From dcfcc07924a11ebf878adc0ce9aa5bb9ebb3b9e5 Mon Sep 17 00:00:00 2001 From: kevinpricethesecond Date: Fri, 30 Aug 2024 16:34:54 -0500 Subject: [PATCH 1/5] remove quotes from everything except signing_keys; keyerror handling; make tenant names vars --- .../templates/docker/util/parse_skexport | 20 +++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/playbooks/roles/admin/templates/docker/util/parse_skexport b/playbooks/roles/admin/templates/docker/util/parse_skexport index 901eeb13..8caf63de 100644 --- a/playbooks/roles/admin/templates/docker/util/parse_skexport +++ b/playbooks/roles/admin/templates/docker/util/parse_skexport @@ -28,7 +28,7 @@ apps = { authenticator = { "POSTGRES_PASSWORD": "DBCREDENTIAL_POSTGRES_POSTGRES_AUTHENTICATOR_AUTHENTICATOR_PASSWORD", "postgres_password": "DBCREDENTIAL_POSTGRES_POSTGRES_AUTHENTICATOR_AUTHENTICATOR_PASSWORD", - "LDAP_ROOTPASS": "USER_ADMIN_AUTHENTICATOR_LDAP_TAPIS_DEV_PASSWORD", + "LDAP_ROOTPASS": "USER_{{ global_service_tenant_id | upper }}_AUTHENTICATOR_LDAP_TAPIS_DEV_PASSWORD", "service_password": "SERVICEPWD_AUTHENTICATOR_PASSWORD" } @@ -147,7 +147,7 @@ tenants = { } tokens = { - "site_admin_privatekey": "JWTSIGNING_ADMIN_PRIVATEKEY" + "site_admin_privatekey": "JWTSIGNING_{{ global_service_tenant_id | upper }}_PRIVATEKEY" } vault = {"":""} @@ -158,7 +158,7 @@ workflows = {"":""} # parse args parser = argparse.ArgumentParser() parser.add_argument('-c', '--comp', help='Tapis component to export env file for', required=True) -parser.add_argument('-d', '--dir', help='Tapis data dir as defined in the ansible', required=True) +parser.add_argument('-d', '--dir', help='Tapis data dir as defined in the ansible host vars', required=True) parser.add_argument('-v', '--verbose', help='Display debug information', action='store_true') args = parser.parse_args() @@ -219,8 +219,12 @@ if component == 'security': r = requests.get('http://localhost:8200/v1/auth/approle/role/sk/role-id', headers=headers) if args.verbose: print(f'getting role-id, have:: {r.json()}') - output_dict['TAPIS_SK_VAULT_ROLE_ID'] = r.json()['data']['role_id'] - output_dict['VAULT_ROLEID'] = r.json()['data']['role_id'] + + try: + output_dict['TAPIS_SK_VAULT_ROLE_ID'] = r.json()['data']['role_id'] + output_dict['VAULT_ROLEID'] = r.json()['data']['role_id'] + except KeyError as e: + print(f'Encountered key error while parsing {r.json()}:: {e}') if args.verbose: print(f'''populating values for security, have: @@ -246,6 +250,10 @@ with open(infile, 'r') as lines: output_dict[key] = skexport_value if key == 'MONGO_INITDB_ROOT_PASSWORD': output_dict["MONGO_URI"] = f"mongodb://restheart:{skexport_value}@restheart-mongo:27017/?authSource=admin" + if "public_key" in key or "private_key" in key or "privatekey" in key: + if args.verbose: + print(f'Key {key} is a signing token. Need to make sure its quoted') + output_dict[key] = f'"{skexport_value}"' except KeyError: pass @@ -253,7 +261,7 @@ if args.verbose: print(f'Completed mapping. Writing {output_dict}') for key in output_dict: - outfile.write(f'{key}="{output_dict[key]}"\n') + outfile.write(f'{key}={output_dict[key]}\n') outfile.close() From 4a552513bd8ff5765cc94199820ecf426a0ecd81 Mon Sep 17 00:00:00 2001 From: Christian Garcia Date: Sat, 14 Sep 2024 05:56:42 +0000 Subject: [PATCH 2/5] TapisUI & Pod changes --- CHANGELOG.md | 1 + playbooks/roles/pods/templates/kube/config.json | 9 ++++++++- .../roles/proxy/templates/kube/nginx/locations/ui.conf | 10 ++++++++-- playbooks/roles/tapisui/templates/kube/deployment.yml | 2 -- playbooks/roles/tapisui/templates/kube/service.yml | 2 +- 5 files changed, 18 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 21805bcb..525850ff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ - [Globus-Proxy: 1.6.4 to 1.7.0 (tapis/systems)](https://github.com/tapis-project/tapis-systems/blob/dev/CHANGELOG.md) - [Workflows: 1.6.0 to 1.7.0 (tapis/workflows-api, tapis/workflows-pipelines, tapis/workflow-engine-streams)](https://github.com/tapis-project/tapis-workflows/blob/release-1.7.0/CHANGELOG.md) - [Pods: 1.6.0 to 1.7.0 (tapis/pods-api)](https://github.com/tapis-project/pods_service/blob/dev/CHANGELOG.md) +- [TapisUI: 1.7.0 (tapis/tapisui)](https://github.com/tapis-project/tapis-ui/blob/dev/CHANGELOG.md) ### Breaking Changes for Deployer Admins diff --git a/playbooks/roles/pods/templates/kube/config.json b/playbooks/roles/pods/templates/kube/config.json index 21a3120f..d5ce44b8 100644 --- a/playbooks/roles/pods/templates/kube/config.json +++ b/playbooks/roles/pods/templates/kube/config.json @@ -47,5 +47,12 @@ "log_ex": 43200 }, "{{ pods_service_site_id }}_tenant_object": { - } + }, + "compute_queues": [ + { + "queue_name": "default", + "default": true, + "description": "running with no Kubernetes extras" + } + ] } diff --git a/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf b/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf index 9fc05fc9..532af447 100644 --- a/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf +++ b/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf @@ -1,11 +1,17 @@ # ui -location /tapis-ui +location / { {% if "tapisui" in proxy_nginx_service_list %} proxy_pass http://tapisui-service:3000; {% else %} - proxy_pass {{proxy_primary_site_admin_tenant_base_url}}; + proxy_pass https://tapis-project.org; {% endif %} proxy_redirect off; proxy_set_header Host $host; +} + +location ~* ^/(tapis-ui|tapisui|ui) +{ + # rewrite path to move /tapis-ui, /tapisui, and /ui traffic to / + return 301 https://$host/; } \ No newline at end of file diff --git a/playbooks/roles/tapisui/templates/kube/deployment.yml b/playbooks/roles/tapisui/templates/kube/deployment.yml index 89a5090d..fc1d06ee 100644 --- a/playbooks/roles/tapisui/templates/kube/deployment.yml +++ b/playbooks/roles/tapisui/templates/kube/deployment.yml @@ -15,8 +15,6 @@ spec: - image: {{ tapisui_image }} imagePullPolicy: Always name: tapisui - ports: - - containerPort: 3000 resources: {} tty: true env: diff --git a/playbooks/roles/tapisui/templates/kube/service.yml b/playbooks/roles/tapisui/templates/kube/service.yml index 7412bdb4..76ac28aa 100644 --- a/playbooks/roles/tapisui/templates/kube/service.yml +++ b/playbooks/roles/tapisui/templates/kube/service.yml @@ -8,4 +8,4 @@ spec: app: tapisui-deployment ports: - port: 3000 - targetPort: 3000 + targetPort: 80 From c7c70aafe30510859051585817d6f4d4c907d944 Mon Sep 17 00:00:00 2001 From: mpackard Date: Mon, 16 Sep 2024 22:22:01 -0500 Subject: [PATCH 3/5] ui fix --- playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf b/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf index 532af447..71341021 100644 --- a/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf +++ b/playbooks/roles/proxy/templates/kube/nginx/locations/ui.conf @@ -4,7 +4,7 @@ location / {% if "tapisui" in proxy_nginx_service_list %} proxy_pass http://tapisui-service:3000; {% else %} - proxy_pass https://tapis-project.org; + proxy_pass {{ proxy_primary_site_admin_tenant_base_url }}; {% endif %} proxy_redirect off; proxy_set_header Host $host; @@ -14,4 +14,4 @@ location ~* ^/(tapis-ui|tapisui|ui) { # rewrite path to