Install more tools. Add motd capability (#7536)

Co-authored-by: Wolfgang Kulhanek <[email protected]>

ansible/configs/open-environment-azure-subscription/default_vars.yml

@@ -16,6 +16,9 @@ az_aro_version: 4.11.26
 # For OC client
 ocp4_installer_root_url: https://mirror.openshift.com/pub/openshift-v4/clients
 
+# OpenShift client install root URL
+ocp4_tools_root_url: "{{ ocp4_installer_root_url }}"
+
 # Set to true if you have azcollection > v1.13.0 (2022-05-27)
 install_aro_with_azcollection: false
 
@@ -72,8 +75,15 @@ HostedZoneId: "{{ azure_root_dns_zone }}"
 azure_dns_resource_group: rhpds-dns-handler
 
 # bastion install stuff
-remote_user: azure
-ansible_user: azure
+bastion_user_name: azure
+remote_user: "{{ bastion_user_name }}"
+ansible_user: "{{ bastion_user_name }}"
+
+# Remove motd (register for insights) prompt from bastion
+bastion_remove_insights_motd: false
+
+# Add a custom motd to the bastion. Only set when specified
+# bastion_custom_motd: Welcome to the Red Hat ARO Workshop!
 
 repo_method: satellite
 update_packages: true
@@ -82,6 +92,12 @@ common_packages_el9:
 - python39
 - git
 
+# Extra packages to install. Override in AgV
+common_extra_packages: {}
+
+# Install helm on the bastion
+aro_install_helm: false
+
 rhel_vm_size: Standard_DS1_v2
 
 # Enable RHEL Gold Image
@@ -125,10 +141,11 @@ showroom_deploy_shared_cluster_enable: false
 # showroom_user_password: ""
 # showroom_user_password_length: 16
 
-# User to log into Showroom (rosa)
+# User to log into Showroom (azure)
 showroom_ssh_username: "{{ bastion_user_name }}"
 showroom_default_ssh_user: "{{ bastion_user_name }}"
 showroom_ssh_method: sshkey     # password | sshkey
 showroom_ssh_key_type: ed25519  # ed25519 | rsa
 # For method = password provide a password
 # showroom_ssh_password: "{{ _showroom_user_password }}"
+showroom_host: "bastion.{{ guid }}.{{ cluster_dns_zone }}"

ansible/configs/open-environment-azure-subscription/install_helm.yml

@@ -0,0 +1,32 @@
+---
+- name: Set URL for helm
+  ansible.builtin.set_fact:
+    helm_url: >-
+      {{ '{0}/helm/latest/helm-linux-amd64.tar.gz'.format(ocp4_tools_root_url ) }}
+
+- name: Install Helm as root
+  become: true
+  block:
+  - name: Install helm command
+    ansible.builtin.unarchive:
+      src: "{{ helm_url }}"
+      remote_src: true
+      dest: /usr/local/bin
+      mode: "0775"
+      owner: root
+      group: root
+    retries: 10
+    register: r_client
+    until: r_client is success
+    delay: 30
+
+  - name: Link downloaded helm command to helm
+    ansible.builtin.file:
+      src: /usr/local/bin/helm-linux-amd64
+      dest: /usr/local/bin/helm
+      owner: root
+      group: root
+      state: link
+
+  - name: Create Helm Bash completion file
+    ansible.builtin.shell: /usr/local/bin/helm completion bash >/etc/bash_completion.d/helm

ansible/configs/open-environment-azure-subscription/post_infra.yml

@@ -1,12 +1,12 @@
 ---
-- name: Step 003 Post Infrastructure
+- name: Step 002 Post Infrastructure
   hosts: localhost
   connection: local
   become: false
   gather_facts: false
   tags:
-  - step003
+  - step002
   - post_infrastructure
   tasks:
   - ansible.builtin.debug:
-      msg: "Step 003 Post Infrastructure - Dummy action"
+      msg: "Step 002 Post Infrastructure - Dummy action"

ansible/configs/open-environment-azure-subscription/post_software.yml

@@ -1,10 +1,10 @@
 ---
-- name: Step 006 Post Software
+- name: Step 005 Post Software
   hosts: localhost
   connection: local
   become: false
   tags:
-  - step006
+  - step005
   - post_software
   tasks:
   - ansible.builtin.debug:

ansible/configs/open-environment-azure-subscription/pre_infra.yml

@@ -1,15 +1,15 @@
 ---
-- name: Step 001 Pre Infrastructure
+- name: Step 000 Pre Infrastructure
   hosts: localhost
   connection: local
   become: false
   gather_facts: false
   tags:
-  - step001
+  - step000
   - pre_infrastructure
   tasks:
   - ansible.builtin.debug:
-      msg: "Step 001 Pre Infrastructure"
+      msg: "Step 000 Pre Infrastructure"
 
