for the issue #37 (gitlab Connector) we need a local test instance

org.eclipse.mylyn.releng/multipass/README.md

@@ -11,12 +11,18 @@ This setup is only tested on am MacBook Pro M1.
 
 1. Download Multipass
    please install https://multipass.run/install for your platform
-2. Create the Multipass VM's (3 VM's)
-   - switch to this folder
+2. Add certificate so you can run a runtime Workspace
+
+   Steps from my Mac Environment use $JAVA_HOME on other Environments.
+   $JAVA_HOME was not set on my environment so I have to use th Path '/Library/Java/JavaVirtualMachines/temurin-17.jdk/Contents/Home' instead
+
+   1. cp /Library/Java/JavaVirtualMachines/temurin-17.jdk/Contents/Home/lib/security/cacerts to the root folder of your installation ../certs/cacerts
+3. Create the Multipass VM's (3 VM's)
+  - switch to this folder
      ```
      cd ./org.eclipse.mylyn.all/org.eclipse.mylyn/org.eclipse.mylyn.releng/multipass/
      ```
-   - create the 3 VM's
+  - create the 3 VM's
      ```
      ansible-playbook create_vm.yml --ask-become-pass --extra-vars="docker_run_mode=container"
      or
@@ -27,15 +33,15 @@ This setup is only tested on am MacBook Pro M1.
      This creates the 3 VM's and make sure that /etc/hosts contains the correct entries
      and also update the inventory.yml with the new IP addresses of the VM's.
      During the first time run we create a sshkey for all instances in folder first_setup
-3. First time Setup the VM's
+4. First time Setup the VM's
    ```
    ansible-playbook mylyn_setup.yml --extra-vars="docker_run_mode=container"
    or
    ansible-playbook mylyn_setup.yml --extra-vars="docker_run_mode=swarm"
    or
    ansible-playbook mylyn_setup.yml --extra-vars="docker_run_mode=single"
    ```
-4. restart the services the VM's 
+5. restart the services the VM's 
    ```
    ansible-playbook mylyn_setup.yml --skip-tags base_software --extra-vars="docker_run_mode=container"
    or
@@ -48,8 +54,7 @@ This setup is only tested on am MacBook Pro M1.
    ansible-playbook mylyn_setup.yml --skip-tags base_software --extra-vars="swarm_recreate=true" --extra-vars="docker_run_mode=swarm"
    ```
 
-5. delete VM's and recreate VM's
-   
+6. delete VM's and recreate VM's 
    1. delete the running VM's
    ```
    multipass delete mylynadm01 
@@ -75,6 +80,4 @@ This setup is only tested on am MacBook Pro M1.
    or
    ansible-playbook create_vm.yml --ask-become-pass --extra-vars="docker_run_mode=single"
    ansible-playbook mylyn_setup.yml --extra-vars="docker_run_mode=single"
-   ```
-
-Scrach Pad
+   ```

org.eclipse.mylyn.releng/multipass/ansible.cfg

@@ -4,7 +4,7 @@ inventory = inventory.yml
 callbacks_enabled = ansible.posix.timer, ansible.posix.profile_roles, ansible.posix.profile_tasks
 
 # Installs collections into [current dir]/ansible_collections/namespace/collection_name
-collections_paths = ./
+collections_path = ./
 
