Housekeeping;Populate all registry mirrors;Disable manifest image reference workaround;Add missing key;Remove redundant filter
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-04-04 10:47:28 +02:00
parent d0c4251e06
commit 915660f618
4 changed files with 25 additions and 34 deletions

View File

@ -78,6 +78,6 @@
src: registries.j2 src: registries.j2
vars: vars:
_template: _template:
data: "{{ source_registries }}" registries: "{{ source_registries }}"
hv: hv:
fqdn: "{{ vapp['metacluster.fqdn'] }}" fqdn: "{{ vapp['metacluster.fqdn'] }}"

View File

@ -52,22 +52,22 @@
version: "{{ components.clusterapi.workload.version.k8s }}" version: "{{ components.clusterapi.workload.version.k8s }}"
vip: "{{ vapp['workloadcluster.vip'] }}" vip: "{{ vapp['workloadcluster.vip'] }}"
- name: WORKAROUND - Update image references to use local registry # - name: WORKAROUND - Update image references to use local registry
ansible.builtin.replace: # ansible.builtin.replace:
dest: "{{ item }}" # dest: "{{ item }}"
regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))' # regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))'
replace: '\1{{ _template.pattern }}' # replace: '\1{{ _template.pattern }}'
vars: # vars:
fileglobs: # fileglobs:
- "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/cni-calico/' ~ components.clusterapi.workload.version.calico ~ '/*.yaml') }}" # - "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/cni-calico/' ~ components.clusterapi.workload.version.calico ~ '/*.yaml') }}"
- "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/infrastructure-vsphere/' ~ components.clusterapi.management.version.infrastructure_vsphere ~ '/*.yaml') }}" # - "{{ query('ansible.builtin.fileglob', '/opt/metacluster/cluster-api/infrastructure-vsphere/' ~ components.clusterapi.management.version.infrastructure_vsphere ~ '/*.yaml') }}"
_template: # _template:
pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/ # pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/
loop: "{{ fileglobs[0:] | flatten | select }}" # loop: "{{ fileglobs[0:] | flatten | select }}"
loop_control: # loop_control:
label: "{{ item | basename }}" # label: "{{ item | basename }}"
when: # when:
- item is not search("components.yaml|metadata.yaml") # - item is not search("components.yaml|metadata.yaml")
- name: Generate kustomization template - name: Generate kustomization template
ansible.builtin.template: ansible.builtin.template:
@ -82,10 +82,7 @@
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}" rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
runcmds: runcmds:
- update-ca-certificates - update-ca-certificates
registries: registries: "{{ source_registries }}"
# This should obviously be a dynamic list, but testing first!
- docker.io
- gcr.io
- name: Store custom cluster-template - name: Store custom cluster-template
ansible.builtin.copy: ansible.builtin.copy:
@ -246,13 +243,6 @@
- name: Trigger handlers - name: Trigger handlers
ansible.builtin.meta: flush_handlers ansible.builtin.meta: flush_handlers
# - name: Apply workload cluster manifest
# kubernetes.core.k8s:
# definition: >-
# {{ clusterctl_newcluster.stdout }}
# wait: true
# kubeconfig: "{{ kubeconfig.path }}"
- name: Wait for cluster to be available - name: Wait for cluster to be available
ansible.builtin.shell: ansible.builtin.shell:
cmd: >- cmd: >-

View File

@ -45,6 +45,7 @@
kind: Secret kind: Secret
name: "{{ vapp['workloadcluster.name'] }}-kubeconfig" name: "{{ vapp['workloadcluster.name'] }}-kubeconfig"
namespace: default namespace: default
kubeconfig: "{{ kubeconfig.path }}"
register: secret_workloadcluster_kubeconfig register: secret_workloadcluster_kubeconfig
- name: Register workload-cluster in argo-cd - name: Register workload-cluster in argo-cd
@ -59,9 +60,9 @@
secret: argocd-cluster-{{ vapp['workloadcluster.name'] | lower }} secret: argocd-cluster-{{ vapp['workloadcluster.name'] | lower }}
url: https://{{ vapp['workloadcluster.vip'] }}:6443 url: https://{{ vapp['workloadcluster.vip'] }}:6443
kubeconfig: kubeconfig:
ca: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] | b64encode }}" ca: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).clusters[0].cluster['certificate-authority-data'] }}"
certificate: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] | b64encode }}" certificate: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-certificate-data'] }}"
key: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] | b64encode }}" key: "{{ (secret_workloadcluster_kubeconfig.resources[0].data.value | b64decode | from_yaml).users[0].user['client-key-data'] }}"
- name: Configure workload-cluster GitOps repository - name: Configure workload-cluster GitOps repository
ansible.builtin.template: ansible.builtin.template:

View File

@ -1,8 +1,8 @@
mirrors: mirrors:
{% for entry in _template.data %} {% for registry in _template.registries %}
{{ entry }}: {{ registry }}:
endpoint: endpoint:
- https://registry.{{ _template.hv.fqdn }} - https://registry.{{ _template.hv.fqdn }}
rewrite: rewrite:
"(.*)": "library/{{ entry }}/$1" "(.*)": "library/{{ registry }}/$1"
{% endfor %} {% endfor %}