diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f2aaa1d..28d278d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,9 +16,9 @@ jobs: check-super-linter: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.1.0 + - uses: actions/checkout@v3.3.0 - name: Check super-linter - uses: github/super-linter@v4.9.7 + uses: github/super-linter@v4.10.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} LINTER_RULES_PATH: .github/linters diff --git a/.github/workflows/on-demand_ci.yml b/.github/workflows/on-demand_ci.yml index 15c870b..6c1fd89 100644 --- a/.github/workflows/on-demand_ci.yml +++ b/.github/workflows/on-demand_ci.yml @@ -24,7 +24,7 @@ jobs: name: Check scripts format runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.1.0 + - uses: actions/checkout@v3.3.0 - name: Run the sh-checker uses: luizm/action-sh-checker@v0.5.0 env: @@ -44,7 +44,7 @@ jobs: env: DEBUG: true steps: - - uses: actions/checkout@v3.1.0 + - uses: actions/checkout@v3.3.0 - name: Install dependencies and configures kind clusters working-directory: ./scripts run: ./install.sh diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 83e8570..80fc263 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -19,7 +19,7 @@ jobs: check-dockerfile: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.1.0 + - uses: actions/checkout@v3.3.0 - name: update Dockerfile uses: ludeeus/dockerfile-updater@21.01.0 with: diff --git a/ansible_kind/scripts/multiclusterkind/configure.sh b/ansible_kind/scripts/multiclusterkind/configure.sh index e106ce6..23ddac1 100755 --- a/ansible_kind/scripts/multiclusterkind/configure.sh +++ b/ansible_kind/scripts/multiclusterkind/configure.sh @@ -28,12 +28,14 @@ function _create_gh_secret { if [ -f "$nephio_gh_filename" ]; then for kubeconfig in ~/.kube/*.config; do - /home/ubuntu/.local/bin/kubectl create secret generic -n default \ - github-personal-access-token \ - --from-literal username=nephio-test \ - --from-file password="${nephio_gh_filename}" \ - --type kubernetes.io/basic-auth \ - --kubeconfig "$kubeconfig" + if [ ! kubectl get secrets github-personal-access-token -n default --kubeconfig "$kubeconfig" ]; then + /home/ubuntu/.local/bin/kubectl create secret generic -n default \ + github-personal-access-token \ + --from-literal username=nephio-test \ + --from-file password="${nephio_gh_filename}" \ + --type kubernetes.io/basic-auth \ + --kubeconfig "$kubeconfig" + fi done fi rm -rf "${nephio_gh_filename}" @@ -93,8 +95,8 @@ kpt live apply "$participant_path" --reconcile-timeout=15m --kubeconfig ~/.kube/ # Install ConfigSync on each workload cluster for kubeconfig in ~/.kube/*.config; do - if [[ "$kubeconfig" =~ nephio.config$ ]]; then - continue + if [[ $kubeconfig =~ nephio.config$ ]]; then + continue fi _install_configsync "$kubeconfig" done diff --git a/nephio-ansible-install/README.md b/nephio-ansible-install/README.md index b516cc6..6c0e634 100644 --- a/nephio-ansible-install/README.md +++ b/nephio-ansible-install/README.md @@ -41,6 +41,8 @@ all: github_organization: gitea_username: gitea_password: + dockerhub_username: + dockerhub_token: proxy: http_proxy: https_proxy: diff --git a/nephio-ansible-install/playbooks/create-gitea.yaml b/nephio-ansible-install/playbooks/create-gitea.yaml index 89f38ad..26caf6e 100644 --- a/nephio-ansible-install/playbooks/create-gitea.yaml +++ b/nephio-ansible-install/playbooks/create-gitea.yaml @@ -5,4 +5,6 @@ https_proxy: "{{proxy.https_proxy}}" no_proxy: "{{proxy.no_proxy}}" roles: - - {role: gitea/create, tags: gitea} + - role: dockerhub/login + - { role: gitea/create, tags: gitea} + - role: dockerhub/logout diff --git a/nephio-ansible-install/playbooks/install-prereq.yaml b/nephio-ansible-install/playbooks/install-prereq.yaml index dfb9c8c..b98c98e 100644 --- a/nephio-ansible-install/playbooks/install-prereq.yaml +++ b/nephio-ansible-install/playbooks/install-prereq.yaml @@ -4,13 +4,23 @@ http_proxy: "{{proxy.http_proxy}}" https_proxy: "{{proxy.https_proxy}}" no_proxy: "{{proxy.no_proxy}}" + + pre_tasks: + - name: install