Housekeeping;Populate all registry mirrors;Disable manifest image reference workaround;Add missing key;Remove redundant filter
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
d0c4251e06
commit
915660f618
@ -78,6 +78,6 @@
|
|||||||
src: registries.j2
|
src: registries.j2
|
||||||
vars:
|
vars:
|
||||||
_template:
|
_template:
|
||||||
data: "{{ source_registries }}"
|
registries: "{{ source_registries }}"
|
||||||
hv:
|
hv:
|
||||||
fqdn: "{{ vapp['metacluster.fqdn'] }}"
|
fqdn: "{{ vapp['metacluster.fqdn'] }}"
|
||||||
|
@ -52,22 +52,22 @@
|
|||||||
version: "{{ components.clusterapi.workload.version.k8s }}"
|
version: "{{ components.clusterapi.workload.version.k8s }}"
|
||||||
vip: "{{ vapp['workloadcluster.vip'] }}"
|
vip: "{{ vapp['workloadcluster.vip'] }}"
|
||||||
|
|
||||||
- name: WORKAROUND - Update image references to use local registry
|
# - name: WORKAROUND - Update image references to use local registry
|
||||||
ansible.builtin.replace:
|
# ansible.builtin.replace:
|
||||||
dest: "{{ item }}"
|
# dest: "{{ item }}"
|
||||||
regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))'
|
# regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))'
|
||||||
replace: '\1{{ _template.pattern }}'
|
# replace: '\1{{ _template.pattern }}'
|
||||||
vars:
|
# vars:
|
||||||
fileglobs:
|
# fileglobs:
|
||||||
- "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/cni-calico/' ~ components.clusterapi.workload.version.calico ~ '/*.yaml') }}"
|
# - "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/cni-calico/' ~ components.clusterapi.workload.version.calico ~ '/*.yaml') }}"
|
||||||
- "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/infrastructure-vsphere/' ~ components.clusterapi.management.version.infrastructure_vsphere ~ '/*.yaml') }}"
|
# - "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/infrastructure-vsphere/' ~ components.clusterapi.management.version.infrastructure_vsphere ~ '/*.yaml') }}"
|
||||||
_template:
|
# _template:
|
||||||
pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/
|
# pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/
|
||||||
loop: "{{ fileglobs[0:] | flatten | select }}"
|
# loop: "{{ fileglobs[0:] | flatten | select }}"
|
||||||
loop_control:
|
# loop_control:
|
||||||
label: "{{ item | basename }}"
|
# label: "{{ item | basename }}"
|
||||||
when:
|
# when:
|
||||||
- item is not search("components.yaml|metadata.yaml")
|
# - item is not search("components.yaml|metadata.yaml")
|
||||||
|
|
||||||
- name: Generate kustomization template
|
- name: Generate kustomization template
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
@ -82,10 +82,7 @@
|
|||||||
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
||||||
runcmds:
|
runcmds:
|
||||||
- update-ca-certificates
|
- update-ca-certificates
|
||||||
registries:
|
registries: "{{ source_registries }}"
|
||||||
# This should obviously be a dynamic list, but testing first!
|
|
||||||
- docker.io
|
|
||||||
- gcr.io
|
|
||||||
|
|
||||||
- name: Store custom cluster-template
|
- name: Store custom cluster-template
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
@ -246,13 +243,6 @@
|
|||||||
- name: Trigger handlers
|
- name: Trigger handlers
|
||||||
ansible.builtin.meta: flush_handlers
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
# - name: Apply workload cluster manifest
|
|
||||||
# kubernetes.core.k8s:
|
|
||||||
# definition: >-
|
|
||||||
# {{ clusterctl_newcluster.stdout }}
|
|
||||||
# wait: true
|
|
||||||
# kubeconfig: "{{ kubeconfig.path }}"
|
|
||||||
|
|
||||||
- name: Wait for cluster to be available
|
- name: Wait for cluster to be available
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
cmd: >-
|
cmd: >-
|
||||||
|
@ -45,6 +45,7 @@
|
|||||||
kind: Secret
|
kind: Secret
|
||||||
name: "{{ vapp['workloadcluster.name'] }}-kubeconfig"
|
name: "{{ vapp['workloadcluster.name'] }}-kubeconfig"
|
||||||
namespace: default
|
namespace: default
|
||||||
|
kubeconfig: "{{ kubeconfig.path }}"
|
||||||
register: secret_workloadcluster_kubeconfig
|
register: secret_workloadcluster_kubeconfig
|
||||||
|
|
||||||
- name: Register workload-cluster in argo-cd
|
- name: Register workload-cluster in argo-cd
|
||||||
@ -59,9 +60,9 @@
|
|||||||
secret: argocd-cluster-{{ vapp['workloadcluster.name'] | lower }}
|
secret: argocd-cluster-{{ vapp['workloadcluster.name'] | lower }}
|
||||||
url: https://{{ vapp['workloadcluster.vip'] }}:6443
|
url: https://{{ vapp['workloadcluster.vip'] }}:6443
|
||||||
kubeconfig:
|
kubeconfig:
|
||||||
ca: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] | b64encode }}"
|
ca: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] }}"
|
||||||
certificate: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] | b64encode }}"
|
certificate: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] }}"
|
||||||
key: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] | b64encode }}"
|
key: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] }}"
|
||||||
|
|
||||||
- name: Configure workload-cluster GitOps repository
|
- name: Configure workload-cluster GitOps repository
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
mirrors:
|
mirrors:
|
||||||
{% for entry in _template.data %}
|
{% for registry in _template.registries %}
|
||||||
{{ entry }}:
|
{{ registry }}:
|
||||||
endpoint:
|
endpoint:
|
||||||
- https://registry.{{ _template.hv.fqdn }}
|
- https://registry.{{ _template.hv.fqdn }}
|
||||||
rewrite:
|
rewrite:
|
||||||
"(.*)": "library/{{ entry }}/$1"
|
"(.*)": "library/{{ registry }}/$1"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
Loading…
Reference in New Issue
Block a user