Add ipa

[tylerauerbeck]

What is this PR About?

Adds an applier to deploy ipa-server (Red Hat IdM) on openshift

How do we test this?

Replace the appropriate values in .applier/group_vars/seed-hosts.yml and then run:

• ansible-galaxy install -r requirements.yml -p roles
• ansible-playbook -i .applier/ roles/openshift-applier/playbooks/openshift-cluster-seed.yml

cc: @redhat-cop/day-in-the-life @makentenza @oybed @pabrahamsson

[oybed]

Great job for the first iteration. A few minor comments inline.

[pabrahamsson]

Nice @tylerauerbeck, left a comment/question inline.

[tylerauerbeck]

@oybed @makentenza So after trying to run this more than once (without deleting anything) the applier runs into an issue when processing the scc. I'm going to compare the template I'm using against the one that I know is used as part of the gitlab quoickstart because I don't think we see that problem there (and I believe they're nearly identical). Error I'm seeing is:

failed: [localhost] (item={'oc_path': u''}) => {"changed": true, "cmd": "oc process  --local  -f https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.5/scc/project-run-anyuid-template.yml -n ipa  --param='NAMESPACE=ipa' --param='NAME=ipa'  --ignore-unknown-parameters | oc apply -n ipa -f - ", "delta": "0:00:01.078751", "end": "2019-06-18 23:56:04.277120", "failed_when_result": true, "msg": "non-zero return code", "oc_param_file_item": {"oc_path": ""}, "rc": 1, "start": "2019-06-18 23:56:03.198369", "stderr": "Error from server: unrecognized type: int32", "stderr_lines": ["Error from server: unrecognized type: int32"], "stdout": "", "stdout_lines": []}```

[makentenza]

Initial test failed while creating the SA:

failed: [localhost] (item={'oc_path': u''}) => {"changed": true, "cmd": "oc process  --local  -f https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.5/scc/project-run-anyuid-template.yml -n ipa  --param='NAMESPACE=ipa' --param='NAME=ipa'  --ignore-unknown-parameters | oc apply -n ipa -f - ", "delta": "0:00:00.389477", "end": "2019-06-19 11:04:24.309862", "failed_when_result": true, "msg": "non-zero return code", "oc_param_file_item": {"oc_path": ""}, "rc": 1, "start": "2019-06-19 11:04:23.920385", "stderr": "Warning: oc apply should be used on resource created by either oc create --save-config or oc apply\nError from server (UnsupportedMediaType): the body of the request was in an unknown format - accepted media types include: application/json-patch+json, application/merge-patch+json", "stderr_lines": ["Warning: oc apply should be used on resource created by either oc create --save-config or oc apply", "Error from server (UnsupportedMediaType): the body of the request was in an unknown format - accepted media types include: application/json-patch+json, application/merge-patch+json"], "stdout": "", "stdout_lines": []}

[makentenza]

So @tylerauerbeck for the error you are getting it looks like the template is not correct:

https://github.com/redhat-cop/openshift-templates/blob/master/scc/project-run-anyuid-template.yml#L23

That entry should be:

priority: ${{PRIORITY_LEVEL}}

Note the double brackets, as the template is expecting a non-string parameter. Will submit a quick fix for that.

[makentenza]

@tylerauerbeck this should solve the issue:

redhat-cop/openshift-templates#32

[tylerauerbeck]

@pabrahamsson @oybed Updated and now runs correctly on both OCP v3 and v4 (as long as settings as noted in the README are followed). Feel free to take a look.

[oybed]

LGTM. Unless anbody objects, let's merge so we can move forward with additional work - including follow-up PRs.