Dry run option for CP4D and existing-ocp

automation-roles/10-validation/validate-variables-destroy/tasks/main.yml

@@ -10,20 +10,25 @@
   fail: msg="cloud_platform {{ cloud_platform }} only support values {{ supported_cloud_platform_types }} "
   when: "cloud_platform not in supported_cloud_platform_types"
 
-- include_tasks: ibmcloud-validate-variables.yml
+- name: "Fail if dry-run specified for other cloud platform than existing-ocp"
+  fail:
+    msg: "--dry-run can only be specified for existing-ocp"
   when:
-    - cloud_platform == 'ibm-cloud'
+  - cpd_dry_run | bool
+  - cloud_platform != 'existing-ocp'
+
+- include_tasks: ibmcloud-validate-variables.yml
+  when: cloud_platform == 'ibm-cloud'
 
 - include_tasks: aws-validate-variables.yml
-  when:
-    - cloud_platform == 'aws'
+  when: cloud_platform == 'aws'
 
 - include_tasks: azure-validate-variables.yml
-  when:
-    - cloud_platform == 'azure'
+  when: cloud_platform == 'azure'
 
 - name: Fail if destroy was not confirmed
   fail:
     msg: "Destroy was not confirmed with --confirm-destroy parameter or via global_config confirm_destroy property"
   when:
-    - _confirm_destroy | bool != True
+  - _confirm_destroy | bool != True
+  - not cpd_dry_run

automation-roles/10-validation/validate-variables/tasks/main.yml

@@ -10,6 +10,13 @@
   fail: msg="cloud_platform {{ cloud_platform }} only support values {{ supported_cloud_platform_types }} "
   when: "cloud_platform not in supported_cloud_platform_types"
 
+- name: "Fail if dry-run specified for other cloud platform than existing-ocp"
+  fail:
+    msg: "--dry-run can only be specified for existing-ocp"
+  when:
+  - cpd_dry_run | bool
+  - cloud_platform != 'existing-ocp'
+
 - include_tasks: ibmcloud-validate-variables.yml
   when:
     - cloud_platform == 'ibm-cloud'

automation-roles/40-configure-infra/cloud-native-toolkit/tasks/main.yml

@@ -10,9 +10,21 @@
       repo: "{{ _cntk_github_repo }}"
       dest: "{{ status_dir }}/openshift/multi-tenancy-gitops"
 
-  - name: Install GitOps operator
-    shell: |
-      oc apply -f {{ status_dir }}/openshift/multi-tenancy-gitops/setup/ocp4x
+  - name: 'Lookup *.yaml files in {{ status_dir }}/openshift/multi-tenancy-gitops'
+    find:
+      paths: '{{ status_dir }}/openshift/multi-tenancy-gitops'
+      file_type: any
+      patterns: '*.yaml'
+      follow: False
+      recurse: False
+    register: _gitops_yaml_files
+
+  - include_role:
+      name: generate-apply-yaml
+    vars:
+      _p_apply_yaml_description: "Install GitOps operator"
+      _p_apply_yaml_output_file: "{{ item.path }}"
+    loop: '{{ _gitops_yaml_files.files }}'
 
   - name: Wait until OpenShift GitOps CSV has status Succeeded
     shell: |
@@ -30,11 +42,13 @@
         {%- set result = ansible_callback_diy.result.output -%}
         {%- set retries_left = result.retries - result.attempts -%}
         Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...
+    when: not cpd_dry_run
 
-  - name: Create ArgoCD instance
-    shell: |
-      oc apply -f {{ status_dir }}/openshift/multi-tenancy-gitops/setup/ocp4x/argocd-instance/argocd-instance.yaml \
-        -n openshift-gitops
+  - include_role:
+      name: generate-apply-yaml
+    vars:
+      _p_apply_yaml_description: "Create ArgoCD instance"
+      _p_apply_yaml_output_file: "{{ status_dir }}/openshift/multi-tenancy-gitops/setup/ocp4x/argocd-instance/argocd-instance.yaml"
 
   - name: Wait until ArgoCD instance has been created in OpenShift project openshift-gitops
     shell: |
@@ -49,5 +63,6 @@
         {%- set result = ansible_callback_diy.result.output -%}
         {%- set retries_left = result.retries - result.attempts -%}
         Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...        
+    when: not cpd_dry_run
 
   when: (_p_openshift_cluster.cloud_native_toolkit | default(False) | bool)

automation-roles/40-configure-infra/configure-openshift-dns/tasks/main.yml

@@ -4,11 +4,8 @@
     that:
       - _p_upstream_dns is defined
 
-- shell: |
-    echo '{{ lookup('template','dns.j2',convert_data=False) | string }}'
-
-- name: Patch the DNS custom resource
-  shell:
-    oc patch dns.operator/default \
-      --type=json \
-      -p '[{"op":"replace","path":"/spec/servers","value":{{ lookup('template','dns.j2',convert_data=False) }} }]' -o yaml
+- include_role:
+    name: run-command
+  vars:
+    _p_command_description: Patch the DNS custom resource
+    _p_command: oc patch dns.operator/default --type=json -p '[{"op":"replace","path":"/spec/servers","value":{{ lookup('template','dns.j2',convert_data=False) }} }]' -o yaml

automation-roles/40-configure-infra/demo-openldap/tasks/install-openldap.yml

@@ -42,13 +42,11 @@
     state: directory
     mode: u+rwx
 
-- name: Create Project {{ _openldap_project_name }}
-  ansible.builtin.include_role:
-    name: common
-    tasks_from: create-project
+- include_role:
+    name: run-command
   vars:
-    common_namespace_name: "{{ _openldap_project_name }}"
-    common_output_directory: "{{ _v_openldap_base_dir }}"
+    _p_command_description: Create project {{ _openldap_project_name }}
+    _p_command: "oc adm new-project {{ _openldap_project_name }} || true"
 
 - name: Prepare OpenLDAP yaml file for cluster {{ current_openshift_cluster.name }}
   ansible.builtin.template:
@@ -62,6 +60,12 @@
     - deployments
     - services
 
+- include_role:
+    name: log-deployer-activity
+  vars:
+    _p_activity_description: "Install OpenLDAP"
+    _p_activity_yaml: "{{ _v_openldap_base_dir }}/{{ current_openshift_cluster.name }}-{{ _current_demo_openldap.name }}-openldap-{{ item }}.yaml"
+
 - name: Add OpenLDAP item {{ item.name }}
   kubernetes.core.k8s:
     state: present
@@ -74,4 +78,5 @@
     - {name: secrets, wait_sleep: 15, wait_timeout: 15}
     - {name: persistentvolumeclaims, wait_sleep: 15, wait_timeout: 300}
     - {name: deployments, wait_sleep: 15, wait_timeout: 600}
-    - {name: services, wait_sleep: 15, wait_timeout: 15}
+    - {name: services, wait_sleep: 15, wait_timeout: 15}
+  when: not cpd_dry_run

automation-roles/40-configure-infra/demo-openldap/tasks/remove-openldap.yml

@@ -1,9 +1,5 @@
-- name: Remove OpenShift project {{ _openldap_project_name }}
-  kubernetes.core.k8s:
-    state: absent
-    api_version: project.openshift.io/v1
-    kind: Project
-    name: "{{ _openldap_project_name }}"
-    wait: true
-    wait_sleep: 15
-    wait_timeout: 120
+- include_role:
+    name: run-command
+  vars:
+    _p_command_description: Delete project {{ _openldap_project_name }}
+    _p_command: "oc delete ns {{ _openldap_project_name }} --ignore-not-found"

automation-roles/40-configure-infra/nfd-operator/tasks/main.yml

@@ -1,7 +1,9 @@
 ---
-- name: Create openshift-nfd OpenShift project
-  shell: |
-    oc create ns openshift-nfd || true
+- include_role:
+    name: run-command
+  vars:
+    _p_command_description: Create Node Feature Discovery operator namespace
+    _p_command: "oc create ns openshift-nfd || true"
 
 - name: Retrieve default channel for Node Feature Discovery manifest
   shell:
@@ -11,18 +13,16 @@
 - set_fact:
     _nfd_channel: "{{ _nfd_packagemanifest.stdout }}"
 
-- name: Generate NFD operator file {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-operator.yaml
-  template:
-    src: nfd-operator.j2
-    dest: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-operator.yaml"
-
-- name: Create NFD operator
-  shell: |
-    oc apply -f {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-operator.yaml
+- include_role:
+    name: generate-apply-yaml
+  vars:
+    _p_apply_yaml_description: Create NFD operator
+    _p_apply_yaml_template: nfd-operator.j2
+    _p_apply_yaml_output_file: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-operator.yaml"
 
