diff --git a/docs/playbooks/oneclick-visualinspection.md b/docs/playbooks/oneclick-visualinspection.md index 628ae4663..04ed72910 100644 --- a/docs/playbooks/oneclick-visualinspection.md +++ b/docs/playbooks/oneclick-visualinspection.md @@ -21,6 +21,10 @@ All timings are estimates, see the individual pages for each of these playbooks - `MAS_CONFIG_DIR` Directory where generated config files will be saved (you may also provide pre-generated config files here) - `IBM_ENTITLEMENT_KEY` Your IBM Entitlement key to access the IBM Container Registry +## Optional environment variables +- `MAS_APP_SETTINGS_VISUALINSPECTION_STORAGE_CLASS` Defines a custom file storage class for Visual Inspection application. If none provided, then a default storage class will be auto defined accordingly to your cluster's availability i.e `ibmc-file-gold` for IBM Cloud or `azurefiles-premium` for Azure clusters. +- `MAS_APP_SETTINGS_VISUALINSPECTION_STORAGE_SIZE` Defines persistent storage size for Visual Inspection application. If not provided, default is `100Gi`. + ## Usage ```bash export MAS_INSTANCE_ID=inst1 diff --git a/ibm/mas_devops/roles/configure_manage_eventstreams/defaults/main.yml b/ibm/mas_devops/roles/configure_manage_eventstreams/defaults/main.yml index 4ee901f50..5d079fa4f 100644 --- a/ibm/mas_devops/roles/configure_manage_eventstreams/defaults/main.yml +++ b/ibm/mas_devops/roles/configure_manage_eventstreams/defaults/main.yml @@ -22,5 +22,5 @@ mas_app_ws_fqn: "{{ lookup('env','MAS_APP_WS_FQN') | default('manageworkspaces.a mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: ManageWorkspace -mas_app_cfg_timeout: 480 # 8 minutes before we give up and fall back into the retry loop -mas_app_cfg_retries: 50 # 8 mins each loop * 50 loops =~ 400 minutes / 6 2/3 hours (Manage is really slow to set up) +mas_app_cfg_timeout: "{{ lookup('env', 'MAS_APP_CFG_TIMEOUT') | default(480, true)}}" # 8 minutes before we give up and fall back into the retry loop +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(50, true)}}" # 8 mins each loop * 50 loops =~ 400 minutes / 6 2/3 hours (Manage is really slow to set up) diff --git a/ibm/mas_devops/roles/cp4d_service/tasks/wait/wait-wd.yml b/ibm/mas_devops/roles/cp4d_service/tasks/wait/wait-wd.yml index ae28d4cc2..20502af7b 100644 --- a/ibm/mas_devops/roles/cp4d_service/tasks/wait/wait-wd.yml +++ b/ibm/mas_devops/roles/cp4d_service/tasks/wait/wait-wd.yml @@ -119,6 +119,17 @@ - cpd_cr_wait_lookup.resources[0].status.watsonDiscoveryStatus != "Completed" include_tasks: wait-wd-detectimagepullbackoff.yml +# Adding this in an attempt to have WD installs completing successfully in a consistent way +# in few occasions wd-discovery-ranker-rest pod fails to start up due some other WD pods not running properly +# thus this forces all wd pods to be rebooted with the hopes that it does the trick to have them all up and running +- name: "wait-wd : Restart all wd pods to prevent intermitent failures with wd-discovery-ranker-rest" + when: + - cpd_cr_wait_lookup.resources is defined + - cpd_cr_wait_lookup.resources | length == 1 + - cpd_cr_wait_lookup.resources[0].status is defined + - cpd_cr_wait_lookup.resources[0].status.watsonDiscoveryStatus is defined + - cpd_cr_wait_lookup.resources[0].status.watsonDiscoveryStatus != "Completed" + shell: "oc get pods -n {{ cpd_instance_namespace }} | awk '{print $1}'| grep wd- | xargs oc delete pod -n {{ cpd_instance_namespace }}" # 4. Wait for CP4D service CR to be ready # ----------------------------------------------------------------------------- diff --git a/ibm/mas_devops/roles/gencfg_workspace/tasks/main.yml b/ibm/mas_devops/roles/gencfg_workspace/tasks/main.yml index fb078931d..121af1f28 100644 --- a/ibm/mas_devops/roles/gencfg_workspace/tasks/main.yml +++ b/ibm/mas_devops/roles/gencfg_workspace/tasks/main.yml @@ -1,5 +1,4 @@ --- - # 1. Check for undefined properties that do not have a default # ----------------------------------------------------------------------------- - name: "Assert that mas_instance_id has been provided" @@ -17,6 +16,14 @@ that: mas_workspace_name is defined and mas_workspace_name != "" fail_msg: "mas_workspace_name property has not been set" +- name: "Fail if mas_workspace_id does not meet requirements" + assert: + that: mas_workspace_id is match ('^[a-z][a-z0-9]{2,11}$') + fail_msg: + - "mas_workspace_id does not meet requirements" + - "Must be 3-12 characters long" + - "Must only use lowercase letters and numbers" + - "Must start with a lowercase letter" # 2. Generate Workspace for MAS # ----------------------------------------------------------------------------- @@ -24,4 +31,4 @@ ansible.builtin.template: src: workspace.yml.j2 dest: "{{ mas_config_dir }}/workspace-{{ mas_workspace_id }}.yml" - mode: '664' + mode: "664" diff --git a/ibm/mas_devops/roles/install_operator/tasks/main.yml b/ibm/mas_devops/roles/install_operator/tasks/main.yml index c997cbd1e..066fc8859 100644 --- a/ibm/mas_devops/roles/install_operator/tasks/main.yml +++ b/ibm/mas_devops/roles/install_operator/tasks/main.yml @@ -1,23 +1,20 @@ --- - # 1. Create namespace we will deploy to # ----------------------------------------------------------------------------- - name: "Create namespace" kubernetes.core.k8s: api_version: v1 kind: Namespace - name: '{{ namespace }}' - + name: "{{ namespace }}" - name: Add custom labels to namespace when: custom_labels is defined and custom_labels | length > 0 kubernetes.core.k8s: state: patched kind: Namespace - name: '{{ namespace }}' + name: "{{ namespace }}" definition: "{{ lookup('template', 'templates/custom_labels.json.j2') }}" - # 2. Create an image pull secret for the pre-release catalog # ----------------------------------------------------------------------------- - name: "Debug Entitlement Secret Creation" @@ -25,9 +22,9 @@ msg: - "Target Namespace ....................... {{ namespace }}" - "Artifactory Username ................... {{ artifactory_username | default('', true) }}" - - "Artifactory Password ................... {{ artifactory_token | default('', true) }}" + - "Artifactory Password ................... {{ '************' if (artifactory_token is defined) else '' }}" - "ICR Username ........................... {{ icr_username | default('', true) }}" - - "ICR Password ........................... {{ icr_password | default('', true) }}" + - "ICR Password ........................... {{ '************' if (icr_password is defined) else '' }}" - name: "Create ibm-entitlement secret" kubernetes.core.k8s: @@ -37,11 +34,10 @@ type: kubernetes.io/dockerconfigjson metadata: name: ibm-entitlement - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" data: .dockerconfigjson: "{{ lookup('template', 'templates/ibm-entitlement-with-artifactory.json.j2') | to_json | b64encode }}" - # 3. Patch the default service account for pre-release build access # ----------------------------------------------------------------------------- # If we don't do this then we won't be able to pull the operator image from @@ -56,11 +52,10 @@ kind: ServiceAccount metadata: name: default - namespace: '{{ namespace }}' + namespace: "{{ namespace }}" imagePullSecrets: - name: ibm-entitlement - # 4. Create the operator group that will scope the operator # ----------------------------------------------------------------------------- - name: "Create operator group" @@ -69,7 +64,6 @@ wait: yes wait_timeout: 60 # subsequent tasks will fail if the group isn't fully created - # 5. Create the subscription for the operator # ----------------------------------------------------------------------------- - name: "Create subscription" @@ -78,5 +72,5 @@ wait: yes wait_timeout: 300 wait_condition: - type: 'CatalogSourcesUnhealthy' + type: "CatalogSourcesUnhealthy" status: "False" diff --git a/ibm/mas_devops/roles/kafka/README.md b/ibm/mas_devops/roles/kafka/README.md index d8976956a..948c0f38a 100644 --- a/ibm/mas_devops/roles/kafka/README.md +++ b/ibm/mas_devops/roles/kafka/README.md @@ -1,7 +1,7 @@ kafka ===== -This role provides support to install a Kafka Cluster using [Red Hat AMQ Streams](https://www.redhat.com/en/resources/amq-streams-datasheet), IBM Event Streams or AWS MSK and generate configuration that can be directly applied to Maximo Application Suite. +This role provides support to install a Kafka Cluster using [Red Hat AMQ Streams](https://www.redhat.com/en/resources/amq-streams-datasheet), [IBM Event Streams](https://www.ibm.com/cloud/event-streams) or [AWS MSK](https://aws.amazon.com/msk/) and generate configuration that can be directly applied to Maximo Application Suite. > The Red Hat AMQ streams component is a massively scalable, distributed, and high-performance data streaming platform based on the Apache Kafka project. It offers a distributed backbone that allows microservices and other applications to share data with high throughput and low latency. > @@ -9,6 +9,7 @@ This role provides support to install a Kafka Cluster using [Red Hat AMQ Streams > > The AMQ streams component is part of the Red Hat AMQ family, which also includes the AMQ broker, a longtime innovation leader in Java™ Message Service (JMS) and polyglot messaging, as well as the AMQ interconnect router, a wide-area, peer-to-peer messaging solution. +**Note:** The MAS license does not include entitlement for AMQ streams. The MAS Devops Collection supports this Kafka deployment as an example only. !!! tip The role will generate a yaml file containing the definition of a Secret and KafkaCfg resource that can be used to configure the deployed cluster as the MAS system Kafka. diff --git a/ibm/mas_devops/roles/mongodb/tasks/providers/community/install.yml b/ibm/mas_devops/roles/mongodb/tasks/providers/community/install.yml index 1f7fb8b1c..70bf8c875 100644 --- a/ibm/mas_devops/roles/mongodb/tasks/providers/community/install.yml +++ b/ibm/mas_devops/roles/mongodb/tasks/providers/community/install.yml @@ -304,13 +304,6 @@ namespace: "{{ mongodb_namespace }}" register: mongodb_crt_lookup - - name: "community : install : Create MAS MongoCfg (debug)" - debug: - msg: "{{ lookup('template', 'templates/community/suite_mongocfg.yml.j2') }}" - vars: - mongodb_ca_pem: "{{ mongodb_ca_lookup.resources[0].data['ca.crt'] }}" - mongodb_admin_password: "{{ admin_password_lookup.resources[0].data.password | b64decode }}" - - name: "community : install : Create MAS MongoCfg" when: - mas_instance_id is defined diff --git a/ibm/mas_devops/roles/ocp_config/defaults/main.yml b/ibm/mas_devops/roles/ocp_config/defaults/main.yml index 349dc2942..f017bb47f 100644 --- a/ibm/mas_devops/roles/ocp_config/defaults/main.yml +++ b/ibm/mas_devops/roles/ocp_config/defaults/main.yml @@ -13,4 +13,4 @@ ocp_ingress_server_timeout: "{{ lookup('env', 'OCP_INGRESS_SERVER_TIMEOUT') | de # Ingress Controller Settings # ----------------------------------------------------------------------------- -ocp_operatorhub_disable_redhat_sources: "{{ lookup('env', 'OCP_OPERATORHUB_DISABLE_REDHAT_SOURCES') | default('30s', true) }}" +ocp_operatorhub_disable_redhat_sources: "{{ lookup('env', 'OCP_OPERATORHUB_DISABLE_REDHAT_SOURCES') | default('False', true) | bool }}" diff --git a/ibm/mas_devops/roles/ocp_provision/defaults/main.yml b/ibm/mas_devops/roles/ocp_provision/defaults/main.yml index f1455c55c..621461b1f 100644 --- a/ibm/mas_devops/roles/ocp_provision/defaults/main.yml +++ b/ibm/mas_devops/roles/ocp_provision/defaults/main.yml @@ -14,7 +14,6 @@ supported_cluster_types: - rosa - ipi - # GPU support (limited) # ----------------------------------------------------------------------------- # Flag to add GPU worker node to cluster. Currently only set up for ROKS clusters @@ -26,7 +25,6 @@ gpu_workers: "{{ lookup('env', 'GPU_WORKERS') | default('1', true) }}" # The name of the gpu worker pool. gpu_workerpool_name: "{{ lookup('env', 'GPU_WORKERPOOL_NAME') | default('gpu', true) }}" - # ROKS # ----------------------------------------------------------------------------- ibmcloud_endpoint: "{{ lookup('env', 'IBMCLOUD_ENDPOINT') | default('https://cloud.ibm.com', true) }}" @@ -38,7 +36,6 @@ roks_flavor: "{{ lookup('env', 'ROKS_FLAVOR') | default('b3c.16x64.300gb', true) roks_workers: "{{ lookup('env', 'ROKS_WORKERS') | default('3', true) }}" roks_flags: "{{ lookup('env', 'ROKS_FLAGS') | default('', true) }}" - # FYRE # ----------------------------------------------------------------------------- fyre_username: "{{ lookup('env', 'FYRE_USERNAME') }}" @@ -54,14 +51,12 @@ fyre_worker_count: "{{ lookup('env', 'FYRE_WORKER_COUNT') | default('3', true) } fyre_worker_memory: "{{ lookup('env', 'FYRE_WORKER_MEMORY') | default('16', true) }}" fyre_worker_cpu: "{{ lookup('env', 'FYRE_WORKER_CPU') | default('64', true) }}" - # ROSA # ----------------------------------------------------------------------------- rosa_token: "{{ lookup('env', 'ROSA_TOKEN') }}" rosa_cluster_admin_password: "{{ lookup('env', 'ROSA_CLUSTER_ADMIN_PASSWORD') }}" rosa_compute_nodes: "{{ lookup('env', 'ROSA_COMPUTE_NODES') | default('3', true) }}" - # AWS # ----------------------------------------------------------------------------- aws_access_key_id: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" @@ -93,4 +88,3 @@ ipi_config_dir: "{{ ipi_dir }}/config/{{ cluster_name }}" ocp_installer_dir: "{{ ipi_dir }}/installer/{{ ocp_version }}" ocp_installer_exe: "{{ ipi_dir }}/installer/{{ ocp_version }}/openshift-install" - diff --git a/ibm/mas_devops/roles/sls/tasks/install/main.yml b/ibm/mas_devops/roles/sls/tasks/install/main.yml index 011495d2a..c448772ab 100644 --- a/ibm/mas_devops/roles/sls/tasks/install/main.yml +++ b/ibm/mas_devops/roles/sls/tasks/install/main.yml @@ -178,6 +178,7 @@ password: "{{ mongocfg[0].data.password | b64decode}}" hosts: "{{ mongocfg[1].spec.config.hosts }}" certificates: "{{ lookup('template', 'templates/mongo-certificates.yml.j2') }}" + no_log: true when: mongocfg is defined and mongocfg[0] is defined and mongocfg[0].data is defined - name: Create the Mongo Secret for SLS diff --git a/ibm/mas_devops/roles/suite_app_config/vars/assist.yml b/ibm/mas_devops/roles/suite_app_config/vars/assist.yml index b917c2e82..6aa5f2d56 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/assist.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/assist.yml @@ -2,5 +2,5 @@ mas_app_ws_fqn: assistworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: AssistWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/health.yml b/ibm/mas_devops/roles/suite_app_config/vars/health.yml index 73dbd8d78..69614e5a7 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/health.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/health.yml @@ -3,8 +3,8 @@ mas_app_ws_fqn: healthworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: HealthWorkspace -mas_app_cfg_retries: 50 -mas_app_cfg_delay: 480 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(480, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(50, true)}}" mas_app_settings_aio_flag: "{{ lookup('env', 'MAS_APP_SETTINGS_AIO_FLAG') | default('true', true)}}" mas_app_settings_db2_schema: "{{ lookup('env', 'MAS_APP_SETTINGS_DB2_SCHEMA') | default('maximo', true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/hputilities.yml b/ibm/mas_devops/roles/suite_app_config/vars/hputilities.yml index e27c49a2c..6830cb2e2 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/hputilities.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/hputilities.yml @@ -2,6 +2,5 @@ mas_app_ws_fqn: hputilitiesworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: HPUtilitiesWorkspace - -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/iot.yml b/ibm/mas_devops/roles/suite_app_config/vars/iot.yml index 3062b5f48..1158e6902 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/iot.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/iot.yml @@ -2,5 +2,5 @@ mas_app_ws_fqn: iotworkspaces.iot.ibm.com mas_app_ws_apiversion: iot.ibm.com/v1 mas_app_ws_kind: IoTWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/manage.yml b/ibm/mas_devops/roles/suite_app_config/vars/manage.yml index 6d941def0..928157388 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/manage.