Merge pull request #742 from IBM/cp4ba-20240614

CP4BA 24.0.0 and IPM 1.15.0
IBM · Jul 1, 2024 · 78a2722 · 78a2722
2 parents 10568df + a954f2f
commit 78a2722
Show file tree

Hide file tree

Showing 93 changed files with 1,959 additions and 1,245 deletions.
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/akhq/defaults/main.yml b/automation-roles/50-install-cloud-pak/cp4ba/akhq/defaults/main.yml
@@ -4,6 +4,6 @@ akhq_dir_name: akhq
 akhq_project_name: ""
 akhq_universal_password: ""
 akhq_storage_class_name: ""
-akhq_image: docker.io/tchiotludo/akhq:0.24.0
+akhq_image: docker.io/tchiotludo/akhq:0.25.0
 akhq_admin_user: ""
 akhq_cp4ba_project_name: ""
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/akhq/tasks/install.yml b/automation-roles/50-install-cloud-pak/cp4ba/akhq/tasks/install.yml
@@ -75,3 +75,20 @@
     common_service_port: http
     common_apps_endpoint_domain: "{{ apps_endpoint_domain }}"
     common_output_directory: "{{ akhq_output_directory }}"
+
+- name: Set usage entry
+  ansible.builtin.include_role:
+    name: usage
+    tasks_from: set-entry
+  vars:
+    usage_entry_name: Extras-AKHQ
+    usage_entry_value:
+      "# AKHQ
+
+      As kafka browser.
+
+      ## Endpoints
+
+      - UI: https://akhq-{{ akhq_project_name }}.{{ apps_endpoint_domain }}
+
+      "
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/cerebro/tasks/install.yml b/automation-roles/50-install-cloud-pak/cp4ba/cerebro/tasks/install.yml
@@ -12,6 +12,20 @@
     common_namespace_name: "{{ cerebro_project_name }}"
     common_output_directory: "{{ cerebro_output_directory }}"
 
+- name: Get OpenSearch password
+  kubernetes.core.k8s_info:
+    api_version: v1
+    kind: Secret
+    namespace: "{{ cerebro_cp4ba_project_name }}"
+    name: "opensearch-ibm-elasticsearch-cred-secret"
+  register: os_secret
+  retries: 40
+  delay: 15
+
+- name: Set OpenSearch password
+  ansible.builtin.set_fact:
+    os_password: "{{ os_secret.resources[0].data.elastic | b64decode }}"
+
 - name: Prepare yaml file for {{ item }}
   ansible.builtin.template:
     src: "{{ item }}.yaml.j2"
@@ -56,3 +70,20 @@
     common_service_name: cerebro
     common_apps_endpoint_domain: "{{ apps_endpoint_domain }}"
     common_output_directory: "{{ cerebro_output_directory }}"
+
+- name: Set usage entry
+  ansible.builtin.include_role:
+    name: usage
+    tasks_from: set-entry
+  vars:
+    usage_entry_name: Extras-Cerebro
+    usage_entry_value:
+      "# Cerebro
+
+      As OpenSearch browser.
+
+      ## Endpoints
+
+      - UI: https://cerebro-{{ cerebro_project_name }}.{{ apps_endpoint_domain }}
+
+      "
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/cerebro/templates/configmaps.yaml.j2 b/automation-roles/50-install-cloud-pak/cp4ba/cerebro/templates/configmaps.yaml.j2
@@ -78,11 +78,11 @@ data:
     # A list of known hosts
     hosts = [
       {
-        host = "https://iaf-system-elasticsearch-es.{{ cerebro_cp4ba_project_name }}:9200"
-        name = "IAF Elastic"
+        host = "https://opensearch-ibm-elasticsearch-srv.{{ cerebro_cp4ba_project_name }}.svc.cluster.local:443"
+        name = "OpenSearch"
         auth = {
-          username = "{{ cerebro_elasticsearch_admin_user }}"
-          password = "{{ cerebro_elasticsearch_universal_password }}"
+          username = "elastic"
+          password = "{{ os_password }}"
         }
       }
     ]
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/cloudbeaver/defaults/main.yml b/automation-roles/50-install-cloud-pak/cp4ba/cloudbeaver/defaults/main.yml
@@ -4,7 +4,7 @@ cloudbeaver_dir_name: cloudbeaver
 cloudbeaver_project_name: ""
 cloudbeaver_universal_password: ""
 cloudbeaver_storage_class_name: ""
-cloudbeaver_image: docker.io/dbeaver/cloudbeaver:24.0.0
+cloudbeaver_image: docker.io/dbeaver/cloudbeaver:24.1.0
 cloudbeaver_postgresql_hostname: ""
 cloudbeaver_postgresql_universal_password: ""
 cloudbeaver_mssql_hostname: ""

diff --git a/automation-roles/50-install-cloud-pak/cp4ba/cloudbeaver/tasks/install.yml b/automation-roles/50-install-cloud-pak/cp4ba/cloudbeaver/tasks/install.yml
@@ -131,36 +131,6 @@
   register: cloudbeaver_existing_response
   failed_when: cloudbeaver_existing_response.status != 200 or cloudbeaver_existing_response.json.errors is defined
 
