diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore new file mode 100644 index 0000000..bab90a4 --- /dev/null +++ b/.ansible-lint-ignore @@ -0,0 +1 @@ +roles/deploy/defaults/main.yml var-naming[no-role-prefix] diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..643c8de --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,2 @@ +[defaults] +roles_path = roles/ diff --git a/plans/deployment.fmf b/plans/deployment.fmf index 44cb5f3..a09e9fe 100644 --- a/plans/deployment.fmf +++ b/plans/deployment.fmf @@ -22,16 +22,16 @@ discover: prepare: - how: ansible playbook: playbooks/oc-cluster-user.yml - extra-args: "-vvv --extra-vars user=tmt" + extra-args: "-vv --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-setup.yml - extra-args: "-vvv --extra-vars user=tmt" + extra-args: "-vv --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-run.yml - extra-args: "-vvv --extra-vars user=tmt" + extra-args: "-vv --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-tests-setup.yml - extra-args: "-vvv" + extra-args: "-vv" /local: summary: Run packit-service deployment test on a local machine managed by tmt @@ -54,16 +54,16 @@ discover: prepare: - how: ansible playbook: playbooks/oc-cluster-user.yml - extra-args: "-vvv --extra-vars user=tmt" + extra-args: "-vv --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-setup.yml - extra-args: "-vvv --extra-vars user=tmt" + extra-args: "-vv --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-run.yml - extra-args: "-vvv --extra-vars @./secrets/openshift-local-pull-secret.yml --extra-vars user=tmt" + extra-args: "-vv --extra-vars @./secrets/openshift-local-pull-secret.yml --extra-vars user=tmt" - how: ansible playbook: playbooks/oc-cluster-tests-setup.yml - extra-args: "-vvv" + extra-args: "-vv" /vagrant: summary: Run packit-service deployment test on a vagrant machine already up and running diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml index b4dd600..ad845eb 100644 --- a/playbooks/deploy.yml +++ b/playbooks/deploy.yml @@ -69,395 +69,5 @@ costcenter: "700" registry: 172.30.1.1:5000 registry_user: developer - tasks: - - name: Include tasks/project-dir.yml - ansible.builtin.include_tasks: tasks/project-dir.yml - tags: - - always - - - name: Include variables - ansible.builtin.include_vars: "{{ project_dir }}/vars/{{ service }}/{{ deployment }}.yml" - tags: - - always - - - name: Include tasks/check-up-to-date.yml - ansible.builtin.include_tasks: tasks/check-up-to-date.yml - tags: - - always - - - name: Include deployment facts - ansible.builtin.include_tasks: tasks/set-deployment-facts.yml - tags: - - always - - - name: Include tasks/set-facts.yml - ansible.builtin.include_tasks: tasks/set-facts.yml - tags: - - always - - - name: Include extra secret vars - ansible.builtin.include_vars: - file: "{{ path_to_secrets }}/extra-vars.yml" - name: vault - tags: - - always - - - name: Get k8s token and check it - tags: - - always - block: - - name: Get kubeconfig token - ansible.builtin.command: oc whoami -t - register: kubeconfig_token - changed_when: false - - name: Check if tokens match - ansible.builtin.assert: - that: - - kubeconfig_token.stdout == api_key - msg: "OpenShift API token defined in vars/ does not match token from your current environment." - - - name: Push dev images to local registry - when: push_dev_images - tags: - - packit-service - - packit-worker - - packit-service-beat - block: - - name: Set tls-verify to false if podman is used - ansible.builtin.set_fact: - tls_verify_false: "{{ '--tls-verify=false' if 'podman' in container_engine else '' }}" - changed_when: false - - name: Login to local cluster - ansible.builtin.shell: "{{ container_engine }} login -u {{ registry_user }} -p $(oc whoami -t) {{ registry }} {{ tls_verify_false }}" - changed_when: false - - name: Inspect service image - ansible.builtin.command: "{{ container_engine }} inspect {{ image }}" - changed_when: false - - name: Tag the image with :dev - ansible.builtin.command: "{{ container_engine }} tag {{ image }} {{ registry }}/myproject/packit-service:dev" - changed_when: true - - name: Push the image - ansible.builtin.command: "{{ container_engine }} push {{ registry }}/myproject/packit-service:dev {{ tls_verify_false }}" - changed_when: true - - name: Inspect worker image - ansible.builtin.command: "{{ container_engine }} inspect {{ image_worker }}" - changed_when: false - - name: Tag the image with :dev - ansible.builtin.command: "{{ container_engine }} tag {{ image_worker }} {{ registry }}/myproject/packit-worker:dev" - changed_when: true - - name: Push the image - ansible.builtin.command: "{{ container_engine }} push {{ registry }}/myproject/packit-worker:dev {{ tls_verify_false }}" - changed_when: true - - - name: Deploy secrets - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-packit-ssh.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-packit-secrets.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-packit-config.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-sentry.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-postgres.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-aws.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-splunk.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/secret-centpkg-sig.yml.j2') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/github-app-private-key.yml.j2') }}" - tags: - - secrets - - - name: Set up sandbox namespace - when: with_sandbox - block: - - name: Create sandbox namespace - k8s: - resource_definition: "{{ lookup('template', '{{ project_dir }}/openshift/sandbox-namespace.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - - name: Add edit role to service account in sandbox namespace - ansible.builtin.command: oc adm policy add-role-to-user edit system:serviceaccount:{{ project }}:default -n {{ sandbox_namespace }} - register: rolebinding - changed_when: "'added:' in rolebinding.stdout" - - - name: Deploy postgres - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/postgres.yml.j2') }}" - tags: - - postgres - - - name: Deploy key-value database ({{ kv_database }}) - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('file', '{{ project_dir }}/openshift/configmap-redis_like_config.yml') }}" - - "{{ lookup('template', '{{ project_dir }}/openshift/{{ kv_database }}.yml.j2') }}" - when: with_kv_database - tags: - - kv_database - - - name: Deploy fluentd image stream and config - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/fluentd.yml.j2') }}" - tags: - - packit-service - - packit-worker - when: with_fluentd_sidecar - - - name: Deploy packit-service - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-service.yml.j2') }}" - tags: - - packit-service - - - name: Deploy repository cache PVCs for packit-workers that serves both queues - vars: - component: "packit-worker-{{ item }}" - k8s: - namespace: "{{ sandbox_namespace }}" - definition: "{{ lookup('template', '{{ project_dir }}/openshift/sandcastle-volumes-for-cache.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - loop: "{{ range(0, workers_all_tasks) | list }}" - tags: - - packit-worker - when: workers_all_tasks > 0 and with_repository_cache - - - name: Deploy packit-worker to serve both queues - vars: - component: packit-worker - queues: "short-running,long-running" - worker_replicas: "{{ workers_all_tasks }}" - worker_requests_memory: "384Mi" - worker_requests_cpu: "100m" - worker_limits_memory: "1024Mi" - worker_limits_cpu: "400m" - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-worker.yml.j2') }}" - tags: - - packit-worker - when: workers_all_tasks > 0 - - - name: Deploy packit-worker to serve short-running queue - vars: - component: packit-worker-short-running - queues: "short-running" - worker_replicas: "{{ workers_short_running }}" - # Short-running tasks are just interactions with different services. - # They should not require a lot of memory/cpu. - worker_requests_memory: "320Mi" - worker_requests_cpu: "80m" - worker_limits_memory: "640Mi" - worker_limits_cpu: "700m" - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-worker.yml.j2') }}" - tags: - - packit-worker - when: workers_short_running > 0 - - - name: Deploy repository cache PVCs for packit-workers that serves long-running queue - vars: - component: "packit-worker-long-running-{{ item }}" - k8s: - namespace: "{{ sandbox_namespace }}" - definition: "{{ lookup('template', '{{ project_dir }}/openshift/sandcastle-volumes-for-cache.