Add __deploy_disconnected option

build/stf-run-ci/README.md

@@ -21,6 +21,7 @@ choose to override:
 | `__local_build_enabled`                                              | {true,false}                                                | true                                                                          | Whether to deploy STF from local built artifacts. Also see `working_branch`, `sg_branch`, `sgo_branch`                                                                                                                  |
 | `__deploy_from_bundles_enabled`                                      | {true,false}                                                | false                                                                         | Whether to deploy STF from OLM bundles (TODO: compat with `__local_build_enabled`)                                                                                                                                      |
 | `__deploy_from_index_enabled`                                        | {true,false}                                                | false                                                                         | Whether to deploy STF from locally built bundles and index image.                                                                                                                                                       |
+| `__disconnected_deploy`                                              | {true,false}                                                | false                                                                         | Whether to deploy on a disconnected cluster                                                                                                                                                                               |
 | `__service_telemetry_bundle_image_path`                              | <image_path>                                                | `quay.io/infrawatch-operators/service-telemetry-operator-bundle:nightly-head` | Image path to Service Telemetry Operator bundle                                                                                                                                                                         |
 | `__smart_gateway_bundle_image_path`                                  | <image_path>                                                | `quay.io/infrawatch-operators/smart-gateway-operator-bundle:nightly-head`     | Image path to Smart Gateway Operator bundle                                                                                                                                                                             |
 | `setup_bundle_registry_tls_ca`                                       | {true,false}                                                | true                                                                          | Whether to setup or not a TLS CA cert for the bundle registry access                                                                                                                                                    |

build/stf-run-ci/defaults/main.yml

@@ -10,6 +10,8 @@ __deploy_from_bundles_enabled: false
 __deploy_from_index_enabled: false
 __deploy_stf: true
 
+__disconnected_deploy: false
+
 __service_telemetry_events_certificates_endpoint_cert_duration: 70080h
 __service_telemetry_events_certificates_ca_cert_duration: 70080h
 __service_telemetry_events_enabled: true
@@ -54,6 +56,13 @@ pull_secret_registry:
 pull_secret_user:
 pull_secret_pass:
 
+redhat_operators: redhat-operators
+community_operators: community-operators
+certified_operators: certified-operators
+infrawatch_operators: infrawatch-operators
+
+stf_channel: unstable
+
 # used when building images to default to correct version branch for STF subcomponents per STF version
 version_branches:
   sgo: master

build/stf-run-ci/tasks/main.yml

@@ -24,17 +24,30 @@
 - name: Fail on mutually exclusive flags
   ansible.builtin.fail:
     msg: __deploy_from_bundles_enabled not currently supported with __local_build_enabled (but should be)
-  when: __local_build_enabled | bool and __deploy_from_bundles_enabled | bool
+  when:
+    - __local_build_enabled | bool
+    - __deploy_from_bundles_enabled | bool
 
 - name: Fail when deploying from index image and local build disabled
   ansible.builtin.fail:
     msg: __deploy_from_index_enabled must also have __local_build_enabled
-  when: __deploy_from_index_enabled | bool and not __local_build_enabled | bool
+  when:
+   - __deploy_from_index_enabled | bool
+   - not __local_build_enabled | bool
 
 - name: Fail when deploying from index images and deployment from bundles also requested (mutually exclusive methods)
   ansible.builtin.fail:
     msg: __deploy_from_index_enabled can not be used with __deploy_from_bundles_enabled
-  when: __deploy_from_index_enabled | bool and __deploy_from_bundles_enabled | bool
+  when:
+   - __deploy_from_index_enabled | bool
+   - __deploy_from_bundles_enabled | bool
+
+- name: Fail when disconnected deploy and other deployment options also requested
+  ansible.builtin.fail:
+    msg: __disconnected_deploy cannot be used if __deploy_from_bundles_enabled, __deploy_from_index_enabled or __local_build_enabled
+  when:
+   - __disconnected_deploy | bool
+   - __deploy_from_bundles_enabled | bool or __deploy_from_index_enabled | bool or __local_build_enabled | bool 
 
 - name: Get the list of nodes
   kubernetes.core.k8s_info:
@@ -73,6 +86,7 @@
     prometheus_webhook_snmp_dir: "{{ prometheus_webhook_snmp_dir if prometheus_webhook_snmp_dir is defined else base_dir + '/working/prometheus-webhook-snmp' }}"
 
