feat: add support for relative paths (ansible) (#2273)

**Description**
- Allow users to inform relative paths and names for roles and playbook
- Allow using the `operator-SDK run --local` with the roles and playbooks using relative paths
- Allow users setup ANSIBLE_ROLES_PATH env var to the customized path when it is running locally
- Allow users setup ANSIBLE_ROLES_PATH env var by using flag to the customized path when it is running locally
- Support multipaths in the ANSIBLE_ROLES_PATH informed concat by `:` 
- Update the docs

Author: camilamacedo86

CHANGELOG.md

@@ -4,6 +4,7 @@
 
 - Add a new option to set the minimum log level that triggers stack trace generation in logs (`--zap-stacktrace-level`) ([#2319](https://github.com/operator-framework/operator-sdk/pull/2319))
 - Added `pkg/status` with several new types and interfaces that can be used in `Status` structs to simplify handling of [status conditions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties). ([#1143](https://github.com/operator-framework/operator-sdk/pull/1143))
+- Added support for relative Ansible roles and playbooks paths in the Ansible operator's file. ([#2273](https://github.com/operator-framework/operator-sdk/pull/2273))
 
 ### Changed
 

cmd/operator-sdk/execentrypoint/ansible.go

@@ -15,12 +15,16 @@
 package execentrypoint
 
 import (
-	"github.com/operator-framework/operator-sdk/pkg/ansible"
-	aoflags "github.com/operator-framework/operator-sdk/pkg/ansible/flags"
-	"github.com/operator-framework/operator-sdk/pkg/log/zap"
+	"fmt"
+	"os"
 
+	"github.com/prometheus/common/log"
 	"github.com/spf13/cobra"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
+
+	"github.com/operator-framework/operator-sdk/pkg/ansible"
+	aoflags "github.com/operator-framework/operator-sdk/pkg/ansible/flags"
+	"github.com/operator-framework/operator-sdk/pkg/log/zap"
 )
 
 // newRunAnsibleCmd returns a command that will run an ansible operator.
@@ -34,11 +38,28 @@ in a Pod inside a cluster. Developers wanting to run their operator locally
 should use "run --local" instead.`,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			logf.SetLogger(zap.Logger())
-
+			err := setAnsibleRolePathEnvVar(flags)
+			if err != nil {
+				log.Error(err)
+				os.Exit(1)
+			}
 			return ansible.Run(flags)
 		},
 	}
 	flags = aoflags.AddTo(runAnsibleCmd.Flags())
 
 	return runAnsibleCmd
 }
+
+// setAnsibleRolePathEnvVar will set the default role path for the ANSIBLE_ROLES_PATH
+func setAnsibleRolePathEnvVar(flags *aoflags.AnsibleOperatorFlags) error {
+	if flags != nil && len(flags.AnsibleRolesPath) > 0 {
+		if err := os.Setenv(aoflags.AnsibleRolesPathEnvVar, flags.AnsibleRolesPath); err != nil {
+			return fmt.Errorf("failed to set %s environment variable: (%v)", aoflags.AnsibleRolesPathEnvVar, err)
+		}
+		log.Info(fmt.Sprintf("set the value %v for environment variable %v.", flags.AnsibleRolesPath,
+			aoflags.AnsibleRolesPathEnvVar))
+	}
+
+	return nil
+}

cmd/operator-sdk/run/local.go

@@ -116,6 +116,13 @@ func (c runLocalArgs) runGo() error {
 	}
 	dc.Env = append(dc.Env, fmt.Sprintf("%v=%v", k8sutil.WatchNamespaceEnvVar, c.namespace))
 