move /tapis-ui, /tapisui, and /ui traffic to / return 301 https://$host/; -} \ No newline at end of file +} From 9de9c84aeb1081b4c034dbaaff4e0adbe3ae1297 Mon Sep 17 00:00:00 2001 From: mpackard Date: Tue, 17 Sep 2024 01:03:35 -0500 Subject: [PATCH 4/5] 1.7.0 rc1 --- playbooks/roles/admin/defaults/main/vars.yml | 1 + .../templates/docker/util/parse_skexport | 2 +- .../roles/get_defaults/defaults/main/vars.yml | 46 ++++++++--- .../get_defaults/defaults/main/vars.yml.BAK | 76 +++++++++++++++++++ playbooks/roles/get_defaults/tasks/main.yml | 68 +++++++++++++---- .../roles/get_defaults/tasks/main.yml.BAK | 48 ++++++++++++ 6 files changed, 212 insertions(+), 29 deletions(-) create mode 100644 playbooks/roles/get_defaults/defaults/main/vars.yml.BAK create mode 100644 playbooks/roles/get_defaults/tasks/main.yml.BAK diff --git a/playbooks/roles/admin/defaults/main/vars.yml b/playbooks/roles/admin/defaults/main/vars.yml index 751b62dd..b07001a9 100644 --- a/playbooks/roles/admin/defaults/main/vars.yml +++ b/playbooks/roles/admin/defaults/main/vars.yml @@ -5,6 +5,7 @@ admin_service_url: "{{ global_service_url }}" admin_devtenant_url: "{{ global_devtenant_url }}" admin_site_id: "{{ global_site_id }}" admin_service_tenant_id: "{{ global_service_tenant_id }}" +admin_service_devtenant_id: "{{ global_devtenant_id }}" admin_service_name: admin admin_service_site_id: "{{ global_site_id }}" admin_storage_class: "{{ global_storage_class }}" diff --git a/playbooks/roles/admin/templates/docker/util/parse_skexport b/playbooks/roles/admin/templates/docker/util/parse_skexport index e1c608dc..0fc59e4f 100644 --- a/playbooks/roles/admin/templates/docker/util/parse_skexport +++ b/playbooks/roles/admin/templates/docker/util/parse_skexport @@ -143,7 +143,7 @@ tenants = { "POSTGRES_PASSWORD": "DBCREDENTIAL_POSTGRES_TENANTS_POSTGRES_TENANTS_TENANTS_PASSWORD", "service_password": "SERVICEPWD_TENANTS_PASSWORD", "admin_tenant_public_key": "JWTSIGNING_{{ admin_service_tenant_id | upper }}_PUBLICKEY", - "dev_tenant_public_key": "JWTSIGNING_DEV_PUBLICKEY" + "dev_tenant_public_key": "JWTSIGNING_{{ admin_service_devtenant_id | upper }}_PUBLICKEY" } tokens = { diff --git a/playbooks/roles/get_defaults/defaults/main/vars.yml b/playbooks/roles/get_defaults/defaults/main/vars.yml index 84dfa7f9..b8510171 100644 --- a/playbooks/roles/get_defaults/defaults/main/vars.yml +++ b/playbooks/roles/get_defaults/defaults/main/vars.yml @@ -1,18 +1,36 @@ -global_service_tenant_id_default: admin -tapisdir_default: '{{ ansible_env.HOME }}/.tapis/{{ inventory_hostname }}' -tapisdatadir_default: '{{ ansible_env.HOME }}/.tapis-data/{{ inventory_hostname }}' -global_vault_url_default: 'http://vault:8200' +# these should be required to be set in host_vars +global_tapis_domain: '' +tapisdir: '' +tapisdatadir_default: '' +global_site_id: '' +proxy_nginx_cert_file: '' +proxy_nginx_cert_key: '' -# Commenting these, they are getting mixed up with other vars. -#global_service_url_default: 'https://{{ global_service_tenant_id }}.{{ global_tapis_domain }}' -#global_devtenant_url_default: 'https://dev.{{ global_tapis_domain }}' -#global_primary_site_admin_tenant_base_url_default: 'https://admin.