-- name: Add PostgreSQL to cloudbeaver
-  ansible.builtin.uri:
-    url: https://cloudbeaver-{{ cloudbeaver_project_name }}.{{ apps_endpoint_domain }}/api/gql
-    validate_certs: false
-    method: POST
-    headers:
-      content-type: "application/json"
-      Cookie: "cb-session-id={{ cb_session_id }}"
-    body_format: json
-    body:
-      query: 'mutation createConnection($providerProperties: Object) {
-          createConnection(
-            config: { credentials: {userName: "postgres", userPassword: "{{ cloudbeaver_postgresql_universal_password }}"},
-            saveCredentials: true, driverId: "postgresql:postgres-jdbc", host: "{{ cloudbeaver_postgresql_hostname }}", port: "5432",
-            databaseName: "postgres" name:"PostgreSQL",
-            providerProperties: $providerProperties}
-            projectId: "g_GlobalConfiguration"
-          ) {
-            id
-          }
-        }'
-      variables: {
-        "providerProperties": {
-          "@dbeaver-show-non-default-db@": true
-        }
-      }
-  register: cloudbeaver_create_response
-  failed_when: cloudbeaver_create_response.status != 200 or cloudbeaver_create_response.json.errors is defined
-  when: cloudbeaver_existing_response is not search('.*PostgreSQL.*')
-
 - name: Add MSSQL to cloudbeaver
   ansible.builtin.uri:
     url: https://cloudbeaver-{{ cloudbeaver_project_name }}.{{ apps_endpoint_domain }}/api/gql
@@ -184,3 +154,38 @@
   register: cloudbeaver_create_response
   failed_when: cloudbeaver_create_response.status != 200 or cloudbeaver_create_response.json.errors is defined
   when: _current_cp4ba_cluster.rpa.enabled and cloudbeaver_existing_response is not search('.*MSSQL.*')
+
+- name: Add PG to cloudbeaver
+  ansible.builtin.include_role:
+    name: common
+    tasks_from: cloudbeaver-add-pg
+  vars:
+    common_cloudbeaver_project: "{{ cloudbeaver_project_name }}"
+    common_cloudbeaver_username: "{{ lc_principal_admin_user }}"
+    common_cloudbeaver_password: "{{ cloudbeaver_universal_password }}"
+    common_cloudbeaver_connection_name: CP4BA PostgreSQL
+    common_pg_host: "{{ cloudbeaver_postgresql_hostname }}"
+    common_pg_port: "5432"
+    common_pg_username: postgres
+    common_pg_password: "{{ cloudbeaver_postgresql_universal_password }}"
+
+- name: Set usage entry
+  ansible.builtin.include_role:
+    name: usage
+    tasks_from: set-entry
+  vars:
+    usage_entry_name: Extras-CloudBeaver
+    usage_entry_value:
+      "# CloudBeaver
+
+      As DB UI for PostgreSQL, MSSQL
+
+      ## Endpoints
+
+      - CloudBeaver UI: https://cloudbeaver-{{ cloudbeaver_project_name }}.{{ apps_endpoint_domain }}
+
+      ## Credentials
+
+      - UI: {{ principal_admin_user }} / {{ cloudbeaver_universal_password }}
+
+      "
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/common/tasks/cloudbeaver-add-pg.yml b/automation-roles/50-install-cloud-pak/cp4ba/common/tasks/cloudbeaver-add-pg.yml
@@ -0,0 +1,95 @@
+# Example of the functionality call
+#
+# - name: Add PG to cloudbeaver
+#   ansible.builtin.include_role:
+#     name: common
+#     tasks_from: cloudbeaver-add-pg
+#   vars:
+#     common_cloudbeaver_project: _cloudbeaver_project
+#     common_cloudbeaver_username: _cloudbeaver_username
+#     common_cloudbeaver_password: _cloudbeaver_password
+#     common_cloudbeaver_connection_name: _cloudbeaver_connection_name
+#     common_pg_host: _pg_host
+#     common_pg_port: _pg_port
+#     common_pg_username: _pg_username
+#     common_pg_password: _pg_password
+
+- name: Get OCP Apps domain
+  ansible.builtin.include_role:
+    name: common
+    tasks_from: apps-endpoint