packages + become: true + ansible.builtin.package: + name: + - git + state: present + roles: - - {role: docker, tags: docker} - - {role: kubectl, tags: kubectl} - - {role: kind, tags: kind} - - {role: kpt, tags: kpt} - - {role: cni, tags: cni} - - {role: bash, tags: bash} - - {role: tree, tags: tree} - - {role: nephio/install, tags: nephio} - - {role: clab, tags: clab} + + - { role: docker, tags: docker} + - { role: kubectl, tags: kubectl} + - { role: kind, tags: kind} + - { role: kpt, tags: kpt} + - { role: cni, tags: cni } + - { role: bash, tags: bash } + - { role: tree, tags: tree} + - { role: nephio/install, tags: nephio} + - { role: clab, tags: clab} diff --git a/nephio-ansible-install/roles/clab/tasks/main.yaml b/nephio-ansible-install/roles/clab/tasks/main.yaml index 76bdde6..8a281f2 100644 --- a/nephio-ansible-install/roles/clab/tasks/main.yaml +++ b/nephio-ansible-install/roles/clab/tasks/main.yaml @@ -1,6 +1,8 @@ ## © 2022 Nephio Authors ## Licensed under the Apache License 2.0 ## SPDX-License-Identifier: Apache-2.0 + --- - name: installing clab + become: true shell: bash -c "$(wget -qO - https://get.containerlab.dev)" diff --git a/nephio-ansible-install/roles/cluster/deploy/tasks/cluster_files.yaml b/nephio-ansible-install/roles/cluster/deploy/tasks/cluster_files.yaml index 330cee8..844dbc9 100644 --- a/nephio-ansible-install/roles/cluster/deploy/tasks/cluster_files.yaml +++ b/nephio-ansible-install/roles/cluster/deploy/tasks/cluster_files.yaml @@ -27,7 +27,7 @@ when: item.key == "mgmt" - name: Deploy cluster {{ item.key }} - shell: "kind create cluster --name {{ item.key }} --kubeconfig ~/.kube/{{ item.key }}-config --config /tmp/{{ item.key }}-cluster-config.yaml" + shell: "kind create cluster --name {{ item.key }} --kubeconfig ~/.kube/{{ item.key }}-config --config {{ tmp_directory }}/{{ item.key }}-cluster-config.yaml" register: result failed_when: - result.rc > 1 diff --git a/nephio-ansible-install/roles/cluster/deploy/templates/cluster-config.yaml.j2 b/nephio-ansible-install/roles/cluster/deploy/templates/cluster-config.yaml.j2 index aa13b37..53db202 100644 --- a/nephio-ansible-install/roles/cluster/deploy/templates/cluster-config.yaml.j2 +++ b/nephio-ansible-install/roles/cluster/deploy/templates/cluster-config.yaml.j2 @@ -7,5 +7,5 @@ networking: nodes: - role: control-plane extraMounts: - - hostPath: /tmp/cni + - hostPath: "{{ tmp_directory }}/cni" containerPath: /opt/cni/bin diff --git a/nephio-ansible-install/roles/docker/tasks/docker-Debian.yaml b/nephio-ansible-install/roles/docker/tasks/docker-Debian.yaml new file mode 100644 index 0000000..2534289 --- /dev/null +++ b/nephio-ansible-install/roles/docker/tasks/docker-Debian.yaml @@ -0,0 +1,18 @@ +## © 2023 Nephio Authors +## Licensed under the Apache License 2.0 +## SPDX-License-Identifier: Apache-2.0 + +--- +- name: ensure repository key is installed + become: true + ansible.builtin.apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + +- name: ensure docker registry is available + become: true + apt_repository: repo='deb https://download.docker.com/linux/ubuntu bionic stable' state=present + +- name: ensure docker and dependencies are installed + become: true + apt: name=docker-ce update_cache=yes diff --git a/nephio-ansible-install/roles/docker/tasks/docker-RedHat.yaml b/nephio-ansible-install/roles/docker/tasks/docker-RedHat.yaml new file mode 100644 index 0000000..4160758 --- /dev/null +++ b/nephio-ansible-install/roles/docker/tasks/docker-RedHat.yaml @@ -0,0 +1,37 @@ +## © 2023 Nephio Authors +## Licensed under the Apache License 2.0 +## SPDX-License-Identifier: Apache-2.0 + +--- +- name: set mydistribution + ansible.builtin.set_fact: + mydistribution: "{{ 'rhel' if (ansible_distribution == 'RedHat') else (ansible_distribution | lower) }}" + +- name: Add signing key + ansible.builtin.rpm_key: + key: "https://download.docker.com/linux/{{ mydistribution }}/gpg" + state: present + +- name: Add repository into repo.d list + ansible.builtin.yum_repository: + name: docker + description: docker repository + baseurl: "https://download.docker.com/linux/{{ mydistribution }}/$releasever/$basearch/stable" + enabled: true + gpgcheck: true + gpgkey: "https://download.docker.com/linux/{{ mydistribution }}/gpg" + +- name: Install Docker + ansible.builtin.yum: + name: + - docker-ce + - docker-ce-cli + - containerd.io + state: latest + update_cache: true + +- name: Start Docker + ansible.builtin.service: + name: "docker" + enabled: true + state: started diff --git a/nephio-ansible-install/roles/docker/tasks/main.yaml b/nephio-ansible-install/roles/docker/tasks/main.yaml index 0e2dc3e..348cb39 100644 --- a/nephio-ansible-install/roles/docker/tasks/main.yaml +++ b/nephio-ansible-install/roles/docker/tasks/main.yaml @@ -1,25 +1,24 @@ -## © 2022 Nephio Authors +## © 2023 Nephio Authors ## Licensed under the Apache License 2.0 ## SPDX-License-Identifier: Apache-2.0 --- -- name: ensure repository key is installed - become: true - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - state: present - -- name: ensure docker registry is available - become: true - apt_repository: repo='deb https://download.docker.com/linux/ubuntu bionic stable' state=present +- name: check if docker already installed + ansible.builtin.shell: service docker status + register: docker_status -- name: ensure docker and dependencies are installed - become: true - apt: name=docker-ce update_cache=yes +- include_tasks: "docker-{{ ansible_os_family }}.yaml" + args: + apply: + become: true + when: docker_status.rc != 0 - name: Add user to docker group + ansible.builtin.user: + name: "{{ cloud_user }}" + group: docker become: true - shell: usermod -aG docker {{ cloud_user }} + when: docker_status.rc != 0 - name: Reset connection so docker group is picked up. meta: reset_connection diff --git a/nephio-ansible-install/roles/dockerhub/login/tasks/main.yaml b/nephio-ansible-install/roles/dockerhub/login/tasks/main.yaml new file mode 100644 index 0000000..d210a14 --- /dev/null +++ b/nephio-ansible-install/roles/dockerhub/login/tasks/main.yaml @@ -0,0 +1,9 @@ +## © 2023 Nephio Authors +## Licensed under the Apache License 2.0 +## SPDX-License-Identifier: Apache-2.0 +--- + +- name: login into dockerhub + docker_login: + username: "{{ dockerhub_username }}" + password: "{{ dockerhub_token }}" diff --git a/nephio-ansible-install/roles/dockerhub/logout/tasks/main.yaml b/nephio-ansible-install/roles/dockerhub/logout/tasks/main.yaml new file mode 100644 index 0000000..23d282d --- /dev/null +++ b/nephio-ansible-install/roles/dockerhub/logout/tasks/main.yaml @@ -0,0 +1,8 @@ +## © 2023 Nephio Authors +## Licensed under the Apache License 2.0 +## SPDX-License-Identifier: Apache-2.0 +--- + +- name: logout of Dockerhub + docker_login: + state: absent diff --git a/nephio-ansible-install/roles/nephio/config/tasks/main.yaml b/nephio-ansible-install/roles/nephio/config/tasks/main.yaml index fccd080..17ebd3b 100644 --- a/nephio-ansible-install/roles/nephio/config/tasks/main.yaml +++ b/nephio-ansible-install/roles/nephio/config/tasks/main.yaml @@ -24,6 +24,9 @@ - name: configure ipam shell: kubectl --kubeconfig ~/.kube/mgmt-config apply -f {{ tmp_directory }}/ipam.yaml +- name: deploy mgmt cluster manifests + include_tasks: manifest_mgmt_files.yaml + - name: deploy edge cluster manifests include_tasks: manifest_files.yaml with_dict: "{{ clusters }}" diff --git a/nephio-ansible-install/roles/nephio/config/tasks/manifest_mgmt_files.yaml b/nephio-ansible-install/roles/nephio/config/tasks/manifest_mgmt_files.yaml new file mode 100644 index 0000000..3ffedab --- /dev/null +++ b/nephio-ansible-install/roles/nephio/config/tasks/manifest_mgmt_files.yaml @@ -0,0 +1,36 @@ +## © 2022 Nephio Authors +## Licensed under the Apache License 2.0 +## SPDX-License-Identifier: Apache-2.0 + +--- +- name: github repo + set_fact: + github_repo: "{{ 'https://github.com/{{ github_organization}}/nephio-catalog.git' if github_organization is defined else 'https://github.com/{{ github_username}}/nephio-catalog.git' }}" + when: + - github_username