Skip to content
Snippets Groups Projects
Select Git revision
  • 00b5da20de638d84d69ea05f4720f426b7044ea7
  • master default protected
  • feat/extensions-token-and-sharing-egi
  • safespring-smallgpu
  • fix/owncloud-missing-safeguard
  • e-infra2
  • ci-megalinter-speedup
  • envri-hub-new-aai
  • egi-b2drop-no-collapse
  • lfs
  • gpu_staging
  • resurrect-testing-ownloud
  • experiments/collab
  • update_claim_group_keys
  • envri-hub
  • enable_rtc
  • eosc-ui
  • future/jupyterhub-5.x
  • versioning
  • eosc-templating
  • staging1-raw-image
21 results

repository-nexus.yaml

Blame
    • Jaromír Hradil's avatar
    Refactoring REST path joining
    Jaromír Hradil authored
    00b5da20
    History
    Jaromír Hradil's avatar 00b5da20
    History
    repository-nexus.yaml 6.12 KiB 
    ---
- name: Sonatype Nexus deployment
  hosts: master
  vars:
    nexus_url: "https://{{ nexus_hostname }}/service/rest/v1"
    nexus_admin_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_admin_password:value') | join('/'), token_validate=false) }}"
    nexus_binder_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_binder_password:value') | join('/'), token_validate=false) }}"
    nexus_notebooks_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_notebooks_password:value') | join('/'),
      token_validate=false) }}"
    nexus_writer_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_writer_password:value') | join('/'), token_validate=false) }}"
    nexus_blobstore_name: default
    nexus_blobstore_type: file
    nexus_repository_name: container-notebooks
    nexus_docker_port: 8082
  become: true
  tasks:
    - name: Create Nexus configuration file on master
      vars:
        name: nexus
      template:
        src: templates/nexus.yaml
        dest: /tmp/nexus.yaml
        mode: 0600
    - name: Deploy/update Nexus instance
      command: kubectl apply -f /tmp/nexus.yaml
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
      when: true
    - name: Wait for Nexus pod ready
      command: kubectl wait pod --all --namespace nexus --for condition=ready --timeout=5m
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
      changed_when: false
      when: true
    - name: Wait for Nexus REST API
      uri:
        url: "{{ nexus_url }}/status"
        status_code: 200
        method: GET
      register: _result
      until: _result.status == 200
      retries: 120
      delay: 15
    - name: Check the admin password
      uri:
        url: "{{ nexus_url }}/status"
        force_basic_auth: true
        method: HEAD
        user: 'admin'
        password: "{{ nexus_admin_password }}"
        status_code: 200, 401
      register: nexus_admin_password_check
    - name: Admin password setup
      when:
        - nexus_admin_password_check.status == 401
      block:
        - name: Get initial admin password
          shell: 'kubectl exec -it -n nexus $(kubectl get pod -n nexus -l app=sonatype-nexus -o name) -- cat /nexus-data/admin.password'
          register: nexus_admin_password_initial
          changed_when: false
          environment:
            KUBECONFIG: /etc/kubernetes/admin.conf
        - name: Set the admin password
          uri:
            url: "{{ nexus_url }}/security/users/admin/change-password"
            force_basic_auth: true
            headers:
              Content-Type: text/plain
            method: PUT