Clean up lib_utils role (Part 2)

roles/lib_utils/filter_plugins/oo_filters.py

@@ -1,89 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-# pylint: disable=too-many-lines
-"""
-Custom filters for use in openshift-ansible
-"""
-import ast
-
-from collections import Mapping
-from ansible import errors
-
-# pylint: disable=import-error,no-name-in-module
-from ansible.module_utils.six import string_types
-
-
-# pylint: disable=C0103
-
-def lib_utils_oo_select_keys(data, keys):
-    """ This returns a list, which contains the value portions for the keys
-        Ex: data = { 'a':1, 'b':2, 'c':3 }
-            keys = ['a', 'c']
-            returns [1, 3]
-    """
-
-    if not isinstance(data, Mapping):
-        raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects to filter on a dict or object")
-
-    if not isinstance(keys, list):
-        raise errors.AnsibleFilterError("|lib_utils_oo_select_keys failed expects first param is a list")
-
-    # Gather up the values for the list of keys passed in
-    retval = [data[key] for key in keys if key in data]
-
-    return retval
-
-
-def lib_utils_oo_dict_to_keqv_list(data):
-    """Take a dict and return a list of k=v pairs
-
-        Input data:
-        {'a': 1, 'b': 2}
-
-        Return data:
-        ['a=1', 'b=2']
-    """
-    if not isinstance(data, dict):
-        try:
-            # This will attempt to convert something that looks like a string
-            # representation of a dictionary (including json) into a dictionary.
-            data = ast.literal_eval(data)
-        except ValueError:
-            msg = "|failed expects first param is a dict. Got {}. Type: {}"
-            msg = msg.format(str(data), str(type(data)))
-            raise errors.AnsibleFilterError(msg)
-    return ['='.join(str(e) for e in x) for x in data.items()]
-
-
-def lib_utils_oo_image_tag_to_rpm_version(version, include_dash=False):
-    """ Convert an image tag string to an RPM version if necessary
-        Empty strings and strings that are already in rpm version format
-        are ignored. Also remove non semantic version components.
-
-        Ex. v3.2.0.10 -> -3.2.0.10
-            v1.2.0-rc1 -> -1.2.0
-    """
-    if not isinstance(version, string_types):
-        raise errors.AnsibleFilterError("|failed expects a string or unicode")
-    if version.startswith("v"):
-        version = version[1:]
-        # Strip release from requested version, we no longer support this.
-        version = version.split('-')[0]
-
-    if include_dash and version and not version.startswith("-"):
-        version = "-" + version
-
-    return version
-
-
-class FilterModule(object):
-    """ Custom ansible filter mapping """
-
-    # pylint: disable=no-self-use, too-few-public-methods
-    def filters(self):
-        """ returns a mapping of filters to methods """
-        return {
-            "lib_utils_oo_select_keys": lib_utils_oo_select_keys,
-            "lib_utils_oo_dict_to_keqv_list": lib_utils_oo_dict_to_keqv_list,
-            "lib_utils_oo_image_tag_to_rpm_version": lib_utils_oo_image_tag_to_rpm_version,
-        }

