#63 [PVHEALTH-134] Make k8s variables env
Merged 4 years ago by mkovarik. Opened 4 years ago by sidpremkumar.
sidpremkumar/c3i-library env-var-for-k8  into  master

file modified
+8 -7
@@ -13,6 +13,13 @@ 

  # Main branch used for triggering post merge workflow.

  c3i_git_main_branch: master

  

+ # Openshift connection

+ c3i_ocp_token: "{{ lookup('file', '/run/secrets/kubernetes.io/serviceaccount/token', errors='ignore') | default(lookup('pipe', 'oc whoami -t'), true) }}"

+ c3i_ocp_host: https://paas.psi.redhat.com

+ c3i_ocp_verify_ssl: true

+ c3i_ocp_namespace: "{{ lookup('file', '/run/secrets/kubernetes.io/serviceaccount/namespace', errors='ignore') | default(lookup('pipe', \"awk '/current-context/ {print $2}' ~/.kube/config | cut -f1 -d'/'\"), true) }}"

+ 

+ 

  # Path to dockerfile for Jenkins agent

  c3i_jenkins_agent_buildconfig_contextdir: .

  c3i_jenkins_agent_buildconfig_dockerfile: openshift/containers/jenkins-slave/Dockerfile
@@ -25,7 +32,7 @@ 

  # Email address for notification

  c3i_mail_address:

  # Path to Jenkinsfile snippet for premerge and postmerge workflow

- c3i_build_and_test_snippet: 

+ c3i_build_and_test_snippet:

  # Path to Jenkinsfile snippet for integration tests used by promotion workflow

  c3i_integration_test_snippet:

  
@@ -89,12 +96,6 @@ 

  c3i_fedmsg_provider: fedmsg

  c3i_cloud_name: openshift

  

- # Openshift connection

- c3i_ocp_token: "{{ lookup('file', '/run/secrets/kubernetes.io/serviceaccount/token', errors='ignore') | default(lookup('pipe', 'oc whoami -t'), true) }}"

- c3i_ocp_host: https://paas.psi.redhat.com

- c3i_ocp_verify_ssl: true

- c3i_ocp_namespace: "{{ lookup('file', '/run/secrets/kubernetes.io/serviceaccount/namespace', errors='ignore') | default(lookup('pipe', \"awk '/current-context/ {print $2}' ~/.kube/config | cut -f1 -d'/'\"), true) }}"

- 

  # Jenkins for Jenkinsfile validation - has to have read access for anonymous

  c3i_jenkins_master_validation: jenkins-c3i.cloud.paas.psi.redhat.com

  

@@ -1,9 +1,6 @@ 

  ---

  - name: Create service account {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -17,9 +14,6 @@ 

  

  - name: Create role binding {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -73,9 +67,6 @@ 

  

  - name: Build config {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: "{{ lookup('template', job_vars.template) }}"

@@ -5,9 +5,6 @@ 

  

  - name: Create service account {{ image_name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -20,9 +17,6 @@ 

  

  - name: Create role binding {{ image_name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -71,9 +65,6 @@ 

  

  - name: Build config for {{ image_name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: "{{ lookup('template', job_vars.template) }}"

file modified
+23 -20
@@ -1,21 +1,24 @@ 

  ---

- - name: Including jobs

-   include_tasks: proceed.yml

-   with_filetree: ../templates/jobs

-   loop_control:

-     loop_var: job_item

-   tags:

-     - validate

- - name: Load dockerfile for jenkins agent buildConfig

-   stat:

-     path: "{{ lookup('pipe', 'git rev-parse --show-toplevel') }}/{{ c3i_jenkins_agent_buildconfig_contextdir }}/{{ c3i_jenkins_agent_buildconfig_dockerfile }}"

-   register: build_config_dockerfile

- - name: Create jenkins agent buildConfig

-   k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

-     namespace: "{{ c3i_ocp_namespace }}"

