Fix readycheck;Create namespaces explicitly

2022-08-29 14:43:26 +02:00 · 2022-08-29 14:43:26 +02:00 · 0c1fca9643
parent b0dad1caf7
commit 0c1fca9643
2 changed files with 32 additions and 28 deletions
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml
@ -8,35 +8,39 @@
    kubeconfig: "{{ kubeconfig.path }}"
    values: "{{ components.stepcertificates.chart_values }}"

- block:
+- name: Retrieve configmap w/ root certificate
+  kubernetes.core.k8s_info:
+    kind: ConfigMap
+    name: step-certificates-certs
+    namespace: step-ca
+    kubeconfig: "{{ kubeconfig.path }}"
+  register: stepca_cm_certs

-    - name: Retrieve configmap w/ root certificate
-      kubernetes.core.k8s_info:
-        kind: ConfigMap
+- name: Create target namespaces
+  kubernetes.core.k8s:
+    kind: Namespace
+    name: "{{ item }}"
+    state: present
+    kubeconfig: "{{ kubeconfig.path }}"
+  loop:
+    - argo-cd
+    # - kube-system
+
+- name: Store root certificate in namespaced secrets
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Secret
+      metadata:
        name: step-certificates-certs
-        namespace: step-ca
-        kubeconfig: "{{ kubeconfig.path }}"
-      register: stepca_cm_certs
-
-    - name: Store root certificate in namespaced secrets
-      kubernetes.core.k8s:
-        state: present
-        definition:
-          apiVersion: v1
-          kind: Secret
-          metadata:
-            name: step-certificates-certs
-            namespace: "{{ item }}"
-          data:
-            root_ca.crt: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] | b64encode }}"
-        kubeconfig: "{{ kubeconfig.path }}"
-      loop:
-        - argo-cd
-        - kube-system
-
-  tags:
-    - never
-    - final
+        namespace: "{{ item }}"
+      data:
+        root_ca.crt: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] | b64encode }}"
+    kubeconfig: "{{ kubeconfig.path }}"
+  loop:
+    - argo-cd
+    - kube-system

 - name: Configure step-ca passthrough ingress
  ansible.builtin.template:
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml
@ -15,7 +15,7 @@
        url: https://gitops.{{ vapp['metacluster.fqdn'] }}/api/version
        method: GET
      register: api_readycheck
-      until: api_readycheck.json.Version | default(false) | bool
+      until: api_readycheck.json.Version is defined
      retries: 3
      delay: 30