| # |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| --- |
| # This task will initialize the immortal DBs in the database account. |
| # This step is usually done only once per deployment. |
| |
| - include_tasks: db/recreateDb.yml |
| vars: |
| dbName: "{{ db.whisk.auth }}" |
| forceRecreation: False |
| |
| - include_tasks: db/grantPermissions.yml |
| vars: |
| dbName: "{{ db.whisk.auth }}" |
| readers: |
| - "{{ db.credentials.controller.user }}" |
| - "{{ db.credentials.invoker.user }}" |
| |
| - include_tasks: db/recreateDoc.yml |
| vars: |
| dbName: "{{ db.whisk.auth }}" |
| doc: "{{ lookup('file', '{{ item }}') }}" |
| with_items: |
| - "{{ openwhisk_home }}/ansible/files/auth_design_document_for_subjects_db_v2.0.0.json" |
| - "{{ openwhisk_home }}/ansible/files/filter_design_document.json" |
| - "{{ openwhisk_home }}/ansible/files/namespace_throttlings_design_document_for_subjects_db.json" |
| |
| - name: create necessary "auth" keys |
| include_tasks: db/recreateDoc.yml |
| vars: |
| key: "{{ lookup('file', 'files/auth.{{ item }}') }}" |
| dbName: "{{ db.whisk.auth }}" |
| doc: > |
| { |
| "_id": "{{ item }}", |
| "subject": "{{ item }}", |
| "namespaces": [ |
| {% if 'extraNamespaces' in db and item in db.extraNamespaces %} |
| {% for ns in db.extraNamespaces[item] %} |
| { |
| "name": "{{ item }}{{ ns.postfix }}", |
| "uuid": "{{ ns.uuid }}", |
| "key": "{{ ns.key }}" |
| }, |
| {% endfor %} |
| {% endif %} |
| { |
| "name": "{{ item }}", |
| "uuid": "{{ key.split(":")[0] }}", |
| "key": "{{ key.split(":")[1] }}" |
| }] |
| } |
| with_items: "{{ db.authkeys }}" |