 # Installs roles into [current dir]/roles/namespace.rolename
 roles_path = ./roles

org.eclipse.mylyn.releng/multipass/create_vm.yml

@@ -14,4 +14,98 @@
 - hosts: localhost
   gather_facts: false
   roles:
-    - role: multipass_create_vm
+    - role: multipass_create_vm
+      tags:
+        - create_vm
+    - role: multipass_create_vm_setup
+      tags:
+        - base_software
+# 
+#
+# Admin Instanz für Zertifikate und root ca 
+#
+- hosts: "{{ hostvars['localhost'].rootca_server_name }}"
+  gather_facts: false
+  vars:
+    rootca_name: "{{ hostvars['localhost'].rootca_server_name }}"
+  roles:
+    - role: crtrootca
+      vars:
+        common_domain_name: "{{ hostvars['localhost'].local_domain }}"
+      tags:
+        - createValidCertificates
+        - base_software
+    - role: crtcertificate
+      vars:
+        subject_alt: 
+          - "DNS:*.{{ hostvars['localhost'].local_domain }}"
+        common_domain_name: "{{ hostvars['localhost'].local_domain }}"
+      tags:
+        - createValidCertificates
+        - base_software
+
+#
+# Alle normalen Knoten mit Zertifikaten versorgen
+#
+- hosts: "{{ hostvars['localhost'].setup_noadmin_vm_list }}"
+  gather_facts: true
+  vars:
+    rootca_name: "{{ hostvars['localhost'].rootca_server_name }}"
+  roles:
+    - role: crtcertificate
+      tags:
+        - createValidCertificates
+        - base_software
+      vars:
+        subject_alt: "{{ hostvars[inventory_hostname].default_etc_hosts.split() | map('regex_replace', '^', 'DNS:') | list }}"
+        common_domain_name: "{{ hostvars['localhost'].local_domain }}"
+    - role: dockerhost
+      tags:
+        - base_software
+  tasks:
+    - name: Creates directory certs
+      ansible.builtin.file:
+            path: "/mylyn-config-dir/certs"
+            state: directory
+            owner: ubuntu
+            group: ubuntu
+            mode: '0755'
+      tags:
+        - base_software
+    - name: Synchronization root ca
+      ansible.posix.synchronize:
+        src: "{{ item.src }}"
+        dest: "{{ item.dest }}"
+      tags:
+        - base_software
+      delegate_to: "{{ hostvars['localhost'].rootca_server_name }}"
+      loop:
+        - {src: "/cacerts/root_ca/{{ hostvars['localhost'].rootca_server_name }}.crt", dest: "/mylyn-config-dir/certs/rootca.crt"}
+        - {src: "/cacerts/root_ca/{{ hostvars['localhost'].rootca_server_name }}.key", dest: "/mylyn-config-dir/certs/rootca.key"}
+    - name: get worker certificates
+      ansible.posix.synchronize:
+        src:  "/cacerts/server_ca/"
+        dest: /mylyn-config-dir/certs
+      tags:
+        - base_software
+      delegate_to: "{{ item }}"
+      with_items: 
+        -  "{{ hostvars['localhost'].setup_noadmin_vm_list }}"
+
+- hosts: "{{ hostvars['localhost'].rootca_server_name }}"
+  gather_facts: false
+  tasks:
+    - name: Fetch stuff from the remote and save to local
+      synchronize:  src={{ item }} dest=../../../../certs/ mode=pull
+      with_items:
+        - "/cacerts/root_ca"
+- name: copy files to destination
+  hosts: localhost
+  connection: local
+  tasks:
+    - name: copy src.txt as dest.txt in the same dir 
+      copy:
+        src: ../../../../certs/cacerts
+        dest: ../../../../certs/mylyncacerts
+    - name: add mylynadm01.crt
+      command: keytool -alias mylyn -storepass changeit -noprompt -import -file ../../../../certs/root_ca/mylynadm01.crt -keystore ../../../../certs/mylyncacerts

org.eclipse.mylyn.releng/multipass/global_setup.yml

@@ -1,43 +1,74 @@
     - name: set global var
       ansible.builtin.set_fact:
         grp_prefix: "{{ prefix | default('mylyn')}}"
-        local_domain: "{{ loc_dom | default('mylyn.local')}}"
+        local_domain: "{{ local_dom | default('mylyn.local')}}"
+        remote_domain: "{{ remote_dom | default('public.mydomain.de')}}"
         docker_swarm_recreate: "{{ swarm_recreate | default(false) }}"
         docker_mode_global: "{{ docker_run_mode | default('container') }}"
+      tags:
+        - global
 
