fix: mcapi offline installs

.github/actions/molecule/action.yml

@@ -0,0 +1,59 @@
+name: Molecule
+description: |
+  Run an Atmosphere Molecule test.
+
+inputs:
+  scenario:
+    required: true
+    description: Scenario to run.
+  storage_backend:
+    required: false
+    description: Storage backend type.
+    default: none
+  network_backend:
+    required: false
+    description: Network backend type.
+    default: ovn
+  csi_driver:
+    required: false
+    description: CSI driver to test.
+    default: local-path-provisioner
+
+runs:
+  using: composite
+  steps:
+    - name: Install Poetry
+      shell: bash
+      run: pipx install poetry
+
+    - name: Setup Python
+      uses: actions/setup-python@v4
+      with:
+        cache: poetry
+
+    - name: Install dependencies
+      shell: bash
+      run: poetry install --no-interaction --with dev
+
+    # NOTE(mnaser): LVM commands take a long time if there are any existing
+    #               loop devices created by "snapd", so we uninstall it.
+    - name: Uninstall "snapd"
+      shell: bash
+      run: sudo apt-get purge -y snapd
+
+    - name: Turn off swap
+      shell: bash
+      run: sudo swapoff -a
+
+    - name: Set environment variables
+      shell: bash
+      run: |
+        echo "HOST_IP=$(hostname -I | awk '{print $1}')" >> $GITHUB_ENV
+
+    - name: Run Molecule
+      shell: bash
+      run: poetry run molecule test -s ${{ inputs.scenario }}
+      env:
+        ATMOSPHERE_NETWORK_BACKEND: ${{ inputs.network_backend }}
+        ATMOSHPERE_STORAGE_BACKEND: ${{ inputs.storage_backend }}
+        MOLECULE_CSI_DRIVER: ${{ inputs.csi_driver }}

.github/workflows/ceph.yml

@@ -23,66 +23,44 @@ on:
     inputs:
       debug_enabled:
         type: boolean
-        description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
+        description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)"
         required: false
         default: false
       network_backend:
         type: choice
-        description: 'Network backend type'
+        description: "Network backend type"
         required: true
-        default: 'ovn'
+        default: "ovn"
         options:
           - openvswitch
           - ovn
 
 jobs:
   debug:
-    runs-on: ubuntu-20.04-16-cores
+    runs-on: ubuntu-latest-16-cores
     if: github.event_name == 'workflow_dispatch' && inputs.debug_enabled
-    strategy:
-      fail-fast: false
     concurrency:
       group: ${{ github.ref }}-${{ inputs.network_backend }}
       cancel-in-progress: true
     steps:
       - name: Checkout project
         uses: actions/checkout@v4
 
-      - name: Install Poetry
-        run: pipx install poetry
-
-      - name: Setup Python
-        uses: actions/setup-python@v4
+      - name: Run tests
+        uses: ./.github/actions/molecule
         with:
-          cache: poetry
-
-      - name: Install dependencies
-        run: poetry install --no-interaction --with dev
-
-      # NOTE(mnaser): LVM commands take a long time if there are any existing
-      #               loop devices created by "snapd", so we uninstall it.
-      - name: Uninstall "snapd"
-        run: sudo apt-get purge -y snapd
-
-      - name: Turn off swap
-        run: sudo swapoff -a
-
-      - name: Run Molecule Converge
-        run: poetry run molecule converge -s ceph
-        env:
-          ATMOSPHERE_NETWORK_BACKEND: ${{ inputs.network_backend }}
+          scenario: ceph
+          storage_backend: ceph
+          network_backend: ${{ inputs.network_backend }}
 
       # Enable tmate debugging of manually-triggered workflows if the input option was provided
       - name: Setup tmate session
         if: ${{ failure() }}
         uses: mxschmitt/action-tmate@v3
         timeout-minutes: 60
 
