From 098d90ab453835be0715fb97935e9d6b41fbd040 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Tue, 24 Mar 2020 15:32:20 +0100
Subject: [PATCH] Enable apps in settings configmap
---
ansible/group_vars/all/oas.yml | 11 +++++++++
ansible/roles/apps/tasks/cert-manager.yml | 2 +-
ansible/roles/apps/tasks/flux_secret.yml | 5 ++--
ansible/roles/apps/tasks/local-storage.yml | 2 +-
ansible/roles/apps/tasks/nextcloud.yml | 2 +-
ansible/roles/apps/tasks/nginx.yml | 2 +-
ansible/roles/apps/tasks/prometheus.yml | 2 +-
ansible/roles/apps/tasks/rocketchat.yml | 2 +-
ansible/roles/apps/tasks/single-sign-on.yml | 2 +-
ansible/roles/apps/tasks/wordpress.yml | 2 +-
.../cert-manager.yaml} | 0
.../ingress.yaml} | 0
.../local-storage.yaml} | 0
.../monitoring.yaml} | 0
.../nextcloud.yaml} | 0
.../rocketchat.yaml} | 0
.../single-sign-on.yaml} | 0
.../wordpress.yaml} | 0
flux/.flux.yaml | 24 ++++++++++---------
flux/{apps => oas-apps}/nextcloud.yaml | 0
flux/{apps => oas-apps}/rocketchat.yaml | 0
flux/{apps => oas-apps}/wordpress.yaml | 0
flux/{system => oas}/cert-manager.yaml | 0
flux/{system => oas}/local-storage.yaml | 0
flux/{system => oas}/loki-stack.yaml | 0
flux/{system => oas}/monitoring.yaml | 0
flux/{system => oas}/nginx.yaml | 0
flux/{system => oas}/single-sign-on.yaml | 0
28 files changed, 35 insertions(+), 21 deletions(-)
rename ansible/roles/apps/templates/{cert-manager-settings.yaml => settings/cert-manager.yaml} (100%)
rename ansible/roles/apps/templates/{ingress-settings.yaml => settings/ingress.yaml} (100%)
rename ansible/roles/apps/templates/{local-storage-settings.yaml => settings/local-storage.yaml} (100%)
rename ansible/roles/apps/templates/{monitoring-settings.yaml => settings/monitoring.yaml} (100%)
rename ansible/roles/apps/templates/{nextcloud-settings.yaml => settings/nextcloud.yaml} (100%)
rename ansible/roles/apps/templates/{rocketchat-settings.yaml => settings/rocketchat.yaml} (100%)
rename ansible/roles/apps/templates/{single-sign-on-settings.yaml => settings/single-sign-on.yaml} (100%)
rename ansible/roles/apps/templates/{wordpress-settings.yaml => settings/wordpress.yaml} (100%)
rename flux/{apps => oas-apps}/nextcloud.yaml (100%)
rename flux/{apps => oas-apps}/rocketchat.yaml (100%)
rename flux/{apps => oas-apps}/wordpress.yaml (100%)
rename flux/{system => oas}/cert-manager.yaml (100%)
rename flux/{system => oas}/local-storage.yaml (100%)
rename flux/{system => oas}/loki-stack.yaml (100%)
rename flux/{system => oas}/monitoring.yaml (100%)
rename flux/{system => oas}/nginx.yaml (100%)
rename flux/{system => oas}/single-sign-on.yaml (100%)
diff --git a/ansible/group_vars/all/oas.yml b/ansible/group_vars/all/oas.yml
index de93837a6..0e1c478ce 100644
--- a/ansible/group_vars/all/oas.yml
+++ b/ansible/group_vars/all/oas.yml
@@ -86,3 +86,14 @@ local_flux: false
flux_source:
repo: "https://open.greenhost.net/openappstack/openappstack"
branch: "master"
+
+# A whitelist of applications that will be enabled.
