From 6942c33ae8d6eb98ec13620e50a327e19fd7059c Mon Sep 17 00:00:00 2001
From: Danny Bessems <danny@bessems.eu>
Date: Mon, 3 Apr 2023 16:26:38 +0200
Subject: [PATCH] Fix Ansible templating;DRY

---
 .drone.yml                                    | 43 +++++++++++--------
 .../roles/workloadcluster/tasks/gitops.yml    |  6 +--
 packer/build.pkr.hcl                          |  2 +
 3 files changed, 30 insertions(+), 21 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 4877337..f56f4aa 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -13,15 +13,38 @@ volumes:
 steps:
 - name: Debugging information
   image: bv11-cr01.bessems.eu/library/packer-extended
+  pull: always
   commands:
   - ansible --version
   - ovftool --version
   - packer --version
   - yamllint --version
 
+- name: Linting
+  image: bv11-cr01.bessems.eu/library/packer-extended
+  pull: always
+  commands:
+  - |
+    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" \
+      ansible \
+      packer/preseed/UbuntuServer22.04/user-data \
+      scripts
+
+- name: Install Ansible Galaxy collections
+  image: bv11-cr01.bessems.eu/library/packer-extended
+  pull: always
+  commands:
+    - |
+    ansible-galaxy install \
+      -r ansible/requirements.yml \
+      -p /scratch/ansible-galaxy
+  volumes:
+  - name: scratch
+    path: /scratch
+
 - name: Kubernetes Bootstrap Appliance
   depends_on:
-  - Debugging information
+  - Install Ansible Galaxy collections
   image: bv11-cr01.bessems.eu/library/packer-extended
   pull: always
   commands:
@@ -30,14 +53,6 @@ steps:
       packer/preseed/UbuntuServer22.04/user-data
   - |
     export K8S_VERSION=$(yq '.components.clusterapi.workload.version.k8s' < ./ansible/vars/metacluster.yml)
-  - |
-    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" \
-      ansible \
-      packer/preseed/UbuntuServer22.04/user-data \
-      scripts
-  - |
-    ansible-galaxy install \
-      -r ansible/requirements.yml
   - |
     packer init -upgrade \
       ./packer
@@ -87,7 +102,7 @@ steps:
 
 - name: Kubernetes Upgrade Appliance
   depends_on:
-  - Debugging information
+  - Install Ansible Galaxy collections
   image: bv11-cr01.bessems.eu/library/packer-extended
   pull: always
   commands:
@@ -96,14 +111,6 @@ steps:
       packer/preseed/UbuntuServer22.04/user-data
   - |
     export K8S_VERSION=$(yq '.components.clusterapi.workload.version.k8s' < ./ansible/vars/metacluster.yml)
-  - |
-    yamllint -d "{extends: relaxed, rules: {line-length: disable}}" \
-      ansible \
-      packer/preseed/UbuntuServer22.04/user-data \
-      scripts
-  - |
-    ansible-galaxy install \
-      -r ansible/requirements.yml
   - |
     packer init -upgrade \
       ./packer
diff --git a/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml
index 1f32468..6fffb60 100644
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml
@@ -59,9 +59,9 @@
             secret: argocd-cluster-{{ vapp['workloadcluster.name'] | lower }}
             url: https://{{ vapp['workloadcluster.vip'] }}:6443
           kubeconfig:
-            ca: (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] | b64encode
-            certificate: (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] | b64encode
-            key: (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] | b64encode
+            ca: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] | b64encode }}"
+            certificate: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] | b64encode }}"
+            key: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] | b64encode }}"
 
     - name: Configure workload-cluster GitOps repository
       ansible.builtin.template:
diff --git a/packer/build.pkr.hcl b/packer/build.pkr.hcl
index fa6e9d9..463ae82 100644
--- a/packer/build.pkr.hcl
+++ b/packer/build.pkr.hcl
@@ -34,6 +34,8 @@ build {
       "PYTHONUNBUFFERED=1"
     ]
     use_proxy        = "false"
+    collections-path = "/scratch/ansible-galaxy"
+
     extra_arguments  = [
       "--extra-vars", "appliancetype=${source.name}",
       "--extra-vars", "ansible_ssh_pass=${var.ssh_password}",