{{ global_tapis_domain }}' +# For primary sites, these should be left default +# For associate sites, these should be changed (and must be unique across the primary sites' tenant names) +# ... AND the value needs to match what it is in the site record +global_service_tenant_id: admin +global_devtenant_id: dev -# A) There should be NO choice for primary sites, -# B) For associate sites, we should actually compute the field from the site record.. (or anyway, the -# value needs to match what it is on the site record). -components_to_deploy_default: +# For primary site, this is the same as the global_tapis_domain +# For associate site, it should be defined in host_vars +global_service_domain: '{{ global_tapis_domain }}' + +# service urls +# - should be same for primary site +# - should be different for associate site + +global_primary_site_admin_tenant_base_url: 'https://{{ global_service_tenant_id }}.{{ global_service_domain }}' +global_service_url: '{{ global_primary_site_admin_tenant_base_url }}' +global_devtenant_url: 'https://{{ global_devtenant_id }}.{{ global_tapis_domain }}' + + +### relatively safe defaults below + +global_vault_url: http://vault:8200 + +components_to_deploy: - actors - admin - apps @@ -37,3 +55,7 @@ components_to_deploy_default: # - workflows # - test-resources + + + + diff --git a/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK b/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK new file mode 100644 index 00000000..9ec604e0 --- /dev/null +++ b/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK @@ -0,0 +1,76 @@ +global_service_tenant_id_default: admin +global_dev_tenant_id_default: dev +tapisdir_default: '{{ ansible_env.HOME }}/.tapis/{{ inventory_hostname }}' +tapisdatadir_default: '{{ ansible_env.HOME }}/.tapis-data/{{ inventory_hostname }}' +global_vault_url_default: 'http://vault:8200' + +# Commenting these, they are getting mixed up with other vars. +#global_service_url_default: 'https://{{ global_service_tenant_id }}.{{ global_tapis_domain }}' +#global_devtenant_url_default: 'https://dev.{{ global_tapis_domain }}' +#global_primary_site_admin_tenant_base_url_default: 'https://admin.{{ global_tapis_domain }}' + + +# A) There should be NO choice for primary sites, +# B) For associate sites, we should actually compute the field from the site record.. (or anyway, the +# value needs to match what it is on the site record). +components_to_deploy_default: + - actors + - admin + - apps + - authenticator + - files + - globus-proxy + - jobs + - meta +# - monitoring + - notifications +# - pgrest +# - pods + - proxy + - security + - skadmin + - streams + - systems + - tapisui + - tenants + - tokens + - vault +# - workflows +# - test-resources + + + + +### test new way + +global_service_tenant_id: '{{ global_service_tenant_id | default(global_service_tenant_id_default) }}' +global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' + +# For primary site, this is the same as the global_tapis_domain +global_service_domain: '{{ global_service_domain | default(global_tapis_domain) }}' + +# service urls +# - should be same for primary site +# - should be different for associate site + +global_primary_site_admin_tenant_base_url: '{{ global_service_tenant_id }}.{{ global_service_domain }}' +global_service_url: '{{ global_primary_site_admin_tenant_base_url }}' +global_devtenant_url: '{{ global_dev_tenant_id }}.{{ global_tapis_domain }}' + +tapisdir: '{{ tapisdir | default(tapisdir_default) }}' +tapisdatadir: '{{ tapisdatadir | default(tapisdatadir_default) }}' +global_vault_url: '{{ global_vault_url | default(global_vault_url_default) }}' +components_to_deploy: '{{ components_to_deploy | default(components_to_deploy_default) }}' + + + + + + + + + + + + + diff --git a/playbooks/roles/get_defaults/tasks/main.yml b/playbooks/roles/get_defaults/tasks/main.yml index 63dfd59d..f5b8f88d 100644 --- a/playbooks/roles/get_defaults/tasks/main.yml +++ b/playbooks/roles/get_defaults/tasks/main.yml @@ -1,22 +1,58 @@ --- -- name: Set default values for vars +# Ensure global vars are defined and checked + +- name: Test that important variables are present and not empty + assert: + that: + - tapisdir != '' + - tapisdatadir != '' + - components_to_deploy != '' + - global_service_tenant_id != '' + - global_devtenant_id != '' + - global_service_domain != '' + - global_primary_site_admin_tenant_base_url != '' + - global_service_url != '' + - global_devtenant_url != '' + - global_vault_url != '' + +- name: If associate site (site_type 2), check a few variables + assert: + that: + - global_service_tenant_id != 'admin' + - global_devtenant_id != 'dev' + - global_tapis_domain != '{{ global_service_domain }}' + when: + - site_type == 2 + +- name: Print important vars + ansible.builtin.debug: + var: "{{ item }}" + with_items: + - tapisdir + - tapisdatadir + - components_to_deploy + - global_service_tenant_id + - global_devtenant_id + - global_service_domain + - global_primary_site_admin_tenant_base_url + - global_service_url + - global_devtenant_url + - global_vault_url + + +# Use set_fact on global vars so the following roles can use them + +- name: Set global vars ansible.builtin.set_fact: - global_service_tenant_id: '{{ global_service_tenant_id | default(global_service_tenant_id_default) }}' - tapisdir: '{{ tapisdir | default(tapisdir_default) }}' - tapisdatadir: '{{ tapisdatadir | default(tapisdatadir_default) }}' - global_vault_url: '{{ global_vault_url | default(global_vault_url_default) }}' - #global_service_url: '{{ global_service_url | default(global_service_url_default) }}' + tapisdir: '{{ tapisdir }}' + tapisdatadir: '{{ tapisdatadir }}' + components_to_deploy: '{{ components_to_deploy }}' + global_service_tenant_id: '{{ global_service_tenant_id }}' + global_devtenant_id: '{{ global_devtenant_id }}' + global_service_domain: '{{ global_service_domain }}' + global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url }}' global_service_url: '{{ global_service_url }}' - components_to_deploy: '{{ components_to_deploy | default(components_to_deploy_default) }}' - #global_devtenant_url: '{{ global_devtenant_url | default(global_devtenant_url_default) }}' global_devtenant_url: '{{ global_devtenant_url }}' - #global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url | default(global_primary_site_admin_tenant_base_url_default) }}' - global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url }}' + global_vault_url: '{{ global_vault_url }}' -- name: Values being used - ansible.builtin.debug: - msg: - - 'tapisdir: {{ tapisdir }}' - - 'tapisdatadir: {{ tapisdatadir }}' - - 'components_to_deploy: {{ components_to_deploy }}' diff --git a/playbooks/roles/get_defaults/tasks/main.yml.BAK b/playbooks/roles/get_defaults/tasks/main.yml.BAK new file mode 100644 index 00000000..cd75e3a3 --- /dev/null +++ b/playbooks/roles/get_defaults/tasks/main.yml.BAK @@ -0,0 +1,48 @@ +--- + +- name: Set default values for vars + ansible.builtin.set_fact: + + # tenant ids + # - should be 'admin' & 'dev' for primary site + # - must be unique among primary site tenant ids, associate sites cannot use 'admin' or 'dev' + # - example associate site tenants 'wowadm01' and 'wowdev01' + + global_service_tenant_id: '{{ global_service_tenant_id | default(global_service_tenant_id_default) }}' + global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' + + # For primary site, this is the same as the global_tapis_domain + global_service_domain: '{{ global_service_domain | default(global_tapis_domain) }}' + + # service urls + # - should be same for primary site + # - should be different for associate site + + global_primary_site_admin_tenant_base_url: '{{ global_service_tenant_id }}.