+  vars:
+    common_output_to_var: "apps_endpoint_domain"
+
+- name: Hash universal password MD5
+  ansible.builtin.set_fact:
+    cb_universal_password_md5: "{{ common_cloudbeaver_password | md5 | upper }}"
+
+- name: Login to cloudbeaver
+  ansible.builtin.uri:
+    url: https://cloudbeaver-{{ common_cloudbeaver_project }}.{{ apps_endpoint_domain }}/api/gql
+    validate_certs: false
+    method: POST
+    headers:
+      content-type: "application/json"
+    body_format: json
+    body:
+      query: 'query {
+          authLogin(credentials: {user: "{{ common_cloudbeaver_username }}", password: "{{ cb_universal_password_md5 }}"}, provider: "local") {
+            authStatus
+          }
+        }'
+  register: cloudbeaver_login_response
+  failed_when: cloudbeaver_login_response.status != 200 or cloudbeaver_login_response.json.errors is defined
+
+- name: Get session id
+  ansible.builtin.set_fact:
+    cb_session_id: "{{ cloudbeaver_login_response.cookies['cb-session-id'] }}"
+
+- name: Get existing connections
+  ansible.builtin.uri:
+    url: https://cloudbeaver-{{ common_cloudbeaver_project }}.{{ apps_endpoint_domain }}/api/gql
+    validate_certs: false
+    method: POST
+    headers:
+      content-type: "application/json"
+      Cookie: "cb-session-id={{ cb_session_id }}"
+    body_format: json
+    body:
+      query: 'query {
+          userConnections {
+            name
+          }
+        }'
+  register: cloudbeaver_existing_response
+  failed_when: cloudbeaver_existing_response.status != 200 or cloudbeaver_existing_response.json.errors is defined
+
+- name: Add PostgreSQL to cloudbeaver
+  ansible.builtin.uri:
+    url: https://cloudbeaver-{{ common_cloudbeaver_project }}.{{ apps_endpoint_domain }}/api/gql
+    validate_certs: false
+    method: POST
+    headers:
+      content-type: "application/json"
+      Cookie: "cb-session-id={{ cb_session_id }}"
+    body_format: json
+    body:
+      query: 'mutation createConnection($providerProperties: Object) {
+          createConnection(
+            config: { credentials: {userName: "{{ common_pg_username }}", userPassword: "{{ common_pg_password }}"},
+            saveCredentials: true, driverId: "postgresql:postgres-jdbc", host: "{{ common_pg_host }}", port: "{{ common_pg_port }}",
+            databaseName: "postgres" name:"{{ common_cloudbeaver_connection_name }}",
+            providerProperties: $providerProperties}
+            projectId: "g_GlobalConfiguration"
+          ) {
+            id
+          }
+        }'
+      variables: {
+        "providerProperties": {
+          "@dbeaver-show-non-default-db@": true
+        }
+      }
+  register: cloudbeaver_create_response
+  failed_when: cloudbeaver_create_response.status != 200 or cloudbeaver_create_response.json.errors is defined
+  when: cloudbeaver_existing_response is not search('.*' + common_cloudbeaver_connection_name + '.*')
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/common/tasks/iam-token-client.yml b/automation-roles/50-install-cloud-pak/cp4ba/common/tasks/iam-token-client.yml
diff --git a/automation-roles/50-install-cloud-pak/cp4ba/config/tasks/internal-variables.yml b/automation-roles/50-install-cloud-pak/cp4ba/config/tasks/internal-variables.yml
@@ -54,7 +54,6 @@ mongodb_hostname: "mongodb.{{ mongodb_project_name }}.svc.cluster.local"
 mail_hostname: "mail.{{ mail_project_name }}.svc.cluster.local"
 mssql_hostname: "mssql.{{ mssql_project_name }}.svc.cluster.local"
 nexus_hostname: "nexus.{{ nexus_project_name }}.svc.cluster.local"
-kibana_url: "http://kibana.{{ kibana_project_name }}.svc.cluster.local:5601"
 
