ansible/tasks/initdb.yml - openwhisk - Git at Google

 #
 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 ---
 # This task will initialize the immortal DBs in the database account.
 # This step is usually done only once per deployment.

 - include_tasks: db/recreateDb.yml
   vars:
     dbName: "{{ db.whisk.auth }}"
     forceRecreation: False

 - include_tasks: db/grantPermissions.yml
   vars:
     dbName: "{{ db.whisk.auth }}"
     readers:
     - "{{ db.credentials.controller.user }}"
     - "{{ db.credentials.invoker.user }}"

 - include_tasks: db/recreateDoc.yml
   vars:
     dbName: "{{ db.whisk.auth }}"
     doc: "{{ lookup('file', '{{ item }}') }}"
   with_items:
     - "{{ openwhisk_home }}/ansible/files/auth_design_document_for_subjects_db_v2.0.0.json"
     - "{{ openwhisk_home }}/ansible/files/filter_design_document.json"
     - "{{ openwhisk_home }}/ansible/files/namespace_throttlings_design_document_for_subjects_db.json"

 - name: create necessary "auth" keys
   include_tasks: db/recreateDoc.yml
   vars:
     key: "{{ lookup('file', 'files/auth.{{ item }}') }}"
     dbName: "{{ db.whisk.auth }}"
     doc: >
       {
         "_id": "{{ item }}",
         "subject": "{{ item }}",
         "namespaces": [
         {% if 'extraNamespaces' in db and item in db.extraNamespaces %}
           {% for ns in db.extraNamespaces[item] %}
           {
             "name": "{{ item }}{{ ns.postfix }}",
             "uuid": "{{ ns.uuid }}",
             "key": "{{ ns.key }}"
           },
           {% endfor %}
         {% endif %}
           {
             "name": "{{ item }}",
             "uuid": "{{ key.split(":")[0] }}",
             "key": "{{ key.split(":")[1] }}"
           }]
       }
   with_items: "{{ db.authkeys }}"
	#
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#
	---
	# This task will initialize the immortal DBs in the database account.
	# This step is usually done only once per deployment.

	- include_tasks: db/recreateDb.yml
	vars:
	dbName: "{{ db.whisk.auth }}"
	forceRecreation: False

	- include_tasks: db/grantPermissions.yml
	vars:
	dbName: "{{ db.whisk.auth }}"
	readers:
	- "{{ db.credentials.controller.user }}"
	- "{{ db.credentials.invoker.user }}"

	- include_tasks: db/recreateDoc.yml
	vars:
	dbName: "{{ db.whisk.auth }}"
	doc: "{{ lookup('file', '{{ item }}') }}"
	with_items:
	- "{{ openwhisk_home }}/ansible/files/auth_design_document_for_subjects_db_v2.0.0.json"
	- "{{ openwhisk_home }}/ansible/files/filter_design_document.json"
	- "{{ openwhisk_home }}/ansible/files/namespace_throttlings_design_document_for_subjects_db.json"

	- name: create necessary "auth" keys
	include_tasks: db/recreateDoc.yml
	vars:
	key: "{{ lookup('file', 'files/auth.{{ item }}') }}"
	dbName: "{{ db.whisk.auth }}"
	doc: >
	{
	"_id": "{{ item }}",
	"subject": "{{ item }}",
	"namespaces": [
	{% if 'extraNamespaces' in db and item in db.extraNamespaces %}
	{% for ns in db.extraNamespaces[item] %}
	{
	"name": "{{ item }}{{ ns.postfix }}",
	"uuid": "{{ ns.uuid }}",
	"key": "{{ ns.key }}"
	},
	{% endfor %}
	{% endif %}
	{
	"name": "{{ item }}",
	"uuid": "{{ key.split(":")[0] }}",
	"key": "{{ key.split(":")[1] }}"
	}]
	}
	with_items: "{{ db.authkeys }}"