+	// Set the ANSIBLE_ROLES_PATH
+	if c.ansibleOperatorFlags != nil && len(c.ansibleOperatorFlags.AnsibleRolesPath) > 0 {
+		log.Info(fmt.Sprintf("set the value %v for environment variable %v.", c.ansibleOperatorFlags.AnsibleRolesPath,
+			aoflags.AnsibleRolesPathEnvVar))
+		dc.Env = append(dc.Env, fmt.Sprintf("%v=%v", aoflags.AnsibleRolesPathEnvVar, c.ansibleOperatorFlags.AnsibleRolesPath))
+	}
+
 	if err := projutil.ExecCmd(dc); err != nil {
 		return fmt.Errorf("failed to run operator locally: %v", err)
 	}

doc/ansible/dev/advanced_options.md

@@ -25,7 +25,7 @@ Some features can be overridden per resource via an annotation on that CR. The o
 - version: v1alpha1
   group: app.example.com
   kind: AppService
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   maxRunnerArtifacts: 30
   reconcilePeriod: 5s
   manageStatus: False

doc/ansible/dev/dependent_watches.md

@@ -24,7 +24,7 @@ This is an example of a watches file with the `watchDependentResources` field se
 - version: v1alpha1
   group: app.example.com
   kind: AppService
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   maxRunnerArtifacts: 30
   reconcilePeriod: 5s
   manageStatus: False

doc/ansible/dev/developer_guide.md

@@ -193,20 +193,8 @@ communicate with a Kubernetes cluster just as the `k8s` modules do. This
 section assumes the developer has read the [Ansible Operator user
 guide][ansible_operator_user_guide] and has the proper dependencies installed.
 
-Since `run --local` reads from `./watches.yaml`, there are a couple options
-available to the developer. If `role` is left alone (by default
-`/opt/ansible/roles/<name>`) the developer must copy the role over to
-`/opt/ansible/roles` from the operator directly. This is cumbersome because
-changes will not be reflected from the current directory. It is recommended
-that the developer instead change the `role` field to point to the current
-directory and simply comment out the existing line:
-```yaml
-- version: v1alpha1
-  group: foo.example.com
-  kind: Foo
-  #  role: /opt/ansible/roles/Foo
-  role: /home/user/foo-operator/Foo
-```
+**NOTE:** You can customize the roles path by setting the environment variable `ANSIBLE_ROLES_PATH` or using the flag `ansible-roles-path`. Note that, if the role not be found in the 
+customized path informed in `ANSIBLE_ROLES_PATH` then, the operator will look for it in the `{{current directory}}/roles`.   
 
 Create a Custom Resource Definition (CRD) and proper Role-Based Access Control
 (RBAC) definitions for resource Foo. `operator-sdk` auto-generates these files
@@ -379,7 +367,7 @@ application, then simply update the watches file with `manageStatus`:
 - version: v1
   group: api.example.com
   kind: Foo
-  role: /opt/ansible/roles/Foo
+  role: Foo
   manageStatus: false
 ```
 

doc/ansible/dev/finalizers.md

@@ -56,6 +56,7 @@ or `role` was set for the finalizer.
 Here are a few examples of `watches.yaml` files that specify a finalizer:
 
 ### Run top-level playbook or role with new variables
+
 ```yaml
 ---
 - version: v1alpha1
@@ -68,7 +69,7 @@ Here are a few examples of `watches.yaml` files that specify a finalizer:
       state: absent
 ```
 
-This example will run `/opt/ansible/playbook.yml` when the Custom Resource
+This example will run `playbook.yml` when the Custom Resource
 is deleted. Because `vars` is set, the playbook will be run with `state` set to `absent`. Inside the playbook,
 the author can check this value and perform whatever cleanup is necessary.
 
@@ -77,7 +78,7 @@ the author can check this value and perform whatever cleanup is necessary.
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  role: /opt/ansible/roles/database
+  role: database
   finalizer:
     name: finalizer.app.example.com
     vars:
@@ -93,10 +94,10 @@ role, rather than a playbook, with the `state` variable set to `absent`.
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   finalizer:
     name: finalizer.app.example.com
-    role: /opt/ansible/roles/teardown_database
+    role: teardown_database
 ```
 
