fix: Generate and store kubeconfig in repository
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-08-24 18:24:24 +02:00
parent 4c1f1fce5e
commit 32dda728cb
5 changed files with 45 additions and 15 deletions

View File

@ -125,6 +125,12 @@
auto_init: true auto_init: true
default_branch: main default_branch: main
description: GitOps manifests description: GitOps manifests
- organization: wl
body:
name: ClusterAccess.Store
auto_init: true
default_branch: main
description: Kubeconfig files
loop_control: loop_control:
label: "{{ item.organization ~ '/' ~ item.body.name }}" label: "{{ item.organization ~ '/' ~ item.body.name }}"

View File

@ -0,0 +1,36 @@
- name: Initialize tempfolder
ansible.builtin.tempfile:
state: directory
register: pinniped_kubeconfig
- name: Pull existing repository
ansible.builtin.git:
repo: https://git.{{ vapp['metacluster.fqdn'] }}/wl/ClusterAccess.Store.git
dest: "{{ pinniped_kubeconfig.path }}"
version: main
- name: Generate kubeconfig
ansible.builtin.shell:
cmd: pinniped get kubeconfig --kubeconfig {{ capi_kubeconfig.path }}
register: pinniped_config
- name: Store kubeconfig in tempfile
ansible.builtin.copy:
dest: "{{ pinniped_kubeconfig.path }}"
content: "{{ pinniped_config.stdout }}"
mode: 0600
no_log: true
- name: Push git repository
lvrfrc87.git_acp.git_acp:
path: "{{ pinniped_kubeconfig.path }}"
branch: main
comment: "Upload kubeconfig files"
add:
- .
url: https://administrator:{{ vapp['metacluster.password'] | urlencode }}@git.{{ vapp['metacluster.fqdn'] }}/wl/ClusterAccess.Store.git
environment:
GIT_AUTHOR_NAME: administrator
GIT_AUTHOR_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}
GIT_COMMITTER_NAME: administrator
GIT_COMMITTER_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}

View File

@ -69,19 +69,6 @@
GIT_COMMITTER_NAME: administrator GIT_COMMITTER_NAME: administrator
GIT_COMMITTER_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }} GIT_COMMITTER_EMAIL: administrator@{{ vapp['metacluster.fqdn'] }}
# - name: Initialize/Push git repository
# ansible.builtin.shell:
# cmd: |
# git init
# git config --global user.email "administrator@{{ vapp['metacluster.fqdn'] }}"
# git config --global user.name "administrator"
# git checkout -b main
# git add .
# git commit -m "Upload charts"
# git remote add origin https://git.{{ vapp['metacluster.fqdn'] }}/wl/GitOps.Config.git
# git push https://administrator:{{ vapp['metacluster.password'] | urlencode }}@git.{{ vapp['metacluster.fqdn'] }}/wl/GitOps.Config.git --all
# chdir: /opt/workloadcluster/git-repositories/gitops
- name: Retrieve workload-cluster kubeconfig - name: Retrieve workload-cluster kubeconfig
kubernetes.core.k8s_info: kubernetes.core.k8s_info:
kind: Secret kind: Secret

View File

@ -6,6 +6,7 @@
- import_tasks: clusterapi.yml - import_tasks: clusterapi.yml
- import_tasks: gitops.yml - import_tasks: gitops.yml
- import_tasks: authentication.yml
when: when:
- vapp['deployment.type'] != 'core' - vapp['deployment.type'] != 'core'

View File

@ -117,9 +117,9 @@ components:
- https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback - https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback
enablePasswordDB: true enablePasswordDB: true
staticPasswords: staticPasswords:
- email: admin@{{ vapp['metacluster.fqdn'] }} - email: user@{{ vapp['metacluster.fqdn'] }}
hash: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}" hash: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
username: admin username: user
userID: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) | to_uuid }}" userID: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) | to_uuid }}"
ingress: ingress:
enabled: true enabled: true