 - name: Add the Azure user to the Subscription
   hosts: localhost

ansible/configs/open-environment-azure-subscription/pre_software.yml

@@ -1,5 +1,5 @@
 ---
-- name: Step 004 pre-software
+- name: Step 003 pre-software
   hosts: localhost
   gather_facts: false
   become: false
@@ -13,7 +13,7 @@
   become: true
   gather_facts: false
   tags:
-  - step004
+  - step003
   roles:
   - role: set-repositories
     when: repo_method is defined
@@ -95,13 +95,29 @@
       regexp: "^export GUID"
       line: "export GUID={{ guid }}"
 
-- name: Software flight-check
+  - name: Remove register for insights motd
+    when: bastion_remove_insights_motd | bool
+    ansible.builtin.file:
+      state: absent
+      path: /etc/motd.d/insights-client
+
+  - name: Add a custom motd to the bastion
+    when: bastion_custom_motd | default("") | length > 0
+    ansible.builtin.copy:
+      dest: /etc/motd.d/agnosticd
+      owner: root
+      group: root
+      mode: "o=rw,g=rw,o=r"
+      content: "{{ bastion_custom_motd }}"
+
+- name: PreSoftware flight-check
   hosts: localhost
   connection: local
   gather_facts: false
   become: false
   tags:
-  - post_flight_check
+  - flight_check
   tasks:
-  - ansible.builtin.debug:
+  - name: Print pre-software checks message
+    ansible.builtin.debug:
       msg: "Pre-Software checks completed successfully"

ansible/configs/open-environment-azure-subscription/requirements.yml

@@ -1,9 +1,9 @@
 ---
 collections:
 - name: ansible.posix
-  version: 1.5.1
+  version: 1.5.4
 - name: community.general
-  version: 6.4.0
+  version: 7.2.1
 - name: kubernetes.core
   version: 2.4.0
 - name: azure.azcollection

ansible/configs/open-environment-azure-subscription/software.yml

@@ -1,5 +1,5 @@
 ---
-- name: Step 005 software
+- name: Step 004 software
   hosts: localhost
   gather_facts: false
   become: false
@@ -13,15 +13,19 @@
   become: false
   tasks:
   - name: Install ARO
-    when: ( install_aro | default(false) | bool )
+    when: install_aro | default(false) | bool
     ansible.builtin.include_role:
       name: open-env-azure-install-aro
 
-- name: Install OC client and helm
+- name: Install CLI tools on bastion
   hosts: bastions
   become: true
   gather_facts: false
   tasks:
+  - name: Install Helm
+    when: aro_install_helm | default(false) | bool
+    ansible.builtin.include_tasks: install_helm.yml
+
   - name: Install OC client
     when: install_aro | default(false) | bool
     block:
@@ -33,38 +37,13 @@
             az_aro_version
           ) }}
 
-    - name: Ensure ocp4_client_url is set
-      ansible.builtin.assert:
-        that: ocp4_client_url | default('') | length > 0
-
     - name: Install OpenShift CLI
       become: true
       ansible.builtin.unarchive:
         src: "{{ ocp4_client_url }}"
         remote_src: true
         dest: /usr/bin
-        mode: "0775"
-        owner: root
-        group: root
-      retries: 10
-      register: r_client
-      until: r_client is success
-      delay: 30
-
-    - name: Set URL for helm
-      ansible.builtin.set_fact:
-        helm_url: >-
-          {{ '{0}/helm/latest/helm-linux-amd64.tar.gz'.format(
-            ocp4_installer_root_url | default("https://mirror.openshift.com/pub/openshift-v4/clients")
-          ) }}
-
-    - name: Install helm command
-      become: true
-      ansible.builtin.unarchive:
-        src: "{{ helm_url }}"
-        remote_src: true
-        dest: /usr/bin
-        mode: "0775"
+        mode: "u=rwx,g=rwx,o=rx"
         owner: root
         group: root
       retries: 10
@@ -79,14 +58,15 @@
   gather_facts: false
   tasks:
   - name: Login with azure admin service principal
-    when: env_type == 'open-environment-azure-subscription'
     ansible.builtin.command: >-
-      az login --service-principal -u "{{ hostvars.localhost.azapp.applications[0].app_id }}"
-      -p="{{ hostvars.localhost.azpass }}" --tenant="{{ azure_tenant }}"
+      az login --service-principal
+        -u "{{ hostvars.localhost.azapp.applications[0].app_id }}"
+        -p="{{ hostvars.localhost.azpass }}"
+        --tenant="{{ azure_tenant }}"
     no_log: true
 
-  - name: Install OC client
-    when: ( install_aro | default(false) | bool )
+  - name: Create kubeconfig
+    when: install_aro | default(false) | bool
     block:
     - name: Run kubeconfig task
       vars: