From b8ae9c19ce04e38e3c84f0abe7c03e4df7baf256 Mon Sep 17 00:00:00 2001 From: James Falkner Date: Sat, 19 Sep 2020 17:55:49 -0400 Subject: [PATCH] Add single user workload for Quarkus Workshop on a shared cluster (#2555) * Add single user workload for Quarkus Workshop on a shared cluster * improve readability, portability and performance by following best practices --- .../README.adoc | 65 ++++++++++ .../defaults/main.yml | 7 ++ .../meta/main.yml | 18 +++ .../tasks/add-codeready-user.yaml | 20 +++ .../tasks/add_che_user.yaml | 36 ++++++ .../tasks/confirm_che_workspace.yaml | 32 +++++ .../tasks/create_che_workspace.yaml | 27 ++++ .../tasks/create_project.yaml | 30 +++++ .../tasks/main.yml | 31 +++++ .../tasks/post_workload.yml | 34 ++++++ .../tasks/pre_workload.yml | 74 +++++++++++ .../tasks/remove-codeready-user.yaml | 12 ++ .../tasks/remove_che_user.yaml | 35 ++++++ .../tasks/remove_che_workspace.yaml | 68 +++++++++++ .../tasks/remove_workload.yml | 22 ++++ .../tasks/verify-workload.yaml | 21 ++++ .../tasks/verify_che_workspace.yaml | 38 ++++++ .../tasks/workload.yml | 31 +++++ .../templates/devfile.json.j2 | 115 ++++++++++++++++++ 19 files changed, 716 insertions(+) create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/README.adoc create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/defaults/main.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/meta/main.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add-codeready-user.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add_che_user.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/confirm_che_workspace.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_che_workspace.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_project.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/main.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/post_workload.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/pre_workload.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove-codeready-user.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_user.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_workspace.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_workload.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify-workload.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify_che_workspace.yaml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/workload.yml create mode 100644 ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/templates/devfile.json.j2 diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/README.adoc b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/README.adoc new file mode 100644 index 00000000000..43800f56598 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/README.adoc @@ -0,0 +1,65 @@ += ocp4_workload_quarkus_workshop_user - Allow a user access to a shared GPTE cluster + +== Role overview + +* This role enables the Project Request Template on an OpenShift 4 Cluster. It consists of the following playbooks: +** Playbook: link:./tasks/pre_workload.yml[pre_workload.yml] - Sets up an + environment for the workload deployment. +*** Debug task will print out: `pre_workload Tasks completed successfully.` + +** Playbook: link:./tasks/workload.yml[workload.yml] - Used to enable the workshop items +*** Debug task will print out: `workload Tasks completed successfully.` + +** Playbook: link:./tasks/post_workload.yml[post_workload.yml] - Used to + configure the workload after deployment +*** This role doesn't do anything here +*** Debug task will print out: `post_workload Tasks completed successfully.` + +** Playbook: link:./tasks/remove_workload.yml[remove_workload.yml] - Used to + delete the workload +*** This role removes the service broker from OCP 4 +*** Debug task will print out: `remove_workload Tasks completed successfully.` + +== Review the defaults variable file + +* This file link:./defaults/main.yml[./defaults/main.yml] contains all the variables you need to define to control the deployment of your workload. +* The variable *ocp_username* is mandatory to assign the workload to the correct OpenShift user. +* A variable *silent=True* can be passed to suppress debug messages. +* You can modify any of these default values by adding `-e "variable_name=variable_value"` to the command line + +=== Deploy a Workload with the `ocp-workload` playbook [Mostly for testing] + +---- +TARGET_HOST="bastion.na4.openshift.opentlc.com" +OCP_USERNAME="jfalkner-redhat.com" +WORKLOAD="ocp4_workload_quarkus_workshop_user" +GUID=1001 + +# a TARGET_HOST is specified in the command line, without using an inventory file +ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ + -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ + -e"ansible_user=ec2-user" \ + -e"ocp_username=${OCP_USERNAME}" \ + -e"ocp_workload=${WORKLOAD}" \ + -e"silent=False" \ + -e"guid=${GUID}" \ + -e"ACTION=create" +---- + +=== To Delete an environment + +---- +TARGET_HOST="bastion.na4.openshift.opentlc.com" +OCP_USERNAME="wkulhane-redhat.com" +WORKLOAD="ocp4_workload_quarkus_workshop_user" +GUID=1002 + +# a TARGET_HOST is specified in the command line, without using an inventory file +ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ + -e"ansible_ssh_private_key_file=~/.ssh/keytoyourhost.pem" \ + -e"ansible_user=ec2-user" \ + -e"ocp_username=${OCP_USERNAME}" \ + -e"ocp_workload=${WORKLOAD}" \ + -e"guid=${GUID}" \ + -e"ACTION=remove" +---- diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/defaults/main.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/defaults/main.yml new file mode 100644 index 00000000000..cb6d509ea67 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/defaults/main.yml @@ -0,0 +1,7 @@ +--- +become_override: False +ocp_username: jfalkner-redhat.com +silent: False + +ocp4_workshop_quarkus_workshop_user_che_user_password: 'openshift' + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/meta/main.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/meta/main.yml new file mode 100644 index 00000000000..8854577a2e6 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/meta/main.yml @@ -0,0 +1,18 @@ +--- +galaxy_info: + role_name: ocp4-workload-quarkus-workshop-user + author: + - Application Service BU Runtimes Team, James Falkner (jfalkner@redhat.com) + - Application Service BU Runtimes Team, Daniel Oh (doh@redhat.com) + description: | + Create User for Quarkus Basic and Advanced workshop with CodeReady Workspaces, AMQ Streams, OpenShift 4. + This catalog entry is developed and maintained by the Application Services BU. + license: MIT + min_ansible_version: 2.9 + platforms: [] + galaxy_tags: + - quarkus + - workshop + - ocp + - openshift +dependencies: [] \ No newline at end of file diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add-codeready-user.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add-codeready-user.yaml new file mode 100644 index 00000000000..02cdf9c1b40 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add-codeready-user.yaml @@ -0,0 +1,20 @@ +--- +- name: create codeready user + include_tasks: add_che_user.yaml + vars: + user: "{{ t_user }}" + +- name: Pre-create and warm user workspaces + include_tasks: create_che_workspace.yaml + vars: + user: "{{ t_user }}" + +- name: wait a minute and let the image download and be registered + pause: + minutes: 2 + +- name: Attempt to warm workspaces which failed to start + include_tasks: verify_che_workspace.yaml + vars: + user: "{{ t_user }}" + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add_che_user.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add_che_user.yaml new file mode 100644 index 00000000000..3b45b9dda52 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/add_che_user.yaml @@ -0,0 +1,36 @@ +--- +- name: Get codeready SSO admin token + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/master/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ codeready_sso_admin_username }}" + password: "{{ codeready_sso_admin_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200,201,204 + register: codeready_sso_admin_token + +- name: Add user {{ user }} to Che + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/admin/realms/codeready/users + validate_certs: false + method: POST + headers: + Content-Type: application/json + Authorization: "Bearer {{ codeready_sso_admin_token.json.access_token }}" + body: + username: "{{ user }}" + enabled: true + emailVerified: true + firstName: "{{ user }}" + lastName: Developer + email: "{{ user }}@no-reply.com" + credentials: + - type: password + value: "{{ ocp4_workshop_quarkus_workshop_user_che_user_password }}" + temporary: false + body_format: json + status_code: 201,409 diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/confirm_che_workspace.