116 lines
3.2 KiB
YAML
116 lines
3.2 KiB
YAML
- name: Create secret from Workload
|
|
hosts: "{{ host_prompt }}"
|
|
user: "{{ user_prompt }}"
|
|
vars:
|
|
secret_exists: false
|
|
control_ip: 192.168.122.70
|
|
user_prompt: admrescue
|
|
|
|
tasks:
|
|
- name: Can management cluster be reached
|
|
ansible.builtin.command:
|
|
cmd: ping -c 5 "{{ control_ip }}"
|
|
|
|
- name: Install needed packages
|
|
become: true
|
|
ansible.builtin.package:
|
|
name:
|
|
- jq
|
|
- python3-yaml
|
|
- python3-kubernetes
|
|
state: present
|
|
|
|
- name: Get the list of existing secrets
|
|
kubernetes.core.k8s_info:
|
|
api_version: v1
|
|
kind: Secret
|
|
name: "{{ inventory_hostname | lower }}"
|
|
namespace: default
|
|
register: list_secrets
|
|
failed_when: false
|
|
|
|
- name: Create token
|
|
ansible.builtin.command:
|
|
cmd: kubectl create token admiralty-control
|
|
register: cd_token
|
|
|
|
- name: Retrieve config
|
|
ansible.builtin.command:
|
|
cmd: kubectl config view --minify --raw --output json
|
|
register: config_info
|
|
|
|
- name: Display config
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
echo > config_info.json
|
|
|
|
- name: Edit the config json with jq
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
CD_TOKEN="{{ cd_token.stdout }}" && \
|
|
CD_IP="{{ control_ip }}" && \
|
|
kubectl config view --minify --raw --output json | jq '.users[0].user={token:"'$CD_TOKEN'"} | .clusters[0].cluster.server="https://'$CD_IP':6443"'
|
|
register: edited_config
|
|
# failed_when: edited_config.skipped == true
|
|
|
|
- name: Set fact for secret
|
|
set_fact:
|
|
secret: "{{ edited_config.stdout }}"
|
|
cacheable: true
|
|
|
|
- name: Create the source for controller
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: multicluster.admiralty.io/v1alpha1
|
|
kind: Source
|
|
metadata:
|
|
name: admiralty-control
|
|
namespace: default
|
|
spec:
|
|
serviceAccountName: admiralty-control
|
|
|
|
|
|
- name: Create secret from Workload
|
|
hosts: "{{ control_host }}"
|
|
user: "{{ user_prompt }}"
|
|
gather_facts: true
|
|
vars:
|
|
secret: "{{ hostvars[host_prompt]['secret'] }}"
|
|
user_prompt: admrescue
|
|
|
|
tasks:
|
|
|
|
- name: Get the list of existing secrets
|
|
kubernetes.core.k8s_info:
|
|
api_version: v1
|
|
kind: Secret
|
|
name: "{{ host_prompt | lower }}-secret"
|
|
namespace: default
|
|
register: list_secrets
|
|
failed_when: false
|
|
|
|
- name: Test wether secret exists
|
|
failed_when: secret == ''
|
|
debug:
|
|
msg: "Secret '{{ secret }}' "
|
|
|
|
- name: Create secret with new config
|
|
ansible.builtin.command:
|
|
cmd: kubectl create secret generic "{{ host_prompt | lower }}"-secret --from-literal=config='{{ secret }}'
|
|
when: list_secrets.resources | length == 0
|
|
|
|
- name: Create target for the workload cluster
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: multicluster.admiralty.io/v1alpha1
|
|
kind: Target
|
|
metadata:
|
|
name: '{{ host_prompt | lower }}'
|
|
namespace: default
|
|
spec:
|
|
kubeconfigSecret:
|
|
name: $'{{ host_prompt | lower }}'-secret
|
|
|