-     state: present

-     definition: "{{ lookup('template', 'jenkins_agent_build_config.yml') }}"

-   when: build_config_dockerfile.stat.isreg

+ - name: C3I Tasks/Main

+   block:

+     - name: Including jobs

+       include_tasks: proceed.yml

+       with_filetree: ../templates/jobs

+       loop_control:

+         loop_var: job_item

+       tags:

+         - validate

+     - name: Load dockerfile for jenkins agent buildConfig

+       stat:

+         path: "{{ lookup('pipe', 'git rev-parse --show-toplevel') }}/{{ c3i_jenkins_agent_buildconfig_contextdir }}/{{ c3i_jenkins_agent_buildconfig_dockerfile }}"

+       register: build_config_dockerfile

+     - name: Create jenkins agent buildConfig

+       k8s:

+         namespace: "{{ c3i_ocp_namespace }}"

+         state: present

+         definition: "{{ lookup('template', 'jenkins_agent_build_config.yml') }}"

+       when: build_config_dockerfile.stat.isreg

+   environment:

+     K8S_AUTH_API_KEY: "{{ c3i_ocp_token }}"

+     K8S_AUTH_HOST: "{{ c3i_ocp_host }}"

+     K8S_AUTH_VERIFY_SSL: "{{ c3i_ocp_verify_ssl }}"

@@ -1,9 +1,6 @@ 

  ---

  - name: Create service account {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -17,9 +14,6 @@ 

  

  - name: Create role binding {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: |
@@ -70,9 +64,6 @@ 

  

  - name: Build config {{ job_vars.name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: "{{ lookup('template', job_vars.template) }}"

@@ -3,9 +3,6 @@ 

  

  - name: Build config for trigger update for {{ job_vars_name }}

    k8s:

-     api_key: "{{ c3i_ocp_token }}"

-     host: "{{ c3i_ocp_host }}"

-     verify_ssl: "{{ c3i_ocp_verify_ssl }}"

      namespace: "{{ c3i_ocp_namespace }}"

      state: present

      definition: "{{ lookup('template', job_vars.template) }}"

Use:
K8S_AUTH_API_KEY: {{ c3i_ocp_token }}"
K8S_AUTH_HOST: "{{ c3i_ocp_host }}"
K8S_AUTH_VERIFY_SSL: "{{ c3i_ocp_verify_ssl }}"

Instead of declaring them at every k8s task.

Build 2f6ece374e10d210d518bb170fa306f16b81b1b2 FAILED!
Rebase or make new commits to rebuild.

rebased onto 2b037df368a7d8f1643409ec3b761da101724f52

4 years ago

Build 2b037df368a7d8f1643409ec3b761da101724f52 FAILED!
Rebase or make new commits to rebuild.

Build 2b037df368a7d8f1643409ec3b761da101724f52 FAILED!
Rebase or make new commits to rebuild.

Build 2b037df368a7d8f1643409ec3b761da101724f52 FAILED!
Rebase or make new commits to rebuild.

Build 2b037df368a7d8f1643409ec3b761da101724f52 FAILED!
Rebase or make new commits to rebuild.

rebased onto 893e6189f412dd3634e2a4b558f98acda4df466f

4 years ago

Build 893e6189f412dd3634e2a4b558f98acda4df466f FAILED!
Rebase or make new commits to rebuild.

rebased onto 245aacebee76591965e6df04ad098cc32e5cdf7e

4 years ago

Build 245aacebee76591965e6df04ad098cc32e5cdf7e FAILED!
Rebase or make new commits to rebuild.

rebased onto ca5b181926b26d8b7c853c8c17a271cc9f3c0a5a

4 years ago

rebased onto c6619ca0be723f73cb1045babd0d39736b377c10

4 years ago

rebased onto 060d48e

4 years ago

Build 060d48e FAILED!
Rebase or make new commits to rebuild.

Build 060d48e FAILED!
Rebase or make new commits to rebuild.

Pull-Request has been merged by mkovarik

4 years ago