From 35975838a7f63fdaf340de1fa73b8c56469d5aa1 Mon Sep 17 00:00:00 2001
From: Chandan Abhyankar <chandan.abhyankar@gmail.com>
Date: Tue, 16 Apr 2024 03:27:46 -0700
Subject: [PATCH] OCTOPUS-697: OCP login operation is invoked before NFS
 deployment

Signed-off-by: Chandan Abhyankar <chandan.abhyankar@gmail.com>
---
 ansible/post/tasks/main.yml                |  6 +--
 ansible/support/tasks/main.yml             |  4 --
 ansible/support/tasks/nfs_provisioner.yaml | 38 -----------------
 ansible/support/tasks/nfs_provisioner.yml  | 47 ++++++++++++++++++++++
 modules/4_pvs_support/pvs_support.tf       | 22 ++++++++++
 5 files changed, 70 insertions(+), 47 deletions(-)
 delete mode 100644 ansible/support/tasks/nfs_provisioner.yaml
 create mode 100644 ansible/support/tasks/nfs_provisioner.yml

diff --git a/ansible/post/tasks/main.yml b/ansible/post/tasks/main.yml
index 1b38461..e390278 100644
--- a/ansible/post/tasks/main.yml
+++ b/ansible/post/tasks/main.yml
@@ -75,11 +75,7 @@
           labels: "{{ node_labels }}"
     with_items: "{{ node_names.stdout_lines }}"
 
-  - name: Setup NFS storage if NFS_SERVER is provided
-    import_tasks: nfs_provisioner.yaml
-    when: nfs_server != "none"
-
   - name: Cleanup events in openshift-etcd for cicd
     when: cicd == "true"
     shell: |
-      export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc delete events --all=true -n openshift-etcd
\ No newline at end of file
+      export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc delete events --all=true -n openshift-etcd
diff --git a/ansible/support/tasks/main.yml b/ansible/support/tasks/main.yml
index d8b15bd..4ae9bd9 100644
--- a/ansible/support/tasks/main.yml
+++ b/ansible/support/tasks/main.yml
@@ -136,7 +136,3 @@
       delay: 30
       timeout: 600
 