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/confirm_che_workspace.yaml new file mode 100644 index 00000000000..c95d9a466e2 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/confirm_che_workspace.yaml @@ -0,0 +1,32 @@ +--- +- name: "Get Che {{ user }} token" + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ user }}" + password: "{{ ocp4_workshop_quarkus_workshop_user_che_user_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200 + register: user_token + +- name: Confirm running status of workspace for {{ user }} + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace" + validate_certs: false + method: GET + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 200 + register: workspace_def + +- name: "Output warning for {{ user }}" + agnosticd_user_info: + msg: "WARNING: Workspace for {{ user }} failed to initialize - you may need to log in as that user and start it manually!" + when: >- + workspace_def.json[0].status == "STOPPED" or + workspace_def.json[0].status == "STOPPING" diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_che_workspace.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_che_workspace.yaml new file mode 100644 index 00000000000..558e7987ffe --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_che_workspace.yaml @@ -0,0 +1,27 @@ +--- +- name: "Get Che {{ user }} token" + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ user }}" + password: "{{ ocp4_workshop_quarkus_workshop_user_che_user_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200 + register: user_token + +- name: Create workspace for {{ user }} from devfile + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace/devfile?start-after-create=true&namespace={{ user }}" + validate_certs: false + method: POST + headers: + Content-Type: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + body: "{{ lookup('template', './templates/devfile.json.j2') }}" + body_format: json + status_code: 201,409 + register: workspace_def diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_project.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_project.yaml new file mode 100644 index 00000000000..b37e79643f6 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/create_project.yaml @@ -0,0 +1,30 @@ +--- +- name: create project for {{ t_user }} + k8s: + state: present + kind: Project + api_version: project.openshift.io/v1 + definition: + metadata: + name: "{{ t_project_name }}" + annotations: + openshift.io/description: "" + openshift.io/display-name: "{{ t_project_desc }}" + +- name: assign permissions for user {{ t_user }} + k8s: + state: present + kind: RoleBinding + api_version: rbac.authorization.k8s.io/v1 + definition: + metadata: + name: admin + namespace: "{{ t_project_name }}" + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin + subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: "{{ t_user }}" diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/main.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/main.yml new file mode 100644 index 00000000000..f6f8ba1e016 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/main.yml @@ -0,0 +1,31 @@ +--- + +# Do not modify this file + +- name: Running Pre Workload Tasks + include_tasks: + file: ./pre_workload.yml + apply: + become: "{{ become_override | bool }}" + when: ACTION == "create" or ACTION == "provision" or ACTION == "remove" + +- name: Running Workload Tasks + include_tasks: + file: ./workload.yml + apply: + become: "{{ become_override | bool }}" + when: ACTION == "create" or ACTION == "provision" + +- name: Running Post Workload Tasks + include_tasks: + file: ./post_workload.yml + apply: + become: "{{ become_override | bool }}" + when: ACTION == "create" or ACTION == "provision" + +- name: Running Workload removal Tasks + include_tasks: + file: ./remove_workload.yml + apply: + become: "{{ become_override | bool }}" + when: ACTION == "destroy" or ACTION == "remove" diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/post_workload.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/post_workload.yml new file mode 100644 index 00000000000..770aa2516b4 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/post_workload.yml @@ -0,0 +1,34 @@ +--- +- name: Verify everything is deployed correctly + include_tasks: verify-workload.yaml + +# Implement your Post Workload deployment tasks here + +- name: Print user info + agnosticd_user_info: + msg: "{{ item }}" + loop: + - "{{ ocp_username }} has been setup on the shared lab environment." + - "You have access to the following project: {{ guid }}-project" + - "" + - "OpenShift Console: https://{{ r_console_route.resources[0].spec.host }}" + - "CodeReady Console: https://codeready-codeready.{{ route_subdomain }}" + - "" + +- name: Print module info + agnosticd_user_info: + msg: "Module {{item}}: http://web-{{item}}-guides.