Add support for new platform installation method of AAP 2.5 on OpenShift

changelogs/fragments/add_eda_install_on_ocp.yaml

@@ -0,0 +1,2 @@
+minor_changes:
+  - Added ability to install EDA Controller on OCP

roles/aap_ocp_install/README.md

@@ -20,6 +20,9 @@ A description of the settable variables for this role should go here, including
 | aap_ocp_install_operator                     | Yes*     | None          | YAML Manifest to override the generated operator `Namespace` resource                        |
 | aap_ocp_install_controller                   | Yes*     | None          | Dictionary containing keys defined in the `controller variables table`                       |
 | aap_ocp_install_hub                          | Yes*     | None          | Dictionary containing keys defined in the `hub variables table`                              |
+| aap_ocp_install_eda                          | Yes*     | None          | Dictionary containing keys defined in the `eda variables table`                              |
+| aap_ocp_install_platform                     | Yes*     | None          | Dictionary containing keys defined in the `platform variables table`                         |
+| aap_ocp_install_lightspeed                   | No       | None          | Indicates whether to install the Lightspeed component in an AAP platform installation        |
 
 \* Variable and required keys must be defined when the type of tag is specified (e.g. `--tags controller` requires the aap_ocp_install_controller variable be defined).
 If the variable is omitted the corresponding component will not be installed (e.g. if only aap_ocp_install_hub variable is defined then the operator and controller installation will be skipped)
@@ -40,12 +43,14 @@ If the variable is omitted the corresponding component will not be installed (e.
 
 | Key Name                         | Required  | Default Value | Description                                                         |
 |----------------------------------|:---------:|---------------|---------------------------------------------------------------------|
-| channel                          | Yes       | None          | Channel to subscribe (e.g. stable-2.2 or stable-2.2-cluster-scoped) |
+| channel                          | Yes       | None          | Channel to subscribe (e.g. stable-2.2 or stable-2.2-cluster-scoped)*|
 | approval                         |           | Automatic     | Update approval method. Valid values are Automatic or Manual.       |
 | operatorgroup_create             |           | true          | Create the `OperatorGroup` for the Operator                         |
 | operatorgroup_manifest_overrides |           |               | YAML Manifest to override the generated `OperatorGroup` resource    |
 | subscription_manifest_overrides  |           |               | YAML Manifest to override the generated `Subscription` resource     |
 
+\* If the channel indicates version 2.5 or above of AAP, then the new AAP operator platform installation method will be used.
+
 > ℹ️ **NOTE**
 >
 > When `approval` is set to `Manual` the operator will be installed with `Automatic` approval and then after installation the approval will be updated to Manual.
@@ -78,6 +83,13 @@ If the variable is omitted the corresponding component will not be installed (e.
 | link_text                          |          | Automation Hub (<INSTANCE_NAME>) | Text used for creating the OCP application link                   |
 | hub_manifest_overrides             |          | None                             | YAML Manifest to override the generated `AutomationHub` resource  |
 | consolelink_manifest_overrides     |          | None                             | YAML Manifest to override the generated `ConsoleLink` resource    |
+| storage_type                       |          | file                             | Hub storage type (file, S3 or azure)*                             |
+| file_storage_storage_class         |          | None                             | OpenShift StorageClass to use for file storage type for hub*      |
+| file_storage_size                  |          | 10Gi                             | Storage size for file storage type for hub*                       |
+| object_storage_s3_secret           |          | None                             | Name of an OpenShift Secret used to access S3 storage for hub*    |
+| object_storage_azure_secret        |          | None                             | Name of an OpenShift Secret used to access Azure storage for hub* |
+
+\* These settings are only used for installing AAP 2.5 or later.
 
 ### aap_ocp_install_eda keys
 
@@ -90,13 +102,25 @@ If the variable is omitted the corresponding component will not be installed (e.
 | eda_manifest_overrides             |          | None                             | YAML Manifest to override the generated `EDA` resource  |
 | consolelink_manifest_overrides     |          | None                             | YAML Manifest to override the generated `ConsoleLink` resource    |
 
+### aap_ocp_install_platform keys
+
+| Key Name      | Required | Default Value                    | Description                                     |
+|---------------|:--------:|----------------------------------|-------------------------------------------------|
+| instance_name | Yes      | None                             | Name of the AAP Platform instance to create     |
+
+> ℹ️ **NOTE**
+>
+> These settings are only used when installing AAP 2.5 or later. instance_name and link_text values for individual components (hub, controller, eda) will be ignored when using the platform installation method.
+
 ## Dependencies
 
 This role depends on the redhat.openshift and kubernetes.core collections.
 