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - loop: "{{ range(0, workers_long_running) | list }}" - tags: - - packit-worker - when: workers_long_running > 0 and with_repository_cache - - - name: Deploy packit-worker to serve long-running queue - vars: - component: packit-worker-long-running - queues: "long-running" - worker_replicas: "{{ workers_long_running }}" - # cloning repos is memory intensive: glibc needs 300M+, kernel 600M+ - # during cloning, we need to account for git and celery worker processes - worker_requests_memory: "768Mi" - worker_requests_cpu: "100m" - worker_limits_memory: "2048Mi" - worker_limits_cpu: "600m" - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-worker.yml.j2') }}" - tags: - - packit-worker - when: workers_long_running > 0 - - - name: Deploy packit-service-beat - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-service-beat.yml.j2') }}" - when: with_beat - tags: - - packit-service-beat - - - name: Deploy dashboard - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/dashboard.yml.j2') }}" - when: with_dashboard - tags: - - dashboard - - - name: Create redis-commander secrets - k8s: - namespace: "{{ project }}" - definition: "{{ lookup('template', '{{ project_dir }}/openshift/secret-redis-commander.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - apply: true - tags: - - redis-commander - notify: - - Restart redis-commander deployment - when: with_redis_commander - - - name: Deploy redis-commander - vars: - k8s_apply: true - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/redis-commander.yml.j2') }}" - when: with_redis_commander - tags: - - redis-commander - register: redis_commander - - - name: Deploy flower - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/flower.yml.j2') }}" - when: with_flower - tags: - - flower - - - name: Deploy packit-service-fedmsg - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/packit-service-fedmsg.yml.j2') }}" - tags: - - fedmsg - when: with_fedmsg - - - name: Deploy GitHub App Private Key - k8s: - namespace: "{{ project }}" - resource_definition: "{{ lookup('template', '{{ project_dir }}/openshift/github-app-private-key.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - tags: - - tokman - notify: - - Restart tokman deployment - when: with_tokman - - - name: Deploy tokman - k8s: - namespace: "{{ project }}" - definition: "{{ lookup('template', '{{ project_dir }}/openshift/tokman.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - tags: - - tokman - register: tokman - when: with_tokman - - - name: Deploy aggregating pushgateway - ansible.builtin.include_tasks: tasks/k8s.yml - loop: - - "{{ lookup('template', '{{ project_dir }}/openshift/pushgateway.yml.j2') }}" - tags: - - pushgateway - when: with_pushgateway - - - name: Create htpasswd file and deploy it as a secret - tags: - - flower - when: with_flower - block: - - name: Create htpasswd file - htpasswd: - path: "{{ flower_htpasswd_path }}" - name: "flower-boss" - password: "{{ vault.flower.basic_auth | regex_replace('flower-boss:', '') }}" - mode: 0640 - - name: Deploy flower-htpasswd secret - # Don't use tasks/k8s.yml here because the loop item is always evaluated - k8s: - namespace: "{{ project }}" - resource_definition: "{{ lookup('template', '{{ project_dir }}/openshift/secret-flower-htpasswd.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - notify: - - Restart nginx deployment - - - name: Deploy nginx to reverse proxy the pushgateway and flower - k8s: - namespace: "{{ project }}" - definition: "{{ lookup('template', '{{ project_dir }}/openshift/nginx.yml.j2') }}" - host: "{{ host }}" - api_key: "{{ api_key }}" - validate_certs: "{{ validate_certs }}" - tags: - - pushgateway - register: nginx - when: with_pushgateway and with_flower - - - name: Wait for worker-0 to be running - vars: - pod_name: packit-worker-0 - ansible.builtin.include_tasks: tasks/wait_for_pod.yml - when: workers_all_tasks > 0 - - - name: Wait for worker-short-running-0 to be running - vars: - pod_name: packit-worker-short-running-0 - ansible.builtin.include_tasks: tasks/wait_for_pod.yml - when: workers_short_running > 0 - - - name: Wait for worker-long-running-0 to be running - vars: - pod_name: packit-worker-long-running-0 - ansible.builtin.include_tasks: tasks/wait_for_pod.yml - when: workers_long_running > 0 - - - name: Wait for deploymentconfig rollouts to complete - # timeout 15min to not wait indefinitely in case of a problem - ansible.builtin.command: timeout 15m oc rollout status -w deploy/{{ item }} - register: oc_rollout_status - changed_when: false - failed_when: '"successfully rolled out" not in oc_rollout_status.stdout' - loop: "{{ deploymentconfigs }}" - - handlers: - - name: Restart redis-commander deployment - ansible.builtin.command: oc rollout restart deploy/redis-commander - # Restart/rollout deployment as a reaction to config change - # when the deployment hasn't been changed itself. - changed_when: false - when: not redis_commander.changed - - - name: Restart tokman deployment - ansible.builtin.command: oc rollout restart deploy/tokman - # Restart/rollout deployment as a reaction to config change - # when the deployment hasn't been changed itself. - changed_when: false - when: not tokman.changed - - - name: Restart nginx deployment - ansible.builtin.command: oc rollout restart deploy/nginx - # Restart/rollout deployment as a reaction to config change - # when the deployment hasn't been changed itself. - changed_when: false - when: not nginx.changed + roles: + - role: deploy diff --git a/playbooks/roles/deploy/defaults/main.yml b/playbooks/roles/deploy/defaults/main.yml deleted file mode 100644 index 0b50bb2..0000000 --- a/playbooks/roles/deploy/defaults/main.yml +++ /dev/null @@ -1,64 +0,0 @@ ---- -validate_certs: true # noqa: var-naming[no-role-prefix] -service: "{{ lookup('env', 'SERVICE') | default('packit', True) }}" # noqa: var-naming[no-role-prefix] -deployment: "{{ lookup('env', 'DEPLOYMENT') }}" # noqa: var-naming[no-role-prefix] -tenant: packit # noqa: var-naming[no-role-prefix] # MP+ tenant -with_tokman: true # noqa: var-naming[no-role-prefix] -with_fedmsg: true # noqa: var-naming[no-role-prefix] -kv_database: "redict" # noqa: var-naming[no-role-prefix] -with_kv_database: true # noqa: var-naming[no-role-prefix] -with_redis_commander: false # noqa: var-naming[no-role-prefix] -with_flower: false # noqa: var-naming[no-role-prefix] -with_dashboard: true # noqa: var-naming[no-role-prefix] -with_beat: true # noqa: var-naming[no-role-prefix] -with_pushgateway: true # noqa: var-naming[no-role-prefix] -with_repository_cache: true # noqa: var-naming[no-role-prefix] -repository_cache_storage: 4Gi # noqa: var-naming[no-role-prefix] -push_dev_images: false # noqa: var-naming[no-role-prefix] -with_fluentd_sidecar: false # noqa: var-naming[no-role-prefix] -postgres_version: 13 # noqa: var-naming[no-role-prefix] -image: quay.io/packit/packit-service:{{ deployment }} # noqa: var-naming[no-role-prefix] -image_worker: quay.io/packit/packit-worker:{{ deployment }} # noqa: var-naming[no-role-prefix] -image_fedmsg: quay.io/packit/packit-service-fedmsg:{{ deployment }} # noqa: var-naming[no-role-prefix] -image_dashboard: quay.io/packit/dashboard:{{ deployment }} # noqa: var-naming[no-role-prefix] -image_tokman: quay.io/packit/tokman:{{ deployment }} # noqa: var-naming[no-role-prefix] -image_fluentd: quay.io/packit/fluentd-splunk-hec:latest # noqa: var-naming[no-role-prefix] -# project_dir is set in tasks/project-dir.yml -path_to_secrets: "{{ project_dir }}/secrets/{{ service }}/{{ deployment }}" # noqa: var-naming[no-role-prefix] -# to be used in Image streams as importPolicy:scheduled value -auto_import_images: true # noqa: var-naming[no-role-prefix] -# used in dev/zuul deployment to tag & push images to cluster -# https://github.com/packit/deployment/issues/112#issuecomment-673343049 -# container_engine: "{{ lookup('pipe', 'command -v podman 2> /dev/null || echo docker') }}" -container_engine: docker # noqa: var-naming[no-role-prefix] -celery_app: packit_service.worker.tasks # noqa: var-naming[no-role-prefix] -celery_retry_limit: 2 # noqa: var-naming[no-role-prefix] -celery_retry_backoff: 3 # noqa: var-naming[no-role-prefix] -workers_all_tasks: 1 # noqa: var-naming[no-role-prefix] -workers_short_running: 0 # noqa: var-naming[no-role-prefix] -workers_long_running: 0 # noqa: var-naming[no-role-prefix] -distgit_url: https://src.fedoraproject.org/ # noqa: var-naming[no-role-prefix] -distgit_namespace: rpms # noqa: var-naming[no-role-prefix] -sourcegit_namespace: "" # noqa: var-naming[no-role-prefix] # fedora-source-git only -pushgateway_address: http://pushgateway # noqa: var-naming[no-role-prefix] -# Check that the deployment repo is up-to-date -check_up_to_date: true # noqa: var-naming[no-role-prefix] -# Check that the current vars file is up-to-date with the template -check_vars_template_diff: true # noqa: var-naming[no-role-prefix] -deployment_repo_url: https://github.com/packit/deployment.git # noqa: var-naming[no-role-prefix] -# used by a few tasks below -k8s_apply: true # noqa: var-naming[no-role-prefix] -tokman: # noqa: var-naming[no-role-prefix] - workers: 1 - resources: - requests: - memory: "88Mi" - cpu: "5m" - limits: - memory: "128Mi" - cpu: "50m" -appcode: PCKT-002 # noqa: var-naming[no-role-prefix] -servicephase: lab # noqa: var-naming[no-role-prefix] -costcenter: "700" # noqa: var-naming[no-role-prefix] -registry: 172.30.1.1:5000 # noqa: var-naming[no-role-prefix] -registry_user: developer # noqa: var-naming[no-role-prefix] diff --git a/roles/deploy/defaults/main.yml b/roles/deploy/defaults/main.yml new file mode 100644 index 0000000..89480d5 --- /dev/null +++ b/roles/deploy/defaults/main.yml @@ -0,0 +1,64 @@ +--- +validate_certs: true +service: "{{ lookup('env', 'SERVICE') | default('packit', True) }}" +deployment: "{{ lookup('env', 'DEPLOYMENT') }}" +tenant: packit # MP+ tenant +with_tokman: true +with_fedmsg: true +kv_database: "redict" +with_kv_database: true +with_redis_commander: false +with_flower: false +with_dashboard: true +with_beat: true +with_pushgateway: true +with_repository_cache: true +repository_cache_storage: 4Gi +push_dev_images: false +with_fluentd_sidecar: false +postgres_version: 13 +image: quay.io/packit/packit-service:{{ deployment }} +image_worker: quay.io/packit/packit-worker:{{ deployment }} +image_fedmsg: quay.io/packit/packit-service-fedmsg:{{ deployment }} +image_dashboard: quay.io/packit/dashboard:{{ deployment }} +image_tokman: quay.io/packit/tokman:{{ deployment }} +image_fluentd: quay.io/packit/fluentd-splunk-hec:latest +# project_dir is set in tasks/project-dir.yml +path_to_secrets: "{{ project_dir }}/secrets/{{ service }}/{{ deployment }}" +# to be used in Image streams as importPolicy:scheduled value +auto_import_images: true +# used in dev/zuul deployment to tag & push images to cluster +# https://github.com/packit/deployment/issues/112#issuecomment-673343049 +# container_engine: "{{ lookup('pipe', 'command -v podman 2> /dev/null || echo docker') }}" +container_engine: docker +celery_app: packit_service.worker.tasks +celery_retry_limit: 2 +celery_retry_backoff: 3 +workers_all_tasks: 1 +workers_short_running: 0 +workers_long_running: 0 +distgit_url: https://src.fedoraproject.org/ +distgit_namespace: rpms +sourcegit_namespace: "" # fedora-source-git only +pushgateway_address: http://pushgateway +# Check that the deployment repo is up-to-date +check_up_to_date: true +# Check that the current vars file is up-to-date with the template +check_vars_template_diff: true +deployment_repo_url: https://github.com/packit/deployment.git +# used by a few tasks below +k8s_apply: true +tokman: + workers: 1 + resources: + requests: + memory: "88Mi" + cpu: "5m" + limits: + memory: "128Mi" + cpu: "50m" +appcode: PCKT-002 +servicephase: lab +costcenter: "700" +registry: 172.30.1.1:5000 +registry_user: developer diff --git a/playbooks/roles/deploy/handlers/main.yml b/roles/deploy/handlers/main.yml similarity index 100% rename from playbooks/roles/deploy/handlers/main.yml rename to roles/deploy/handlers/main.yml diff --git a/playbooks/roles/deploy/tasks/main.yml b/roles/deploy/tasks/main.yml similarity index 100% rename from playbooks/roles/deploy/tasks/main.yml rename to roles/deploy/tasks/main.yml diff --git a/playbooks/roles/generate_secrets/files/centpkg-sig.conf.j2 b/roles/generate_secrets/files/centpkg-sig.conf.j2 similarity index 100% rename from playbooks/roles/generate_secrets/files/centpkg-sig.conf.j2 rename to roles/generate_secrets/files/centpkg-sig.conf.j2 diff --git a/playbooks/roles/generate_secrets/files/copr b/roles/generate_secrets/files/copr similarity index 100% rename from playbooks/roles/generate_secrets/files/copr