core/oc-deploy
6
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases 1 Wiki Activity
2ede262abe
oc-deploy/ansible/Admiralty/setup_minio_argo_admiralty.yml

122 lines
3.6 KiB
YAML
Raw Normal View History

All the Ansible playbooks used to deploy k3s, argo server, admiralty and minio
2025-09-26 14:12:01 +02:00
- name: Setup MinIO ressources for argo workflows/admiralty
hosts: all:!localhost
user: "{{ user_prompt }}"
gather_facts: true
become_method: sudo
vars:
- argo_namespace: "argo"
- uuid: "{{ uuid_prompt }}"
tasks:
- name: Install necessary packages
become: true
package:
name:
- python3-kubernetes
state: present
- name: Create destination directory
file:
path: $HOME/minio-binaries
state: directory
mode: '0755'
- name: Install mc
ansible.builtin.get_url:
url: "https://dl.min.io/client/mc/release/linux-amd64/mc"
dest: $HOME/minio-binaries/
mode: +x
headers:
Content-Type: "application/json"
- name: Add mc to path
ansible.builtin.shell:
cmd: |
grep -qxF 'export PATH=$PATH:$HOME/minio-binaries' $HOME/.bashrc || echo 'export PATH=$PATH:$HOME/minio-binaries' >> $HOME/.bashrc
- name: Test bashrc
ansible.builtin.shell:
cmd : |
tail -n 5 $HOME/.bashrc
- name: Retrieve root user
ansible.builtin.shell:
cmd: |
kubectl get secrets argo-artifacts -o jsonpath="{.data.rootUser}" | base64 -d -
register: user
- name: Retrieve root password
ansible.builtin.shell:
cmd: |
kubectl get secret argo-artifacts --namespace default -o jsonpath="{.data.rootPassword}" | base64 -d -
register : password
- name: Set up MinIO host in mc
ansible.builtin.shell:
cmd: |
$HOME/minio-binaries/mc alias set my-minio http://127.0.0.1:9000 '{{ user.stdout }}' '{{ password.stdout }}'
- name: Create oc-bucket
ansible.builtin.shell:
cmd: |
$HOME/minio-binaries/mc mb oc-bucket
- name: Run mc admin accesskey create command
command: $HOME/minio-binaries/mc admin accesskey create --json my-minio
register: minio_output
changed_when: false # Avoid marking the task as changed every time
- name: Parse JSON output
set_fact:
access_key: "{{ minio_output.stdout | from_json | json_query('accessKey') }}"
secret_key: "{{ minio_output.stdout | from_json | json_query('secretKey') }}"
- name: Retrieve cluster IP for minio API
ansible.builtin.shell:
cmd: |
kubectl get service argo-artifacts -o jsonpath="{.spec.clusterIP}"
register: minio_cluster_ip
- name: Create the minio secret in argo namespace
kubernetes.core.k8s:
state: present
namespace: '{{ argo_namespace }}'
name: "{{ uuuid }}-argo-artifact-secret"
definition:
apiVersion: v1
kind: Secret
type: Opaque
stringData:
access-key: '{{ access_key}}'
secret-key: '{{ secret_key }}'
- name: Create the minio secret in argo namespace
kubernetes.core.k8s:
state: present
namespace: '{{ argo_namespace }}'
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: artifact-repositories
data:
oc-s3-artifact-repository: |
s3:
bucket: oc-bucket
endpoint: {{ minio_cluster_ip.stdout }}:9000
insecure: true
accessKeySecret:
name: "{{ uuuid }}-argo-artifact-secret"
key: access-key
secretKeySecret:
name: "{{ uuuid }}-argo-artifact-secret"
key: secret-key
# ansible.builtin.shell:
# cmd: |
# kubectl create secret -n '{{ argo_namespace }}' generic argo-artifact-secret \
# --from-literal=access-key='{{ access_key }}' \
# --from-literal=secret-key='{{ secret_key }}'
Reference in New Issue Copy Permalink