Re-factor nexus role to streamline playbook

Move nexus functionality into nexus role from
infrastructure playbook.
This will make role easier to test and make
it easier to implement other OS support later.

Issue-ID: OOM-1653

Change-Id: I1af2bfef5aa4d6c7b819f5fc40f95c6e8303598c
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
diff --git a/ansible/roles/nexus/defaults/main.yml b/ansible/roles/nexus/defaults/main.yml
index 57a79f9..3776f44 100644
--- a/ansible/roles/nexus/defaults/main.yml
+++ b/ansible/roles/nexus/defaults/main.yml
@@ -1,2 +1,6 @@
-#Defaults to install, can be set to configure.
-phase: install
+---
+# By default prepopulated nexus binary blob used.
+populate_nexus: false
+# By dafault no additional docker images pushed to nexus at runtime
+# but all images are pre-populated either at buildtime or at install time (populate_nexus).
+runtime_images: {}
diff --git a/ansible/roles/nexus/tasks/configure.yml b/ansible/roles/nexus/tasks/configure.yml
index 66712d8..7e6c20e 100644
--- a/ansible/roles/nexus/tasks/configure.yml
+++ b/ansible/roles/nexus/tasks/configure.yml
@@ -3,7 +3,7 @@
   uri:
     url: "{{ nexus_url }}/service/rest/v1/script/configure"
     method: GET
-    force_basic_auth: yes
+    force_basic_auth: true
     user: admin
     password: admin123
     status_code: [200, 404]
@@ -13,7 +13,7 @@
       uri:
         url: "{{ nexus_url }}/service/rest/v1/script"
         method: POST
-        force_basic_auth: yes
+        force_basic_auth: true
         user: admin
         password: admin123
         body_format: json
@@ -26,7 +26,7 @@
       uri:
         url: "{{ nexus_url }}/service/rest/v1/script/configure/run"
         method: POST
-        force_basic_auth: yes
+        force_basic_auth: true
         user: admin
         password: admin123
         body_format: raw
diff --git a/ansible/roles/nexus/tasks/insert-images.yml b/ansible/roles/nexus/tasks/insert-images.yml
index fb8d7d8..f71d699 100644
--- a/ansible/roles/nexus/tasks/insert-images.yml
+++ b/ansible/roles/nexus/tasks/insert-images.yml
@@ -14,6 +14,7 @@
       docker_image:
         name: "{{ runtime_images[component].registry }}{{ runtime_images[component].path }}"
         tag: "{{ runtime_images[component].tag }}"
-        push: yes
+        push: true
         load_path: "{{ item.path }}"
         timeout: 120
+      changed_when: false  # for idenpotence
diff --git a/ansible/roles/nexus/tasks/install.yml b/ansible/roles/nexus/tasks/install.yml
index 1756b70..99d73dc 100644
--- a/ansible/roles/nexus/tasks/install.yml
+++ b/ansible/roles/nexus/tasks/install.yml
@@ -4,7 +4,7 @@
     path: "{{ app_data_path }}/nexus_data"
     owner: 200
     group: 200
-    recurse: yes
+    recurse: true
 
 - name: Load nexus image
   docker_image:
@@ -28,3 +28,15 @@
       - "{{ app_data_path }}/nexus_data:/nexus-data:rw"
     state: started
     restart_policy: unless-stopped
+
+- name: Wait for nexus to come up
+  uri:
+    url: "{{ nexus_url }}/service/metrics/healthcheck"
+    user: admin
+    password: admin123
+    force_basic_auth: true
+    method: GET
+  retries: 30
+  delay: 10
+  register: nexus_wait
+  until: not nexus_wait.failed
diff --git a/ansible/roles/nexus/tasks/main.yml b/ansible/roles/nexus/tasks/main.yml
index c5905b1..c1d8351 100644
--- a/ansible/roles/nexus/tasks/main.yml
+++ b/ansible/roles/nexus/tasks/main.yml
@@ -1,2 +1,9 @@
 ---
-- include_tasks: "{{ phase }}.yml"
+- include_tasks: install.yml
+- include_tasks: configure.yml
+  when: populate_nexus | bool
+- include_tasks: runtime-populate.yml
+  when:
+    - runtime_images is defined
+    - runtime_images is not none
+    - runtime_images.keys() | length > 0
diff --git a/ansible/roles/nexus/tasks/runtime-populate.yml b/ansible/roles/nexus/tasks/runtime-populate.yml
index e22b650..ac947ec 100644
--- a/ansible/roles/nexus/tasks/runtime-populate.yml
+++ b/ansible/roles/nexus/tasks/runtime-populate.yml
@@ -9,4 +9,3 @@
 # need to iterate over those tasks in include
 - include: "insert-images.yml"
   with_items: "{{ tar_images.files }}"
-
diff --git a/ansible/roles/nexus/vars/main.yml b/ansible/roles/nexus/vars/main.yml
index 6394416..5ec5186 100644
--- a/ansible/roles/nexus/vars/main.yml
+++ b/ansible/roles/nexus/vars/main.yml
@@ -1 +1,2 @@
+---
 nexus_url: "https://nexus.{{ hostvars[groups.infrastructure[0]].ansible_nodename }}"
diff --git a/ansible/roles/nginx/templates/nginx.conf.j2 b/ansible/roles/nginx/templates/nginx.conf.j2
index fb48565..ff9d2a9 100644
--- a/ansible/roles/nginx/templates/nginx.conf.j2
+++ b/ansible/roles/nginx/templates/nginx.conf.j2
@@ -12,14 +12,6 @@
     proxy_send_timeout 120;
     proxy_read_timeout 300;
 
-    upstream nexus {
-        server nexus:8081;
-    }
-
-    upstream registry {
-        server nexus:8082;
-    }
-
 # http simulations
     server {
         listen 80;
@@ -38,6 +30,7 @@
 
 # nexus simulations
     server {
+        resolver 127.0.0.11 valid=30s;
         listen 80;
         listen 443 ssl;
         server_name {% for host in simulated_hosts.nexus -%}
@@ -53,11 +46,13 @@
         client_max_body_size 3G;
 
         location / {
+            set $upstream_nexus nexus:8081;
+            set $upstream_registry nexus:8082;
             # redirect to docker registry
             if ($http_user_agent ~ docker ) {
-                proxy_pass http://registry;
+                proxy_pass http://$upstream_registry;
             }
-            proxy_pass http://nexus;
+            proxy_pass http://$upstream_nexus;
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;