updates to use mas-devops

Author: cloudnativetoolkit

8.11.x/pipeline-masdevops.yaml 8.11.x/pipeline-cli.yaml8.11.x/pipeline-masdevops.yaml renamed to 8.11.x/pipeline-cli.yaml

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: Pipeline
 metadata:
-  name: mas-masdevops-deploy
+  name: mas-cli-deploy
   namespace: default
 spec:
   workspaces:
@@ -13,7 +13,7 @@ spec:
       default: "maximo-suite"
     - name: mas-instance-id
       type: string
-      default: "maximo"
+      default: "inst1"
     - name: mas-workspace-id
       type: string
       default: "maxworkspace"
@@ -209,20 +209,16 @@ spec:
             image: quay.io/congxdev/ibm-pak-ubi:latest
             script: |
               ### this is the method to load certs to the mas installer
-              mkdir -p $(workspaces.ws.path)/masconfig/certs/core/
-              wget -qO - https://letsencrypt.org/certs/lets-encrypt-r3.pem > $(workspaces.ws.path)/masconfig/certs/core/ca.crt
-              oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.key']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/core/tls.key
-              oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.crt']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/core/tls.crt
-              ls $(workspaces.ws.path)/masconfig/certs/core/
-              cat $(workspaces.ws.path)/masconfig/certs/core/tls.key
-              cat $(workspaces.ws.path)/masconfig/certs/core/tls.crt
+              #mkdir -p $(workspaces.ws.path)/masconfig/certs
+              #wget -qO - https://letsencrypt.org/certs/lets-encrypt-r3.pem > $(workspaces.ws.path)/masconfig/certs/ca.crt
+              #oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.key']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/tls.key
+              #oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.crt']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/tls.crt
+              #ls $(workspaces.ws.path)/masconfig/certs/
+              #cat $(workspaces.ws.path)/masconfig/certs/tls.key
+              #cat $(workspaces.ws.path)/masconfig/certs/tls.crt
 
               # copy letsencrypt-certs secret to the name where maximo is expecting to find it.
-              if oc get secret -n openshift-ingress router-certs-default; then
-                echo "router-certs-default secret already exists"
-              else
-                oc get secret letsencrypt-certs -n openshift-ingress -o yaml | yq '.metadata["name"]="router-certs-default"' | oc apply -n openshift-ingress -f -
-              fi
+              oc get secret letsencrypt-certs -n openshift-ingress -o yaml | yq '.metadata["name"]="router-certs-default"' | oc apply -n openshift-ingress -f -
     - name: install-mas
       retries: 2
       runAfter:
@@ -277,21 +273,25 @@ spec:
             script: |
               #!/usr/bin/env bash
               # extract license id from license.dat
-              export SLS_LICENSE_ID=$(cat $(workspaces.ws.path)/license.dat | head -1 | cut -d ' ' -f3)
-              export SLS_LICENSE_FILE=$(workspaces.ws.path)/license.dat
-
-              export IBM_ENTITLEMENT_KEY=$(cat $(workspaces.ws.path)/ek.dat)
-
-              export MAS_INSTANCE_ID=$(params.mas-instance-id)
-
-              export MAS_CONFIG_DIR=$(workspaces.ws.path)/masconfig
-              export MAS_MANUAL_CERT_MGMT=True
+              export LICENSE_ID=$(cat $(workspaces.ws.path)/license.dat | head -1 | cut -d ' ' -f3)
 
-              export UDS_CONTACT_EMAIL=$(params.uds-email)
-              export UDS_CONTACT_FIRSTNAME=$(params.uds-firstname)
-              export UDS_CONTACT_LASTNAME=$(params.uds-lastname)
+              export ENTITLEMENT_KEY=$(cat $(workspaces.ws.path)/ek.dat)
 
-              export MAS_WORKSPACE_ID=$(params.mas-workspace-id)
-              export MAS_WORKSPACE_NAME=$(params.mas-workspace-name)
+              #possible setup for manual cert management
+              # got this via https://github.com/ibm-mas/ansible-devops/pull/501
+              #export MAS_CONFIG_DIR=$(workspaces.ws.path)/masconfig
+              #export MAS_MANUAL_CERT_MGMT=True
 