{{ route_subdomain }}" + loop: "{{ modules }}" + +- name: Save user data + agnosticd_user_info: + data: + web_console_url: "https://{{ r_console_route.resources[0].spec.host }}" + api_url: "{{ r_console_route.resources[0].spec.host }}" + login_command: "oc login -u {{ ocp_username }} {{ r_api_url.resources[0].status.apiServerURL }}" + +# Leave this as the last task in the playbook. +- name: post_workload tasks complete + debug: + msg: "Post-Workload Tasks completed successfully." + when: not silent|bool diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/pre_workload.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/pre_workload.yml new file mode 100644 index 00000000000..f37c7361830 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/pre_workload.yml @@ -0,0 +1,74 @@ +--- +# Implement your Pre Workload deployment tasks here + +- name: Ensure variables are set + assert: + that: + - ocp_username is defined + - guid is defined + fail_msg: "Must define ocp_username and guid" + +- name: Get Web Console route + k8s_facts: + api_version: route.openshift.io/v1 + kind: Route + namespace: openshift-console + name: console + register: r_console_route + +- name: Get API server URL + k8s_facts: + api_version: config.openshift.io/v1 + kind: Infrastructure + name: cluster + register: r_api_url + +- name: extract route_subdomain + k8s_facts: + kind: Ingress + register: route_subdomain_r + +- name: set the route + set_fact: + route_subdomain: "{{ route_subdomain_r.resources[0].spec.domain | trim }}" + +- name: Get codeready keycloak deployment + k8s_facts: + kind: Deployment + namespace: codeready + name: keycloak + register: r_keycloak_deployment + +- name: show cr + debug: + msg: "existing keycloak deployment: {{ r_keycloak_deployment }}" + +- name: set codeready username fact + set_fact: + codeready_sso_admin_username: "{{ r_keycloak_deployment.resources[0].spec.template.spec.containers[0].env | selectattr('name','equalto','SSO_ADMIN_USERNAME') |map (attribute='value') | list | first }}" + +- name: set codeready password fact + set_fact: + codeready_sso_admin_password: "{{ r_keycloak_deployment.resources[0].spec.template.spec.containers[0].env | selectattr('name','equalto','SSO_ADMIN_PASSWORD') |map (attribute='value') | list | first }}" + +- name: show codeready keycloak admin username + debug: + msg: "codeready keycloak admin username: {{ codeready_sso_admin_username }}" + +- name: show codeready keycloak admin password + debug: + msg: "codeready keycloak admin password: {{ codeready_sso_admin_password }}" + +- name: debug values + debug: + msg: + - "master URL: {{ r_api_url.resources[0].status.apiServerURL }}" + - "console URL: https://{{ r_console_route.resources[0].spec.host }}" + - "route subdomain: {{ route_subdomain }}" + - "ocp_username: {{ ocp_username }}" + +# Leave this as the last task in the playbook. +- name: pre_workload tasks complete + debug: + msg: "Pre-Workload tasks completed successfully." + when: not silent|bool diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove-codeready-user.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove-codeready-user.yaml new file mode 100644 index 00000000000..80388e69c78 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove-codeready-user.yaml @@ -0,0 +1,12 @@ +--- + +- name: Remove user workspace + include_tasks: remove_che_workspace.yaml + vars: + user: "{{ t_user }}" + +- name: remove codeready user + include_tasks: remove_che_user.yaml + vars: + user: "{{ t_user }}" + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_user.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_user.yaml new file mode 100644 index 00000000000..85f8a3c19ed --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_user.yaml @@ -0,0 +1,35 @@ +--- +- name: Get codeready SSO admin token + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/master/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ codeready_sso_admin_username }}" + password: "{{ codeready_sso_admin_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200,201,204 + register: codeready_sso_admin_token + +- name: get users ID from sso + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/admin/realms/codeready/users?username={{ user | urlencode }}&exact=true + validate_certs: false + method: GET + headers: + Authorization: "Bearer {{ codeready_sso_admin_token.json.access_token }}" + status_code: 200,201,204 + register: user_rep + +- name: Remove user {{ user }} from sso + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/admin/realms/codeready/users/{{ user_rep.json[0].id }} + validate_certs: false + method: DELETE + headers: + Content-Type: application/json + Authorization: "Bearer {{ codeready_sso_admin_token.json.access_token }}" + status_code: 204 + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_workspace.