rename to roles/generate_secrets/files/copr diff --git a/playbooks/roles/generate_secrets/files/extra-vars.yml b/roles/generate_secrets/files/extra-vars.yml similarity index 100% rename from playbooks/roles/generate_secrets/files/extra-vars.yml rename to roles/generate_secrets/files/extra-vars.yml diff --git a/playbooks/roles/generate_secrets/files/fedora.toml.j2 b/roles/generate_secrets/files/fedora.toml.j2 similarity index 100% rename from playbooks/roles/generate_secrets/files/fedora.toml.j2 rename to roles/generate_secrets/files/fedora.toml.j2 diff --git a/playbooks/roles/generate_secrets/files/packit-service.yaml.j2 b/roles/generate_secrets/files/packit-service.yaml.j2 similarity index 100% rename from playbooks/roles/generate_secrets/files/packit-service.yaml.j2 rename to roles/generate_secrets/files/packit-service.yaml.j2 diff --git a/playbooks/roles/generate_secrets/files/ssh_config b/roles/generate_secrets/files/ssh_config similarity index 100% rename from playbooks/roles/generate_secrets/files/ssh_config rename to roles/generate_secrets/files/ssh_config diff --git a/playbooks/roles/generate_secrets/tasks/create-directories.yml b/roles/generate_secrets/tasks/create-directories.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/create-directories.yml rename to roles/generate_secrets/tasks/create-directories.yml diff --git a/playbooks/roles/generate_secrets/tasks/generate-cert.yml b/roles/generate_secrets/tasks/generate-cert.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/generate-cert.yml rename to roles/generate_secrets/tasks/generate-cert.yml diff --git a/playbooks/roles/generate_secrets/tasks/generate-configs.yml b/roles/generate_secrets/tasks/generate-configs.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/generate-configs.yml rename to roles/generate_secrets/tasks/generate-configs.yml diff --git a/playbooks/roles/generate_secrets/tasks/generate-ssh.yml b/roles/generate_secrets/tasks/generate-ssh.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/generate-ssh.yml rename to roles/generate_secrets/tasks/generate-ssh.yml diff --git a/playbooks/roles/generate_secrets/tasks/main.yml b/roles/generate_secrets/tasks/main.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/main.yml rename to roles/generate_secrets/tasks/main.yml diff --git a/playbooks/roles/generate_secrets/tasks/project-dir.yml b/roles/generate_secrets/tasks/project-dir.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/project-dir.yml rename to roles/generate_secrets/tasks/project-dir.yml diff --git a/playbooks/roles/generate_secrets/tasks/touch-files.yml b/roles/generate_secrets/tasks/touch-files.yml similarity index 100% rename from playbooks/roles/generate_secrets/tasks/touch-files.yml rename to roles/generate_secrets/tasks/touch-files.yml diff --git a/playbooks/roles/generate_secrets/vars/main.yml b/roles/generate_secrets/vars/main.yml similarity index 100% rename from playbooks/roles/generate_secrets/vars/main.yml rename to roles/generate_secrets/vars/main.yml diff --git a/playbooks/tasks/check-pod-running.yml b/tasks/check-pod-running.yml similarity index 100% rename from playbooks/tasks/check-pod-running.yml rename to tasks/check-pod-running.yml diff --git a/playbooks/tasks/check-up-to-date.yml b/tasks/check-up-to-date.yml similarity index 100% rename from playbooks/tasks/check-up-to-date.yml rename to tasks/check-up-to-date.yml diff --git a/playbooks/tasks/k8s.yml b/tasks/k8s.yml similarity index 100% rename from playbooks/tasks/k8s.yml rename to tasks/k8s.yml diff --git a/playbooks/tasks/project-dir.yml b/tasks/project-dir.yml similarity index 100% rename from playbooks/tasks/project-dir.yml rename to tasks/project-dir.yml diff --git a/playbooks/tasks/set-deployment-facts.yml b/tasks/set-deployment-facts.yml similarity index 100% rename from playbooks/tasks/set-deployment-facts.yml rename to tasks/set-deployment-facts.yml diff --git a/playbooks/tasks/set-facts.yml b/tasks/set-facts.yml similarity index 100% rename from playbooks/tasks/set-facts.yml rename to tasks/set-facts.yml diff --git a/playbooks/tasks/wait_for_pod.yml b/tasks/wait_for_pod.yml similarity index 100% rename from playbooks/tasks/wait_for_pod.yml rename to tasks/wait_for_pod.yml