adds an athenz service to the devops-suite role.

diff --git a/nodes/local-athenz-on-docker.json b/nodes/local-athenz-on-docker.json
new file mode 100644 (file)
index 0000000..5209589
--- /dev/null
+++ b/nodes/local-athenz-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[athenz-on-docker]"
+  ]
+}

diff --git a/roles/devops-suite-on-docker.rb b/roles/devops-suite-on-docker.rb
index 5d8af95..14a74a6 100644 (file)
--- a/roles/devops-suite-on-docker.rb
+++ b/roles/devops-suite-on-docker.rb
@@ -24,6 +24,9 @@ dockerd_extra_opts = [
 network_mode_bridge = false
 aptly_port         =  '7080'  # default: 8080
 aptly_api_port     =  '7081'  # default: 8081
+athenz_zms_port    =  '7043'  # default: 4443
+athenz_zts_port    =  '8043'  # default: 8443
+athenz_ui_port     =  '9043'  # default: 9443
 concourse_port     =  '8080'
 gitlab_http_port   =    '80'  # default: 80, Note: 8080 already in use.
 gitlab_ssh_port    =  '2022'
@@ -37,6 +40,7 @@ vault_port         =  '8200'  # default: 8200
 run_list(
   'role[docker]',
   'role[aptly-on-docker]',
+  'role[athenz-on-docker]',
   'role[concourse-on-docker]',
   'role[gitlab-on-docker]',
   'role[gitlab-runner]',
@@ -78,6 +82,23 @@ attrs = {
       },
     },
   },
+  'athenz' => {
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'athenz' => {
+            'ports' => [
+              "#{athenz_zms_port}:4443",
+              "#{athenz_zts_port}:8443",
+              "#{athenz_ui_port}:9443",
+            ],
+            'environment' => {
+            },
+          },
+        },
+      },
+    },
+  },
   'concourse-ci' => {
     'docker-compose' => {
       'config' => {
@@ -194,6 +215,9 @@ if network_mode_bridge
   ]
   aptly_srvs['aptly']['network_mode'] = 'bridge'
 
+  athenz_srvs = attrs['athenz']['docker-compose']['config']['services']
+  athenz_srvs['athenz']['network_mode'] = 'bridge'
+
   jenkins_srvs = attrs['jenkins-grid']['docker-compose']['config']['services']
   jenkins_srvs['jenkins']['network_mode'] = 'bridge'
 

diff --git a/roles/devops-suite-with-ssl-on-docker.rb b/roles/devops-suite-with-ssl-on-docker.rb
index 40a73c9..ec79953 100644 (file)
--- a/roles/devops-suite-with-ssl-on-docker.rb
+++ b/roles/devops-suite-with-ssl-on-docker.rb
@@ -31,6 +31,7 @@ if $0.split.include?('chef-solo') || ($0.split.include?('chef-client') && ARGV.i
 end
 host_cn = 'devops.io.example.com' if host_cn.nil?
 aptly_cn = host_cn       # e.g. 'aptly.io.example.com'
+athenz_cn = host_cn      # e.g. 'athenz.io.example.com'
 concourse_cn = host_cn   # e.g. 'concourse.io.example.com'
 concourse_port    = '8443'
 docker_reg_cn = host_cn  # e.g. 'registry.docker.example.com'
@@ -55,6 +56,7 @@ with_ssl = true
 common_names = [
   host_cn,
   aptly_cn,
+  athenz_cn,
   concourse_cn,
   docker_reg_cn,
   gitlab_cn,

diff --git a/roles/devops-suite.Berksfile b/roles/devops-suite.Berksfile
index 9805e19..2f02687 100644 (file)
--- a/roles/devops-suite.Berksfile
+++ b/roles/devops-suite.Berksfile
@@ -17,6 +17,7 @@
 source 'https://supermarket.chef.io'
 
 cookbook 'apt_utils'
+cookbook 'athenz'
 cookbook 'concourse-ci'
 cookbook 'docker-grid'
 cookbook 'gitlab-grid'