 - name: Get operator_sdk_v0 (build bundles)
+  when: __local_build_enabled | bool
   ansible.builtin.command:
     cmd: "./get_operator_sdk.sh {{ operator_sdk_v0 }}"
     creates: "{{ base_dir }}/working/operator-sdk-{{ operator_sdk_v0 }}"

build/stf-run-ci/tasks/setup_base.yml

@@ -1,5 +1,6 @@
 ---
 - name: Setup OperatorHub dependencies
+  when: not __disconnected_deploy | bool
   kubernetes.core.k8s:
     definition:
       apiVersion: config.openshift.io/v1
@@ -44,7 +45,7 @@
         channel: development
         installPlanApproval: Automatic
         name: cluster-observability-operator
-        source: redhat-operators
+        source: "{{ redhat_operators }}"
         sourceNamespace: openshift-marketplace
   when:
     - __service_telemetry_observability_strategy in ['use_redhat', 'use_hybrid']
@@ -62,7 +63,7 @@
         channel: beta
         installPlanApproval: Automatic
         name: prometheus
-        source: community-operators
+        source: "{{ community_operators }}"
         sourceNamespace: openshift-marketplace
   when:
     - __service_telemetry_observability_strategy == "use_community"
@@ -107,7 +108,7 @@
           channel: stable-v1
           installPlanApproval: Automatic
           name: openshift-cert-manager-operator
-          source: redhat-operators
+          source: "{{ redhat_operators }}"
           sourceNamespace: openshift-marketplace
 
 # installed by properties.yaml definition as of STF 1.5.3
@@ -125,7 +126,7 @@
             channel: 1.10.x
             installPlanApproval: Automatic
             name: amq7-interconnect-operator
-            source: redhat-operators
+            source: "{{ redhat_operators }}"
             sourceNamespace: openshift-marketplace
 
 # undocumented procedure: used for backwards compatilibity verification
@@ -142,7 +143,7 @@
             channel: stable
             installPlanApproval: Automatic
             name: elasticsearch-eck-operator-certified
-            source: certified-operators
+            source: "{{ certified_operators }}"
             sourceNamespace: openshift-marketplace
 
     - name: Wait for Elasticsearch CRD to appear

build/stf-run-ci/tasks/setup_stf.yml

@@ -1,5 +1,8 @@
 ---
 - name: Set default InfraWatch OperatorSource manifest
+  when:
+   - __deploy_from_index_enabled | bool
+   - infrawatch_catalog_source_manifest is not defined 
   ansible.builtin.set_fact:
     infrawatch_catalog_source_manifest: |
       apiVersion: operators.coreos.com/v1alpha1
@@ -15,9 +18,9 @@
         updateStrategy:
           registryPoll:
             interval: 30m
-  when: infrawatch_catalog_source_manifest is not defined
 
 - name: Set default Smart Gateway Operator Subscription manifest
+  when: smart_gateway_operator_subscription_manifest is not defined
   ansible.builtin.set_fact:
     smart_gateway_operator_subscription_manifest: |
       apiVersion: operators.coreos.com/v1alpha1
@@ -26,14 +29,14 @@
         name: smart-gateway-operator
         namespace: "{{ namespace }}"
       spec:
-        channel: unstable
+        channel: "{{ stf_channel }}"
         installPlanApproval: Automatic
         name: smart-gateway-operator
-        source: infrawatch-operators
+        source: "{{ infrawatch_operators }}"
         sourceNamespace: openshift-marketplace
-  when: smart_gateway_operator_subscription_manifest is not defined
 
 - name: Set default Service Telemetry Operator Subscription manifest
+  when: service_telemetry_operator_subscription_manifest is not defined
   ansible.builtin.set_fact:
     service_telemetry_operator_subscription_manifest: |
       apiVersion: operators.coreos.com/v1alpha1
@@ -42,15 +45,15 @@
         name: service-telemetry-operator
         namespace: "{{ namespace }}"
       spec:
-        channel: unstable
+        channel: "{{ stf_channel }}"
         installPlanApproval: Automatic
         name: service-telemetry-operator
-        source: infrawatch-operators
+        source: "{{ infrawatch_operators }}"
         sourceNamespace: openshift-marketplace
-  when: service_telemetry_operator_subscription_manifest is not defined
 
 # enable catalogsource
 - name: Enable InfraWatch Catalog Source
+  when: __deploy_from_index_enabled | bool
   kubernetes.core.k8s:
     definition:
       '{{ infrawatch_catalog_source_manifest }}'