 ## Example Playbook
 
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too.
+
+The following playbook will install AAP versions 2.4 and earlier:
 
 ```yml
 ---
@@ -125,6 +149,38 @@ Including an example of how to use your role (for instance, with variables passe
 ...
 ```
 
+The following playbook will install AAP versions 2.5 and later:
+
+```yml
+---
+- name: Install AAP on OCP playbook 2.5+
+  hosts: localhost
+  gather_facts: false
+
+  vars:
+    aap_ocp_install_connection:
+      host: "https://api.crc.testing:6443"
+      username: kubeadmin
+      password: <PASSWORD>
+      validate_certs: false
+    aap_ocp_install_namespace: aap-test
+    aap_ocp_install_operator:
+      channel: "stable-2.5-cluster-scoped"
+    aap_ocp_install_platform:
+      instance_name: automationcontroller
+      namespace: aap-platform
+    aap_ocp_install_controller: true
+    aap_ocp_install_eda: true
+    aap_ocp_install_hub:
+      storage_type: file
+      file_storage_storage_class: my-filestore-rwx
+      file_storage_size: 30Gi
+
+  roles:
+    - infra.aap_utilities.aap_ocp_install
+...
+```
+
 ## License
 
 [GPLv3+0](https://github.com/redhat-cop/aap_utilities#licensing)

roles/aap_ocp_install/defaults/main.yml

@@ -14,6 +14,10 @@
 # aap_ocp_install_operator:
 #   channel:
 
+# Variables applicable to the Ansible platform installation
+# aap_ocp_install_platform:
+#   instance_name:
+
 # Variable applicable to the controller installation
 # aap_ocp_install_controller:
 #   instance_name:
@@ -24,11 +28,20 @@
 # aap_ocp_install_hub:
 #   instance_name:
 #   link_text:
+#   storage_type:
+#   file_storage_storage_class:
+#   file_storage_size:
+#   object_storage_s3_secret:
+#   object_storage_azure_secret:
 
 # Variable applicable to the EDA installation
 # aap_ocp_install_eda:
 #   namespace:
 #   instance_name:
 #   replicas:
 #   link_text:
+
+# Variables applicable to the Lightspeed installation
+# aap_ocp_install_lightspeed:
+#
 ...