-    - name: build setup_lst_tmp
+    - name: build list 1
       ansible.builtin.set_fact:
         setup_lst_tmp: 
          "{{ groups[grp_prefix + \"_admin\"]  + groups[grp_prefix + \"_swarm_master\"] }}" 
         setup_noadmin_vm_list: 
          "{{ groups[grp_prefix + \"_swarm_master\"] }}" 
+      tags:
+        - global
 
-    - name: build setup_lst_tmp1
+    - name: build list swarm
       ansible.builtin.set_fact:
         setup_lst_tmp:  
          "{{ setup_lst_tmp  +  groups[grp_prefix + \"_swarm_worker\" ] }}"
         setup_noadmin_vm_list: 
          "{{ setup_noadmin_vm_list  +  groups[grp_prefix + \"_swarm_worker\" ] }}"
-      when: (docker_mode_global == 'swarm')
-    - name: set global var 2
+      tags:
+        - global
+      when: (docker_mode_global == 'swarm' or docker_mode_global == 'all')
+    - name: build list gitlab
+      ansible.builtin.set_fact:
+        setup_lst_tmp:  
+         "{{ setup_lst_tmp  +  groups[grp_prefix + \"_gitlab\" ] }}"
+        setup_noadmin_vm_list: 
+         "{{ setup_noadmin_vm_list  +  groups[grp_prefix + \"_gitlab\" ] }}"
+      tags:
+        - global
+      when: (docker_mode_global == 'gitlab' or docker_mode_global == 'all')
+    - name: set list admin server
       ansible.builtin.set_fact:
         rootca_server_name: "{{ groups[hostvars['localhost'].grp_prefix + \"_admin\"][0] }}"
         prim_install_server_name: "{{ groups[hostvars['localhost'].grp_prefix + \"_swarm_master\"][0] }}"
-    - name: build setup_lst_tmp2
+      tags:
+        - global
+    - name: build single
       ansible.builtin.set_fact:
         setup_lst_tmp:  
          "{{ groups[grp_prefix + \"_swarm_master\" ] }}"
         setup_noadmin_vm_list: 
          "{{ groups[grp_prefix + \"_swarm_master\" ] }}"
         rootca_server_name:
          "{{ prim_install_server_name }}"
+      tags:
+        - global
       when: (docker_mode_global == 'single')
 
     - name: build setup_lst
       ansible.builtin.set_fact:
-        setup_lst: "{{ setup_lst | default([]) + [ { 'name': item, 'ip4': hostvars[item].ansible_host, 'disk':  hostvars[item].multipass_disk, 'memory':  hostvars[item].multipass_memory, 'cpus':  hostvars[item].multipass_cpus } ] }}"
+        setup_lst: "{{ setup_lst | default([]) + [ { 'name': item, 'ip4': hostvars[item].ansible_host, 'disk':  hostvars[item].multipass_disk, 'memory':  hostvars[item].multipass_memory, 'cpus':  hostvars[item].multipass_cpus, 'launch_extra': hostvars[item].additional_launch_parms } ] }}"
+      with_items:
+        - "{{ setup_lst_tmp }}"
+      tags:
+        - global
+
+    - name: build localhostPlatform
+      ansible.builtin.set_fact:
+        localhostPlatform: "{{ ansible_facts['distribution'] +'/' + ansible_facts['architecture']}}"
       with_items:
         - "{{ setup_lst_tmp }}"
+      tags:
+        - global
+
 
