rht
/
ocp-arch-lab-materials


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
							---
# Ensures all the operator artifacts are created and waits for CSV to succeed.
#
# The following variables must exist:
#
#   op:
#     desired_csv
#     op_nsp
#     op_cat
#     op_pkg
#     op_chn
#     op_mod
#
# NOTE: Do NOT test by checking for presence of API resources - they do not always get cleaned up.

- debug:
    msg: Deploying operator {{ op.op_pkg }} in namespace {{ op.op_nsp }}...

# See if the CSV is available already (anywhere), meaning the operator is already installed.
- name: Check if the CSV exists already
  k8s_info:
    kubeconfig: tmp/kubeconfig-ocp4
    validate_certs: no
    api_version: operators.coreos.com/v1alpha1
    kind: clusterserviceversion
  register: all_csv

- name: Find the wanted CSV among all CSVs
  set_fact:
    found_csv: '{{ (all_csv | community.general.json_query("resources[?contains(metadata.name, `" + op.op_pkg + ".`)]")) }}'
  when:
    - all_csv.resources is defined
    - (all_csv.resources | length) > 0

- name: Get details about the CSV if found
  set_fact:
    csv_ns: "{{ found_csv[0] | community.general.json_query('metadata.namespace') }}"
    csv_name: "{{ found_csv[0] | community.general.json_query('metadata.name') }}"
  when:
    - found_csv is defined
    - (found_csv | length) > 0

- debug:
    msg: Operator {{ op.op_pkg }} is already installed in {{ csv_ns }} as {{ csv_name }} (desired_csv == {{ op.desired_csv }}).
  when:
    - csv_ns is defined
    - csv_name is defined

- name: Only proceed here if the CSV was not found anywhere yet
  block:

    # Check if package provides desired_csv in any of the channels
    - name: Get packagemanifest
      k8s_info:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: packages.operators.coreos.com/v1
        kind: packagemanifest
        namespace: openshift-marketplace
        name: "{{ op.op_pkg }}"
      register: pkg_mft

    - name: Search for any channels that provide desired_csv
      set_fact:
        found_chn: '{{ (pkg_mft | community.general.json_query("resources[0].status.channels[?currentCSV == `" + op.desired_csv + "`].name")) }}'
      when:
        - pkg_mft is defined
        - pkg_mft.resources | length > 0

    - name: Fail if no channel provides the desired_csv
      fail:
        msg: No {{ op.op_pkg }} channel provides {{ op.desired_csv }}
      when:
        - found_chn is defined
        - found_chn | length == 0

    - name: Fail if selected channel does not provide the desired_csv
      fail:
        msg: Operator {{ op.op_pkg }} selected channel {{ op.op_chn }} does not provide {{ op.desired_csv }} - {{ found_chn }}
      when:
        - found_chn is defined
        - found_chn | length > 0
        - op.op_chn not in found_chn

    # Create the namespace if necessary
    - name: Make sure the namespace is there
      k8s:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: v1
        kind: namespace
        name: "{{ op.op_nsp }}"

    # Check for operator group - if existing, make sure it's compatible; otherwise create it
    - name: See if there are any OperatorGroups
      k8s_info:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: operators.coreos.com/v1
        kind: operatorgroup
        namespace: "{{ op.op_nsp }}"
      register: found_opgrp

    - name: Die if more than one OG
      ansible.builtin.fail:
        msg: More than one OperatorGroup found in project.
      when: (found_opgrp.resources | length) > 1

    - name: Die if op_mod is not recognised
      ansible.builtin.fail:
        msg: Unrecognised op.op_mod ({{ op.op_mod }})
      when: op.op_mod not in ["all", "self"]

    - name: Die if op_mod does not match found OG mode
      ansible.builtin.fail:
        msg: Found OG mode does not match required ({{ op.op_mod }})
      when: |
        ((found_opgrp.resources | length) == 1 and op.op_mod == "all" and found_opgrp.resources[0].status.namespaces != [""]) or
        ((found_opgrp.resources | length) == 1 and op.op_mod == "self" and found_opgrp.resources[0].status.namespaces != [op.op_nsp])

    - name: Set fact for namespaces of OG if we require all
      set_fact:
        og_spec: []
      when:
        - op.op_mod == "all"
        - (found_opgrp.resources | length) == 0

    - name: Set fact for namespaces of OG if we require self
      set_fact:
        og_spec: ["{{op.op_nsp}}"]
      when:
        - op.op_mod == "self"
        - (found_opgrp.resources | length) == 0

    - name: Create the OperatorGroup if not there
      k8s:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: operators.coreos.com/v1
        kind: operatorgroup
        namespace: "{{ op.op_nsp }}"
        name: "{{ op.op_nsp }}"
        definition:
          spec:
            targetNamespaces: "{{ og_spec }}"
      when: (found_opgrp.resources | length) == 0

    # create a subscription if not there, and wait for the CSV
    - name: Also make sure there is a subscription
      k8s:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: operators.coreos.com/v1alpha1
        kind: subscription
        namespace: "{{ op.op_nsp }}"
        name: "{{ op.op_pkg }}"
        definition:
          spec:
            source: "{{ op.op_cat }}"
            sourceNamespace: openshift-marketplace
            name: "{{ op.op_pkg }}"
            channel: "{{ op.op_chn }}"
            installPlanApproval: Automatic

    # TODO: Finish this at some point.
    #- name: Wait for installPlan to show up
    #  k8s_info:
    #    kubeconfig: tmp/kubeconfig-ocp4
    #    validate_certs: no
    #    api_version: operators.coreos.com/v1alpha1
    #    kind: installplan
    #    namespace: "{{ op_nsp }}"
    #  register: installplan
    #  until:
    #    - installplan.resources is defined
    #    - (installplan.resources | length) > 0
    #    - installplan.resources[0].spec.approved
    #  retries: 12
    #  delay: 10

    - name: Wait for CSV to show up and complete
      k8s_info:
        kubeconfig: tmp/kubeconfig-ocp4
        validate_certs: no
        api_version: operators.coreos.com/v1alpha1
        kind: clusterserviceversion
        namespace: "{{ op.op_nsp }}"
        name: "{{ op.desired_csv }}"
      register: new_csv
      until:
        - new_csv.resources is defined
        - (new_csv.resources | length) > 0
        - new_csv.resources[0].status is defined
        - new_csv.resources[0].status.phase == "Succeeded"
      retries: 30
      delay: 10

    # TODO: Finish this at some point.
    #- name: Finally, wait for the pod
    #  k8s_info:
    #    kubeconfig: tmp/kubeconfig-ocp4
    #    validate_certs: no
    #    api_version: v1
    #    kind: pod
    #    namespace: rhsso
    #    label_selectors:
    #      - name = rhsso-operator
    #  register: sso_pod
    #  until:
    #    - sso_pod.resources is defined
    #    - (sso_pod.resources | length) > 0
    #    - sso_pod.resources[0].status is defined
    #    - sso_pod.resources[0].status.phase == "Running"
    #  retries: 30
    #  delay: 10

    - debug:
        msg: Operator {{ op.op_pkg }} deployed in namespace {{ op.op_nsp }} with CSV {{ op.desired_csv }}!

  when: found_csv is not defined or (found_csv | length) == 0
...