Added Playbook for Vault

Signed-off-by: abhijit_onap <abhijit.das.gupta@huawei.com>
Change-Id: Ieab916d492a63f2caee6067b9e48835bd4a18d08

diff --git a/ocd/infra/playbooks/ealt-all.yml b/ocd/infra/playbooks/ealt-all.yml
index abe698e..3b6344c 100644 (file)
--- a/ocd/infra/playbooks/ealt-all.yml
+++ b/ocd/infra/playbooks/ealt-all.yml
@@ -89,6 +89,15 @@
   roles:
   - mepserver
 
+- hosts: mep-centos
+  become: yes
+  tags:
+  - infra
+  - mep
+
+  roles:
+  - vault
+
 - hosts: certsmanager
   become: yes
   tags:

diff --git a/ocd/infra/playbooks/ealt-inventory.ini b/ocd/infra/playbooks/ealt-inventory.ini
index f59d1b7..b859258 100644 (file)
--- a/ocd/infra/playbooks/ealt-inventory.ini
+++ b/ocd/infra/playbooks/ealt-inventory.ini
@@ -25,11 +25,20 @@ ocdhost ansible_host="" ansible_user="" ansible_password=""
 mecm
 mep
 
+[mep-centos]
+edge2 ansible_host="" ansible_user="" ansible_password=""
+
 [infra-k3s:children]
 mep
 
 [mepautomate:children]
 mep
 
+[platform-applcm:children]
+mecm
+
+[platform-vault:children]
+mep-centos
+
 [certsmanager:children]
 mep

diff --git a/ocd/infra/playbooks/roles/vault/tasks/install.yml b/ocd/infra/playbooks/roles/vault/tasks/install.yml
new file mode 100644 (file)
index 0000000..38e1fa2
--- /dev/null
+++ b/ocd/infra/playbooks/roles/vault/tasks/install.yml
@@ -0,0 +1,31 @@
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: "INSTALL: Add Vault repo"
+# yamllint disable rule:line-length
+  command: helm repo add hashicorp https://helm.releases.hashicorp.com
+# yamllint disable rule:line-length
+
+- name: "INSTALL: Vault "
+  command: helm install vault hashicorp/vault
+
+
+- name: "Installing ...Vault "
+  command: sleep 10
+
+- name: "Initialize Vault POD and Unseal Key"
+  shell:
+# yamllint disable rule:line-length
+    cmd: kubectl exec -ti vault-0 -- vault operator unseal $(kubectl exec vault-0 -- vault operator init -key-shares=1 -key-threshold=1 -format="" | grep -i "unseal key 1" | awk  '{print $4}')
+# yamllint enable rule:line-length

diff --git a/ocd/infra/playbooks/roles/vault/tasks/main.yml b/ocd/infra/playbooks/roles/vault/tasks/main.yml
new file mode 100644 (file)
index 0000000..aedb1c1
--- /dev/null
+++ b/ocd/infra/playbooks/roles/vault/tasks/main.yml
@@ -0,0 +1,22 @@
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for Vault
+- include: "install.yml"
+  static: false
+  when: operation == 'install'
+
+#- include: "uninstall.yml"
+  #when: operation == 'uninstall'