- name: Installation k3s hosts: all:!localhost user: "{{ user_prompt }}" gather_facts: true become_method: sudo vars: - argo_namespace: argo - MC_PATH: $HOME/minio-binaries - MINIO_NAME: my-minio - UUID: "{{ uuid_prompt }}" environment: - KUBECONFIG: /home/{{ user_prompt }}/.kube/config tasks: - name: Install necessary packages become: true package: name: - python3-kubernetes - python3-jmespath state: present - name: Create destination directory file: path: $HOME/minio-binaries state: directory mode: '0755' - name: Install mc ansible.builtin.get_url: url: "https://dl.min.io/client/mc/release/linux-amd64/mc" dest: $HOME/minio-binaries/mc mode: +x headers: Content-Type: "application/json" - name: Add mc to path ansible.builtin.lineinfile: path: $HOME/.bashrc line: export PATH=$PATH:$HOME/minio-binaries - name: Is mc already set up for the local minio ansible.builtin.shell: cmd: | "{{ MC_PATH }}"/mc admin info {{ MINIO_NAME }} register: minio_info failed_when: minio_info.rc not in [0,1] - name: Retrieve root user ansible.builtin.shell: cmd: | kubectl get secrets argo-artifacts -o jsonpath="{.data.rootUser}" | base64 -d - register: user when: minio_info.rc == 1 - name: Retrieve root password ansible.builtin.shell: cmd: | kubectl get secret argo-artifacts --namespace default -o jsonpath="{.data.rootPassword}" | base64 -d - register : password when: minio_info.rc == 1 - name: Set up MinIO host in mc ansible.builtin.shell: cmd: | "{{ MC_PATH }}"/mc alias set {{ MINIO_NAME }} http://127.0.0.1:9000 '{{ user.stdout }}' '{{ password.stdout }}' failed_when: user.stdout == "" or password.stdout == "" when: minio_info.rc == 1 - name: Does oc-bucket already exist ansible.builtin.shell: cmd: | "{{ MC_PATH }}"/mc ls my-minio | grep -q oc-bucket register: bucket_exists failed_when: bucket_exists.rc not in [0,1] - name: Create oc-bucket ansible.builtin.shell: cmd: | "{{ MC_PATH }}"/mc mb {{ MINIO_NAME }}/oc-bucket when: bucket_exists.rc == 1 - name: Run mc admin accesskey create command ansible.builtin.shell: cmd: | {{ MC_PATH }}/mc admin accesskey create --json {{ MINIO_NAME }} register: minio_output changed_when: false # Avoid marking the task as changed every time - name: Parse JSON output set_fact: access_key: "{{ minio_output.stdout | from_json | json_query('accessKey') }}" secret_key: "{{ minio_output.stdout | from_json | json_query('secretKey') }}" - name: Retrieve cluster IP for minio API ansible.builtin.shell: cmd: | kubectl get service argo-artifacts -o jsonpath="{.spec.clusterIP}" register: minio_cluster_ip - name: Create the minio secret in argo namespace kubernetes.core.k8s: state: present namespace: '{{ argo_namespace }}' name: "{{ UUID }}-argo-artifact-secret" definition: apiVersion: v1 kind: Secret type: Opaque stringData: access-key: '{{ access_key }}' secret-key: '{{ secret_key }}' - name: Create the minio secret in argo namespace kubernetes.core.k8s: state: present namespace: '{{ argo_namespace }}' definition: apiVersion: v1 kind: ConfigMap metadata: name: artifact-repositories data: oc-s3-artifact-repository: | s3: bucket: oc-bucket endpoint: {{ minio_cluster_ip.stdout }}:9000 insecure: true accessKeySecret: name: "{{ UUID }}-argo-artifact-secret" key: access-key secretKeySecret: name: "{{ UUID }}-argo-artifact-secret" key: secret-key # ansible.builtin.shell: # cmd: | # kubectl create secret -n '{{ argo_namespace }}' generic argo-artifact-secret \ # --from-literal=access-key='{{ access_key }}' \ # --from-literal=secret-key='{{ secret_key }}'