Unify org_namespace defaults and reference by env var

Signed-off-by: Bohdan Dobrelia <[email protected]>

tests/roles/backend_services/defaults/main.yaml

@@ -29,5 +29,5 @@ ospdo_src: false
 # rhoso namespace
 rhoso_namespace: "openstack"
 # director operator namespace
-org_namespace: "openstack"
+org_namespace: "ospdo_openstack"
 # adoption repo default location

tests/roles/common_defaults/defaults/main.yaml

@@ -61,6 +61,9 @@ mariadb_passwords_env: |-
     PODIFIED_DB_ROOT_PASSWORD[$CELL]=$(oc get -o json secret/osp-secret | jq -r .data.DbRootPassword | base64 -d)
   done
 
+namespace_env: |-
+  NAMESPACE={{ deploy_ctlplane_ospdo | bool | ternary(org_namespace, rhoso_namespace ) }}
+
 # Header for the source database access
 # TODO: Env vars for OSPDo case are also configured in env_vars_src_ospdo.yaml. Move them here, eventually?
 # OSPDo RUN_OVERRIDES definition exists only in docs (missing in code?).
@@ -70,7 +73,7 @@ mariadb_copy_shell_vars_src: |-
   {{ shell_header }}
 
   PASSWORD_FILE="$HOME/overcloud-passwords.yaml"
-  NAMESPACE={{ deploy_ctlplane_ospdo | bool | ternary(org_namespace, rhoso_namespace ) }}
+  {{ namespace_env }}
 
   {{ mariadb_image_env }}
   {{ cells_env }}
@@ -105,8 +108,7 @@ mariadb_copy_shell_vars_dst: |
   {{ oc_header }}
   {{ mariadb_image_env }}
   {{ cells_env }}
-
-  NAMESPACE={{ deploy_ctlplane_ospdo | bool | ternary(rhoso_namespace, org_namespace) }}
+  {{ namespace_env }}
 
   CHARACTER_SET=utf8
   COLLATION=utf8_general_ci

tests/roles/dataplane_adoption/defaults/main.yaml

@@ -287,7 +287,7 @@ ospdo_src: false
 # rhoso namespace
 rhoso_namespace: "openstack"
 # director operator namespace
-org_namespace: "openstack"
+org_namespace: "ospdo_openstack"
 # adoption repo default location
 
 networker_cr: |

tests/roles/mariadb_copy/defaults/main.yaml

@@ -14,4 +14,4 @@ ospdo_src: false
 # rhoso namespace
 rhoso_namespace: "openstack"
 # director operator namespace
-org_namespace: "openstack"
+org_namespace: "ospdo_openstack"

tests/roles/mariadb_copy/tasks/main.yaml

@@ -15,7 +15,7 @@
     kind: PersistentVolumeClaim
     metadata:
       name: mariadb-data
-      namespace: {{ org_namespace }}
+      namespace: $NAMESPACE
     spec:
       storageClassName: $STORAGE_CLASS
       accessModes:
@@ -31,7 +31,7 @@
       annotations:
         openshift.io/scc: anyuid
         k8s.v1.cni.cncf.io/networks: {{ copy_pods_custom_networks | default('internalapi') }}
-      namespace: {{ org_namespace }}
+      namespace: $NAMESPACE
       labels:
         app: adoption
     spec:
@@ -62,7 +62,8 @@
   ansible.builtin.shell: |
     {{ shell_header }}
     {{ oc_header }}
-    oc wait --for condition=Ready -n {{ org_namespace }} pod/mariadb-copy-data --timeout=10s
+    {{ namespace_env }}
+    oc wait --for condition=Ready -n $NAMESPACE pod/mariadb-copy-data --timeout=10s
   register: mariadb_data_pod_result
   until: mariadb_data_pod_result is success
   retries: 25
@@ -78,7 +79,7 @@
       MEMBERS=SOURCE_GALERA_MEMBERS_$(echo ${CELL}|tr '[:lower:]' '[:upper:]')[@]
       for i in "${!MEMBERS}"; do
         echo "Checking for the database node $i WSREP status Synced"
-        oc rsh  -n {{ org_namespace }} mariadb-copy-data mysql \
+        oc rsh  -n $NAMESPACE mariadb-copy-data mysql \
           -h "$i" -uroot -p"${SOURCE_DB_ROOT_PASSWORD[$CELL]}" \
           -e "show global status like 'wsrep_local_state_comment'" | \
           grep -qE "\bSynced\b"

tests/roles/mariadb_copy/templates/dump_dbs.bash

@@ -7,7 +7,7 @@
 # Gnocchi is no longer used as a metric store, skip dumping gnocchi database as well
 # Migrating Aodh alarms from previous release is not supported, hence skip aodh database
 for CELL in $(echo $CELLS); do
-  oc rsh  -n "{{ org_namespace }}" mariadb-copy-data << EOF
+  oc rsh -n $NAMESPACE mariadb-copy-data << EOF
     mysql -h"${SOURCE_MARIADB_IP[$CELL]}" -uroot -p"${SOURCE_DB_ROOT_PASSWORD[$CELL]}" \
     -N -e "show databases" | grep -E -v "schema|mysql|gnocchi|aodh" | \
     while read dbname; do