-      - name: Run Molecule Destroy
-        run: poetry run molecule destroy -s ceph
-
   test:
-    runs-on: ubuntu-20.04-16-cores
+    runs-on: ubuntu-latest-16-cores
     if: github.event_name != 'workflow_dispatch' || !inputs.debug_enabled
     strategy:
       fail-fast: false
@@ -97,26 +75,9 @@ jobs:
       - name: Checkout project
         uses: actions/checkout@v4
 
-      - name: Install Poetry
-        run: pipx install poetry
-
-      - name: Setup Python
-        uses: actions/setup-python@v4
+      - name: Run tests
+        uses: ./.github/actions/molecule
         with:
-          cache: poetry
-
-      - name: Install dependencies
-        run: poetry install --no-interaction --with dev
-
-      # NOTE(mnaser): LVM commands take a long time if there are any existing
-      #               loop devices created by "snapd", so we uninstall it.
-      - name: Uninstall "snapd"
-        run: sudo apt-get purge -y snapd
-
-      - name: Turn off swap
-        run: sudo swapoff -a
-
-      - name: Run Molecule
-        run: poetry run molecule test -s ceph
-        env:
-          ATMOSPHERE_NETWORK_BACKEND: ${{ matrix.network_backend }}
+          scenario: ceph
+          storage_backend: ceph
+          network_backend: ${{ matrix.network_backend }}

.github/workflows/csi.yml

@@ -49,26 +49,9 @@ jobs:
       - name: Checkout project
         uses: actions/checkout@v4
 
-      - name: Install Poetry
-        run: pipx install poetry
-
-      - name: Setup Python
-        uses: actions/setup-python@v4
+      - name: Run tests
+        uses: ./.github/actions/molecule
         with:
-          cache: poetry
-
-      - name: Install dependencies
-        run: poetry install --no-interaction --with dev
-
-      # NOTE(mnaser): LVM commands take a long time if there are any existing
-      #               loop devices created by "snapd", so we uninstall it.
-      - name: Uninstall "snapd"
-        run: sudo apt-get purge -y snapd
-
-      - name: Turn off swap
-        run: sudo swapoff -a
-
-      - name: Run Molecule
-        run: poetry run molecule test -s csi
-        env:
-          MOLECULE_CSI_DRIVER: ${{ matrix.driver }}
+          scenario: csi
+          network_backend: ${{ matrix.network_backend }}
+          csi_driver: ${{ matrix.driver }}

.github/workflows/keycloak.yml

@@ -27,19 +27,7 @@ jobs:
       - name: Checkout project
         uses: actions/checkout@v4
 
-      - name: Install Poetry
-        run: pipx install poetry
-
-      - name: Setup Python
-        uses: actions/setup-python@v4
+      - name: Run tests
+        uses: ./.github/actions/molecule
         with:
-          cache: poetry
-
-      - name: Install dependencies
-        run: poetry install --no-interaction --with dev
-
-      - name: Turn off swap
-        run: sudo swapoff -a
-
-      - name: Run Molecule
-        run: poetry run molecule test -s keycloak
+          scenario: keycloak

roles/cert_manager/defaults/main.yml → .github/workflows/magnum.yml

@@ -12,9 +12,22 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-cert_manager_helm_release_name: cert-manager
-cert_manager_helm_chart_path: "../../charts/cert-manager/"
-cert_manager_helm_chart_ref: /usr/local/src/cert-manager
+name: magnum
 
-cert_manager_helm_release_namespace: cert-manager
-cert_manager_helm_values: {}
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  molecule:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout project
+        uses: actions/checkout@v4
+
+      - name: Run tests
+        uses: ./.github/actions/molecule
+        with:
+          scenario: magnum

.gitignore

@@ -5,8 +5,6 @@ molecule/*/group_vars/*
 !molecule/*/group_vars/all
 molecule/*/group_vars/all/*
 !molecule/*/group_vars/all/molecule.yml
-molecule/*/host_vars/*
-!molecule/*/host_vars/.gitkeep
 *.tar.gz
 __pycache__
 tests/output

README.md

@@ -86,7 +86,7 @@ environment variables to tweak the behaviour of the Heat stack that is created:
   with StepCA from SmallStep it is possible to run a internal ACME server.
   The CA of that ACME server should be present in the instance image.
 