{{ global_service_domain }}' + #global_service_url: '{{ global_primary_site_admin_tenant_base_url }}' + global_devtenant_url: '{{ global_dev_tenant_id }}.{{ global_tapis_domain }}' + +# Commenting these, they are getting mixed up with other vars. +#global_service_url_default: 'https://{{ global_service_tenant_id }}.{{ global_tapis_domain }}' +#global_devtenant_url_default: 'https://dev.{{ global_tapis_domain }}' +#global_primary_site_admin_tenant_base_url_default: 'https://admin.{{ global_tapis_domain }}' + + # old + #global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' + #global_devtenant_url: '{{ global_devtenant_url }}' + #global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url | default(global_primary_site_admin_tenant_base_url_default) }}' + #global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url }}' + + tapisdir: '{{ tapisdir | default(tapisdir_default) }}' + tapisdatadir: '{{ tapisdatadir | default(tapisdatadir_default) }}' + global_vault_url: '{{ global_vault_url | default(global_vault_url_default) }}' + #global_service_url: '{{ global_service_url | default(global_service_url_default) }}' + #global_service_url: '{{ global_service_url }}' + components_to_deploy: '{{ components_to_deploy | default(components_to_deploy_default) }}' + +- name: Values being used + ansible.builtin.debug: + msg: + - 'tapisdir: {{ tapisdir }}' + - 'tapisdatadir: {{ tapisdatadir }}' + - 'components_to_deploy: {{ components_to_deploy }}' From 28f201b3d501d9684eb4be3f2a9f78190a773e38 Mon Sep 17 00:00:00 2001 From: mpackard Date: Tue, 17 Sep 2024 01:06:22 -0500 Subject: [PATCH 5/5] 1.7.0 rc1 --- .../get_defaults/defaults/main/vars.yml.BAK | 76 ------------------- .../roles/get_defaults/tasks/main.yml.BAK | 48 ------------ 2 files changed, 124 deletions(-) delete mode 100644 playbooks/roles/get_defaults/defaults/main/vars.yml.BAK delete mode 100644 playbooks/roles/get_defaults/tasks/main.yml.BAK diff --git a/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK b/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK deleted file mode 100644 index 9ec604e0..00000000 --- a/playbooks/roles/get_defaults/defaults/main/vars.yml.BAK +++ /dev/null @@ -1,76 +0,0 @@ -global_service_tenant_id_default: admin -global_dev_tenant_id_default: dev -tapisdir_default: '{{ ansible_env.HOME }}/.tapis/{{ inventory_hostname }}' -tapisdatadir_default: '{{ ansible_env.HOME }}/.tapis-data/{{ inventory_hostname }}' -global_vault_url_default: 'http://vault:8200' - -# Commenting these, they are getting mixed up with other vars. -#global_service_url_default: 'https://{{ global_service_tenant_id }}.{{ global_tapis_domain }}' -#global_devtenant_url_default: 'https://dev.{{ global_tapis_domain }}' -#global_primary_site_admin_tenant_base_url_default: 'https://admin.{{ global_tapis_domain }}' - - -# A) There should be NO choice for primary sites, -# B) For associate sites, we should actually compute the field from the site record.. (or anyway, the -# value needs to match what it is on the site record). -components_to_deploy_default: - - actors - - admin - - apps - - authenticator - - files - - globus-proxy - - jobs - - meta -# - monitoring - - notifications -# - pgrest -# - pods - - proxy - - security - - skadmin - - streams - - systems - - tapisui - - tenants - - tokens - - vault -# - workflows -# - test-resources - - - - -### test new way - -global_service_tenant_id: '{{ global_service_tenant_id | default(global_service_tenant_id_default) }}' -global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' - -# For primary site, this is the same as the global_tapis_domain -global_service_domain: '{{ global_service_domain | default(global_tapis_domain) }}' - -# service urls -# - should be same for primary site -# - should be different for associate site - -global_primary_site_admin_tenant_base_url: '{{ global_service_tenant_id }}.