108 lines
3.6 KiB
YAML
108 lines
3.6 KiB
YAML
---
|
|
# tasks file for is-registry
|
|
- name: Create the directory where the compose file will be installed
|
|
ansible.builtin.file:
|
|
dest: '{{ is_registry_compose_dir }}'
|
|
state: directory
|
|
mode: 0750
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Set gcube security keys variables properly according to the environment
|
|
set_fact:
|
|
gcube_security_keys: "{{ gcube_prod_security_keys if infra == 'prod' else gcube_preprod_security_keys if infra == 'pre' else gcube_dev_security_keys }}"
|
|
gcube_security_key_legacy: "{{ gcube_prod_security_key_legacy if infra == 'prod' else gcube_preprod_security_key_legacy if infra == 'pre' else gcube_dev_security_key_legacy }}"
|
|
|
|
- name: Install the docker compose file
|
|
ansible.builtin.template:
|
|
src: docker-compose.yml.j2
|
|
dest: '{{ is_registry_compose_dir }}/is-registry-docker-compose.yml'
|
|
owner: root
|
|
group: root
|
|
mode: 0400
|
|
|
|
|
|
- name: Install the GHNConfig.xml
|
|
ansible.builtin.template:
|
|
src: GHNConfig.xml.j2
|
|
dest: "{{ is_registry_compose_dir }}/GHNConfig.xml"
|
|
owner: root
|
|
group: root
|
|
mode: 0400
|
|
|
|
- name: Install the jndi-config.xml
|
|
ansible.builtin.template:
|
|
src: jndi-config.xml.j2
|
|
dest: "{{ is_registry_compose_dir }}/jndi-config.xml"
|
|
owner: root
|
|
group: root
|
|
mode: 0400
|
|
|
|
- name: Install the server-config.wsdd
|
|
ansible.builtin.template:
|
|
src: server-config.wsdd.j2
|
|
dest: "{{ is_registry_compose_dir }}/server-config.wsdd"
|
|
owner: root
|
|
group: root
|
|
mode: 0400
|
|
|
|
- name: Install the ServiceMap.xml
|
|
ansible.builtin.template:
|
|
src: ServiceMap.xml.j2
|
|
dest: "{{ is_registry_compose_dir }}/ServiceMap_{{ start_scopes }}.xml"
|
|
owner: root
|
|
group: root
|
|
mode: 0400
|
|
|
|
- name: Create the secret for GHNConfig.xml
|
|
community.docker.docker_secret:
|
|
name: "{{ service_prefix }}-ghn-config-{{ scope_name }}"
|
|
data_src: '{{ is_registry_compose_dir }}/GHNConfig.xml'
|
|
state: present
|
|
|
|
- name: Create the secret for jndi-config.xml
|
|
community.docker.docker_secret:
|
|
name: "{{ service_prefix }}-jndi-config-{{ scope_name }}"
|
|
data_src: '{{ is_registry_compose_dir }}/jndi-config.xml'
|
|
state: present
|
|
|
|
- name: Create the secret for server-config.wsdd
|
|
community.docker.docker_secret:
|
|
name: "{{ service_prefix }}-server-config-{{ scope_name }}"
|
|
data_src: '{{ is_registry_compose_dir }}/server-config.wsdd'
|
|
state: present
|
|
|
|
- name: Create the secret for ServiceMap.xml
|
|
community.docker.docker_secret:
|
|
name: "{{ service_prefix }}-ServiceMap-{{ scope_name }}"
|
|
data_src: "{{ is_registry_compose_dir }}/ServiceMap_{{ start_scopes }}.xml"
|
|
state: present
|
|
|
|
- name: Install the gcube keys
|
|
get_url: url={{ item.url }} dest={{ is_registry_compose_dir }}/{{ item.name }} owner=root group=root mode=0600
|
|
with_items: "{{ gcube_security_keys }}"
|
|
|
|
- name: Create the the gcube keys
|
|
community.docker.docker_secret:
|
|
name: "{{ item.name }}"
|
|
data_src: '{{ is_registry_compose_dir }}/{{ item.name }}'
|
|
state: present
|
|
with_items: "{{ gcube_security_keys }}"
|
|
|
|
- name: Install the legacy gcube key
|
|
get_url: url={{ item.url }} dest={{ is_registry_compose_dir }}/{{ item.name }} owner=root group=root mode=0600
|
|
with_items: "{{ gcube_security_key_legacy }}"
|
|
|
|
- name: Create the the legacy gcube keys
|
|
community.docker.docker_secret:
|
|
name: gcube-legacy-security-key
|
|
data_src: '{{ is_registry_compose_dir }}/{{ item.name }}'
|
|
state: present
|
|
with_items: "{{ gcube_security_key_legacy }}"
|
|
|
|
- name: Start the project stack on Docker Swarm
|
|
community.docker.docker_stack:
|
|
name: '{{ is_registry_docker_stack_name }}'
|
|
state: present
|
|
compose:
|
|
- '{{ is_registry_compose_dir }}/is-registry-docker-compose.yml' |