-* `ATMOSPHERE_ANSIBLE_VARS_PATH`: The path for ansible group_vars and host_vars.
+* `ATMOSPHERE_ANSIBLE_VARS_PATH`: The path for ansible group_var.
   This to build a multinode development cluster with own configs, that are not
   generated by molecule. This way you can test your configs before you bring
   them to production.

galaxy.yml

@@ -17,7 +17,7 @@ dependencies:
   kubernetes.core: 2.4.0
   openstack.cloud: 1.7.0
   vexxhost.ceph: 2.1.0
-  vexxhost.kubernetes: 1.8.2
+  vexxhost.kubernetes: 1.9.0
 tags:
   - application
   - cloud

molecule/ceph/converge.yml

@@ -12,54 +12,39 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-- ansible.builtin.import_playbook: vexxhost.ceph.site
-- ansible.builtin.import_playbook: vexxhost.atmosphere.kubernetes
+- name: Install Ceph
+  ansible.builtin.import_playbook: vexxhost.ceph.site
 
-# NOTE(mnaser): When using Docker with custom networks, it will use 127.0.0.11
-#               as the DNS server which trips up the CoreDNS "loop" plugin.
-- name: Switch CoreDNS to use CloudFlare DNS
-  hosts: controllers[0]
+- name: Install Kubernetes
+  ansible.builtin.import_playbook: ../shared/converge/kubernetes.yml
+
+- name: Install Infrastructure
+  hosts: controllers
   become: true
-  tasks:
-    - name: Update CoreDNS ConfigMap
-      kubernetes.core.k8s:
-        state: present
-        definition:
-          apiVersion: v1
-          kind: ConfigMap
-          metadata:
-            name: coredns
-            namespace: kube-system
-          data:
-            Corefile: |
-              .:53 {
-                  errors
-                  health {
-                    lameduck 5s
-                  }
-                  ready
-                  kubernetes cluster.local in-addr.arpa ip6.arpa {
-                    pods insecure
-                    fallthrough in-addr.arpa ip6.arpa
-                    ttl 30
-                  }
-                  prometheus :9153
-                  forward . 1.1.1.1 {
-                    max_concurrent 1000
-                  }
-                  cache 30
-                  loop
-                  reload
-                  loadbalance
-              }
-      notify:
-        - Rollout CoreDNS
-        - Wait for CoreDNS to be ready
-  handlers:
-    - name: Rollout CoreDNS
-      command: kubectl -n kube-system rollout restart deploy/coredns
-    - name: Wait for CoreDNS to be ready
-      command: kubectl -n kube-system rollout status deploy/coredns
+  roles:
+    - vexxhost.atmosphere.cert_manager
+    - vexxhost.atmosphere.cluster_issuer
+    - vexxhost.atmosphere.ingress_nginx
+    - vexxhost.atmosphere.rabbitmq_cluster_operator
+    - vexxhost.atmosphere.percona_xtradb_cluster_operator
+    - vexxhost.atmosphere.percona_xtradb_cluster
+    - vexxhost.atmosphere.memcached
 
-- ansible.builtin.import_playbook: vexxhost.atmosphere.csi
-- ansible.builtin.import_playbook: vexxhost.atmosphere.openstack
+- name: Install OpenStack
+  hosts: controllers
+  become: true
+  roles:
+    - vexxhost.atmosphere.keycloak
+    - vexxhost.atmosphere.keepalived
+    - vexxhost.atmosphere.keystone
+    - vexxhost.atmosphere.ceph_provisioners
+    - vexxhost.atmosphere.glance
+    - vexxhost.atmosphere.cinder
+    - vexxhost.atmosphere.placement
+    - vexxhost.atmosphere.openvswitch
+    - vexxhost.atmosphere.ovn
+    - vexxhost.atmosphere.libvirt
+    - vexxhost.atmosphere.coredns
+    - vexxhost.atmosphere.nova
+    - vexxhost.atmosphere.neutron
+    - vexxhost.atmosphere.openstack_cli