fix: Generate and store kubeconfig in repository
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -125,6 +125,12 @@
|
||||
auto_init: true
|
||||
default_branch: main
|
||||
description: GitOps manifests
|
||||
- organization: wl
|
||||
body:
|
||||
name: ClusterAccess.Store
|
||||
auto_init: true
|
||||
default_branch: main
|
||||
description: Kubeconfig files
|
||||
loop_control:
|
||||
label: "{{ item.organization ~ '/' ~ item.body.name }}"
|
||||
|
||||
|
||||
@@ -0,0 +1,36 @@
|
||||
- name: Initialize tempfolder
|
||||
ansible.builtin.tempfile:
|
||||
state: directory
|
||||
register: pinniped_kubeconfig
|
||||
|
||||
- name: Pull existing repository
|
||||
ansible.builtin.git:
|
||||
repo: https://git.{{ vapp['metacluster.fqdn'] }}/wl/ClusterAccess.Store.git
|
||||
dest: "{{ pinniped_kubeconfig.path }}"
|
||||
version: main
|
||||
|
||||
- name: Generate kubeconfig
|
||||
ansible.builtin.shell:
|
||||
cmd: pinniped get kubeconfig --kubeconfig {{ capi_kubeconfig.path }}
|
||||
register: pinniped_config
|
||||
|
||||
- name: Store kubeconfig in tempfile
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ pinniped_kubeconfig.path }}"
|
||||
content: "{{ pinniped_config.stdout }}"
|
||||
mode: 0600
|
||||
no_log: true
|
||||
|
||||
- name: Push git repository
|
||||
lvrfrc87.git_acp.git_acp:
|
||||
path: "{{ pinniped_kubeconfig.path }}"
|
||||
branch: main
|
||||
comment: "Upload kubeconfig files"
|
||||
add:
|
||||
- .
|
||||
url: https://administrator:{{ vapp['metacluster.password'] | urlencode }}@git.{{ vapp['metacluster.fqdn'] }}/wl/ClusterAccess.Store.git
|
||||
environment:
|
||||
GIT_AUTHOR_NAME: administrator
|
||||
GIT_AUTHOR_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}
|
||||
GIT_COMMITTER_NAME: administrator
|
||||
GIT_COMMITTER_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}
|
||||
@@ -69,19 +69,6 @@
|
||||
GIT_COMMITTER_NAME: administrator
|
||||
GIT_COMMITTER_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}
|
||||
|
||||
# - name: Initialize/Push git repository
|
||||
# ansible.builtin.shell:
|
||||
# cmd: |
|
||||
# git init
|
||||
# git config --global user.email "administrator@{{ vapp['metacluster.fqdn'] }}"
|
||||
# git config --global user.name "administrator"
|
||||
# git checkout -b main
|
||||
# git add .
|
||||
# git commit -m "Upload charts"
|
||||
# git remote add origin https://git.{{ vapp['metacluster.fqdn'] }}/wl/GitOps.Config.git
|
||||
# git push https://administrator:{{ vapp['metacluster.password'] | urlencode }}@git.{{ vapp['metacluster.fqdn'] }}/wl/GitOps.Config.git --all
|
||||
# chdir: /opt/workloadcluster/git-repositories/gitops
|
||||
|
||||
- name: Retrieve workload-cluster kubeconfig
|
||||
kubernetes.core.k8s_info:
|
||||
kind: Secret
|
||||
|
||||
@@ -6,6 +6,7 @@
|
||||
|
||||
- import_tasks: clusterapi.yml
|
||||
- import_tasks: gitops.yml
|
||||
- import_tasks: authentication.yml
|
||||
|
||||
when:
|
||||
- vapp['deployment.type'] != 'core'
|
||||
|
||||
@@ -117,9 +117,9 @@ components:
|
||||
- https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback
|
||||
enablePasswordDB: true
|
||||
staticPasswords:
|
||||
- email: admin@{{ vapp['metacluster.fqdn'] }}
|
||||
- email: user@{{ vapp['metacluster.fqdn'] }}
|
||||
hash: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
|
||||
username: admin
|
||||
username: user
|
||||
userID: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) | to_uuid }}"
|
||||
ingress:
|
||||
enabled: true
|
||||
|
||||
Reference in New Issue
Block a user