{{ global_service_domain }}' -global_service_url: '{{ global_primary_site_admin_tenant_base_url }}' -global_devtenant_url: '{{ global_dev_tenant_id }}.{{ global_tapis_domain }}' - -tapisdir: '{{ tapisdir | default(tapisdir_default) }}' -tapisdatadir: '{{ tapisdatadir | default(tapisdatadir_default) }}' -global_vault_url: '{{ global_vault_url | default(global_vault_url_default) }}' -components_to_deploy: '{{ components_to_deploy | default(components_to_deploy_default) }}' - - - - - - - - - - - - - diff --git a/playbooks/roles/get_defaults/tasks/main.yml.BAK b/playbooks/roles/get_defaults/tasks/main.yml.BAK deleted file mode 100644 index cd75e3a3..00000000 --- a/playbooks/roles/get_defaults/tasks/main.yml.BAK +++ /dev/null @@ -1,48 +0,0 @@ ---- - -- name: Set default values for vars - ansible.builtin.set_fact: - - # tenant ids - # - should be 'admin' & 'dev' for primary site - # - must be unique among primary site tenant ids, associate sites cannot use 'admin' or 'dev' - # - example associate site tenants 'wowadm01' and 'wowdev01' - - global_service_tenant_id: '{{ global_service_tenant_id | default(global_service_tenant_id_default) }}' - global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' - - # For primary site, this is the same as the global_tapis_domain - global_service_domain: '{{ global_service_domain | default(global_tapis_domain) }}' - - # service urls - # - should be same for primary site - # - should be different for associate site - - global_primary_site_admin_tenant_base_url: '{{ global_service_tenant_id }}.{{ global_service_domain }}' - #global_service_url: '{{ global_primary_site_admin_tenant_base_url }}' - global_devtenant_url: '{{ global_dev_tenant_id }}.{{ global_tapis_domain }}' - -# Commenting these, they are getting mixed up with other vars. -#global_service_url_default: 'https://{{ global_service_tenant_id }}.{{ global_tapis_domain }}' -#global_devtenant_url_default: 'https://dev.{{ global_tapis_domain }}' -#global_primary_site_admin_tenant_base_url_default: 'https://admin.{{ global_tapis_domain }}' - - # old - #global_dev_tenant_id: '{{ global_dev_tenant_id | default(global_dev_tenant_id_default) }}' - #global_devtenant_url: '{{ global_devtenant_url }}' - #global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url | default(global_primary_site_admin_tenant_base_url_default) }}' - #global_primary_site_admin_tenant_base_url: '{{ global_primary_site_admin_tenant_base_url }}' - - tapisdir: '{{ tapisdir | default(tapisdir_default) }}' - tapisdatadir: '{{ tapisdatadir | default(tapisdatadir_default) }}' - global_vault_url: '{{ global_vault_url | default(global_vault_url_default) }}' - #global_service_url: '{{ global_service_url | default(global_service_url_default) }}' - #global_service_url: '{{ global_service_url }}' - components_to_deploy: '{{ components_to_deploy | default(components_to_deploy_default) }}' - -- name: Values being used - ansible.builtin.debug: - msg: - - 'tapisdir: {{ tapisdir }}' - - 'tapisdatadir: {{ tapisdatadir }}' - - 'components_to_deploy: {{ components_to_deploy }}'