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/manage.yml @@ -4,8 +4,8 @@ mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: ManageWorkspace # Depending on the number of components being used the time to configure Manage can grow significantly -mas_app_cfg_retries: 60 # ~8 hours -mas_app_cfg_delay: 480 # ~8 minutes +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(480, true)}}" # ~8 minutes +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(60, true)}}" # ~8 hours mas_app_settings_aio_flag: "{{ lookup('env', 'MAS_APP_SETTINGS_AIO_FLAG') | default('true', true) | bool }}" mas_app_settings_db2_schema: "{{ lookup('env', 'MAS_APP_SETTINGS_DB2_SCHEMA') | default('maximo', true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/monitor.yml b/ibm/mas_devops/roles/suite_app_config/vars/monitor.yml index 413c2fcff..ec30a12e9 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/monitor.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/monitor.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: monitorworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: MonitorWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/mso.yml b/ibm/mas_devops/roles/suite_app_config/vars/mso.yml index 43e457654..7a715b8a5 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/mso.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/mso.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: msoworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: MSOWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/optimizer.yml b/ibm/mas_devops/roles/suite_app_config/vars/optimizer.yml index 96aa9db43..59dc9f727 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/optimizer.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/optimizer.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: optimizerworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: OptimizerWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/predict.yml b/ibm/mas_devops/roles/suite_app_config/vars/predict.yml index b14c735ae..f860d1e61 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/predict.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/predict.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: predictworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: PredictWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/safety.yml b/ibm/mas_devops/roles/suite_app_config/vars/safety.yml index 95d2afaab..400c2bf66 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/safety.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/safety.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: safetyworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: SafetyWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_app_config/vars/visualinspection.yml b/ibm/mas_devops/roles/suite_app_config/vars/visualinspection.yml index dd90163dd..66f550215 100644 --- a/ibm/mas_devops/roles/suite_app_config/vars/visualinspection.yml +++ b/ibm/mas_devops/roles/suite_app_config/vars/visualinspection.yml @@ -3,5 +3,5 @@ mas_app_ws_fqn: visualinspectionappworkspaces.apps.mas.ibm.com mas_app_ws_apiversion: apps.mas.ibm.com/v1 mas_app_ws_kind: VisualInspectionAppWorkspace -mas_app_cfg_delay: 120 -mas_app_cfg_retries: 30 +mas_app_cfg_delay: "{{ lookup('env', 'MAS_APP_CFG_DELAY') | default(120, true)}}" +mas_app_cfg_retries: "{{ lookup('env', 'MAS_APP_CFG_RETRIES') | default(30, true)}}" diff --git a/ibm/mas_devops/roles/suite_install/tasks/main.yml b/ibm/mas_devops/roles/suite_install/tasks/main.yml index 734783982..bf393c29b 100644 --- a/ibm/mas_devops/roles/suite_install/tasks/main.yml +++ b/ibm/mas_devops/roles/suite_install/tasks/main.yml @@ -1,5 +1,4 @@ --- - # 1.a Check for undefined properties that do not have a default # ----------------------------------------------------------------------------- - name: "Fail if mas_instance_id is not provided" @@ -7,6 +6,16 @@ that: mas_instance_id is defined and mas_instance_id != "" fail_msg: "mas_instance_id property is required" +- name: "Fail if mas_instance_id does not meet requirements" + assert: + that: mas_instance_id is match ('^[a-z][a-z0-9-]{1,10}[a-z0-9]$') + fail_msg: + - "mas_instance_id does not meet requirements" + - "Must be 3-12 characters long" + - "Must only use lowercase letters, numbers, and hypen (-) symbol" + - "Must start with a lowercase letter" + - "Must end with a lowercase letter or a number" + # 1.b Set facts for mas_annotations_dict, HyperscalerFormat, HyperscalerChannel # ----------------------------------------------------------------------------- - name: "Set facts : mas_annotations_dict" @@ -100,12 +109,10 @@ set_fact: mas_domain: "{{ mas_instance_id }}.{{ _cluster_subdomain.resources[0].spec.domain }}" - # 3. Determine version of cert-manager in use on the cluster # ----------------------------------------------------------------------------- - include_tasks: tasks/detect-cert-manager.yml - # 4. Provide debug information # ----------------------------------------------------------------------------- - name: "Configure namespace" @@ -125,7 +132,6 @@ - "MAS Cluster Issuer ........... {{ mas_cluster_issuer }}" - "MAS Subcription Upgrade ...... {{ mas_upgrade_strategy }}" - # 5. Install the operator & create entitlement secret # ----------------------------------------------------------------------------- - name: "Install MAS Operator" @@ -168,7 +174,6 @@ spec: approved: true - # 6. Wait until the Suite CRD is available # ----------------------------------------------------------------------------- - name: "Wait until the Suite CRD is available" @@ -189,7 +194,6 @@ - suite_crd_info.resources is defined - suite_crd_info.resources | length > 0 - # 7. Integrated Airgap support # ----------------------------------------------------------------------------- # Before we create the CR we will set up the Airgap Image Map @@ -201,7 +205,6 @@ when: airgap_install include_tasks: "tasks/install_digest_cm.yml" - # 8. Suite installation # ----------------------------------------------------------------------------- - name: Create suite.ibm.com/v1 CR @@ -212,7 +215,6 @@ namespace: "{{ mas_namespace }}" template: templates/core_v1_suite.yml.j2 - # 9. Handle IBM Common Services Install plan approvals when upgrade strategy is set to Manual # ----------------------------------------------------------------------------- # ibm-common-services operators deployed by MAS will inherit the inherit MAS upgrade strategy diff --git a/ibm/mas_devops/roles/uds/tasks/install/udscfg.yml b/ibm/mas_devops/roles/uds/tasks/install/udscfg.yml index eb72933d5..6252a12d0 100644 --- a/ibm/mas_devops/roles/uds/tasks/install/udscfg.yml +++ b/ibm/mas_devops/roles/uds/tasks/install/udscfg.yml @@ -10,7 +10,6 @@ - uds_contact.last_name is defined and uds_contact.last_name != "" fail_msg: "uds_contact property is required" - # 1. Lookup the endpoint route # ----------------------------------------------------------------------------- - name: "udscfg : Lookup UDS endpoint Route" @@ -26,7 +25,6 @@ that: uds_endpoint.resources | length == 1 fail_msg: "Failed looking up UDS endpoint route" - # 2. Lookup the UDS API key # ----------------------------------------------------------------------------- - name: "udscfg : Lookup uds-api-key Secret" @@ -42,14 +40,13 @@ that: uds_apikey_lookup.resources | length == 1 fail_msg: "Failed looking up secret containing UDS API key" - # 3. Set the initial facts # ----------------------------------------------------------------------------- - name: "udscfg : Set facts for BASCfg" set_fact: uds_api_key: "{{ uds_apikey_lookup.resources[0].data.apikey | b64decode }}" uds_endpoint_url: "https://{{uds_endpoint.resources[0].spec.host}}" - + no_log: true # 4. Lookup the certificates # -----------------------------------------------------------------------------