 This example will run the `/opt/ansible/roles/teardown_database` role when the Custom Resource is deleted.
@@ -106,10 +107,10 @@ This example will run the `/opt/ansible/roles/teardown_database` role when the C
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   finalizer:
     name: finalizer.app.example.com
-    playbook: /opt/ansible/destroy.yml
+    playbook: destroy.yml
 ```
 
 This example will run the `/opt/ansible/destroy.yml` playbook when the Custom Resource is deleted.
@@ -126,10 +127,10 @@ interaction, with a different variable set.
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   finalizer:
     name: finalizer.app.example.com
-    role: /opt/ansible/roles/manage_credentials
+    role: manage_credentials
     vars:
       state: revoked
 ```

doc/ansible/user-guide.md

@@ -51,14 +51,16 @@ be monitored for updates and cached.
 * **group**:  The group of the Custom Resource that you will be watching.
 * **version**:  The version of the Custom Resource that you will be watching.
 * **kind**:  The kind of the Custom Resource that you will be watching.
-* **role** (default):  This is the path to the role that you have added to the
-  container.  For example if your roles directory is at `/opt/ansible/roles/`
-  and your role is named `busybox`, this value will be
-  `/opt/ansible/roles/busybox`. This field is mutually exclusive with the
-  "playbook" field.
-* **playbook**:  This is the path to the playbook that you have added to the
+* **role** (default): This is the name of the role that you have added to the
+  container. This field is mutually exclusive with the
+  "playbook" field. If the path is relative, it is relative to the `roles` directory in the current working directory 
+  which in the image by default is `/opt/ansible/roles`. Also, when it is running locally it is by default the directory 
+  `roles` in the current project directory in the local machine. Note that it can be customized by using the flag 
+  `ansible-roles-path` or the envinroment variable `ANSIBLE_ROLES_PATH`. 
+* **playbook**: This is the playbook name that you have added to the
   container. This playbook is expected to be simply a way to call roles. This
-  field is mutually exclusive with the "role" field.
+  field is mutually exclusive with the "role" field. Also, when it is running locally it looking for the playbook in the 
+  current project directory in the local machine.
 * **vars**: This is an arbitrary map of key-value pairs. The contents will be
   passed as `extra_vars` to the playbook or role specified for this watch.
 * **reconcilePeriod** (optional): The reconciliation interval, how often the
@@ -76,21 +78,21 @@ An example Watches file:
 - version: v1alpha1
   group: foo.example.com
   kind: Foo
-  role: /opt/ansible/roles/Foo
+  role: Foo
 
 # Simple example mapping Bar to a playbook
 - version: v1alpha1
   group: bar.example.com
   kind: Bar
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
 
 # More complex example for our Baz kind
 # Here we will disable requeuing and be managing the CR status in the playbook,
 # and specify additional variables.
 - version: v1alpha1
   group: baz.example.com
   kind: Baz
-  playbook: /opt/ansible/baz.yml
+  playbook: baz.yml
   reconcilePeriod: 0
   manageStatus: false
   vars:
@@ -138,7 +140,7 @@ should go.
 - version: v1alpha1
   group: cache.example.com
   kind: Memcached
-  role: /opt/ansible/roles/memcached
+  role: memcached
 ```
 
 **Playbook**
@@ -150,7 +152,7 @@ Playbook
 - version: v1alpha1
   group: cache.example.com
   kind: Memcached
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
 ```
 
 ## Building the Memcached Ansible Role

go.mod

@@ -30,6 +30,7 @@ require (
 	github.com/pborman/uuid v1.2.0
 	github.com/pkg/errors v0.8.1
 	github.com/prometheus/client_golang v1.2.1
+	github.com/prometheus/common v0.7.0
 	github.com/rogpeppe/go-internal v1.5.0
 	github.com/rubenv/sql-migrate v0.0.0-20191025130928-9355dd04f4b3 // indirect
 	github.com/sergi/go-diff v1.0.0

go.sum

@@ -67,8 +67,10 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:H
 github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
+github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4 h1:Hs82Z41s6SdL1CELW+XaDYmOH4hkBN4/N9og/AsOv7E=
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/ant31/crd-validation v0.0.0-20180702145049-30f8a35d0ac2/go.mod h1:X0noFIik9YqfhGYBLEHg8LJKEwy7QIitLQuFMpKLcPk=
 github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q=
@@ -949,6 +951,7 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac
 google.golang.org/grpc v1.24.0 h1:vb/1TCsVn3DcJlQ0Gs1yB1pKI6Do2/QNwxdKqmc/b0s=
 google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA=
 gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
+gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/scaffold/ansible/entrypoint.go