roles/lib_utils/library/docker_creds.py

@@ -1,262 +0,0 @@
-#!/usr/bin/env python
-# pylint: disable=missing-docstring
-#
-# Copyright 2017, 2018 Red Hat, Inc. and/or its affiliates
-# and other contributors as indicated by the @author tags.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import base64
-import json
-import os
-import pipes
-
-from ansible.module_utils.basic import AnsibleModule
-
-DOCUMENTATION = '''
----
-module: docker_creds
-
-short_description: Creates/updates a 'docker login' file in place of using 'docker login'
-
-version_added: "2.4"
-
-description:
-    - This module creates a docker config.json file in the directory provided by 'path'
-      on hosts that do not support 'docker login' but need the file present for
-      registry authentication purposes of various other services.
-
-options:
-    path:
-        description:
-            - This is the message to send to the sample module
-        required: true
-    registry:
-        description:
-            - This is the registry the credentials are for.
-        required: true
-    username:
-        description:
-            - This is the username to authenticate to the registry with.
-        required: true
-    password:
-        description:
-            - This is the password to authenticate to the registry with.
-        required: true
-    test_login:
-        description:
-            - Attempt to connect to registry with username + password provided.
-        default: true
-        required: false
-    test_timeout:
-        description:
-            - Timeout in seconds for each attempt to connect to registry.
-        default: 20
-        required: false
-
-author:
-    - "Michael Gugino <mgugino@redhat.com>"
-'''
-
-EXAMPLES = '''
-# Pass in a message
-- name: Place credentials in file
-  docker_creds:
-    path: /root/.docker
-    registry: registry.example.com:443
-    username: myuser
-    password: mypassword
-    test_login: True
-    test_timeout: 30
-'''
-
-
-def check_dest_dir_exists(module, dest):
-    '''Check if dest dir is present and is a directory'''
-    dir_exists = os.path.exists(dest)
-    if dir_exists:
-        if not os.path.isdir(dest):
-            msg = "{} exists but is not a directory".format(dest)
-            result = {'failed': True,
-                      'changed': False,
-                      'msg': msg,
-                      'state': 'unknown'}
-            module.fail_json(**result)
-        else:
-            return 1
-    else:
-        return 0
-
-
-def create_dest_dir(module, dest):
-    try:
-        os.makedirs(dest, mode=0o700)
-    except OSError as oserror:
-        result = {'failed': True,
-                  'changed': False,
-                  'msg': str(oserror),
-                  'state': 'unknown'}
-        module.fail_json(**result)
-
-
-def load_config_file(module, dest):
-    '''load the config.json in directory dest'''
-    conf_file_path = os.path.join(dest, 'config.json')
-    if os.path.exists(conf_file_path):
-        # Try to open the file and load json data
-        try:
-            with open(conf_file_path) as conf_file:
-                data = conf_file.read()
-            jdata = json.loads(data)
-
-        except IOError as ioerror:
-            result = {'failed': True,
-                      'changed': False,
-                      'msg': str(ioerror),
-                      'state': 'unknown'}
-            module.fail_json(**result)
-        except ValueError as jsonerror:
-            result = {'failed': True,
-                      'changed': False,
-                      'msg': str(jsonerror),
-                      'state': 'unknown'}
-            module.fail_json(**result)
-        return jdata
-    else:
-        # File doesn't exist, we just return an empty dictionary.
-        return {}
-
-
-# pylint: disable=too-many-arguments
-def gen_skopeo_cmd(registry, username, password, proxy_vars, test_timeout, test_image, tls_verify):
-    '''Generate skopeo command to run'''
-    skopeo_temp = ("{proxy_vars} timeout {test_timeout} skopeo inspect"
-                   " {creds} docker://{registry}/{test_image}")
-    # this will quote the entire creds argument to account for special chars.
-    creds = pipes.quote('--creds={}:{}'.format(username, password))
-    skopeo_args = {'proxy_vars': proxy_vars, 'test_timeout': test_timeout, 'creds': creds,
-                   'registry': registry, 'test_image': test_image,
-                   'tls_verify': tls_verify}
-    return skopeo_temp.format(**skopeo_args).strip()
-
-
-def validate_registry_login(module, skopeo_command):
-    '''Attempt to use credentials to log into registry'''
-    # skopeo doesn't honor docker config file proxy settings; need to specify
-    # proxy vars on the cli.
-    rtnc, _, err = module.run_command(skopeo_command, use_unsafe_shell=True)
-    if rtnc:
-        result = {'failed': True,
-                  'changed': False,
-                  'msg': str(err),
-                  'state': 'unknown'}
-        module.fail_json(**result)
-
-
-def update_config(docker_config, registry, encoded_auth):
-    '''Add our registry auth credentials into docker_config dict'''
-
-    # Add anything that might be missing in our dictionary
-    if 'auths' not in docker_config:
-        docker_config['auths'] = {}
-    if registry not in docker_config['auths']:
-        docker_config['auths'][registry] = {}
-
-    # check if the same value is already present for idempotency.
-    if 'auth' in docker_config['auths'][registry]:
-        if docker_config['auths'][registry]['auth'] == encoded_auth:
-            # No need to go further, everything is already set in file.
-            return False
-    docker_config['auths'][registry]['auth'] = encoded_auth
-    return True
-
-
-def write_config(module, docker_config, dest):
-    '''Write updated credentials into dest/config.json'''
-    if not isinstance(docker_config, dict):
-        docker_config = docker_config.decode()
-    conf_file_path = os.path.join(dest, 'config.json')
-    try:
-        with open(conf_file_path, 'w') as conf_file:
-            json.dump(docker_config, conf_file, indent=8)
-    except IOError as ioerror:
-        result = {'failed': True,
-                  'changed': False,
-                  'msg': str(ioerror),
-                  'state': 'unknown'}
-        module.fail_json(**result)
-
-
-def run_module():
-    '''Run this module'''
-    module_args = dict(
-        path=dict(aliases=['dest', 'name'], required=True, type='path'),
-        registry=dict(type='str', required=True),
-        username=dict(type='str', required=True),
-        password=dict(type='str', required=True, no_log=True),
-        test_login=dict(type='bool', required=False, default=True),
-        proxy_vars=dict(type='str', required=False, default=''),
-        test_timeout=dict(type='int', required=False, default=20),
-        test_image=dict(type='str', required=True),
-        tls_verify=dict(type='bool', required=False, default=True)
-    )
-
-    module = AnsibleModule(
-        argument_spec=module_args,
-        supports_check_mode=False
-    )
-
-    # First, create our dest dir if necessary
-    dest = module.params['path']
-    registry = module.params['registry']
-    username = module.params['username']
-    password = module.params['password']
-    test_login = module.params['test_login']
-    proxy_vars = module.params['proxy_vars']
-    test_timeout = module.params['test_timeout']
-    test_image = module.params['test_image']
-    tls_verify = module.params['tls_verify']
-
-    if not check_dest_dir_exists(module, dest):
-        create_dest_dir(module, dest)
-        docker_config = {}
-    else:
-        # We want to scrape the contents of dest/config.json
-        # in case there are other registries/settings already present.
-        docker_config = load_config_file(module, dest)
-
-    # Test the credentials
-    if test_login:
-        skopeo_command = gen_skopeo_cmd(registry, username, password,
-                                        proxy_vars, test_timeout, test_image, tls_verify)
-        validate_registry_login(module, skopeo_command)
-
-    # base64 encode our username:password string
-    encoded_auth = base64.b64encode('{}:{}'.format(username, password).encode())
-    # Put the registry auth info into the config dict.
-    changed = update_config(docker_config, registry, encoded_auth)
-
-    if changed:
-        write_config(module, docker_config, dest)
-
-    result = {'changed': changed, 'rc': 0}
-
-    module.exit_json(**result)
-
-
-def main():
-    run_module()
-
-
-if __name__ == '__main__':
-    main()