+enabled_applications:
+ - 'cert-manager'
+ - 'ingress'
+ - 'local-storage'
+ - 'monitoring'
+ - 'nextcloud'
+ - 'rocketchat'
+ - 'single-sign-on'
+ - 'wordpress'
diff --git a/ansible/roles/apps/tasks/cert-manager.yml b/ansible/roles/apps/tasks/cert-manager.yml
index 055cb85c4..24a0b1d2c 100644
--- a/ansible/roles/apps/tasks/cert-manager.yml
+++ b/ansible/roles/apps/tasks/cert-manager.yml
@@ -52,7 +52,7 @@
- cert-manager
vars:
flux:
- name: "cert-manager-settings"
+ name: "cert-manager"
namespace: "oas"
include_tasks:
file: flux_secret.yml
diff --git a/ansible/roles/apps/tasks/flux_secret.yml b/ansible/roles/apps/tasks/flux_secret.yml
index 23cac6b5b..2342d6f91 100644
--- a/ansible/roles/apps/tasks/flux_secret.yml
+++ b/ansible/roles/apps/tasks/flux_secret.yml
@@ -11,6 +11,7 @@
kind: Secret
metadata:
namespace: "{{ flux.namespace | default('oas-apps') }}"
- name: "{{ flux.name }}"
+ name: "{{ flux.name }}-settings"
data:
- values.yaml: "{{ lookup('template','{{ flux.name }}.yaml') | b64encode }}"
+ values.yaml: "{{ lookup('template','settings/{{ flux.name }}.yaml') | b64encode }}"
+ enabled: "{{ (flux.name in enabled_applications) | ternary('true', 'false') | b64encode }}"
diff --git a/ansible/roles/apps/tasks/local-storage.yml b/ansible/roles/apps/tasks/local-storage.yml
index 22e9c1325..be37099ca 100644
--- a/ansible/roles/apps/tasks/local-storage.yml
+++ b/ansible/roles/apps/tasks/local-storage.yml
@@ -6,7 +6,7 @@
- local-storage
vars:
flux:
- name: "local-storage-settings"
+ name: "local-storage"
namespace: "oas"
include_tasks:
file: flux_secret.yml
diff --git a/ansible/roles/apps/tasks/nextcloud.yml b/ansible/roles/apps/tasks/nextcloud.yml
index a591e63c5..942e2ee87 100644
--- a/ansible/roles/apps/tasks/nextcloud.yml
+++ b/ansible/roles/apps/tasks/nextcloud.yml
@@ -6,7 +6,7 @@
- nextcloud
vars:
flux:
- name: "nextcloud-settings"
+ name: "nextcloud"
include_tasks:
file: flux_secret.yml
apply:
diff --git a/ansible/roles/apps/tasks/nginx.yml b/ansible/roles/apps/tasks/nginx.yml
index 99c019ba8..20c5e04c8 100644
--- a/ansible/roles/apps/tasks/nginx.yml
+++ b/ansible/roles/apps/tasks/nginx.yml
@@ -7,7 +7,7 @@
- nginx
vars:
flux:
- name: "ingress-settings"
+ name: "ingress"
namespace: "oas"
include_tasks:
file: flux_secret.yml
diff --git a/ansible/roles/apps/tasks/prometheus.yml b/ansible/roles/apps/tasks/prometheus.yml
index af180c975..574519001 100644
--- a/ansible/roles/apps/tasks/prometheus.yml
+++ b/ansible/roles/apps/tasks/prometheus.yml
@@ -38,7 +38,7 @@
- prometheus
vars:
flux:
- name: "monitoring-settings"
+ name: "monitoring"
namespace: "oas"
include_tasks:
file: flux_secret.yml
diff --git a/ansible/roles/apps/tasks/rocketchat.yml b/ansible/roles/apps/tasks/rocketchat.yml
index 5efe0efd3..8f9c9b40c 100644
--- a/ansible/roles/apps/tasks/rocketchat.yml
+++ b/ansible/roles/apps/tasks/rocketchat.yml
@@ -7,7 +7,7 @@
- rocketchat
vars:
flux:
- name: "rocketchat-settings"
+ name: "rocketchat"
include_tasks:
file: flux_secret.yml
apply:
diff --git a/ansible/roles/apps/tasks/single-sign-on.yml b/ansible/roles/apps/tasks/single-sign-on.yml
index 69a5c9698..0b7f0760f 100644
--- a/ansible/roles/apps/tasks/single-sign-on.yml
+++ b/ansible/roles/apps/tasks/single-sign-on.yml
@@ -7,7 +7,7 @@
- single-sign-on
vars:
flux:
- name: "single-sign-on-settings"
+ name: "single-sign-on"
namespace: "oas"
include_tasks:
file: flux_secret.yml
diff --git a/ansible/roles/apps/tasks/wordpress.yml b/ansible/roles/apps/tasks/wordpress.yml
index 65f54fc0f..f641ffd85 100644
--- a/ansible/roles/apps/tasks/wordpress.yml
+++ b/ansible/roles/apps/tasks/wordpress.yml
@@ -6,7 +6,7 @@
- wordpress
vars:
flux:
- name: "wordpress-settings"
+ name: "wordpress"
include_tasks:
file: flux_secret.yml
apply:
diff --git a/ansible/roles/apps/templates/cert-manager-settings.yaml b/ansible/roles/apps/templates/settings/cert-manager.yaml
similarity index 100%
rename from ansible/roles/apps/templates/cert-manager-settings.yaml
rename to ansible/roles/apps/templates/settings/cert-manager.yaml
diff --git a/ansible/roles/apps/templates/ingress-settings.yaml b/ansible/roles/apps/templates/settings/ingress.yaml
similarity index 100%
rename from ansible/roles/apps/templates/ingress-settings.yaml
rename to ansible/roles/apps/templates/settings/ingress.yaml
diff --git a/ansible/roles/apps/templates/local-storage-settings.yaml b/ansible/roles/apps/templates/settings/local-storage.yaml
similarity index 100%
rename from ansible/roles/apps/templates/local-storage-settings.yaml