tests/roles/ovn_adoption/defaults/main.yaml

@@ -44,5 +44,5 @@ ospdo_src: false
 # rhoso namespace
 rhoso_namespace: "openstack"
 # director operator namespace
-org_namespace: "openstack"
+org_namespace: "ospdo_openstack"
 # adoption repo default location

tests/roles/ovn_adoption/handlers/main.yaml

@@ -2,7 +2,8 @@
   ansible.builtin.shell: |
     {{ shell_header }}
     {{ oc_header }}
-    oc delete --ignore-not-found=true pod -n {{ org_namespace }} ovn-copy-data
-    oc delete --ignore-not-found=true certificate -n {{ org_namespace }} ovn-data-cert
-    oc delete --ignore-not-found=true secret -n {{ org_namespace }} ovn-data-cert
-    {% if storage_reclaim_policy.lower() == "delete" %}oc delete pvc --ignore-not-found=true -n {{ org_namespace }} ovn-data{% endif %}
+    {{ namespace_env }}
+    oc delete --ignore-not-found=true pod -n $NAMESPACE ovn-copy-data
+    oc delete --ignore-not-found=true certificate -n $NAMESPACE ovn-data-cert
+    oc delete --ignore-not-found=true secret -n $NAMESPACE ovn-data-cert
+    {% if storage_reclaim_policy.lower() == "delete" %}oc delete pvc --ignore-not-found=true -n $NAMESPACE ovn-data{% endif %}

tests/roles/ovn_adoption/tasks/main.yaml

@@ -61,14 +61,15 @@
     {{ shell_header }}
     {{ oc_header }}
     {{ ovn_copy_shell_vars }}
+    {{ namespace_env}}
 
     oc apply -f - <<EOF
     ---
     apiVersion: cert-manager.io/v1
     kind: Certificate
     metadata:
       name: ovn-data-cert
-      namespace: {{ org_namespace }}
+      namespace: $NAMESPACE
     spec:
       commonName: ovn-data-cert
       secretName: ovn-data-cert
@@ -78,7 +79,7 @@
     apiVersion: v1
     kind: PersistentVolumeClaim
     metadata:
-      namespace: {{ org_namespace }}
+      namespace: $NAMESPACE
       name: ovn-data
       labels:
         app: adoption
@@ -133,7 +134,8 @@
   ansible.builtin.shell: |
     {{ shell_header }}
     {{ oc_header }}
-    oc wait --for condition=Ready -n {{ org_namespace }} pod/ovn-copy-data --timeout=30s
+    {{ namespace_env}}
+    oc wait --for condition=Ready -n $NAMESPACE pod/ovn-copy-data --timeout=30s
   register: ovn_data_pod_result
   until: ovn_data_pod_result is success
   retries: 2
@@ -174,9 +176,10 @@
     {{ shell_header }}
     {{ oc_header }}
     {{ ovn_copy_shell_vars }}
+    {{ namespace_env}}
 
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6641 > /backup/ovs-nb.db"
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6642 > /backup/ovs-sb.db"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6641 > /backup/ovs-nb.db"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client backup tcp:$SOURCE_OVSDB_IP:6642 > /backup/ovs-sb.db"
   when: enable_tlse|bool is false
 
 - name: dump OVN databases using ssl connection
@@ -196,9 +199,10 @@
     {{ shell_header }}
     {{ oc_header }}
     {{ ovn_copy_shell_vars }}
+    {{ namespace_env }}
 
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_NB_IP:6641 > /backup/ovs-nb.ovsschema && ovsdb-tool convert /backup/ovs-nb.db /backup/ovs-nb.ovsschema"
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_SB_IP:6642 > /backup/ovs-sb.ovsschema && ovsdb-tool convert /backup/ovs-sb.db /backup/ovs-sb.ovsschema"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_NB_IP:6641 > /backup/ovs-nb.ovsschema && ovsdb-tool convert /backup/ovs-nb.db /backup/ovs-nb.ovsschema"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client get-schema tcp:$PODIFIED_OVSDB_SB_IP:6642 > /backup/ovs-sb.ovsschema && ovsdb-tool convert /backup/ovs-sb.db /backup/ovs-sb.ovsschema"
   when: enable_tlse|bool is false
 
 - name: upgrade OVN databases to the latest schema from podified ovsdb-servers (tls)
@@ -229,9 +233,10 @@
     {{ shell_header }}
     {{ oc_header }}
     {{ ovn_copy_shell_vars }}
+    {{ namespace_env}}
 
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
-    oc exec -n {{ org_namespace }} ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_NB_IP:6641 < /backup/ovs-nb.db"
+    oc exec -n $NAMESPACE ovn-copy-data -- bash -c "ovsdb-client restore --ca-cert=/etc/pki/tls/misc/ca.crt --private-key=/etc/pki/tls/misc/tls.key --certificate=/etc/pki/tls/misc/tls.crt ssl:$PODIFIED_OVSDB_SB_IP:6642 < /backup/ovs-sb.db"
   when: enable_tlse|bool
 
 - name: deploy podified OVN northd service to keep databases in sync