roles/aap_ocp_install/tasks/install-platform.yml

@@ -0,0 +1,172 @@
+---
+- name: Create platform namespace
+  kubernetes.core.k8s:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    state: present
+    resource_definition: "{{ lookup('ansible.builtin.template', 'namespace.yaml.j2', template_vars=ns_vars) | from_yaml }}"
+    apply: true
+  vars:
+    ns_vars:
+      ns_name: "{{ aap_ocp_install_platform['namespace'] }}"
+  when:
+    - aap_ocp_install_platform['namespace'] is defined
+
+- name: Create automation platform instance
+  kubernetes.core.k8s:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    state: present
+    resource_definition: "{{ lookup('template', 'platform/instance.yaml.j2') | from_yaml }}"
+    apply: true
+
+- name: Wait for operator to create the automation platform route
+  kubernetes.core.k8s_info:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    kind: Route
+    name: "{{ aap_ocp_install_platform['instance_name'] | mandatory }}"
+    api_version: route.openshift.io/v1
+    namespace: "{{ aap_ocp_install_platform['namespace'] | default(aap_ocp_install_namespace) | mandatory }}"
+  register: __aap_ocp_install_platform_route_result
+  until: __aap_ocp_install_platform_route_result['resources']
+  retries: 60  # Wait for 15 minutes (60*15/60)
+  delay: 15
+
+- name: Store automation platform route
+  ansible.builtin.set_fact:
+    __aap_ocp_install_platform_route: "{{ __aap_ocp_install_platform_route_result['resources'][0]['status']['ingress'][0]['host'] }}"
+
+- name: Ensure automation platform login is available
+  ansible.builtin.uri:
+    url: "https://{{ __aap_ocp_install_platform_route }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    method: GET
+    status_code:
+      - 200
+  register: _aap_ocp_install_platform_available
+  until: (_aap_ocp_install_platform_available['status'] == 200) and ('migrations_notran' not in _aap_ocp_install_platform_available['url'])
+  retries: 120  # Wait for 30 minutes (120*15/60)
+  delay: 15
+
+# Ensure that all of the platform components are also available
+- name: Wait for operator to create the automation controller route
+  kubernetes.core.k8s_info:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    kind: Route
+    name: "{{ aap_ocp_install_platform['instance_name'] | mandatory }}-controller"
+    api_version: route.openshift.io/v1
+    namespace: "{{ aap_ocp_install_platform['namespace'] | default(aap_ocp_install_namespace) | mandatory }}"
+  when:
+    - aap_ocp_install_controller is defined
+  register: __aap_ocp_install_controller_route_result
+  until: __aap_ocp_install_controller_route_result['resources']
+  retries: 60  # Wait for 15 minutes (60*15/60)
+  delay: 15
+
+- name: Store automation controller route
+  ansible.builtin.set_fact:
+    __aap_ocp_install_controller_route: "{{ __aap_ocp_install_controller_route_result['resources'][0]['status']['ingress'][0]['host'] }}"
+  when:
+    - aap_ocp_install_controller is defined
+
+- name: Ensure automation controller API is available
+  ansible.builtin.uri:
+    url: "https://{{ __aap_ocp_install_controller_route }}/api"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    method: GET
+    status_code:
+      - 200
+  when:
+    - aap_ocp_install_controller is defined
+  register: _aap_ocp_install_controller_available
+  until: (_aap_ocp_install_controller_available['status'] == 200) and ('migrations_notran' not in _aap_ocp_install_controller_available['url'])
+  retries: 120  # Wait for 30 minutes (120*15/60)
+  delay: 15
+
+- name: Wait for operator to create the automation EDA route
+  kubernetes.core.k8s_info:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    kind: Route
+    name: "{{ aap_ocp_install_platform['instance_name'] | mandatory }}-eda"
+    api_version: route.openshift.io/v1
+    namespace: "{{ aap_ocp_install_platform['namespace'] | default(aap_ocp_install_namespace) | mandatory }}"
+  when:
+    - aap_ocp_install_eda is defined
+  register: __aap_ocp_install_eda_route_result
+  until: __aap_ocp_install_eda_route_result['resources']
+  retries: 60  # Wait for 15 minutes (60*15/60)
+  delay: 15
+
+- name: Store automation eda route
+  ansible.builtin.set_fact:
+    __aap_ocp_install_eda_route: "{{ __aap_ocp_install_eda_route_result['resources'][0]['status']['ingress'][0]['host'] }}"
+  when:
+    - aap_ocp_install_eda is defined
+
+- name: Ensure automation eda API is available
+  ansible.builtin.uri:
+    url: "https://{{ __aap_ocp_install_eda_route }}/api"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    method: GET
+    status_code:
+      - 200
+  when:
+    - aap_ocp_install_eda is defined
+  register: _aap_ocp_install_eda_available
+  until: (_aap_ocp_install_eda_available['status'] == 200) and ('migrations_notran' not in _aap_ocp_install_eda_available['url'])
+  retries: 120  # Wait for 30 minutes (120*15/60)
+  delay: 15
+
+- name: Wait for operator to create the automation hub route
+  kubernetes.core.k8s_info:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    kind: Route
+    name: "{{ aap_ocp_install_platform['instance_name'] | mandatory }}-hub"
+    api_version: route.openshift.io/v1
+    namespace: "{{ aap_ocp_install_platform['namespace'] | default(aap_ocp_install_namespace) | mandatory }}"
+  when:
+    - aap_ocp_install_hub is defined
+  register: __aap_ocp_install_hub_route_result
+  until: __aap_ocp_install_hub_route_result['resources']
+  retries: 60  # Wait for 15 minutes (60*15/60)
+  delay: 15
+
+- name: Store automation hub route
+  ansible.builtin.set_fact:
+    __aap_ocp_install_hub_route: "{{ __aap_ocp_install_hub_route_result['resources'][0]['status']['ingress'][0]['host'] }}"
+  when:
+    - aap_ocp_install_hub is defined
+
+- name: Ensure automation hub API is available
+  ansible.builtin.uri:
+    url: "https://{{ __aap_ocp_install_hub_route }}/api"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    method: GET
+    status_code:
+      - 200
+  when:
+    - aap_ocp_install_hub is defined
+  register: _aap_ocp_install_hub_available
+  until: (_aap_ocp_install_hub_available['status'] == 200) and ('migrations_notran' not in _aap_ocp_install_hub_available['url'])
+  retries: 120  # Wait for 30 minutes (120*15/60)
+  delay: 15
+
+- name: Create automation platform console link
+  kubernetes.core.k8s:
+    host: "{{ __aap_ocp_install_auth_results['openshift_auth']['host'] }}"
+    api_key: "{{ __aap_ocp_install_auth_results['openshift_auth']['api_key'] }}"
+    validate_certs: "{{ aap_ocp_install_connection['validate_certs'] | default(omit) }}"
+    state: present
+    resource_definition: "{{ lookup('template', 'platform/consolelink.yaml.j2') | from_yaml }}"
+    apply: true
+...

roles/aap_ocp_install/tasks/main.yml

@@ -29,13 +29,23 @@
       tags:
         - operator
 
+    - name: Include Ansible Automation Platform platform install tasks
+      ansible.builtin.include_tasks:
+        file: install-platform.yml
+        apply:
+          tags:
+            - platform
+      when: aap_ocp_install_platform is defined and __aap_ocp_install_25_install
+      tags:
+        - platform
+
     - name: Include Ansible Automation Platform controller install tasks
       ansible.builtin.include_tasks:
         file: install-controller.yml
         apply:
           tags:
             - controller
-      when: aap_ocp_install_controller is defined
+      when: aap_ocp_install_controller is defined and not __aap_ocp_install_25_install
       tags:
         - controller
 
@@ -45,7 +55,7 @@
         apply:
           tags:
             - hub
-      when: aap_ocp_install_hub is defined
+      when: aap_ocp_install_hub is defined and not __aap_ocp_install_25_install
       tags:
         - hub
 
@@ -55,7 +65,7 @@
         apply:
           tags:
             - eda
-      when: aap_ocp_install_eda is defined
+      when: aap_ocp_install_eda is defined and not __aap_ocp_install_25_install
       tags:
         - eda