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_workspace.yaml new file mode 100644 index 00000000000..d5959d5dbfb --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_che_workspace.yaml @@ -0,0 +1,68 @@ +--- +- name: "Get Che {{ user }} token" + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ user }}" + password: "{{ ocp4_workshop_quarkus_workshop_user_che_user_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200 + register: user_token + +- name: get all workspaces for {{ user }} + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace" + validate_certs: false + method: GET + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 200 + register: all_workspaces + +- name: stop workspace for {{ user }} + when: >- + all_workspaces.json | list | length >= 1 and + all_workspaces.json[0].status != "STOPPED" and + all_workspaces.json[0].status != "STOPPING" + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace/{{ all_workspaces.json[0].id }}/runtime" + validate_certs: false + method: DELETE + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 204 + +- name: wait for workspace to be stopped + when: all_workspaces.json | list | length >= 1 + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace" + validate_certs: false + method: GET + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 200 + register: all_stopped_workspaces + retries: 200 + delay: 10 + until: all_stopped_workspaces.json[0].status == "STOPPED" + +- name: delete workspace for {{ user }} + when: all_workspaces.json | list | length >= 1 + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace/{{ all_workspaces.json[0].id }}" + validate_certs: false + method: DELETE + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 204 + retries: 200 + delay: 10 + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_workload.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_workload.yml new file mode 100644 index 00000000000..1e2af4f1be9 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/remove_workload.yml @@ -0,0 +1,22 @@ +# vim: set ft=ansible +--- +# Implement your Workload removal tasks here + +- name: remove codeready user + include_tasks: remove-codeready-user.yaml + vars: + t_user: "{{ ocp_username }}" + +- name: remove the user Project + k8s: + state: absent + name: "{{ guid }}-project" + kind: Project + api_version: project.openshift.io/v1 + + +# Leave this as the last task in the playbook. +- name: remove_workload tasks complete + debug: + msg: "Remove Workload tasks completed successfully." + when: not silent|bool diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify-workload.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify-workload.yaml new file mode 100644 index 00000000000..ebe334eee12 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify-workload.yaml @@ -0,0 +1,21 @@ +--- +- name: verify user project exists + k8s_facts: + api_version: v1 + kind: Namespace + name: "{{ guid }}-project" + field_selectors: + - status.phase=Active + register: r_user_namespace + failed_when: r_user_namespace.resources | list | length != 1 + +- name: verify user workspaces are started + include_tasks: confirm_che_workspace.yaml + vars: + user: "{{ ocp_username }}" + +# Leave this as the last task in the playbook. +- name: workload verification tasks complete + debug: + msg: "Workload Tasks completed successfully." + when: not silent|bool \ No newline at end of file diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify_che_workspace.yaml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify_che_workspace.yaml new file mode 100644 index 00000000000..f253e58ef96 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/verify_che_workspace.yaml @@ -0,0 +1,38 @@ +--- +- name: "Get Che {{ user }} token" + uri: + url: https://keycloak-codeready.{{ route_subdomain }}/auth/realms/codeready/protocol/openid-connect/token + validate_certs: false + method: POST + body: + username: "{{ user }}" + password: "{{ ocp4_workshop_quarkus_workshop_user_che_user_password }}" + grant_type: "password" + client_id: "admin-cli" + body_format: form-urlencoded + status_code: 200 + register: user_token + +- name: Get workspace for {{ user }} + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace" + validate_certs: false + method: GET + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 200 + register: workspace_def + +- name: Verify and start workspace for {{ user }} again if stopped + when: workspace_def.json[0].status == "STOPPED" + uri: + url: "https://codeready-codeready.