 elasticsearch_admin_user: elasticsearch-admin
 elasticsearch_universal_password: "{{ universal_password }}"
@@ -97,8 +96,6 @@ cerebro_action: "{{ global_action }}"
 cerebro_project_name: "{{ collateral_project_name }}"
 cerebro_universal_password: "{{ universal_password }}"
 cerebro_cp4ba_project_name: "{{ cp4ba_project_name }}"
-cerebro_elasticsearch_universal_password: "{{ elasticsearch_universal_password }}"
-cerebro_elasticsearch_admin_user: "{{ elasticsearch_admin_user }}"
 
 akhq_action: "{{ global_action }}"
 akhq_project_name: "{{ collateral_project_name }}"
@@ -107,14 +104,9 @@ akhq_cp4ba_project_name: "{{ cp4ba_project_name }}"
 akhq_admin_user: "{{ principal_admin_user }}"
 akhq_storage_class_name: "{{ storage_class_name }}"
 
-kibana_action: "{{ global_action }}"
-kibana_project_name: "{{ collateral_project_name }}"
-kibana_elasticsearch_universal_password: "{{ elasticsearch_universal_password }}"
-kibana_universal_password: "{{ kibana_elasticsearch_universal_password }}"
-kibana_storage_class_name: "{{ storage_class_name }}"
-kibana_cp4ba_project_name: "{{ cp4ba_project_name }}"
-kibana_elasticsearch_admin_user: "{{ elasticsearch_admin_user }}"
-kibana_admin_user: "{{ kibana_elasticsearch_admin_user }}"
+opensearch_dashboards_action: "{{ global_action }}"
+opensearch_dashboards_project_name: "{{ collateral_project_name }}"
+opensearch_dashboards_cp4ba_project_name: "{{ cp4ba_project_name }}"
 
 mongodb_action: "{{ global_action }}"
 mongodb_project_name: "{{ collateral_project_name }}"
@@ -138,7 +130,6 @@ phpldapadmin_openldap_hostname: "{{ ldap_hostname }}"
 postgresql_action: "{{ global_action }}"
 postgresql_project_name: "{{ collateral_project_name }}"
 postgresql_storage_class_name: "{{ storage_class_name }}"
-postgresql_admin_user: "{{ principal_admin_user }}"
 postgresql_universal_password: "{{ universal_password }}"
 
 cloudbeaver_action: "{{ global_action }}"
@@ -166,24 +157,21 @@ cp4ba_icr_password: "{{ icr_password }}"
 cp4ba_ldap_hostname: "{{ ldap_hostname }}"
 cp4ba_postgresql_project: "{{ postgresql_project_name }}"
 cp4ba_postgresql_hostname: "{{ postgresql_hostname }}"
-cp4ba_postgresql_admin_user: "{{ postgresql_admin_user }}"
 cp4ba_postgresql_universal_password: "{{ postgresql_universal_password }}"
 cp4ba_mongodb_hostname: "{{ mongodb_hostname }}"
 cp4ba_mongodb_admin_user: "{{ mongodb_admin_user }}"
 cp4ba_mail_hostname: "{{ mail_hostname }}"
 cp4ba_nexus_project: "{{ nexus_project_name }}"
 cp4ba_gitea_project: "{{ gitea_project_name }}"
-cp4ba_kibana_project: "{{ kibana_project_name }}"
-cp4ba_kibana_url: "{{ kibana_url }}"
+cp4ba_cloudbeaver_project: "{{ cloudbeaver_project_name }}"
+cp4ba_cloudbeaver_universal_password: "{{ cloudbeaver_universal_password }}"
 cp4ba_cr_meta_name: icp4adeploy
 cp4ba_ca_key_path: "{{ ca_key_path }}"
 cp4ba_ca_crt_path: "{{ ca_crt_path }}"
 cp4ba_external_share_google: "{{ external_share_google }}"
 cp4ba_google_client_id: "{{ google_client_id }}"
 cp4ba_google_client_secret: "{{ google_client_secret }}"
 cp4ba_deployment_platform: "{{ deployment_platform }}"
-cp4ba_kibana_universal_password: "{{ kibana_universal_password }}"
-cp4ba_kibana_admin_user: "{{ kibana_admin_user }}"
 cp4ba_elasticsearch_universal_password: "{{ elasticsearch_universal_password }}"
 cp4ba_elasticsearch_admin_user: "{{ elasticsearch_admin_user }}"
 

diff --git a/automation-roles/50-install-cloud-pak/cp4ba/config/tasks/main.yml b/automation-roles/50-install-cloud-pak/cp4ba/config/tasks/main.yml
@@ -58,10 +58,6 @@
     mongodb_enabled: "{{ true if ((_current_cp4ba_cluster.cp4ba.enabled and _current_cp4ba_cluster.cp4ba.patterns.decisions_ads.enabled) or
       _current_cp4ba_cluster.pm.enabled) else false }}"
 
-- name: Kibana config variable
-  ansible.builtin.set_fact:
-    kibana_enabled: "{{ true if _current_cp4ba_cluster.cp4ba.enabled and _current_cp4ba_cluster.cp4ba.patterns.foundation.optional_components.bai else false }}"
-
 - name: MSSQL config variable
   ansible.builtin.set_fact:
     mssql_enabled: "{{ true if _current_cp4ba_cluster.rpa.enabled else false }}"