| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 |
- ---
- - name: Pre-flight checks only.
- hosts: workstation.lab.example.com
- gather_subset: min
- become: no
- tasks:
- # Deploy packages, get auth info, etc.
- - include_role:
- name: check-env
- apply:
- tags:
- - check
- tags:
- - check
- # THIS MUST BE BEFORE FIX OPERATORS!
- - include_role:
- name: remove-operators
- apply:
- tags:
- - prep
- - remove
- loop: "{{ removed_operators }}"
- loop_control:
- loop_var: role
- tags:
- - prep
- - remove
- # Fix the operator catalog sources.
- - include_role:
- name: fix-operators
- apply:
- tags:
- - prep
- - fix
- tags:
- - prep
- - fix
- # Re-apply any operators that have had their catalog sources changed.
- - include_role:
- name: deploy-operators
- apply:
- tags:
- - prep
- - deploy
- loop: "{{ added_operators }}"
- loop_control:
- loop_var: role
- tags:
- - prep
- - deploy
- # Ensure RBAC resources (ClusterRoles and Groups) are there.
- - include_role:
- name: setup-rbac
- apply:
- tags:
- - prep
- - setup
- tags:
- - prep
- - setup
- # Ensure a Keycloak is there.
- - include_role:
- name: deploy-rhbk
- apply:
- tags:
- - prep
- - sso
- tags:
- - prep
- - sso
- # Ensure OpenShift OAuth is using the Keycloak.
- - include_role:
- name: setup-auth
- apply:
- tags:
- - prep
- - auth
- tags:
- - prep
- - auth
- # Some additional configuration for infra.
- - name: Ensure HAProxy on utility does not forward plaintext HTTP to OpenShift.
- hosts: utility.lab.example.com
- gather_subset: min
- become: yes
- tasks:
- - include_role:
- name: setup-ingress
- apply:
- tags:
- - prep
- - ingress
- tags:
- - prep
- - ingress
- ...
|
