Move setup into roles

Change-Id: I34c534ce9dc0659d8758efdfe017208d5337b01d
2017-11-20 14:37:23 +01:00 · 2017-11-20 14:37:23 +01:00 · bd96f4b8ef
parent 25ebaf3e99
commit bd96f4b8ef
2 changed files with 43 additions and 31 deletions
--- a/tests/roles/kubernetes/tasks/run.yml
+++ b/tests/roles/kubernetes/tasks/run.yml
@ -12,6 +12,49 @@

      ansible-playbook -i ci_inventory --skip-tags bastion-ssh-config -e skip_downloads=true cluster.yml
      kubectl create namespace openstack
+
+      cat <<EOF | kubectl create -f -
+      apiVersion: v1
+      kind: PersistentVolume
+      metadata:
+        name: openstack-test-volume
+      spec:
+        capacity:
+          storage: 5Gi
+        accessModes:
+          - ReadWriteMany
+        persistentVolumeReclaimPolicy: Recycle
+        storageClassName: slow
+        hostPath:
+          path: /tmp
+      EOF
+
+      cat <<EOF | kubectl create -f -
+      kind: Role
+      apiVersion: rbac.authorization.k8s.io/v1
+      metadata:
+        namespace: openstack
+        name: pod-reader
+      rules:
+        - apiGroups: [""] # "" indicates the core API group
+          resources: ["secrets"]
+          verbs: ["get", "watch", "update", "delete", "list"]
+      EOF
+
+      cat <<EOF | kubectl create -f -
+      kind: RoleBinding
+      apiVersion: rbac.authorization.k8s.io/v1
+      metadata:
+        name: read-pods
+        namespace: openstack
+      subjects:
+      - kind: ServiceAccount
+        name: default
+      roleRef:
+        kind: Role
+        name: pod-reader
+        apiGroup: rbac.authorization.k8s.io
+      EOF
    executable: /bin/bash
    chdir: "/tmp/kubespray"
  delegate_to: "primary"
--- a/tests/templates/playbook.j2
+++ b/tests/templates/playbook.j2
@ -1,34 +1,3 @@
-{% if coe == 'kubernetes' %}
- name: Prepare COE cluster
-  hosts: localhost
-  gather_facts: false
-  connection: local
-
-  vars:
-    namespace: openstack
-    coe_host: "http://localhost:8080"
-
-  tasks:
-    - name: Create test PV
-      shell:
-        cmd: |
-          cat <<EOF | kubectl create -f -
-          apiVersion: v1
-          kind: PersistentVolume
-          metadata:
-            name: openstack-test-volume
-          spec:
-            capacity:
-              storage: 5Gi
-            accessModes:
-              - ReadWriteMany
-            persistentVolumeReclaimPolicy: Recycle
-            storageClassName: slow
-            hostPath:
-              path: /tmp
-          EOF
-{% endif %}
-
 - name: Provision {{project_name}}
  hosts: localhost
  gather_facts: false