-              ansible-playbook ibm.mas_devops.oneclick_core
+              #run mas install non-interactively
+              mas install -i $(params.mas-instance-id) \
+                --accept-license \
+                -w $(params.mas-workspace-id) \
+                -W "$(params.mas-workspace-name)" \
+                -c $(params.mas-catalog-version) \
+                --mas-channel $(params.mas-channel) \
+                --ibm-entitlement-key $ENTITLEMENT_KEY \
+                --license-id $LICENSE_ID --license-file $(workspaces.ws.path)/license.dat \
+                --uds-email $(params.uds-email) --uds-firstname $(params.uds-firstname) --uds-lastname $(params.uds-lastname) \
+                --storage-rwo $(params.storage-rwo) --storage-rwx $(params.storage-rwx) \
+                --storage-pipeline $(params.storage-pipeline) --storage-accessmode $(params.storage-accessmode) \
+                --no-confirm

8.11.x/pipeline-run-masdevops.yaml 8.11.x/pipeline-run-cli.yaml8.11.x/pipeline-run-masdevops.yaml renamed to 8.11.x/pipeline-run-cli.yaml

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
-  generateName: pr-mas-devops-
+  generateName: pr-mas-cli-
 spec:
   params:
     - name: uds-email
@@ -21,7 +21,7 @@ spec:
             requests:
               storage: 1Gi
   pipelineRef:
-    name: mas-masdevops-deploy
+    name: mas-cli-deploy
   podTemplate:
     securityContext:
       fsGroup: 65532

8.11.x/pipeline-run.yaml

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
-  generateName: pr-mas-cli-
+  generateName: pr-mas-devops-
 spec:
   params:
     - name: uds-email
@@ -21,7 +21,7 @@ spec:
             requests:
               storage: 1Gi
   pipelineRef:
-    name: mas-cli-deploy
+    name: mas-masdevops-deploy
   podTemplate:
     securityContext:
       fsGroup: 65532

8.11.x/pipeline.yaml

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: Pipeline
 metadata:
-  name: mas-cli-deploy
+  name: mas-masdevops-deploy
   namespace: default
 spec:
   workspaces:
@@ -13,7 +13,7 @@ spec:
       default: "maximo-suite"
     - name: mas-instance-id
       type: string
-      default: "inst1"
+      default: "maximo"
     - name: mas-workspace-id
       type: string
       default: "maxworkspace"
@@ -209,16 +209,20 @@ spec:
             image: quay.io/congxdev/ibm-pak-ubi:latest
             script: |
               ### this is the method to load certs to the mas installer
-              #mkdir -p $(workspaces.ws.path)/masconfig/certs
-              #wget -qO - https://letsencrypt.org/certs/lets-encrypt-r3.pem > $(workspaces.ws.path)/masconfig/certs/ca.crt
-              #oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.key']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/tls.key
-              #oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.crt']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/tls.crt
-              #ls $(workspaces.ws.path)/masconfig/certs/
-              #cat $(workspaces.ws.path)/masconfig/certs/tls.key
-              #cat $(workspaces.ws.path)/masconfig/certs/tls.crt
+              mkdir -p $(workspaces.ws.path)/masconfig/certs/core/
+              wget -qO - https://letsencrypt.org/certs/lets-encrypt-r3.pem > $(workspaces.ws.path)/masconfig/certs/core/ca.crt
+              oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.key']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/core/tls.key
+              oc get secret letsencrypt-certs -n openshift-config -o jsonpath="{.data['tls\.crt']}" | base64 -d > $(workspaces.ws.path)/masconfig/certs/core/tls.crt
+              ls $(workspaces.ws.path)/masconfig/certs/core/
+              cat $(workspaces.ws.path)/masconfig/certs/core/tls.key
+              cat $(workspaces.ws.path)/masconfig/certs/core/tls.crt
 
