diff --git a/group_vars/aws_node_local.yml b/group_vars/aws_node_local.yml index a72c18c..52ff9b3 100644 --- a/group_vars/aws_node_local.yml +++ b/group_vars/aws_node_local.yml @@ -74,6 +74,7 @@ atl_product_logs: atl_product_version: "{{ lookup('env', 'ATL_PRODUCT_VERSION') }}" atl_efs_id: "{{ lookup('env', 'ATL_EFS_ID') }}" +atl_aws_stack_id: "{{ lookup('env', 'ATL_AWS_STACK_ID') }}" atl_aws_stack_name: "{{ lookup('env', 'ATL_AWS_STACK_NAME') }}" atl_aws_region: "{{ lookup('env', 'ATL_AWS_REGION') }}" atl_aws_iam_role: "{{ lookup('env', 'ATL_AWS_IAM_ROLE') }}" diff --git a/roles/bitbucket_mesh_config/handlers/main.yml b/roles/bitbucket_mesh_config/handlers/main.yml index 606b69f..515b8a6 100644 --- a/roles/bitbucket_mesh_config/handlers/main.yml +++ b/roles/bitbucket_mesh_config/handlers/main.yml @@ -31,7 +31,7 @@ body_format: json body: name: "{{ mesh_node_name }}" - rpcUrl: "{{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }}" + rpcUrl: "{{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ atl_aws_stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }}" register: register_mesh_node_result until: register_mesh_node_result is not failed retries: 5 @@ -52,7 +52,7 @@ id: "{{ mesh_node_id }}" name: "{{ mesh_node_name }}" rpcId: "{{ mesh_node_id }}" - rpcUrl: "{{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }}" + rpcUrl: "{{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ atl_aws_stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }}" register: register_mesh_node_result until: register_mesh_node_result is not failed retries: 5 diff --git a/roles/bitbucket_mesh_config/tasks/bitbucket_api_setup.yml b/roles/bitbucket_mesh_config/tasks/bitbucket_api_setup.yml index aba2812..a6dab63 100644 --- a/roles/bitbucket_mesh_config/tasks/bitbucket_api_setup.yml +++ b/roles/bitbucket_mesh_config/tasks/bitbucket_api_setup.yml @@ -1,25 +1,32 @@ # handle setting up to call the bitbucket api -- name: set_fact for the MeshRegistrationCredentialsSecret +- name: retrieve cloudformation facts + amazon.aws.cloudformation_info: + stack_name: '{{ atl_aws_stack_id }}' + region: '{{ ansible_ec2_placement_region }}' + stack_resources: yes + register: cfn_stack_facts + +- name: set fact for the MeshRegistrationCredentialsSecret ansible.builtin.set_fact: - mesh_registration_credential_secret: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}" + mesh_registration_credential_secret: "{{ cfn_stack_facts.cloudformation[atl_aws_stack_name].stack_resources.MeshRegistrationCredentialsSecret }}" # NOTE: we decided we want to barf early if the secret doesnt exist as ll the rest of this is somewhat useless if we cant register nodes # when: - # - cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret is defined + # - cfn_stack_facts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret is defined - name: get the mesh registration username ansible.builtin.set_fact: mesh_registration_username: "{{ lookup('amazon.aws.secretsmanager_secret', secretpath, region=ansible_ec2_placement_region, bypath=false, nested=true) }}" ignore_errors: no vars: - secretpath: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}.username" + secretpath: "{{ mesh_registration_credential_secret }}.username" - name: get the mesh registration password ansible.builtin.set_fact: mesh_registration_password: "{{ lookup('amazon.aws.secretsmanager_secret', secretpath, region=ansible_ec2_placement_region, bypath=false, nested=true) }}" ignore_errors: no vars: - secretpath: "{{ cfnFacts.cloudformation[stack_name].stack_resources.MeshRegistrationCredentialsSecret }}.password" + secretpath: "{{ mesh_registration_credential_secret }}.password" no_log: True - name: generate the basic auth string diff --git a/roles/bitbucket_mesh_config/tasks/main.yml