-  - name: Setup NFS storage if NFS_SERVER is provided
-    import_tasks: nfs_provisioner.yaml
-    when: nfs_server != "none"
-
diff --git a/ansible/support/tasks/nfs_provisioner.yaml b/ansible/support/tasks/nfs_provisioner.yaml
deleted file mode 100644
index e5b34fb..0000000
--- a/ansible/support/tasks/nfs_provisioner.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-- name: Create nfs-provisioner Project
-  kubernetes.core.k8s:
-    state: present
-    proxy: "http://{{ nfs_server }}:3128"
-    definition: "{{ lookup('template', '../templates/nfs-ns.yml') }}"
-
-- name: Create RBAC for nfs-provisioner
-  kubernetes.core.k8s:
-    state: present
-    proxy: "http://{{ nfs_server }}:3128"
-    definition: "{{ lookup('template', '../templates/nfs-rbac.yml') }}"
-
-- name: Setup Authorization
-  shell: "export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc adm policy add-scc-to-user hostmount-anyuid system:serviceaccount:nfs-provisioner:nfs-client-provisioner"
-
-- name: Create Deployment for nfs-provisioner
-  kubernetes.core.k8s:
-    state: present
-    proxy: "http://{{ nfs_server }}:3128"
-    definition: "{{ lookup('template', '../templates/nfs-deployment.yml.j2') }}"
-
-- name: Create Storage Class for nfs
-  kubernetes.core.k8s:
-    state: present
-    proxy: "http://{{ nfs_server }}:3128"
-    definition: "{{ lookup('template', '../templates/nfs-sc.yml') }}"
-
-- name: Ensure nfs-provisioner Pod is up and running fine
-  shell: "export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc get pods -n nfs-provisioner"
-  register: pod_output
-  until: pod_output.stdout.find("Running") != -1
-  retries: 10
-  delay: 30
-
-- name: Remove the block storage as the default.
-  shell: |
-    export HTTPS_PROXY=http://{{ nfs_server }}:3128 \
-      && oc patch storageclass ibmc-vpc-block-10iops-tier -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}'
\ No newline at end of file
diff --git a/ansible/support/tasks/nfs_provisioner.yml b/ansible/support/tasks/nfs_provisioner.yml
new file mode 100644
index 0000000..864c9be
--- /dev/null
+++ b/ansible/support/tasks/nfs_provisioner.yml
@@ -0,0 +1,47 @@
+---
+- hosts: all
+
+  handlers:
+  - import_tasks: ../handlers/main.yml
+
+  tasks:
+
+  - name: Create nfs-provisioner Project
+    kubernetes.core.k8s:
+      state: present
+      proxy: "http://{{ nfs_server }}:3128"
+      definition: "{{ lookup('template', '../templates/nfs-ns.yml') }}"
+
+  - name: Create RBAC for nfs-provisioner
+    kubernetes.core.k8s:
+      state: present
+      proxy: "http://{{ nfs_server }}:3128"
+      definition: "{{ lookup('template', '../templates/nfs-rbac.yml') }}"
+
+  - name: Setup Authorization
+    shell: "export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc adm policy add-scc-to-user hostmount-anyuid system:serviceaccount:nfs-provisioner:nfs-client-provisioner"
+
+  - name: Create Deployment for nfs-provisioner
+    kubernetes.core.k8s:
+      state: present
+      proxy: "http://{{ nfs_server }}:3128"
+      definition: "{{ lookup('template', '../templates/nfs-deployment.yml.j2') }}"
+
+  - name: Create Storage Class for nfs
+    kubernetes.core.k8s:
+      state: present
+      proxy: "http://{{ nfs_server }}:3128"
+      definition: "{{ lookup('template', '../templates/nfs-sc.yml') }}"
+
+  - name: Ensure nfs-provisioner Pod is up and running fine
+    shell: "export HTTPS_PROXY=http://{{ nfs_server }}:3128 && oc get pods -n nfs-provisioner"
+    register: pod_output
+    until: pod_output.stdout.find("Running") != -1
+    retries: 10
+    delay: 30
+
+  - name: Remove the block storage as the default.
+    shell: |
+      export HTTPS_PROXY=http://{{ nfs_server }}:3128 \
+        && oc patch storageclass ibmc-vpc-block-10iops-tier -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "false"}}}'
+
diff --git a/modules/4_pvs_support/pvs_support.tf b/modules/4_pvs_support/pvs_support.tf
index a5f9e99..b5f4d3b 100644
--- a/modules/4_pvs_support/pvs_support.tf
+++ b/modules/4_pvs_support/pvs_support.tf
@@ -151,6 +151,28 @@ EOF
   }
 }
 
+# Dev Note: setup nfs deployment
+resource "null_resource" "nfs_deployment" {
+  depends_on = [null_resource.config_login]
+  connection {
+    type        = "ssh"
+    user        = var.rhel_username
+    host        = var.bastion_public_ip
+    private_key = file(var.private_key_file)
+    agent       = var.ssh_agent
+    timeout     = "${var.connection_timeout}m"
+  }
+
+  provisioner "remote-exec" {
+    inline = [<<EOF
+echo 'Running ocp4-upi-compute-powervs playbook...'
+cd ocp4-upi-compute-powervs/support
+ANSIBLE_LOG_PATH=/root/.openshift/ocp4-upi-compute-powervs-support-nfs-deploy.log ansible-playbook -e @vars/vars.yaml tasks/nfs_provisioner.yml --become || true
+EOF
+    ]
+  }
+}
+
 resource "null_resource" "config_csi" {
   depends_on = [null_resource.config_login, null_resource.config]
   connection {