chore: Remove old mcapi RBAC resources (#406) fix: https://github.com/vexxhost/atmosphere/issues/400 Some users have been facing authorization issues because the old RBAC resources were keeping in the cluster after https://github.com/vexxhost/atmosphere/commit/158823643ded6811eba712e293c104d798b7e599 change applied. This PR will remove the old RBAC resources which breaks the auth. Co-authored-by: okozachenko1203 <okozachenko1203@users.noreply.github.com>

commit: 7765352f307526ec853ff75d9a9bdc22668665c1 [log] [tgz]
author: Oleksandr Kozachenko <okozachenko1203@gmail.com> Thu May 11 23:23:39 2023 +0200
committer: GitHub <noreply@github.com> Thu May 11 17:23:39 2023 -0400
tree: b2916b74141acd1b09e1268d83c0bc9f99aa84e2
parent: b32cedaf172faac125671f2c8eca6c8d32d3d99c [diff]
diff --git a/roles/magnum/tasks/main.yml b/roles/magnum/tasks/main.yml
index 2ac6e9a..9033e92 100644
--- a/roles/magnum/tasks/main.yml
+++ b/roles/magnum/tasks/main.yml

@@ -69,6 +69,30 @@
     CLUSTER_TOPOLOGY: "true"
     EXP_CLUSTER_RESOURCE_SET: "true"
 
+
+# NOTE(okozachenko1203): We should get rid of this task eventually as it is removing
+#               the old RBAC resources.
+- name: Remove the legacy mcapi RBAC resources
+  run_once: true
+  block:
+    - name: Remove the Role
+      failed_when: false
+      kubernetes.core.k8s:
+        state: absent
+        api_version: rbac.authorization.k8s.io/v1
+        kind: Role
+        name: magnum-cluster-api
+        namespace: magnum-system
+
+    - name: Remove the RoleBinding
+      failed_when: false
+      kubernetes.core.k8s:
+        state: absent
+        api_version: rbac.authorization.k8s.io/v1
+        kind: RoleBinding
+        name: magnum-cluster-api
+        namespace: magnum-system
+
 - name: Deploy Cluster API for Magnum RBAC
   kubernetes.core.k8s:
     state: present

diff --git a/roles/vsphere_csi/README.md b/roles/vsphere_csi/README.md
new file mode 100644
index 0000000..b889214
--- /dev/null
+++ b/roles/vsphere_csi/README.md

@@ -0,0 +1 @@
+# `vsphere_csi`

diff --git a/roles/vsphere_csi/meta/main.yml b/roles/vsphere_csi/meta/main.yml
new file mode 100644
index 0000000..a478509
--- /dev/null
+++ b/roles/vsphere_csi/meta/main.yml

@@ -0,0 +1,27 @@
+# Copyright (c) 2022 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+galaxy_info:
+  author: VEXXHOST, Inc.
+  description: Ansible role for vSphere CSI
+  license: Apache-2.0
+  min_ansible_version: 5.5.0
+  standalone: false
+  platforms:
+    - name: Ubuntu
+      versions:
+        - focal
+
+dependencies:
+  - role: defaults

diff --git a/roles/vsphere_csi/tasks/main.yml b/roles/vsphere_csi/tasks/main.yml
new file mode 100644
index 0000000..ec85eb5
--- /dev/null
+++ b/roles/vsphere_csi/tasks/main.yml

@@ -0,0 +1,52 @@
+---
+- name: Clone PowerStore CSI from GitHub
+  ansible.builtin.git:
+    repo: https://github.com/dell/csi-powerstore.git
+    dest: /var/lib/csi-powerstore
+    version: v2.3.0
+
+- name: Create Secret
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        name: csi-powerstore-config
+        namespace: kube-system
+      stringData:
+        config: "{{ powerstore_csi_config | to_yaml }}"
+
+- name: Create StorageClass
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: storage.k8s.io/v1
+      kind: StorageClass
+      metadata:
+        name: general
+        annotations:
+          storageclass.kubernetes.io/is-default-class: "true"
+      provisioner: csi-powerstore.dellemc.com
+      reclaimPolicy: Delete
+      allowVolumeExpansion: true
+      volumeBindingMode: Immediate
+
+- name: Deploy Helm chart
+  kubernetes.core.helm:
+    name: csi-powerstore
+    chart_ref: /var/lib/csi-powerstore/helm/csi-powerstore
+    release_namespace: kube-system
+    kubeconfig: /etc/kubernetes/admin.conf
+    values:
+      # NOTE(mnaser): The newer versions of the Helm charts automatically detect
+      #               these values so we can drop them once we move to v2.4.0
+      images:
+        attacher: k8s.gcr.io/sig-storage/csi-attacher:v3.4.0
+        driver: dellemc/csi-powerstore:v2.3.0
+        externalhealthmonitorcontroller: gcr.io/k8s-staging-sig-storage/csi-external-health-monitor-controller:v0.5.0
+        metadataretriever: dellemc/csi-metadata-retriever:v1.0.0
+        provisioner: k8s.gcr.io/sig-storage/csi-provisioner:v3.1.0
+        registrar: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.1
+        resizer: k8s.gcr.io/sig-storage/csi-resizer:v1.4.0
+        snapshotter: k8s.gcr.io/sig-storage/csi-snapshotter:v5.0.1
commit	7765352f307526ec853ff75d9a9bdc22668665c1	[log] [tgz]
author	Oleksandr Kozachenko <okozachenko1203@gmail.com>	Thu May 11 23:23:39 2023 +0200
committer	GitHub <noreply@github.com>	Thu May 11 17:23:39 2023 -0400
tree	b2916b74141acd1b09e1268d83c0bc9f99aa84e2
parent	b32cedaf172faac125671f2c8eca6c8d32d3d99c [diff]