djpbessems/Packer.Images
djpbessems/Packer.Images
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add upgrade tasks;Housekeeping
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Danny Bessems 2023-02-06 14:17:05 +01:00
parent abcf530b49
commit 27106b1f34
7 changed files with 109 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/init.yml
View File

@ -23,7 +23,7 @@
content: "{{ vapp['metacluster.password'] }}" content: "{{ vapp['metacluster.password'] }}"
no_log: true no_log: true
- name: Generate root CA - name: Generate step-ca helm chart values (including root CA certificate)
ansible.builtin.shell: ansible.builtin.shell:
cmd: >- cmd: >-
step ca init \ step ca init \

52
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/certauthority.yml Normal file
View File

@ -0,0 +1,52 @@
- block:
- name: Initialize tempfile
ansible.builtin.tempfile:
state: file
register: values_file
- name: Lookup current chart values
kubernetes.core.helm_info:
name: step-certificates
namespace: step-ca
kubeconfig: "{{ kubeconfig.path }}"
register: stepca_values
- name: Write chart values w/ password to tempfile
ansible.builtin.copy:
dest: "{{ values_file.path }}"
content: "{{ stepca_values.status | json_query('values') | to_yaml }}"
no_log: true
- name: Upgrade step-ca chart
kubernetes.core.helm:
name: step-certificates
chart_ref: /opt/metacluster/helm-charts/step-certificates
release_namespace: step-ca
wait: false
kubeconfig: "{{ kubeconfig.path }}"
values_files:
- "{{ values_file.path }}"
- name: Cleanup tempfile
ansible.builtin.file:
path: "{{ values_file.path }}"
state: absent
when: values_file.path is defined
- name: Ensure step-ca API availability
ansible.builtin.uri:
url: https://ca.{{ vapp['metacluster.fqdn'] }}/health
method: GET
register: api_readycheck
until:
- api_readycheck.json.status is defined
- api_readycheck.json.status == 'ok'
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delay.long }}"
module_defaults:
ansible.builtin.uri:
validate_certs: no
status_code: [200, 201]
body_format: json

27
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/git.yml Normal file
View File

@ -0,0 +1,27 @@
- block:
- name: Upgrade gitea chart
kubernetes.core.helm:
name: gitea
chart_ref: /opt/metacluster/helm-charts/gitea
release_namespace: gitea
wait: false
kubeconfig: "{{ kubeconfig.path }}"
values: "{{ components.gitea.chart_values }}"
- name: Ensure gitea API availability
ansible.builtin.uri:
url: https://git.{{ vapp['metacluster.fqdn'] }}/api/healthz
method: GET
register: api_readycheck
until:
- api_readycheck.json.status is defined
- api_readycheck.json.status == 'pass'
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delay.long }}"
module_defaults:
ansible.builtin.uri:
validate_certs: no
status_code: [200, 201]
body_format: json

26
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/gitops.yml Normal file
View File

@ -0,0 +1,26 @@
- block:
- name: Upgrade argo-cd chart
kubernetes.core.helm:
name: argo-cd
chart_ref: /opt/metacluster/helm-charts/argo-cd
release_namespace: argo-cd
wait: false
kubeconfig: "{{ kubeconfig.path }}"
values: "{{ components.argocd.chart_values }}"
- name: Ensure argo-cd API availability
ansible.builtin.uri:
url: https://gitops.{{ vapp['metacluster.fqdn'] }}/api/version
method: GET
register: api_readycheck
until:
- api_readycheck.json.Version is defined
retries: "{{ playbook.retries }}"
delay: "{{ playbook.delay.long }}"
module_defaults:
ansible.builtin.uri:
validate_certs: no
status_code: [200, 201]
body_format: json

8
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/main.yml
View File

@ -3,9 +3,7 @@
- import_tasks: k3s.yml - import_tasks: k3s.yml
- import_tasks: assets.yml - import_tasks: assets.yml
- import_tasks: storage.yml - import_tasks: storage.yml
# - import_tasks: charts.yml
- import_tasks: registry.yml - import_tasks: registry.yml
# - import_tasks: certauthority.yml - import_tasks: certauthority.yml
# - import_tasks: git.yml - import_tasks: git.yml
# - import_tasks: gitops.yml - import_tasks: gitops.yml

1
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/registry.yml
View File

@ -5,7 +5,6 @@
name: harbor name: harbor
chart_ref: /opt/metacluster/helm-charts/harbor chart_ref: /opt/metacluster/helm-charts/harbor
release_namespace: harbor release_namespace: harbor
create_namespace: true
wait: false wait: false
kubeconfig: "{{ kubeconfig.path }}" kubeconfig: "{{ kubeconfig.path }}"
values: "{{ components.harbor.chart_values }}" values: "{{ components.harbor.chart_values }}"

1
ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/storage.yml
View File

@ -32,7 +32,6 @@
name: longhorn name: longhorn
chart_ref: /opt/metacluster/helm-charts/longhorn chart_ref: /opt/metacluster/helm-charts/longhorn
release_namespace: longhorn-system release_namespace: longhorn-system
create_namespace: true
wait: false wait: false
kubeconfig: "{{ kubeconfig.path }}" kubeconfig: "{{ kubeconfig.path }}"
values: "{{ components.longhorn.chart_values }}" values: "{{ components.longhorn.chart_values }}"