roles/openshift_facts/defaults/main.yml

@@ -141,71 +141,4 @@ openshift_ca_host: "{{ groups.oo_first_master.0 }}"
 openshift_use_openshift_sdn: true
 os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet"
 
-openshift_node_groups:
-  - name: node-config-master
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-    edits: []
-  - name: node-config-master-crio
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-      - "{{ openshift_crio_docker_gc_node_selector | lib_utils_oo_dict_to_keqv_list | join(',') }}"
-    edits: "{{ openshift_node_group_edits_crio }}"
-  - name: node-config-infra
-    labels:
-      - 'node-role.kubernetes.io/infra=true'
-    edits: []
-  - name: node-config-infra-crio
-    labels:
-      - 'node-role.kubernetes.io/infra=true'
-      - "{{ openshift_crio_docker_gc_node_selector | lib_utils_oo_dict_to_keqv_list | join(',') }}"
-    edits: "{{ openshift_node_group_edits_crio }}"
-  - name: node-config-compute
-    labels:
-      - 'node-role.kubernetes.io/compute=true'
-    edits: []
-  - name: node-config-compute-crio
-    labels:
-      - 'node-role.kubernetes.io/compute=true'
-      - "{{ openshift_crio_docker_gc_node_selector | lib_utils_oo_dict_to_keqv_list | join(',') }}"
-    edits: "{{ openshift_node_group_edits_crio }}"
-  - name: node-config-master-infra
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-      - 'node-role.kubernetes.io/infra=true'
-    edits: []
-  - name: node-config-master-infra-crio
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-      - 'node-role.kubernetes.io/infra=true'
-      - "{{ openshift_crio_docker_gc_node_selector | lib_utils_oo_dict_to_keqv_list | join(',') }}"
-    edits: "{{ openshift_node_group_edits_crio }}"
-  - name: node-config-all-in-one
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-      - 'node-role.kubernetes.io/infra=true'
-      - 'node-role.kubernetes.io/compute=true'
-    edits: []
-  - name: node-config-all-in-one-crio
-    labels:
-      - 'node-role.kubernetes.io/master=true'
-      - 'node-role.kubernetes.io/infra=true'
-      - 'node-role.kubernetes.io/compute=true'
-      - "{{ openshift_crio_docker_gc_node_selector | lib_utils_oo_dict_to_keqv_list | join(',') }}"
-    edits: "{{ openshift_node_group_edits_crio }}"
-
-openshift_node_group_edits_crio:
-  - key: kubeletArguments.container-runtime
-    value:
-      - "remote"
-  - key: kubeletArguments.container-runtime-endpoint
-    value:
-      - "{{ openshift_crio_var_sock }}"
-  - key: kubeletArguments.image-service-endpoint
-    value:
-      - "{{ openshift_crio_var_sock }}"
-  - key: kubeletArguments.runtime-request-timeout
-    value:
-      - "10m"
-
 openshift_master_manage_htpasswd: True

roles/openshift_node40/tasks/install.yml

@@ -18,6 +18,6 @@
   poll: 30
   vars:
     l_node_packages:
-    - "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
-    - "{{ openshift_service_type }}-clients{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
-    - "{{ openshift_service_type }}-hyperkube{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
+    - "{{ openshift_service_type }}-node"
+    - "{{ openshift_service_type }}-clients"
+    - "{{ openshift_service_type }}-hyperkube"