Merge pull request #850 from IBM/roks-airgapped

Support for ROKS air-gapped clusters

Dockerfile

@@ -49,6 +49,11 @@ RUN cd /opt/ansible && \
 #RUN pip3 install -r /cloud-pak-deployer/deployer-web/requirements.txt > /tmp/deployer-web-pip-install.out 2>&1
 RUN pip3 install "cython<3.0.0" wheel && pip3 install PyYAML==6.0 --no-build-isolation && pip3 install -r /cloud-pak-deployer/deployer-web/requirements.txt > /tmp/deployer-web-pip-install.out 2>&1
 
+# cli utilities
+RUN wget -q -O /tmp/cpd-cli.tar.gz $(curl -s https://api.github.com/repos/IBM/cpd-cli/releases/latest | jq -r '.assets[] | select( .browser_download_url | contains("linux-EE")).browser_download_url') && \
+    tar -xzf /tmp/cpd-cli.tar.gz -C /usr/local/bin --strip-components=1 && \
+    rm -f /tmp/cpd-cli.tar.gz
+
 ENV USER_UID=1001
 
 RUN chown -R ${USER_ID}:0 /Data && \

Dockerfile.ppc64le

@@ -47,6 +47,11 @@ RUN cd /opt/ansible && \
 #RUN pip3 install -r /cloud-pak-deployer/deployer-web/requirements.txt > /tmp/deployer-web-pip-install.out 2>&1
 RUN pip3 install "cython<3.0.0" wheel && pip3 install PyYAML==6.0 --no-build-isolation && pip3 install -r /cloud-pak-deployer/deployer-web/requirements.txt > /tmp/deployer-web-pip-install.out 2>&1
 
+# cli utilities
+RUN wget -q -O /tmp/cpd-cli.tar.gz $(curl -s https://api.github.com/repos/IBM/cpd-cli/releases/latest | jq -r '.assets[] | select( .browser_download_url | contains("ppc64le-EE")).browser_download_url') && \
+    tar -xzf /tmp/cpd-cli.tar.gz -C /usr/local/bin --strip-components=1 && \
+    rm -f /tmp/cpd-cli.tar.gz
+
 ENV USER_UID=1001
 
 RUN chown -R ${USER_ID}:0 /Data && \

automation-roles/10-validation/validate-variables/tasks/main.yml

@@ -35,4 +35,4 @@
 
 - include_tasks: azure-validate-variables.yml
   when:
-    - cloud_platform == 'azure'
+    - cloud_platform == 'azure'

automation-roles/20-prepare/download-cli/tasks/main.yml

@@ -15,10 +15,6 @@
 - include_tasks: azure-download-cli.yml
   when: cloud_platform == 'azure'
 
-- name: Download and install cpd-cli
-  include_role:
-    name: cpd-cli-download
-
 - name: Download OpenShift installer
   include_role:
     name: openshift-download-installer
@@ -27,13 +23,3 @@
   loop: "{{ all_config.openshift | default([]) }}"
   loop_control:
     loop_var: _current_openshift_cluster
-
-- name: Download OpenShift client
-  include_role:
-    name: openshift-download-client
-  vars:
-    _p_ocp_version: "{{ _current_openshift_cluster.ocp_version }}"
-  loop: "{{ all_config.openshift | default([]) }}"
-  loop_control:
-    loop_var: _current_openshift_cluster
-

automation-roles/50-install-cloud-pak/cp4ba/cp4ba-cluster/tasks/main.yml

@@ -1,5 +1,4 @@
 ---
-
 - name: Create private variable for cp4ba configuration
   ansible.builtin.set_fact:
     _current_cp4ba_cluster: "{{ current_cp4ba_cluster }}"
@@ -26,12 +25,6 @@
     query: >-
       [?name=='{{ _current_cp4ba_cluster.openshift_cluster_name }}']
 
-- name: Download and activate OpenShift client for version {{ _current_openshift_cluster.ocp_version }}
-  ansible.builtin.include_role:
-    name: openshift-download-client
-  vars:
-    _p_ocp_version: "{{ _current_openshift_cluster.ocp_version }}"
-
 - name: Login to the OpenShift cluster
   ansible.builtin.include_role:
     name: openshift-login
@@ -121,8 +114,7 @@
 
 - name: Set passwrod from vault
   ansible.builtin.set_fact:
-    _cp4ba_admin_password_vault_key_name:
-      "cp4ba_admin_{{ _current_cp4ba_cluster.project | replace('-', '_') }}_{{ _current_cp4ba_cluster.openshift_cluster_name | replace('-', '_') }}"
+    _cp4ba_admin_password_vault_key_name: "cp4ba_admin_{{ _current_cp4ba_cluster.project | replace('-', '_') }}_{{ _current_cp4ba_cluster.openshift_cluster_name | replace('-', '_') }}"
 
 - name: Validate if an existing admin password for {{ _cp4ba_admin_password_vault_key_name }} exists in the vault
   ansible.builtin.include_role:
@@ -155,8 +147,7 @@
         name: vault-set-secret
       vars:
         secret_name: "{{ _cp4ba_admin_password_vault_key_name }}"
-        secret_description:
-          "cp4ba admin password for namespace {{ _current_cp4ba_cluster.project }}, cluster {{ _current_cp4ba_cluster.openshift_cluster_name }}"
+        secret_description: "cp4ba admin password for namespace {{ _current_cp4ba_cluster.project }}, cluster {{ _current_cp4ba_cluster.openshift_cluster_name }}"
         secret_payload: "{{ _cp4ba_admin_password_new }}"
         secret_group: "{{ environment_name }}"
 

automation-roles/50-install-cloud-pak/cp4d/cp4d-case-save/templates/case-download.j2

@@ -1,3 +1,4 @@
 case-download \
     --release={{ _p_current_cp4d_cluster.cp4d_version }} \
+    --from_oci=true \
     --components={%- if _p_current_cp4d_cluster.cp4d_version >= '4.7.0' %}ibm-cert-manager,ibm-licensing,{%- endif %}{{ _cartridges_to_install_list }} \

automation-roles/50-install-cloud-pak/cp4d/cp4d-catalog-source/templates/apply-olm-create-catsrc.j2

@@ -1,6 +1,7 @@
 apply-olm \
     --release={{ _p_current_cp4d_cluster.cp4d_version }} \
     --case_download={%- if cpd_airgap | default(False) | bool -%}false{%- else -%}true{%- endif %} \
+    --from_oci=true \
     --catsrc=true --sub=false \
     --cpd_operator_ns={{ _p_current_cp4d_cluster.operators_project }} \
     --preview={%- if _p_preview_script -%}true{%- else -%}false{%- endif %} \

automation-roles/50-install-cloud-pak/cp4d/cp4d-cluster/templates/setup-instance-topology.j2

@@ -2,5 +2,6 @@ setup-instance-topology \
     --cpd_operator_ns={{ current_cp4d_cluster.operators_project }} \
     --cpd_instance_ns={{ current_cp4d_cluster.project }} \
     --release={{ current_cp4d_cluster.cp4d_version }} \
+    --from_oci=true \
     --block_storage_class={{ ocp_storage_class_block }} \
     --license_acceptance=true 2>&1 | tee {{ status_dir }}/log/{{ current_cp4d_cluster.project }}-setup-instance-topology.log