is defined + +- name: copy mgmt github repo + template: + src: "{{ role_path }}/templates/github-mgmt-repo.j2" + dest: "{{ tmp_directory }}/github-mgmt-repo-catalog.yaml" + mode: 0644 + when: + - github_username is defined + +- name: configure mgmt github repo + shell: kubectl --kubeconfig ~/.kube/mgmt-config apply -f {{ tmp_directory }}/github-mgmt-repo-catalog.yaml + when: + - github_username is defined + +- name: copy edge gitea repo + template: + src: "{{ role_path }}/templates/gitea-mgmt-repo.j2" + dest: "{{ tmp_directory }}/gitea-mgmt-repo-catalog.yaml" + mode: 0644 + when: + - gitea_username is defined + +- name: configure edge gitea repo + shell: kubectl --kubeconfig ~/.kube/mgmt-config apply -f {{ tmp_directory }}/gitea-mgmt-repo-catalog.yaml + when: + - gitea_username is defined diff --git a/nephio-ansible-install/roles/nephio/config/templates/gitea-mgmt-repo.j2 b/nephio-ansible-install/roles/nephio/config/templates/gitea-mgmt-repo.j2 new file mode 100644 index 0000000..c886f45 --- /dev/null +++ b/nephio-ansible-install/roles/nephio/config/templates/gitea-mgmt-repo.j2 @@ -0,0 +1,18 @@ +apiVersion: config.porch.kpt.dev/v1alpha1 +kind: Repository +metadata: + name: catalog + namespace: default + labels: + kpt.dev/repository-content: organizational-blueprints +spec: + content: Package + deployment: false + git: + branch: main + createBranch: true + directory: / + repo: http://gitea:3000/nephio/nephio-catalog.git + secretRef: + name: gitea-access-token + type: git \ No newline at end of file diff --git a/nephio-ansible-install/roles/nephio/config/templates/github-mgmt-repo.j2 b/nephio-ansible-install/roles/nephio/config/templates/github-mgmt-repo.j2 new file mode 100644 index 0000000..1858fe0 --- /dev/null +++ b/nephio-ansible-install/roles/nephio/config/templates/github-mgmt-repo.j2 @@ -0,0 +1,17 @@ +apiVersion: config.porch.kpt.dev/v1alpha1 +kind: Repository +metadata: + name: catalog + namespace: default + labels: + kpt.dev/repository-content: organizational-blueprints +spec: + content: Package + deployment: false + git: + branch: main + directory: / + repo: {{github_repo}} + secretRef: + name: github-personal-access-token + type: git \ No newline at end of file diff --git a/nephio-ansible-install/roles/repo-gitea/create/tasks/main.yaml b/nephio-ansible-install/roles/repo-gitea/create/tasks/main.yaml index f0ce1a1..c6942ea 100644 --- a/nephio-ansible-install/roles/repo-gitea/create/tasks/main.yaml +++ b/nephio-ansible-install/roles/repo-gitea/create/tasks/main.yaml @@ -17,6 +17,7 @@ until: _result.status == 200 retries: 12 # 12 * 5 seconds = 1min (60/5) delay: 5 # Every 5 seconds + - name: Create repos ansible.builtin.uri: url: http://localhost:3000/api/v1/user/repos @@ -32,6 +33,25 @@ with_dict: "{{ clusters }}" when: - gitea_username is defined + - item.key != "mgmt" + +- name: Create repos + ansible.builtin.uri: + url: http://localhost:3000/api/v1/user/repos + headers: + Authorization: token {{ gitea_token['content'] | b64decode }} + Content-Type: application/json + accept: application/json + method: POST + body: {'auto_init': true, 'name': "nephio-catalog"} + status_code: 201 + body_format: json + register: result + with_dict: "{{ clusters }}" + when: + - gitea_username is defined + - item.key == "mgmt" + - name: Print return information from the previous task ansible.builtin.debug: var: result diff --git a/nephio-ansible-install/roles/repo-gitea/delete/tasks/main.yaml b/nephio-ansible-install/roles/repo-gitea/delete/tasks/main.yaml index 48dcd49..0c94064 100644 --- a/nephio-ansible-install/roles/repo-gitea/delete/tasks/main.yaml +++ b/nephio-ansible-install/roles/repo-gitea/delete/tasks/main.yaml @@ -1,6 +1,7 @@ ## © 2022 Nephio Authors ## Licensed under the Apache License 2.0 ## SPDX-License-Identifier: Apache-2.0 + --- - name: Slurp access token ansible.builtin.slurp: @@ -8,6 +9,7 @@ register: gitea_token when: - gitea_username is defined + - name: Delete repos ansible.builtin.uri: url: http://localhost:3000/api/v1/repos/nephio/nephio-{{ item.key }} @@ -21,6 +23,23 @@ with_dict: "{{ clusters }}" when: - gitea_username is defined + - item.key != "mgmt" + +- name: Delete repos + ansible.builtin.uri: + url: http://localhost:3000/api/v1/repos/nephio/nephio-catalog + headers: + Authorization: token {{ gitea_token['content'] | b64decode }} + accept: application/json + method: DELETE + status_code: 204 + body_format: json + register: result + with_dict: "{{ clusters }}" + when: + - gitea_username is defined + - item.key == "mgmt" + - name: Print return information from the previous task ansible.builtin.debug: var: result diff --git a/nephio-ansible-install/roles/repo/create/tasks/main.yaml b/nephio-ansible-install/roles/repo/create/tasks/main.yaml index d604d41..9da8704 100644 --- a/nephio-ansible-install/roles/repo/create/tasks/main.yaml +++ b/nephio-ansible-install/roles/repo/create/tasks/main.yaml @@ -1,11 +1,10 @@ ## © 2022 Nephio Authors ## Licensed under the Apache License 2.0 ## SPDX-License-Identifier: Apache-2.0 - --- - name: github url set_fact: - github_url: "{{ 'https://api.github.com/orgs/{{ github_organization }}/repos' if github_organization is defined else 'https://api.github.com/user/repos' }}" + github_url: "{{ 'https://api.github.com/orgs/{{ github_organization }}/repos' if (github_organization is defined and github_organization != '') else 'https://api.github.com/user/repos' }}" when: - github_username is defined @@ -21,4 +20,23 @@ status_code: 201 body_format: json register: result - with_dict: "{{ clusters }}" \ No newline at end of file + with_dict: "{{ clusters }}" + when: + - item.key != "mgmt" + ignore_errors: true + +- name: create repo nephio-catalog + ansible.builtin.uri: + url: "{{ github_url }}" + headers: + Accept: application/vnd.github+json + Authorization: Bearer {{ github_token }} + X-GitHub-Api-Version: 2022-11-28 + method: POST + body: {'auto_init': true, 'name': "nephio-catalog"} + status_code: 201 + body_format: json + register: result + with_dict: "{{ clusters }}" + when: item.key == "mgmt" + ignore_errors: true \ No newline at end of file diff --git a/nephio-ansible-install/roles/repo/delete/tasks/main.yaml b/nephio-ansible-install/roles/repo/delete/tasks/main.yaml index 0a626e0..5a49cf5 100644 --- a/nephio-ansible-install/roles/repo/delete/tasks/main.yaml +++ b/nephio-ansible-install/roles/repo/delete/tasks/main.yaml @@ -3,9 +3,15 @@ ## SPDX-License-Identifier: Apache-2.0 --- +- name: github url + set_fact: + github_url: "{{ 'https://api.github.com/repos/{{ github_organization }}' if (github_organization is defined and github_organization != '') else 'https://api.github.com/repos/{{ github_username }}' }}" + when: + - github_username is defined + - name: delete repo nephio-{{ item.key }} ansible.builtin.uri: - url: https://api.github.com/repos/{{ github_organization }}/nephio-{{ item.key }} + url: "{{ github_url}}/nephio-{{ item.key }}" headers: Accept: application/vnd.github+json Authorization: Bearer {{ github_token }} @@ -16,11 +22,11 @@ register: result with_dict: "{{ clusters }}" when: - - github_username is defined - - github_organization is defined -- name: delete repo nephio-{{ item.key }} + - item.key != "mgmt" + +- name: delete repo nephio-catalog ansible.builtin.uri: - url: https://api.github.com/repos/{{ github_username }}/nephio-{{ item.key }} + url: "{{ github_url}}/nephio-catalog" headers: Accept: application/vnd.github+json Authorization: Bearer {{ github_token }} @@ -31,5 +37,4 @@ register: result with_dict: "{{ clusters }}" when: - - github_username is defined - - github_organization is not defined + - item.key == "mgmt" diff --git a/nephio-ansible-install/roles/tree/tasks/main.yaml b/nephio-ansible-install/roles/tree/tasks/main.yaml index 3f2bea5..89030b7 100644 --- a/nephio-ansible-install/roles/tree/tasks/main.yaml +++ b/nephio-ansible-install/roles/tree/tasks/main.yaml @@ -5,4 +5,5 @@ --- - name: ensure tree is installed become: true - apt: name=tree update_cache=yes \ No newline at end of file + ansible.builtin.package: + name: tree