{{ route_subdomain }}/api/workspace/{{ workspace_def.json[0].id }}/runtime" + validate_certs: false + method: POST + headers: + Accept: application/json + Authorization: "Bearer {{ user_token.json.access_token }}" + status_code: 200 + + diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/workload.yml b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/workload.yml new file mode 100644 index 00000000000..3b779336206 --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/tasks/workload.yml @@ -0,0 +1,31 @@ +# vim: set ft=ansible +--- +# Implement your Workload deployment tasks here + +- name: create module list + set_fact: + modules: "{{ module_type.split(';') | map('trim') | list }}" + +- name: Selected Modules + debug: + msg: "selected modules list: {{ modules }}" + +# Create projects for user +- name: create project user project + include_tasks: create_project.yaml + vars: + t_project_name: "{{ guid }}-project" + t_project_desc: "User project for {{ ocp_username }}" + t_user: "{{ ocp_username }}" + +- name: add codeready user + include_tasks: add-codeready-user.yaml + vars: + t_user: "{{ ocp_username }}" + + +# Leave this as the last task in the playbook. +- name: workload tasks complete + debug: + msg: "Workload Tasks completed successfully." + when: not silent|bool diff --git a/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/templates/devfile.json.j2 b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/templates/devfile.json.j2 new file mode 100644 index 00000000000..589eafb898c --- /dev/null +++ b/ansible/roles_ocp_workloads/ocp4_workload_quarkus_workshop_user/templates/devfile.json.j2 @@ -0,0 +1,115 @@ +{ + "apiVersion": "1.0.0", + "metadata": { + "name": "{{ user }}-workspace" + }, + "components": [ + { + "id": "redhat/quarkus-java11/latest", + "type": "chePlugin" + }, + { + "mountSources": true, + "memoryLimit": "4Gi", + "type": "dockerimage", + "alias": "quarkus-tools", + "image": "image-registry.openshift-image-registry.svc:5000/openshift/quarkus-stack:2.2.45", + "env": [ + { + "value": "/home/jboss/.m2", + "name": "MAVEN_CONFIG" + }, + { + "value": "-Xmx4G -Xss128M -XX:MetaspaceSize=1G -XX:MaxMetaspaceSize=2G -XX:+CMSClassUnloadingEnabled", + "name": "MAVEN_OPTS" + } + ], + "endpoints": [ + { + "name": "web-{{ guid }}", + "port": 8080, + "attributes": { + "discoverable": "true", + "public": "true", + "protocol": "http" + } + }, + { + "name": "debug-{{ guid }}", + "port": 5005, + "attributes": { + "discoverable": "false", + "public": "false", + "protocol": "jdwp" + } + } + ] + } + ], + "commands": [ + { + "name": "Login to OpenShift", + "actions": [ + { + "type": "exec", + "component": "quarkus-tools", + "command": "oc login https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT --insecure-skip-tls-verify=true", + "workdir": "${CHE_PROJECTS_ROOT}" + } + ] + }, + { + "name": "Run Tests", + "actions": [ + { + "type": "exec", + "component": "quarkus-tools", + "command": "mvn verify -f ${CHE_PROJECTS_ROOT}/quarkus-workshop-labs", + "workdir": "${CHE_PROJECTS_ROOT}" + } + ] + }, + { + "name": "Start Live Coding", + "actions": [ + { + "type": "exec", + "component": "quarkus-tools", + "command": "mvn clean compile quarkus:dev -f ${CHE_PROJECTS_ROOT}/quarkus-workshop-labs", + "workdir": "${CHE_PROJECTS_ROOT}" + } + ] + }, + { + "name": "Package App for OpenShift", + "actions": [ + { + "type": "exec", + "component": "quarkus-tools", + "command": "mvn package -DuberJar=true -DskipTests -f ${CHE_PROJECTS_ROOT}/quarkus-workshop-labs", + "workdir": "${CHE_PROJECTS_ROOT}" + } + ] + }, + { + "name": "Build Native App", + "actions": [ + { + "type": "exec", + "component": "quarkus-tools", + "command": "mvn package -Pnative -DskipTests -f ${CHE_PROJECTS_ROOT}/quarkus-workshop-labs", + "workdir": "${CHE_PROJECTS_ROOT}" + } + ] + }, + { + "name": "Start Debugger on 5005", + "actions": [ + { + "type": "vscode-launch", + "referenceContent": "{\n \"version\": \"0.2.0\",\n \"configurations\": [\n {\n \"type\": \"java\",\n \"request\": \"attach\",\n \"name\": \"Attach to App\",\n \"hostName\": \"localhost\",\n \"port\": 5005\n }\n ]\n}\n" + } + ] + } + ] +} \ No newline at end of file