 - name: Wait until NFD Operator CSV has status Succeeded
   shell: |
-     oc get csv -n openshift-nfd \
+    oc get csv -n openshift-nfd \
       -l operators.coreos.com/nfd.openshift-nfd \
       --no-headers \
       -o custom-columns='name:metadata.name,phase:status.phase' | \
@@ -36,16 +36,15 @@
       {%- set result = ansible_callback_diy.result.output -%}
       {%- set retries_left = result.retries - result.attempts -%}
       Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...
+  when: not cpd_dry_run
 
 - name: Get OpenShift version
   include_role:
     name: openshift-get-version
 
-- name: Generate NodeFeatureDiscovery CR file {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-cr.yaml
-  template:
-    src: nfd-cr.j2
-    dest: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-cr.yaml"
-
-- name: Create NFD CR
-  shell: |
-    oc apply -f {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-cr.yaml
+- include_role:
+    name: generate-apply-yaml
+  vars:
+    _p_apply_yaml_description: Generate NodeFeatureDiscovery CR
+    _p_apply_yaml_template: nfd-cr.j2
+    _p_apply_yaml_output_file: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nfd-cr.yaml"

automation-roles/40-configure-infra/nvidia-operator/tasks/main.yml

@@ -1,7 +1,9 @@
 ---
-- name: Create nvidia-gpu-operator OpenShift project
-  shell: |
-    oc create ns nvidia-gpu-operator || true
+- include_role:
+    name: run-command
+  vars:
+    _p_command_description: Create NVIDIA operator namespace nvidia-gpu-operator
+    _p_command: "oc create ns nvidia-gpu-operator || true"
 
 - name: Retrieve default channel for the NVIDIA GPU manifest
   shell:
@@ -11,18 +13,16 @@
 - set_fact:
     _nvidia_channel: "{{ _nvidia_packagemanifest.stdout }}"
 
-- name: Generate NVIDIA operator file {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-operator.yaml
-  template:
-    src: nvidia-operator.j2
-    dest: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-operator.yaml"
-
-- name: Create NVIDIA operator
-  shell: |
-    oc apply -f {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-operator.yaml
+- include_role:
+    name: generate-apply-yaml
+  vars:
+    _p_apply_yaml_description: Create NVIDIA operator
+    _p_apply_yaml_template: nvidia-operator.j2
+    _p_apply_yaml_output_file: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-operator.yaml"
 
 - name: Wait until NVIDIA Operator CSV has status Succeeded
   shell: |
-     oc get csv -n nvidia-gpu-operator \
+    oc get csv -n nvidia-gpu-operator \
       -l operators.coreos.com/gpu-operator-certified.nvidia-gpu-operator \
       --no-headers \
       -o custom-columns='name:metadata.name,phase:status.phase' | \
@@ -36,22 +36,21 @@
       {%- set result = ansible_callback_diy.result.output -%}
       {%- set retries_left = result.retries - result.attempts -%}
       Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...
+  when: not cpd_dry_run
 
-- name: Generate NVIDIA ClusterPolicy CR file {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-cluster-policy-cr.yaml
-  template:
-    src: nvidia-cluster-policy-cr.j2
-    dest: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-cluster-policy-cr.yaml"
-
-- name: Create NVIDIA ClusterPolicy CR
-  shell: |
-    oc apply -f {{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-cluster-policy-cr.yaml
+- include_role:
+    name: generate-apply-yaml
+  vars:
+    _p_apply_yaml_description: Generate NVIDIA ClusterPolicy CR
+    _p_apply_yaml_template: nvidia-cluster-policy-cr.j2
+    _p_apply_yaml_output_file: "{{ status_dir }}/openshift/{{ _p_openshift_cluster.name }}-nvidia-cluster-policy-cr.yaml"
 
 - name: Wait until NVIDIA ClusterPolicy has status Ready
   shell: |
     oc get clusterpolicies.nvidia.com gpu-cluster-policy \
-     --no-headers \
-     -o custom-columns='name:metadata.name,phase:status.state' | \
-     grep -i ready | wc -l
+    --no-headers \
+    -o custom-columns='name:metadata.name,phase:status.state' | \
+    grep -i ready | wc -l
   register: _nvidia_cluster_policy_status
   retries: 30
   delay: 30
@@ -60,4 +59,5 @@
     ansible_callback_diy_runner_retry_msg: >-
       {%- set result = ansible_callback_diy.result.output -%}
       {%- set retries_left = result.retries - result.attempts -%}
-      Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...
+      Retrying: {{ ansible_callback_diy.task.name }} ({{ retries_left }} Retries left) ...
+  when: not cpd_dry_run