ibm-mas · Delgon · Dec 2, 2024 · Dec 2, 2024 · Dec 11, 2024
@@ -412,6 +412,30 @@ Provide a custom archive file name to be associated with the archive/file path p
 - Environment Variable: `MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_NAME`
 - Default: `manage-custom-archive`
 
+
+### suite_app_config_custom_list
+Provide a list of custom archive file name, url, user/password to be included as part of Manage deployment.
+
+- Optional
+- Default: None
+
+Example
+-------------------------------------------------------------------------------
+
+```yaml
+suite_app_config_custom_list:
+  - archive_name: "archive_name01"
+    archive_url: "https://download.archive.com/"
+    archive_username: "user"
+    archive_password: "password"
+  - archive_name: "archive_name02"
+    archive_url: "https://download.archive.com/"
+    archive_username: "user"
+    archive_password: "password"
+```
+
+`mas_app_settings_customization_archive_username`, `mas_app_settings_customization_archive_password`, `mas_app_settings_customization_archive_url` will be added to the list.
+
 ### Manage - Database encryption settings variables
 ---
 

@@ -49,3 +49,26 @@ cpd_wml_url: "{{ lookup('env', 'CPD_WML_URL') | default('https://internal-nginx-
 # mas_pod_templates_dir: path to directory containing podTemplates configuration
 # -----------------------------------------------------------------------------
 mas_pod_templates_dir: "{{ lookup('env', 'MAS_POD_TEMPLATES_DIR') | default('', true) }}"
+
+# Customization Archive configuration
+# -----------------------------------------------------------------------------
+suite_app_config_custom_list: []
+# Exemple
+  # - archive_name: "archive_name01"
+  #   archive_url: "https://download.archive.com/"
+  #   archive_username: "user"
+  #   archive_password: "password"
+  # - archive_name: "archive_name02"
+  #   archive_url: "https://download.archive.com/"
+  #   archive_username: "user"
+  #   archive_password: "password"
+
+mas_app_settings_customization_archive_url: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_URL') }}"
+mas_app_settings_customization_archive_name: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_NAME') | default('manage-custom-archive', true) }}"
+mas_app_settings_customization_archive_username: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_USERNAME') }}"
+mas_app_settings_customization_archive_password: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_PASSWORD') }}"
+
+# mas_app_settings_customization_credentials_secret_name: "{{ mas_workspace_id }}-{{ mas_app_id }}-cl0--cac--sn"
+# mas_app_settings_customization_credentials:
+#   customizationArchiveCredentials:
+#     secretName: "{{ mas_app_settings_customization_credentials_secret_name }}"
@@ -18,14 +18,25 @@
   include_tasks: "tasks/manage/pre-config/setup-jms.yml"
 
 # Manage pre-configuration: Customization archive setup
-- name: "Run Manage specific pre-configuration: Set custom archive credentials"
+- name: Create suite_app_config_custom_list if using env vars
+  set_fact:
+    suite_app_config_custom_list:
+      - archive_name: "{{ mas_app_settings_customization_archive_name }}"
+        archive_url: "{{ mas_app_settings_customization_archive_url }}"
+        archive_username: "{{ mas_app_settings_customization_archive_username }}"
+        archive_password: "{{ mas_app_settings_customization_archive_password }}"
   when:
     - mas_app_settings_customization_archive_username is defined
     - mas_app_settings_customization_archive_username | length > 0
     - mas_app_settings_customization_archive_password is defined
     - mas_app_settings_customization_archive_password | length > 0
     - mas_app_settings_customization_archive_url is defined
     - mas_app_settings_customization_archive_url | length > 0
+
+- name: "Run Manage specific pre-configuration: Set custom archive credentials"
+  when:
+    - suite_app_config_custom_list is defined
+    - suite_app_config_custom_list | length >0
   include_tasks: "tasks/manage/pre-config/setup-custom-archive.yml"
 
 # Manage pre-configuration: Database encryption setup

@@ -3,10 +3,27 @@
 # when custom archive credentials are defined then we include customizationArchiveCredentials
 # property in mas_app_settings_customization_list
 # ------------------------------------------------------------------------
+
+# This tasks creates a Kubernetes secret for each archive defined in the suite_app_config_custom_list.
+# If uses a Jinja2 template ('custom-archive_credentials.yml.j2') to generate the definition of the secret.
+# which includes sensitive customization archive credentials (such as 'secretName', 'archive_name' and 'archive_url').
+# The loop iterates over each item in suite_app_config_custom_list, applying the template for each archive.
 - name: "Create secret containing Customization Archive Credentials"
   kubernetes.core.k8s:
     definition: "{{ lookup('template', 'templates/manage/custom-archive-credentials.yml.j2') }}"
+  loop: "{{ suite_app_config_custom_list }}"
 
-- name: "Merge customizationArchiveCredentials property into customizationList"
+- name: Create mas_app_settings_customization_list property
   set_fact:
-    mas_app_settings_customization_list: "{{ [ mas_app_settings_customization_list[0] | combine( mas_app_settings_customization_credentials ) ] }}"
+    mas_app_settings_customization_list: >
+      {{ mas_app_settings_customization_list +
+        [{
+          'customizationArchiveName': item.archive_name,
+          'customizationArchiveUrl': item.archive_url,
+          'customizationArchiveCredentials':
+            {
+              'secretName': mas_workspace_id + '-' + mas_app_id + '-' + item.archive_name
+            }
+        }]
+      }}
+  loop: "{{ suite_app_config_custom_list }}"
@@ -3,7 +3,7 @@
 kind: Secret
 apiVersion: v1
 metadata:
-  name: "{{ mas_app_settings_customization_credentials_secret_name }}"
+  name: "{{ mas_workspace_id }}-{{ mas_app_id }}-{{ item.archive_name }}"
   namespace: "mas-{{ mas_instance_id }}-manage"
 stringData:
   credentials: |

@@ -199,19 +199,7 @@ mas_app_settings_server_bundles:
         routeSubDomain: jms
 
 # these settings will define the customization archive
-mas_app_settings_customization_archive_url: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_URL') }}"
-mas_app_settings_customization_archive_name: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_NAME') | default('manage-custom-archive', true) }}"
-mas_app_settings_customization_archive_username: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_USERNAME') }}"
-mas_app_settings_customization_archive_password: "{{ lookup('env', 'MAS_APP_SETTINGS_CUSTOMIZATION_ARCHIVE_PASSWORD') }}"
-
-mas_app_settings_customization_list:
-  - customizationArchiveName: "{{ mas_app_settings_customization_archive_name }}"
-    customizationArchiveUrl: "{{ mas_app_settings_customization_archive_url }}"
-
-mas_app_settings_customization_credentials_secret_name: "{{ mas_workspace_id }}-{{ mas_app_id }}-cl0--cac--sn"
-mas_app_settings_customization_credentials:
-  customizationArchiveCredentials:
-    secretName: "{{ mas_app_settings_customization_credentials_secret_name }}"
+mas_app_settings_customization_list: []
 
 # these settings will define the manage db encryption secrets
 mas_app_settings_crypto_key: "{{ lookup('env', 'MAS_APP_SETTINGS_CRYPTO_KEY') }}"