@@ -45,5 +45,6 @@ if ! whoami &>/dev/null; then
   fi
 fi
 
-exec ${OPERATOR} exec-entrypoint ansible --watches-file=/opt/ansible/watches.yaml $@
+cd $HOME
+exec ${OPERATOR} exec-entrypoint ansible --watches-file=$HOME/watches.yaml $@
 `

internal/scaffold/ansible/watches.go

@@ -44,8 +44,8 @@ const watchesAnsibleTmpl = `---
   group: [[.Resource.FullGroup]]
   kind: [[.Resource.Kind]]
   [[- if .GeneratePlaybook ]]
-  playbook: /opt/ansible/playbook.yml
+  playbook: playbook.yml
   [[- else ]]
-  role: /opt/ansible/[[.RolesDir]]/[[.Resource.LowerKind]]
+  role: [[.Resource.LowerKind]]
   [[- end ]]
 `

pkg/ansible/flags/flag.go

@@ -28,8 +28,11 @@ type AnsibleOperatorFlags struct {
 	InjectOwnerRef   bool
 	MaxWorkers       int
 	AnsibleVerbosity int
+	AnsibleRolesPath string
 }
 
+const AnsibleRolesPathEnvVar = "ANSIBLE_ROLES_PATH"
+
 // AddTo - Add the ansible operator flags to the the flagset
 // helpTextPrefix will allow you add a prefix to default help text. Joined by a space.
 func AddTo(flagSet *pflag.FlagSet, helpTextPrefix ...string) *AnsibleOperatorFlags {
@@ -56,5 +59,12 @@ func AddTo(flagSet *pflag.FlagSet, helpTextPrefix ...string) *AnsibleOperatorFla
 			"Ansible verbosity. Overridden by environment variable."),
 			" "),
 	)
+	flagSet.StringVar(&aof.AnsibleRolesPath,
+		"ansible-roles-path",
+		"",
+		strings.Join(append(helpTextPrefix,
+			"Ansible Roles Path. By default, it will be {{CWD}}/roles."),
+			" "),
+	)
 	return aof
 }

pkg/ansible/watches/testdata/duplicate_gvk.yaml

@@ -2,15 +2,15 @@
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: finalizer.app.example.com
     vars:
       sentinel: finalizer_running
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: finalizer.app.example.com
     vars:

pkg/ansible/watches/testdata/invalid.yaml

@@ -2,7 +2,7 @@
 version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: finalizer.app.example.com
     vars:

pkg/ansible/watches/testdata/invalid_duration.yaml

@@ -2,5 +2,5 @@
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   reconcilePeriod: invalid

pkg/ansible/watches/testdata/invalid_finalizer_no_vars.yaml

@@ -2,6 +2,6 @@
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: foo.app.example.com

pkg/ansible/watches/testdata/invalid_finalizer_playbook_path.yaml

@@ -2,9 +2,9 @@
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /opt/ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: finalizer.app.example.com
-    playbook: opt/ansible/playbook.yaml
+    playbook: playbook.yaml
     vars:
       sentinel: finalizer_running

pkg/ansible/watches/testdata/invalid_finalizer_role_path.yaml

@@ -2,7 +2,7 @@
 - version: v1alpha1
   group: app.example.com
   kind: Database
-  playbook: /ansible/playbook.yaml
+  playbook: playbook.yaml
   finalizer:
     name: finalizer.app.example.com
     role: ansible/role

pkg/ansible/watches/testdata/invalid_finalizer_whithout_name.yaml

@@ -0,0 +1,8 @@
+---
+- version: v1alpha1
+  group: app.example.com
+  kind: Database
+  playbook: playbook.yaml
+  finalizer:
+    name:
+