 #    - ansible.builtin.debug: msg="admin = {{ item }}"											# verbosity=3
 #      with_items:
@@ -49,6 +80,14 @@
 #      with_items:
 #        - "{{ groups[grp_prefix + \"_swarm_worker\"] }}"
     - ansible.builtin.debug: msg="all hosts = {{ setup_lst }}" 									# verbosity=3
+      tags:
+        - global
     - ansible.builtin.debug: msg="all non admin vm = {{ setup_noadmin_vm_list }}"				# verbosity=3
+      tags:
+        - global
     - ansible.builtin.debug: msg="rootca_server_name = {{ rootca_server_name }}"				# verbosity=3
+      tags:
+        - global
     - ansible.builtin.debug: msg="prim_install_server_name = {{ prim_install_server_name }}"	# verbosity=3
+      tags:
+        - global

org.eclipse.mylyn.releng/multipass/inventory.yml

@@ -3,6 +3,7 @@ all:
     multipass_disk: 5G
     multipass_memory: 1G
     multipass_cpus: 1
+    additional_launch_parms: ''
   children:
     mylyn_admin:
       hosts:
@@ -11,48 +12,62 @@ all:
       hosts:
         mylynmstr01:
       vars:
-        multipass_disk: 16G
-        multipass_memory: 4G
+        multipass_disk: 30G
+        multipass_memory: 10G
+        multipass_cpus: 4
+#       additional_launch_parms: --network en0 # acces from external
     mylyn_swarm_worker:
       hosts:
         mylynwrk01:
       vars:
         multipass_disk: 20G
         multipass_memory: 8G
+    mylyn_gitlab:
+      children:
+        gitlabmain:
+          hosts:
+            gitlabhost:
+          vars:
+            multipass_disk: 16G
+            multipass_memory: 8G
+            multipass_cpus: 4
+        gitlabrun:
+          hosts:
+            gitlabrunner:
+
   hosts:
     mylynadm01:
       ansible_connection: ssh
-      ansible_host: "192.168.64.x2"
+      ansible_host: "192.168.64.2"
       ansible_user: ubuntu
       ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ControlMaster=no -o ControlPath=none"
       ansible_ssh_private_key_file: first_setup/ubuntu_key
       default_etc_hosts: "mylynadm01"
     mylynmstr01:
       ansible_connection: ssh
-      ansible_host: "192.168.64.x3"
+      ansible_host: "192.168.64.3"
       ansible_user: ubuntu
       ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ControlMaster=no -o ControlPath=none"
       ansible_ssh_private_key_file: first_setup/ubuntu_key
-      default_etc_hosts: "mylynmstr01 traefik.mylyn.local mylynmstr01.mylyn.local mylyn.local jenkins.mylyn.local hello.mylyn.local"
+      default_etc_hosts: "mylyn-local traefik.mylyn.local mylyn-local.mylyn.local mylyn.local jenkins.mylyn.local hello.mylyn.local artifactory.mylyn.local gitlab.mylyn.local"
     mylynwrk01:
       ansible_connection: ssh
-      ansible_host: "192.168.64.x4"
+      ansible_host: "192.168.64.4"
       ansible_user: ubuntu
       ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ControlMaster=no -o ControlPath=none"
       ansible_ssh_private_key_file: first_setup/ubuntu_key
       default_etc_hosts: "mylynwrk01 mylynwrk01.mylyn.local"
-    mylynwrk02:
+    gitlabhost:
       ansible_connection: ssh
-      ansible_host: "192.168.64.x5"
+      ansible_host: "192.168.64.5"
       ansible_user: ubuntu
       ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ControlMaster=no -o ControlPath=none"
       ansible_ssh_private_key_file: first_setup/ubuntu_key
-      default_etc_hosts: "mylynwrk02 mylynwrk02.mylyn.local"
-      multipass_disk: 11G
-    mylynwrk03:
+      default_etc_hosts: "gitlabhost gitlabhost.mylyn.local test.gitlab.mylyn.local"
+    gitlabrunner:
       ansible_connection: ssh
-      ansible_host: "192.168.64.x6"
+      ansible_host: "192.168.64.6"
       ansible_user: ubuntu
       ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o ControlMaster=no -o ControlPath=none"
       ansible_ssh_private_key_file: first_setup/ubuntu_key
-      default_etc_hosts: "mylynwrk03 mylynwrk03.mylyn.local"
+      default_etc_hosts: "gitlabrunner gitlabrunner.mylyn.local"