diff --git a/ibm/mas_devops/roles/entitlement_key_rotation/templates/ibm-entitlement-with-artifactory.json.j2 b/ibm/mas_devops/roles/entitlement_key_rotation/templates/ibm-entitlement-with-artifactory.json.j2 index eddcf9e052..fdd3069d70 100644 --- a/ibm/mas_devops/roles/entitlement_key_rotation/templates/ibm-entitlement-with-artifactory.json.j2 +++ b/ibm/mas_devops/roles/entitlement_key_rotation/templates/ibm-entitlement-with-artifactory.json.j2 @@ -1,5 +1,7 @@ {"auths":{ {% if artifactory_username is defined and artifactory_username != "" %} "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local":{"username":"{{ artifactory_username }}","password":"{{ artifactory_token }}","auth":"{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}"}, +"docker-na-proxy-svl.artifactory.swg-devops.com/wiotp-docker-local":{"username":"{{ artifactory_username }}","password":"{{ artifactory_token }}","auth":"{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}"}, +"docker-na-proxy-rtp.artifactory.swg-devops.com/wiotp-docker-local":{"username":"{{ artifactory_username }}","password":"{{ artifactory_token }}","auth":"{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}"}, {% endif %} "cp.icr.io/cp":{"username":"{{ mas_entitlement_username }}","password":"{{ mas_entitlement_key }}","auth":"{{ (mas_entitlement_username ~ ':' ~ mas_entitlement_key) | b64encode }}"}}} diff --git a/ibm/mas_devops/roles/ibm_catalogs/tasks/install/development-catalog.yml b/ibm/mas_devops/roles/ibm_catalogs/tasks/install/development-catalog.yml index 678a92657a..b5f10cf541 100644 --- a/ibm/mas_devops/roles/ibm_catalogs/tasks/install/development-catalog.yml +++ b/ibm/mas_devops/roles/ibm_catalogs/tasks/install/development-catalog.yml @@ -9,6 +9,8 @@ artifactoryAuth: "{{ artifactoryAuthStr | b64encode }}" content: - '{"auths":{"docker-na-public.artifactory.swg-devops.com/wiotp-docker-local": {"username":"{{artifactory_username}}","password":"{{artifactory_token}}","auth":"{{artifactoryAuth}}"}' + - ',"docker-na-proxy-svl.artifactory.swg-devops.com/wiotp-docker-local": {"username":"{{artifactory_username}}","password":"{{artifactory_token}}","auth":"{{artifactoryAuth}}"}' + - ',"docker-na-proxy-rtp.artifactory.swg-devops.com/wiotp-docker-local": {"username":"{{artifactory_username}}","password":"{{artifactory_token}}","auth":"{{artifactoryAuth}}"}' - '}' - '}' kubernetes.core.k8s: diff --git a/ibm/mas_devops/roles/install_operator/templates/ibm-entitlement-with-artifactory.json.j2 b/ibm/mas_devops/roles/install_operator/templates/ibm-entitlement-with-artifactory.json.j2 index 1f9263fcb9..0c95133738 100644 --- a/ibm/mas_devops/roles/install_operator/templates/ibm-entitlement-with-artifactory.json.j2 +++ b/ibm/mas_devops/roles/install_operator/templates/ibm-entitlement-with-artifactory.json.j2 @@ -5,6 +5,16 @@ "username": "{{ artifactory_username }}", "password": "{{ artifactory_token }}", "auth": "{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}" + }, + "docker-na-proxy-svl.artifactory.swg-devops.com/wiotp-docker-local": { + "username": "{{ artifactory_username }}", + "password": "{{ artifactory_token }}", + "auth": "{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}" + }, + "docker-na-proxy-rtp.artifactory.swg-devops.com/wiotp-docker-local": { + "username": "{{ artifactory_username }}", + "password": "{{ artifactory_token }}", + "auth": "{{ (artifactory_username ~ ':' ~ artifactory_token) | b64encode }}" {% if icr_username is defined and icr_username != "" %} }, {% else %} diff --git a/ibm/mas_devops/roles/mirror_images/templates/auth-secret.json.j2 b/ibm/mas_devops/roles/mirror_images/templates/auth-secret.json.j2 index fb2a200cfc..edf7fec1b1 100644 --- a/ibm/mas_devops/roles/mirror_images/templates/auth-secret.json.j2 +++ b/ibm/mas_devops/roles/mirror_images/templates/auth-secret.json.j2 @@ -5,6 +5,14 @@ "email":"{{ artifactory_username }}", "auth":"{{ artifactory_auth | b64encode }}" }, + "docker-na-proxy-svl.artifactory.swg-devops.com": { + "email":"{{ artifactory_username }}", + "auth":"{{ artifactory_auth | b64encode }}" + }, + "docker-na-proxy-rtp.artifactory.swg-devops.com": { + "email":"{{ artifactory_username }}", + "auth":"{{ artifactory_auth | b64encode }}" + }, {% endif %} {% if registry_auth is defined and registry_auth != ":" %} "{{ registry_public_url }}": { diff --git a/ibm/mas_devops/roles/ocp_provision/templates/fyre/quick_burn.json.j2 b/ibm/mas_devops/roles/ocp_provision/templates/fyre/quick_burn.json.j2 index 0e81765568..3f74f13c4e 100644 --- a/ibm/mas_devops/roles/ocp_provision/templates/fyre/quick_burn.json.j2 +++ b/ibm/mas_devops/roles/ocp_provision/templates/fyre/quick_burn.json.j2 @@ -5,6 +5,7 @@ "quota_type": "quick_burn", "time_to_live": "36", "size":"{{ fyre_cluster_size }}", + "site": "{{ fyre_site }}", "product_group_id": "{{ fyre_product_id }}", "ocp_version": "{{ ocp_version }}", "haproxy": { diff --git a/ibm/mas_devops/roles/ocp_simulate_disconnected_network/README.md b/ibm/mas_devops/roles/ocp_simulate_disconnected_network/README.md index 854b109d6d..80bca5e14a 100644 --- a/ibm/mas_devops/roles/ocp_simulate_disconnected_network/README.md +++ b/ibm/mas_devops/roles/ocp_simulate_disconnected_network/README.md @@ -25,5 +25,7 @@ The default exclusions are: - icr.io - cp.icr.io - docker-na-public.artifactory.swg-devops.com +- docker-na-proxy-svl.artifactory.swg-devops.com +- docker-na-proxy-rtp.artifactory.swg-devops.com These can be changed by setting `airgap_network_exclusions` explicitly. diff --git a/ibm/mas_devops/roles/ocp_simulate_disconnected_network/defaults/main.yml b/ibm/mas_devops/roles/ocp_simulate_disconnected_network/defaults/main.yml index 5e205305ab..34ade44a1e 100644 --- a/ibm/mas_devops/roles/ocp_simulate_disconnected_network/defaults/main.yml +++ b/ibm/mas_devops/roles/ocp_simulate_disconnected_network/defaults/main.yml @@ -1,5 +1,5 @@ --- -airgap_network_exclusions: "quay.io registry.redhat.io registry.connect.redhat.com gcr.io nvcr.io icr.io cp.icr.io docker-na-public.artifactory.swg-devops.com" +airgap_network_exclusions: "quay.io registry.redhat.io registry.connect.redhat.com gcr.io nvcr.io icr.io cp.icr.io docker-na-public.artifactory.swg-devops.com docker-na-proxy-svl.artifactory.swg-devops.com docker-na-proxy-rtp.artifactory.swg-devops.com" registry_private_ca_file: "{{ lookup('env', 'REGISTRY_PRIVATE_CA_FILE') }}" registry_private_ca_crt: "{{ lookup('file', registry_private_ca_file) }}" diff --git a/ibm/mas_devops/roles/suite_install/README.md b/ibm/mas_devops/roles/suite_install/README.md index eb56350597..c0fbe6de11 100644 --- a/ibm/mas_devops/roles/suite_install/README.md +++ b/ibm/mas_devops/roles/suite_install/README.md @@ -24,10 +24,11 @@ Optional fact, if not provided the role will use the default cluster subdomain Defines the instance id to be used for MAS installation ### mas_icr_cp -Defines the entitled registry from the images should be pulled from. Set this to `cp.icr.io/cp` when installing release version of MAS or `docker-na-public.artifactory.swg-devops.com/wiotp-docker-local` for dev +Defines the entitled registry from the images should be pulled from. Set this to `cp.icr.io/cp` when installing release version of MAS, `docker-na-public.artifactory.swg-devops.com/wiotp-docker-local` for dev +unless when on fyre in which case use 'docker-na-proxy-svl.artifactory.swg-devops.com/wiotp-docker-local' or 'docker-na-proxy-rtp.artifactory.swg-devops.com/wiotp-docker-local' as appropriate ### mas_icr_cpopen -Defines the registry for non entitled images, such as operators. Set this to `icr.io/cpopen` when installing release version of MAS or `docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen` for dev +Defines the registry for non entitled images, such as operators. Set this to `icr.io/cpopen` when installing release version of MAS or `docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen` for dev (or corresponding fyre proxies as appropriate) ### mas_entitlement_username Username for entitled registry. This username will be used to create the image pull secret. Set to `cp` when installing release or use your `w3Id` for dev.