X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=ocd%2Finfra%2Fplaybooks%2Froles%2Feg_user-mgmt%2Ftasks%2Finstall.yml;h=e215dab88faf8ada4d3e87298673806dabd177c5;hb=refs%2Fchanges%2F95%2F3895%2F5;hp=24d17b488ac43e058ce71e59ad5bae291d6df754;hpb=248938dd0d73ea6a1bb2da043baf9c6866d624fe;p=ealt-edge.git diff --git a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml index 24d17b4..e215dab 100644 --- a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml +++ b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml @@ -16,26 +16,27 @@ --- -- name: Doing deployment setup eg_user-mgm for edge gallery - copy: - src: deploy - dest: /tmp/eg_user-mgmt/ - -- name: Import vars -# yamllint disable rule:line-length +- name: Import config file include_vars: - file: ../../../config.yml - name: vardata -# yamllint disable rule:line-length + file: ../../../config.yml + name: vardata + +- name: Set a variable + ansible.builtin.set_fact: + comm_pwd: "{{ vardata.common_pwd.name }}" + +- name: Create certificates for usermanagment with common pwd + # yamllint disable rule:line-length + command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.common_pwd.name}} + # yamllint disable rule:line-length + when: comm_pwd != "" - name: Generating certificates for usermanagment -# yamllint disable rule:line-length - command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=encryptedPrivateKey=/tmp/eg_user-mgmt/deploy/conf/keys/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.firstvar.name}} -# yamllint disable rule:line-length - args: - chdir: /tmp/.mep_tmp_cer/ + # yamllint disable rule:line-length + command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.user_mgmt_encryptPassword.name}} + # yamllint disable rule:line-length + when: comm_pwd == "" -- name: Pull helm chart eg_user-mgm -# yamllint disable rule:line-length - command: helm install user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ vardata.authServer.name}}:30091,global.oauth2.clients.developer.clientUrl=https://{{ vardata.authServer.name}}:30092,global.oauth2.clients.mecm.clientUrl=https://{{ vardata.authServer.name}}:30093, --set jwt.secretName=user-mgmt-jwt-secret --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret -# yamllint disable rule:line-length +- name: Install user-mgmt + # yamllint disable rule:line-length + command: helm install user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ ansible_host }}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ ansible_host }}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ ansible_host }}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/user-mgmt --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.redis.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/redis --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set images.usermgmt.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.redis.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret