Refactor helm chart values
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2023-01-30 10:55:47 +01:00
parent 51cabfa8d2
commit 9887faa7c4

View File

@ -1,21 +1,33 @@
- block:
- name: Initialize tempfile
ansible.builtin.tempfile:
state: file
register: values_file
- name: Write chart values w/ password to tempfile
ansible.builtin.copy:
dest: "{{ values_file.path }}"
content: "{{ stepca_values.stdout | regex_replace('(ca_password|provisioner_password): ', '\\1: ' ~ (vapp['metacluster.password'] | b64encode)) }}"
no_log: true
- name: Install step-ca chart
kubernetes.core.helm:
name: step-certificates
chart_ref: /opt/metacluster/helm-charts/step-certificates
release_namespace: step-ca
create_namespace: yes
# Unable to use REST api based readycheck due to 'missing' ingress
# Unable to use REST api based readycheck due to lack of ingress
wait: yes
kubeconfig: "{{ kubeconfig.path }}"
values: "{{ ( stepca_values.stdout | from_yaml ) | combine( { 'inject': ( _template.chart_values | from_yaml ) }, recursive=True ) }}"
vars:
_template:
chart_values: >-
secrets:
ca_password: "{{ vapp['metacluster.password'] | b64encode }}"
provisioner_password: "{{ vapp['metacluster.password'] | b64encode }}"
values-files:
- "{{ values_file.path }}"
- name: Cleanup tempfile
ansible.builtin.file:
path: "{{ values_file.path }}"
state: absent
when: values_file.path is defined
- name: Retrieve configmap w/ root certificate
kubernetes.core.k8s_info: