122 lines
3.6 KiB
YAML
122 lines
3.6 KiB
YAML
- name: Setup MinIO ressources for argo workflows/admiralty
|
|
hosts: all:!localhost
|
|
user: "{{ user_prompt }}"
|
|
gather_facts: true
|
|
become_method: sudo
|
|
vars:
|
|
- argo_namespace: "argo"
|
|
- uuid: "{{ uuid_prompt }}"
|
|
tasks:
|
|
|
|
- name: Install necessary packages
|
|
become: true
|
|
package:
|
|
name:
|
|
- python3-kubernetes
|
|
state: present
|
|
|
|
- name: Create destination directory
|
|
file:
|
|
path: $HOME/minio-binaries
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Install mc
|
|
ansible.builtin.get_url:
|
|
url: "https://dl.min.io/client/mc/release/linux-amd64/mc"
|
|
dest: $HOME/minio-binaries/
|
|
mode: +x
|
|
headers:
|
|
Content-Type: "application/json"
|
|
|
|
- name: Add mc to path
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
grep -qxF 'export PATH=$PATH:$HOME/minio-binaries' $HOME/.bashrc || echo 'export PATH=$PATH:$HOME/minio-binaries' >> $HOME/.bashrc
|
|
|
|
- name: Test bashrc
|
|
ansible.builtin.shell:
|
|
cmd : |
|
|
tail -n 5 $HOME/.bashrc
|
|
|
|
- name: Retrieve root user
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
kubectl get secrets argo-artifacts -o jsonpath="{.data.rootUser}" | base64 -d -
|
|
register: user
|
|
|
|
- name: Retrieve root password
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
kubectl get secret argo-artifacts --namespace default -o jsonpath="{.data.rootPassword}" | base64 -d -
|
|
register : password
|
|
|
|
- name: Set up MinIO host in mc
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
$HOME/minio-binaries/mc alias set my-minio http://127.0.0.1:9000 '{{ user.stdout }}' '{{ password.stdout }}'
|
|
|
|
- name: Create oc-bucket
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
$HOME/minio-binaries/mc mb oc-bucket
|
|
|
|
- name: Run mc admin accesskey create command
|
|
command: $HOME/minio-binaries/mc admin accesskey create --json my-minio
|
|
register: minio_output
|
|
changed_when: false # Avoid marking the task as changed every time
|
|
|
|
- name: Parse JSON output
|
|
set_fact:
|
|
access_key: "{{ minio_output.stdout | from_json | json_query('accessKey') }}"
|
|
secret_key: "{{ minio_output.stdout | from_json | json_query('secretKey') }}"
|
|
|
|
- name: Retrieve cluster IP for minio API
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
kubectl get service argo-artifacts -o jsonpath="{.spec.clusterIP}"
|
|
register: minio_cluster_ip
|
|
|
|
- name: Create the minio secret in argo namespace
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
namespace: '{{ argo_namespace }}'
|
|
name: "{{ uuuid }}-argo-artifact-secret"
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Secret
|
|
type: Opaque
|
|
stringData:
|
|
access-key: '{{ access_key}}'
|
|
secret-key: '{{ secret_key }}'
|
|
|
|
|
|
- name: Create the minio secret in argo namespace
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
namespace: '{{ argo_namespace }}'
|
|
definition:
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: artifact-repositories
|
|
data:
|
|
oc-s3-artifact-repository: |
|
|
s3:
|
|
bucket: oc-bucket
|
|
endpoint: {{ minio_cluster_ip.stdout }}:9000
|
|
insecure: true
|
|
accessKeySecret:
|
|
name: "{{ uuuid }}-argo-artifact-secret"
|
|
key: access-key
|
|
secretKeySecret:
|
|
name: "{{ uuuid }}-argo-artifact-secret"
|
|
key: secret-key
|
|
|
|
|
|
# ansible.builtin.shell:
|
|
# cmd: |
|
|
# kubectl create secret -n '{{ argo_namespace }}' generic argo-artifact-secret \
|
|
# --from-literal=access-key='{{ access_key }}' \
|
|
# --from-literal=secret-key='{{ secret_key }}'
|