add todos to pre-fligh and auth, and externalip range to inventory

playbooks/inventory.yml

@@ -18,6 +18,7 @@ all:
       rhbk_client_id: openshift
       create_groups: yes
       egress_range: 192.168.50.128/26
+      extip_range: 192.168.50.192/26
 
     rhbk:
       namespace: keycloak

playbooks/pre-flight.yml

@@ -141,6 +141,8 @@
         - setup
         - monitoring
 
+# TODO: configure externalip (ipfailover? metallb?) range
+# TODO: deploy certmanager
 # TODO: deploy logging (?)
 # TODO: logging requires minio
 # TODO: create a private network (nmstate + bridges?)

playbooks/roles/setup-auth/tasks/main.yml

@@ -20,6 +20,9 @@
 #   - either a fqdn or an existing keycloak resource coordinates
 #   - admin credentials
 #
+# TODO: console.spec.authentication.logoutRedirect (config.openshift.io/v1)
+#   should be patched with a logout URL
+#
 - name: Check that the ingresscontroller's defaultCertificate is set
   kubernetes.core.k8s_info:
     kubeconfig: tmp/kubeconfig-ocp4