               # copy letsencrypt-certs secret to the name where maximo is expecting to find it.
-              oc get secret letsencrypt-certs -n openshift-ingress -o yaml | yq '.metadata["name"]="router-certs-default"' | oc apply -n openshift-ingress -f -
+              if oc get secret -n openshift-ingress router-certs-default; then
+                echo "router-certs-default secret already exists"
+              else
+                oc get secret letsencrypt-certs -n openshift-ingress -o yaml | yq '.metadata["name"]="router-certs-default"' | oc apply -n openshift-ingress -f -
+              fi
     - name: install-mas
       retries: 2
       runAfter:
@@ -273,25 +277,21 @@ spec:
             script: |
               #!/usr/bin/env bash
               # extract license id from license.dat
-              export LICENSE_ID=$(cat $(workspaces.ws.path)/license.dat | head -1 | cut -d ' ' -f3)
+              export SLS_LICENSE_ID=$(cat $(workspaces.ws.path)/license.dat | head -1 | cut -d ' ' -f3)
+              export SLS_LICENSE_FILE=$(workspaces.ws.path)/license.dat
+
+              export IBM_ENTITLEMENT_KEY=$(cat $(workspaces.ws.path)/ek.dat)
+
+              export MAS_INSTANCE_ID=$(params.mas-instance-id)
+
+              export MAS_CONFIG_DIR=$(workspaces.ws.path)/masconfig
+              export MAS_MANUAL_CERT_MGMT=True
 
-              export ENTITLEMENT_KEY=$(cat $(workspaces.ws.path)/ek.dat)
+              export UDS_CONTACT_EMAIL=$(params.uds-email)
+              export UDS_CONTACT_FIRSTNAME=$(params.uds-firstname)
+              export UDS_CONTACT_LASTNAME=$(params.uds-lastname)
 
-              #possible setup for manual cert management
-              # got this via https://github.com/ibm-mas/ansible-devops/pull/501
-              #export MAS_CONFIG_DIR=$(workspaces.ws.path)/masconfig
-              #export MAS_MANUAL_CERT_MGMT=True
+              export MAS_WORKSPACE_ID=$(params.mas-workspace-id)
+              export MAS_WORKSPACE_NAME=$(params.mas-workspace-name)
 
-              #run mas install non-interactively
-              mas install -i $(params.mas-instance-id) \
-                --accept-license \
-                -w $(params.mas-workspace-id) \
-                -W "$(params.mas-workspace-name)" \
-                -c $(params.mas-catalog-version) \
-                --mas-channel $(params.mas-channel) \
-                --ibm-entitlement-key $ENTITLEMENT_KEY \
-                --license-id $LICENSE_ID --license-file $(workspaces.ws.path)/license.dat \
-                --uds-email $(params.uds-email) --uds-firstname $(params.uds-firstname) --uds-lastname $(params.uds-lastname) \
-                --storage-rwo $(params.storage-rwo) --storage-rwx $(params.storage-rwx) \
-                --storage-pipeline $(params.storage-pipeline) --storage-accessmode $(params.storage-accessmode) \
-                --no-confirm
+              ansible-playbook ibm.mas_devops.oneclick_core

README.md

@@ -45,7 +45,11 @@ remember the name of the secret for the pipeline run.  ( in the example above "m
 
 ## Pipelines organisation
 
-Maximo is deployed with a Tekton Pipeline that is defined in maximo-pipeline.yaml
+Maximo is deployed with a Tekton Pipeline that is defined in pipeline.yaml
+
+the pipeline runs the MAS DevOps playbooks and can be modified or extended using other roles and playbooks.
+
+Consult the documentation for MAS DevOps [here](https://ibm-mas.github.io/ansible-devops/)
 
 
 

scripts/deploy.sh

@@ -4,6 +4,6 @@
 # openshift pipelines installed
 # deployer cluster tasks
 # OpenShift client - oc
-oc apply -f https://raw.githubusercontent.com/cloud-native-toolkit/deployer-operator-masauto/main/8.10.x/pipeline.yaml
+oc apply -f https://raw.githubusercontent.com/cloud-native-toolkit/deployer-operator-masauto/main/8.11.x/pipeline.yaml
 sleep 20
-oc apply -f https://raw.githubusercontent.com/cloud-native-toolkit/deployer-operator-masauto/main/8.10.x/pipeline-run.yaml
+oc create -f https://raw.githubusercontent.com/cloud-native-toolkit/deployer-operator-masauto/main/8.11.x/pipeline-run.yaml