rename to ansible/roles/apps/templates/settings/local-storage.yaml
diff --git a/ansible/roles/apps/templates/monitoring-settings.yaml b/ansible/roles/apps/templates/settings/monitoring.yaml
similarity index 100%
rename from ansible/roles/apps/templates/monitoring-settings.yaml
rename to ansible/roles/apps/templates/settings/monitoring.yaml
diff --git a/ansible/roles/apps/templates/nextcloud-settings.yaml b/ansible/roles/apps/templates/settings/nextcloud.yaml
similarity index 100%
rename from ansible/roles/apps/templates/nextcloud-settings.yaml
rename to ansible/roles/apps/templates/settings/nextcloud.yaml
diff --git a/ansible/roles/apps/templates/rocketchat-settings.yaml b/ansible/roles/apps/templates/settings/rocketchat.yaml
similarity index 100%
rename from ansible/roles/apps/templates/rocketchat-settings.yaml
rename to ansible/roles/apps/templates/settings/rocketchat.yaml
diff --git a/ansible/roles/apps/templates/single-sign-on-settings.yaml b/ansible/roles/apps/templates/settings/single-sign-on.yaml
similarity index 100%
rename from ansible/roles/apps/templates/single-sign-on-settings.yaml
rename to ansible/roles/apps/templates/settings/single-sign-on.yaml
diff --git a/ansible/roles/apps/templates/wordpress-settings.yaml b/ansible/roles/apps/templates/settings/wordpress.yaml
similarity index 100%
rename from ansible/roles/apps/templates/wordpress-settings.yaml
rename to ansible/roles/apps/templates/settings/wordpress.yaml
diff --git a/flux/.flux.yaml b/flux/.flux.yaml
index 49ce67f96..348946f27 100644
--- a/flux/.flux.yaml
+++ b/flux/.flux.yaml
@@ -1,17 +1,19 @@
version: 1
commandUpdated:
generators:
- # Find all yaml files in this directory (recursively). Ignore ones with
- # filename starting with a dot. For each of them, check if the
- # `application-list` configmap has blacklisted the app in the form of an
- # entry with key the app name and value "false", and skip it if so.
+ # Find all yaml files (recursively) in the directories oas and oas-apps.
+ # Ignore ones with filename starting with a dot. For each of them, check if
+ # the corresponding settings configmap has disabled the app by having a key
+ # "enabled" with value "false", and skip it in that case.
- command: >
- for path in $(find . -type f \( -name '*.yaml' -o -name '*.yml' \) -a ! -name '.*'); do
- filename=$(basename $path);
- name="${filename%.*}";
- userOverride=$(kubectl get cm -n oas application-list -o jsonpath="{.data.$name}");
- if [ "$userOverride" == "false" ]; then continue; fi;
- echo '---';
- cat $path;
+ for namespace in "oas" "oas-apps"; do
+ for path in $(find "$namespace" -type f \( -name '*.yaml' -o -name '*.yml' \) -a ! -name '.*'); do
+ filename=$(basename $path);
+ name="${filename%.*}";
+ enabled=$(kubectl get secret -n "$namespace" "${name}-settings" -o jsonpath="{.data.enabled}");
+ if [ "$enabled" == "false" ]; then continue; fi;
+ echo '---';
+ cat $path;
+ done;
done
updaters:
diff --git a/flux/apps/nextcloud.yaml b/flux/oas-apps/nextcloud.yaml
similarity index 100%
rename from flux/apps/nextcloud.yaml
rename to flux/oas-apps/nextcloud.yaml
diff --git a/flux/apps/rocketchat.yaml b/flux/oas-apps/rocketchat.yaml
similarity index 100%
rename from flux/apps/rocketchat.yaml
rename to flux/oas-apps/rocketchat.yaml
diff --git a/flux/apps/wordpress.yaml b/flux/oas-apps/wordpress.yaml
similarity index 100%
rename from flux/apps/wordpress.yaml
rename to flux/oas-apps/wordpress.yaml
diff --git a/flux/system/cert-manager.yaml b/flux/oas/cert-manager.yaml
similarity index 100%
rename from flux/system/cert-manager.yaml
rename to flux/oas/cert-manager.yaml
diff --git a/flux/system/local-storage.yaml b/flux/oas/local-storage.yaml
similarity index 100%
rename from flux/system/local-storage.yaml
rename to flux/oas/local-storage.yaml
diff --git a/flux/system/loki-stack.yaml b/flux/oas/loki-stack.yaml
similarity index 100%
rename from flux/system/loki-stack.yaml
rename to flux/oas/loki-stack.yaml
diff --git a/flux/system/monitoring.yaml b/flux/oas/monitoring.yaml
similarity index 100%
rename from flux/system/monitoring.yaml
rename to flux/oas/monitoring.yaml
diff --git a/flux/system/nginx.yaml b/flux/oas/nginx.yaml
similarity index 100%
rename from flux/system/nginx.yaml
rename to flux/oas/nginx.yaml
diff --git a/flux/system/single-sign-on.yaml b/flux/oas/single-sign-on.yaml
similarity index 100%
rename from flux/system/single-sign-on.yaml
rename to flux/oas/single-sign-on.yaml
--
GitLab