bin/bash
+    until mongosh $MONGODB_URI --eval "print(\"waited for connection\")"
+      do
+        sleep 1
+      done
+    mongosh $MONGODB_URI --eval 'rs.initiate({"_id" : "rs0", "members" : [{"_id" : 0, "host" : "mongodb-0:27017"},{"_id" : 0, "host" : "mongodb-1:27017"},{"_id" : 0, "host" : "mongodb-2:27017"}]})'
+    sleep 30
+    if [[ $(mongosh --quiet --eval "db.isMaster().setName") != rs0 ]]
+    then
+        echo "replicaset config failed :("
+    else
+        echo "gg, hacky mongo replicaset"
+    fi

ansible/roles/mongo-repset/templates/init-job.yml.j2

@@ -0,0 +1,42 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: mongo-init-job
+  labels:
+    app: mongo-init
+spec:
+  template:
+    spec:
+      containers:
+      - name: mongo-init
+        image: quay.io/schulcloudverbund/infra-tools:latest
+        envFrom:
+        - secretRef:
+            name: mongo-init-secret
+        env:
+        - name: K8S_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        volumeMounts:
+        - name: script
+          mountPath: /update.sh
+          subPath: update.sh
+        command: ['/bin/sh','-c']
+        args: ['cp /update.sh /update.run.sh && chmod +x /update.run.sh &&./update.run.sh']
+        resources:
+          limits:
+            cpu: "3000m"
+            memory: "2Gi"
+          requests:
+            cpu: "100m"
+            memory: "150Mi"
+      volumes:
+      - name: script
+        configMap:
+          name: mongo-init-file
+          items:
+          - key: update.sh
+            path: update.sh
+      restartPolicy: Never
+  backoffLimit: 4

ansible/roles/mongo-repset/templates/init-onepassword.yml.j2

@@ -0,0 +1,9 @@
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+  name: mongo-init-secret
+  namespace: {{ NAMESPACE }}
+  labels:
+    app: mongo-init
+spec:
+  itemPath: "vaults/{{ ONEPASSWORD_OPERATOR_VAULT }}/items/devops-mongo-server-init"