b/roles/bitbucket_mesh_config/tasks/main.yml index 5f5bbc9..c37bd14 100644 --- a/roles/bitbucket_mesh_config/tasks/main.yml +++ b/roles/bitbucket_mesh_config/tasks/main.yml @@ -1,18 +1,5 @@ --- -- name: Create Bitbucket dirs if necessary - ansible.builtin.file: - path: "{{ item }}" - owner: "{{ atl_product_user_uid }}" - group: "{{ atl_product_user_uid }}" - mode: 0750 - state: directory - recurse: no - with_items: - - "{{ atl_home_base }}/{{ atl_product_edition }}" - - "{{ atl_home_base }}/{{ atl_product_user }}" - - "{{ atl_product_installation_base }}" - # the owner/group on the unarchive above isn't thorough - name: adjust permissions on the extracted directory ansible.builtin.file: diff --git a/roles/bitbucket_mesh_config/tasks/mesh_node_name.yml b/roles/bitbucket_mesh_config/tasks/mesh_node_name.yml index 9b697b6..4296994 100644 --- a/roles/bitbucket_mesh_config/tasks/mesh_node_name.yml +++ b/roles/bitbucket_mesh_config/tasks/mesh_node_name.yml @@ -10,7 +10,7 @@ ansible.builtin.lineinfile: path: "{{ mesh_properties_file }}" search_string: 'node.rpc-url=' - line: node.rpc-url={{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }} + line: node.rpc-url={{ mesh_node_scheme }}://{{ mesh_node_name }}.{{ atl_aws_stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}:{{ mesh_node_port }} - name: enforce metrics.tags.host per volume tag ansible.builtin.lineinfile: @@ -23,7 +23,7 @@ amazon.aws.route53: command: create zone: "{{ atl_hostedzone }}" - record: "{{ mesh_node_name }}.{{ stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}" + record: "{{ mesh_node_name }}.{{ atl_aws_stack_name }}-{{ ansible_ec2_placement_region }}.{{ atl_hostedzone }}" type: A ttl: 300 value: "{{ ansible_default_ipv4.address }}" diff --git a/roles/bitbucket_mesh_config/tasks/meshvol_check.yml b/roles/bitbucket_mesh_config/tasks/meshvol_check.yml index 6b10f97..81a1873 100644 --- a/roles/bitbucket_mesh_config/tasks/meshvol_check.yml +++ b/roles/bitbucket_mesh_config/tasks/meshvol_check.yml @@ -55,8 +55,8 @@ region: "{{ ansible_ec2_placement_region }}" filters: status: 'available' - "tag:service_name": "{{ stack_name }}" - "tag:Name": "{{ stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" + "tag:service_name": "{{ atl_aws_stack_name }}" + "tag:Name": "{{ atl_aws_stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" register: orphan_vol_info tags: notest # doesn't work in molecule diff --git a/roles/bitbucket_mesh_config/tasks/meshvol_create.yml b/roles/bitbucket_mesh_config/tasks/meshvol_create.yml index 5d44fb4..6402f5d 100644 --- a/roles/bitbucket_mesh_config/tasks/meshvol_create.yml +++ b/roles/bitbucket_mesh_config/tasks/meshvol_create.yml @@ -9,8 +9,8 @@ device_name: /dev/xvdd snapshot: "{{ mesh_snapshot }}" tags: - service_name: "{{ stack_name }}" - Name: "{{ stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" + service_name: "{{ atl_aws_stack_name }}" + Name: "{{ atl_aws_stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" volume_type: "mesh" register: mesh_vol_info when: (mesh_snapshot is defined) and (mesh_snapshot|length > 0) @@ -32,8 +32,8 @@ iops: 3072 device_name: /dev/xvdd tags: - service_name: "{{ stack_name }}" - Name: "{{ stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" + service_name: "{{ atl_aws_stack_name }}" + Name: "{{ atl_aws_stack_name }} mesh volume {{ ansible_ec2_placement_availability_zone }}" volume_type: "mesh" register: mesh_vol_info when: (mesh_snapshot is not defined) or (mesh_snapshot|length == 0) diff --git a/roles/product_install/tasks/mesh_extra_tasks.yml b/roles/product_install/tasks/mesh_extra_tasks.yml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/roles/product_install/tasks/mesh_extra_tasks.yml @@ -0,0 +1 @@ +---