Adding ISO pipeline (#55)

* Initial work on ISO pipeline.

* Fixing issue w/ fetch module. Fixing issues with isolinux.cfg. Removing verbosity flags from ansible-playbook.

* Adding iso_storage_url as extra var.

ansible/roles/iso-generator/defaults/main.yaml

@@ -15,4 +15,7 @@ scratch_base_path: /tmp/boot-iso-scratch
 
 # Default hello-world kickstart. Can override by passing
 # -e "kickstart_url=<url>" to ansible-playbook command.
-kickstart_url: http://httpd:8080/kickstarts/hello-world/kickstart.ks
+kickstart_url: http://httpd:8080/kickstarts/hello-world/kickstart.ks
+
+# Override with -e iso_storage_url=$(results.iso-storage-url.path)
+iso_storage_url: /tmp/iso-storage-url

ansible/roles/iso-generator/tasks/main.yaml

@@ -93,6 +93,7 @@
 - name: Fetch Edge ISO from Image Builder VM
   ansible.builtin.fetch:
     dest: "/tmp/{{ edge_iso_name }}"
+    flat: yes
     src: "{{ edge_iso_path }}/{{ edge_iso_name }}"
 
 - name: Ensure Remote Directory in httpd Pod Exists
@@ -121,4 +122,23 @@
   loop:
     - "{{ scratch_path }}"
     - "{{ iso_mount_path }}"
-    - "/tmp/{{ edge_iso_name }}"
+    - "/tmp/{{ edge_iso_name }}"
+
+- name: Get httpd Route
+  community.kubernetes.k8s_info:
+    api_key: "{{ lookup('file', '/var/run/secrets/kubernetes.io/serviceaccount/token') }}"
+    api_version: route.openshift.io/v1
+    ca_cert: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+    host: https://kubernetes.default.svc
+    kind: Route
+    name: httpd
+    namespace: rfe
+    validate_certs: yes
+  register: httpd_route
+  delegate_to: localhost
+
+- name: Set iso_storage_url Result
+  ansible.builtin.copy:
+    content: "{{ ('https://' if httpd_route.resources[0].spec.tls is defined else 'http://') + httpd_route.resources[0].spec.host }}/images/{{ edge_iso_name }}"
+    dest: "{{ iso_storage_url }}"
+  delegate_to: localhost

ansible/roles/iso-generator/templates/isolinux.cfg.j2

@@ -1,5 +1,5 @@
 default vesamenu.c32
-timeout 600
+timeout 5
 
 display boot.msg
 
@@ -63,6 +63,5 @@ label rfe-kickstart
   menu default
   kernel vmlinuz
   append initrd=initrd.img inst.stage2=hd:LABEL={{ iso_source_label.stdout }} inst.ks=cdrom:/kickstart.ks
-  kernel memtest
 
-menu end
+menu end

openshift/gitops/manifests/rfe/pipelines/base/rfe-iso-pipeline.yaml

@@ -0,0 +1,58 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "5"
+  name: rfe-iso-pipeline
+spec:
+  params:
+    - name: tooling-git-url
+      description: Tooling Repository URL
+      default: https://github.com/redhat-cop/rhel-edge-automation-arch.git
+      type: string
+    - name: tooling-git-revision
+      description: Tooling Repository URL Reference
+      default: main
+      type: string
+    - name: kickstart-url
+      description: URL pointing to kickstart location
+      type: string
+    - name: rfe-iso-name
+      description: Name of the RFE ISO
+      type: string
+  workspaces:
+    - name: shared-workspace
+  tasks:
+    - name: git-clone-tooling
+      taskRef:
+        name: git-clone
+        kind: ClusterTask
+      params:
+        - name: url
+          value: $(params.tooling-git-url)
+        - name: revision
+          value: $(params.tooling-git-revision)
+        - name: subdirectory
+          value: "tooling"
+      workspaces:
+        - name: output
+          workspace: shared-workspace
+    - name: create-rfe-iso
+      taskRef:
+        name: generate-iso
+        kind: Task
+      params:
+        - name: kickstart-url
+          value: $(params.kickstart-url)
+        - name: rfe-iso-name
+          value: $(params.rfe-iso-name)
+      runAfter:
+        - "git-clone-tooling"
+      workspaces:
+        - name: workspace
+          workspace: shared-workspace
+  results:
+    - name: iso-storage-url
+      description: Location where the asset is served
+      value: $(tasks.generate-iso.results.iso-storage-url)

openshift/gitops/manifests/rfe/pipelines/base/rfe-iso-task.yaml

@@ -0,0 +1,45 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+    argocd.argoproj.io/sync-wave: "5"
+  name: generate-iso
+spec:
+  workspaces:
+    - name: workspace
+  params:
+    - name: kickstart-url
+      description: URL pointing to kickstart location
+      type: string
+    - name: rfe-iso-name
+      description: Name of the RFE ISO
+      type: string
+    - name: extra-ansible-variables
+      description: Extra Ansible variables
+      default: ""
+      type: string
+  results:
+    - name: iso-storage-url
+      description: Location where the asset is served
+  steps:
+    - name: run-playbook
+      image: image-registry.openshift-image-registry.svc:5000/rfe/ansible-rfe-runner:latest
+      workingDir: /workspace/workspace
+      args:
+        - |-
+          cd tooling/ansible
+          ansible-galaxy collection install -r collections/requirements.yaml
+          ansible-playbook -u cloud-user --private-key /var/secrets/image-builder-ssh-key/ssh-privatekey playbooks/iso-generator.yaml -e edge_iso_name=$(params.rfe-iso-name) -e kickstart_url=$(params.kickstart-url) -e iso_storage_url=$(results.iso-storage-url.path) $(params.extra-ansible-variables)
+      command:
+        - /bin/bash
+        - -c
+      volumeMounts:
+      - name: image-builder-ssh-key
+        mountPath: /var/secrets/image-builder-ssh-key
+        readOnly: yes
+  volumes:
+  - name: image-builder-ssh-key
+    secret:
+      secretName: image-builder-ssh-key
+      defaultMode: 0400