12 files changed, 145 insertions, 0 deletions

diff --git a/roles/openshift_repos/README.md b/roles/openshift_repos/README.md
new file mode 100644
index 000000000..6bbedd839
--- /dev/null
+++ b/roles/openshift_repos/README.md
@@ -0,0 +1,38 @@
+OpenShift Repos 
+================
+
+Configures repositories for an OpenShift installation
+
+Requirements
+------------
+
+A RHEL 7.1 host pre-configured with access to the rhel-7-server-rpms,
+rhel-7-server-extra-rpms, and rhel-7-server-ose-beta-rpms repos.
+
+Role Variables
+--------------
+
+| Name                          | Default value |                                              |
+|-------------------------------|---------------|----------------------------------------------|
+| openshift_deployment_type     | None          | Possible values enterprise, origin, online   |
+| openshift_additional_repos    | {}            | TODO                                         |
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+TODO
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+TODO
diff --git a/roles/openshift_repos/defaults/main.yaml b/roles/openshift_repos/defaults/main.yaml
new file mode 100644
index 000000000..7c5a14cd7
--- /dev/null
+++ b/roles/openshift_repos/defaults/main.yaml
@@ -0,0 +1,2 @@
+---
+openshift_additional_repos: {}
diff --git a/roles/openshift_repos/files/online/repos/enterprise-v3.repo b/roles/openshift_repos/files/online/repos/enterprise-v3.repo
new file mode 100644
index 000000000..d324c142a
--- /dev/null
+++ b/roles/openshift_repos/files/online/repos/enterprise-v3.repo
@@ -0,0 +1,10 @@
+[enterprise-v3]
+name=OpenShift Enterprise Beta3
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/libra-7-ose-beta3/
+        https://mirror.ops.rhcloud.com/libra/libra-7-ose-beta3/
+enabled=1
+gpgcheck=0
+failovermethod=priority
+sslverify=False
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
\ No newline at end of file
diff --git a/roles/openshift_repos/files/online/repos/rhel-7-libra-candidate.repo b/roles/openshift_repos/files/online/repos/rhel-7-libra-candidate.repo
new file mode 100644
index 000000000..b4215679f
--- /dev/null
+++ b/roles/openshift_repos/files/online/repos/rhel-7-libra-candidate.repo
@@ -0,0 +1,11 @@
+[rhel-7-libra-candidate]
+name=rhel-7-libra-candidate - \$basearch
+baseurl=https://gce-mirror1.ops.rhcloud.com/libra/rhel-7-libra-candidate/\$basearch/
+        https://mirror.ops.rhcloud.com/libra/rhel-7-libra-candidate/\$basearch/
+gpgkey=https://mirror.ops.rhcloud.com/libra/RPM-GPG-KEY-redhat-openshifthosted
+skip_if_unavailable=True
+gpgcheck=0
+enabled=1
+sslclientcert=/var/lib/yum/client-cert.pem
+sslclientkey=/var/lib/yum/client-key.pem
+sslverify=False
diff --git a/roles/openshift_repos/files/origin/repos/maxamillion-origin-next-epel-7.repo b/roles/openshift_repos/files/origin/repos/maxamillion-origin-next-epel-7.repo
new file mode 100644
index 000000000..0b21e0a65
--- /dev/null
+++ b/roles/openshift_repos/files/origin/repos/maxamillion-origin-next-epel-7.repo
@@ -0,0 +1,7 @@
+[maxamillion-origin-next]
+name=Copr repo for origin-next owned by maxamillion
+baseurl=https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/
+skip_if_unavailable=True
+gpgcheck=1
+gpgkey=https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg
+enabled=1
diff --git a/roles/openshift_repos/files/removed/repos/epel7-openshift.repo b/roles/openshift_repos/files/removed/repos/epel7-openshift.repo
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/roles/openshift_repos/files/removed/repos/epel7-openshift.repo
diff --git a/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-extras.repo b/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-extras.repo
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-extras.repo
diff --git a/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-server.repo b/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-server.repo
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/roles/openshift_repos/files/removed/repos/oso-rhui-rhel-7-server.repo
diff --git a/roles/openshift_repos/meta/main.yml b/roles/openshift_repos/meta/main.yml
new file mode 100644
index 000000000..0558b822c
--- /dev/null
+++ b/roles/openshift_repos/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  author: TODO
+  description: OpenShift Repositories
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 1.7
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  categories:
+  - cloud
+dependencies:
+- { role: openshift_facts }
diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml
new file mode 100644
index 000000000..12e98b7a1
--- /dev/null
+++ b/roles/openshift_repos/tasks/main.yaml
@@ -0,0 +1,46 @@
+---
+# TODO: Add flag for enabling EPEL repo, default to false
+
+# TODO: Add subscription-management config, with parameters
+#       for username, password, poolid(name), and official repos to
+#       enable/disable. Might need to make a module that extends the
+#       subscription management module to take a poolid and enable/disable the
+#       proper repos correctly.
+
+- assert:
+    that: openshift_deployment_type in known_openshift_deployment_types
+
+- name: Ensure libselinux-python is installed
+  yum:
+    pkg: libselinux-python
+    state: present
+
+- name: Create any additional repos that are defined
+  template:
+    src: yum_repo.j2
+    dest: /etc/yum.repos.d/openshift_additional.repo
+  when: openshift_additional_repos | length > 0
+
+- name: Remove the additional repos if no longer defined
+  file:
+    dest: /etc/yum.repos.d/openshift_additional.repo
+    state: absent
+  when: openshift_additional_repos | length == 0
+
+- name: Remove any yum repo files for other deployment types
+  file:
+    path: "/etc/yum.repos.d/{{ item | basename }}"
+    state: absent
+  with_fileglob:
+  - '*/repos/*'
+  when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos"))
+
+- name: Configure gpg keys if needed
+  copy: src={{ item }} dest=/etc/pki/rpm-gpg/
+  with_fileglob:
+  - "{{ openshift_deployment_type }}/gpg_keys/*"
+
+- name: Configure yum repositories
+  copy: src={{ item }} dest=/etc/yum.repos.d/
+  with_fileglob:
+  - "{{ openshift_deployment_type }}/repos/*"
diff --git a/roles/openshift_repos/templates/yum_repo.j2 b/roles/openshift_repos/templates/yum_repo.j2
new file mode 100644
index 000000000..2d9243545
--- /dev/null
+++ b/roles/openshift_repos/templates/yum_repo.j2
@@ -0,0 +1,14 @@
+{% for repo in openshift_additional_repos %}
+[{{ repo.id }}]
+name={{ repo.name | default(repo.id) }}
+baseurl={{ repo.baseurl }}
+{% set enable_repo = repo.enabled | default('1') %}
+enabled={{ 1 if ( enable_repo == 1 or enable_repo == True ) else 0 }}
+{% set enable_gpg_check = repo.gpgcheck | default('1') %}
+gpgcheck={{ 1 if ( enable_gpg_check == 1 or enable_gpg_check == True ) else 0 }}
+{% for key, value in repo.iteritems() %}
+{% if key not in ['id', 'name', 'baseurl', 'enabled', 'gpgcheck'] and value is defined %}
+{{ key }}={{ value }}
+{% endif %}
+{% endfor %}
+{% endfor %}
diff --git a/roles/openshift_repos/vars/main.yml b/roles/openshift_repos/vars/main.yml
new file mode 100644
index 000000000..bbb4c77e7
--- /dev/null
+++ b/roles/openshift_repos/vars/main.yml
@@ -0,0 +1,2 @@
+---
+known_openshift_deployment_types: ['origin', 'online', 'enterprise']