blob: 20151fa8d7b521228d4e37eaf8ff9ee960445979 [file] [log] [blame]
---
# This task will initialize the immortal DBs in the database account.
# This step is usually done only once per account.
- name: check if the immortal {{ db.whisk.auth }} db with {{ db_provider }} exists?
uri:
url: "{{ db_protocol }}://{{ db_host }}:{{ db_port }}/{{ db.whisk.auth }}"
method: GET
status_code: 200,404
user: "{{ db_username }}"
password: "{{ db_password }}"
force_basic_auth: yes
register: dbexists
# create only the missing db.whisk.auth
- name: create immortal {{ db.whisk.auth }} db with {{ db_provider }}
uri:
url: "{{ db_protocol }}://{{ db_host }}:{{ db_port }}/{{ db.whisk.auth }}"
method: PUT
status_code: 200,201,202
user: "{{ db_username }}"
password: "{{ db_password }}"
force_basic_auth: yes
when: dbexists is defined and dbexists.status == 404
# fetches the revision of previous view (to update it) if it exists
- name: check for previous view in "auth" database
vars:
auth_index: "{{ lookup('file', '{{ openwhisk_home }}/ansible/files/auth_index.json') }}"
uri:
url: "{{ db_protocol }}://{{ db_host }}:{{ db_port }}/{{ db.whisk.auth }}/{{ auth_index['_id'] }}"
return_content: yes
method: GET
status_code: 200, 404
user: "{{ db_username }}"
password: "{{ db_password }}"
force_basic_auth: yes
register: previousView
when: dbexists is defined and dbexists.status != 404 #and mode=="updateview"
- name: extract revision from previous view
vars:
previousContent: "{{ previousView['content']|from_json }}"
revision: "{{ previousContent['_rev'] }}"
auth_index: "{{ lookup('file', '{{ openwhisk_home }}/ansible/files/auth_index.json') }}"
set_fact:
previousContent: "{{ previousContent }}"
updateWithRevision: "{{ auth_index | combine({'_rev': revision}) }}"
when: previousView is defined and previousView.status != 404
- name: check if a view update is required
set_fact:
updateView: "{{ updateWithRevision }}"
when: previousContent is defined and previousContent != updateWithRevision
- name: recreate or update the index on the "auth" database
vars:
auth_index: "{{ lookup('file', '{{ openwhisk_home }}/ansible/files/auth_index.json') }}"
uri:
url: "{{ db_protocol }}://{{ db_host }}:{{ db_port }}/{{ db.whisk.auth }}"
method: POST
status_code: 200, 201
body_format: json
body: "{{ updateView | default(auth_index) }}"
user: "{{ db_username }}"
password: "{{ db_password }}"
force_basic_auth: yes
when: (dbexists is defined and dbexists.status == 404) or (updateView is defined)
- name: recreate necessary "auth" keys
vars:
key: "{{ lookup('file', 'files/auth.{{ item }}') }}"
uri:
url: "{{ db_protocol }}://{{ db_host }}:{{ db_port }}/{{ db.whisk.auth }}"
method: POST
status_code: 200,201
body_format: json
body: >
{
"_id": "{{ item }}",
"subject": "{{ item }}",
"namespaces": [
{
"name": "{{ item }}",
"uuid": "{{ key.split(":")[0] }}",
"key": "{{ key.split(":")[1] }}"
}
]
}
user: "{{ db_username }}"
password: "{{ db_password }}"
force_basic_auth: yes
with_items: "{{ db.authkeys }}"
when: dbexists is defined and dbexists.status == 404