Fix linting error;Add workload cluster generation/configuration
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Danny Bessems 2023-01-05 16:42:20 +01:00
parent edc19464e2
commit 6c3867fb57
3 changed files with 61 additions and 2 deletions

View File

@ -92,7 +92,48 @@
chdir: /opt/metacluster/cluster-api
register: clusterctl_newcluster
# TODO: move to git repo
- name: Save workload cluster manifest
ansible.builtin.copy:
dest: /opt/metacluster/cluster-api/new-cluster.yaml
content: "{{ clusterctl_newcluster.stdout }}"
- name: Apply workload cluster manifest
kubernetes.core.k8s:
definition: >-
{{ clusterctl_newcluster.stdout }}
wait: yes
kubeconfig: "{{ kubeconfig.path }}"
- name: Initialize tempfile
ansible.builtin.tempfile:
state: file
register: capi_kubeconfig
- name: Retrieve kubeconfig
ansible.builtin.command:
cmd: kubectl config view --raw
register: capi_kubectl_config
- name: Store kubeconfig in tempfile
ansible.builtin.copy:
dest: "{{ capi_kubeconfig.path }}"
content: "{{ capi_kubectl_config.stdout }}"
mode: 0600
no_log: true
- name: Generate serviceaccount
# TODO: move to GitOps
kubernetes.core.k8s:
template: serviceaccount.j2
state: present
kubeconfig: "{{ capi_kubeconfig.path }}"
vars:
_template:
account:
name: argocd-sa
namespace: default
clusterrolebinding:
name: argocd-crb
- name: Apply cni plugin manifest
# TODO: move to GitOps
kubernetes.core.k8s:
src: /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
state: present
wait: yes
kubeconfig: "{{ capi_kubeconfig.path }}"

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ _template.clusterrolebinding.name }}
subjects:
- kind: ServiceAccount
name: {{ _template.account.name }}
namespace: {{ _template.account.namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io