From b6ac086a318a4f64d1607e93ee9fa8a86ff04dab Mon Sep 17 00:00:00 2001
From: Danny Bessems <danny@bessems.eu>
Date: Wed, 13 Jul 2022 12:00:03 +0200
Subject: [PATCH] Add conditional to K3s installation;Populate Gitea #2

---
 .../roles/metacluster/tasks/main.yml          | 124 ++++++++++++++----
 1 file changed, 95 insertions(+), 29 deletions(-)

diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml
index 3b35de6..45c104e 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml
@@ -1,26 +1,33 @@
-- name: Install K3s
-  ansible.builtin.command:
-    cmd: ./install.sh
-    chdir: /opt/metacluster/k3s
-  environment:
-    INSTALL_K3S_SKIP_DOWNLOAD: 'true'
-    INSTALL_K3S_EXEC: 'server --cluster-init --disable local-storage'
+- block:
+
+    - name: Gather service facts
+      ansible.builtin.service_facts:
+        # Module requires no attributes
+
+    - name: Install K3s
+      ansible.builtin.command:
+        cmd: ./install.sh
+        chdir: /opt/metacluster/k3s
+      environment:
+        INSTALL_K3S_SKIP_DOWNLOAD: 'true'
+        INSTALL_K3S_EXEC: 'server --cluster-init --disable local-storage'
+      when: ansible_facts.services['k3s.service'] is undefined
+
+    - name: Ensure API availability
+      ansible.utils.cli_parse:
+        command: curl -k https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose
+        parser:
+          name: ansible.utils.json
+        set_fact: api_readycheck
+      ignore_errors: yes
+      until: api_readycheck.apiVersion is defined
+      retries: 3
+      delay: 30
 
 - name: Install kubectl tab-completion
   ansible.builtin.shell:
     cmd: kubectl completion bash | tee /etc/bash_completion.d/kubectl
 
-- name: Ensure API availability
-  ansible.utils.cli_parse:
-    command: curl -k https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose
-    parser:
-      name: ansible.utils.json
-    set_fact: api_readycheck
-  ignore_errors: yes
-  until: api_readycheck.apiVersion is defined
-  retries: 3
-  delay: 30
-
 - block:
 
     - name: Initialize tempfile
@@ -61,6 +68,7 @@
     line: "{{ vapp['guestinfo.ipaddress'] }}  {{ item + '.' + vapp['metacluster.fqdn'] }}"
     state: present
   loop:
+    # TODO: Make this list dynamic
     - git
     - gitops
     - registry
@@ -113,17 +121,22 @@
     dest: /etc/rancher/k3s/registries.yaml
     src: registries.j2
 
-- name: Install gitea chart
-  kubernetes.core.helm:
-    name: gitea
-    chart_ref: /opt/metacluster/helm-charts/gitea
-    release_namespace: gitea
-    create_namespace: yes
-    wait: yes
-    kubeconfig: "{{ kubeconfig.path }}"
-    values: "{{ components.gitea.chart_values }}"
-
 - block:
+  module_defaults:
+    ansible.builtin.uri:
+      validate_certs: no
+      status_code: [200, 201]
+      body_format: json
+
+    - name: Install gitea chart
+      kubernetes.core.helm:
+        name: gitea
+        chart_ref: /opt/metacluster/helm-charts/gitea
+        release_namespace: gitea
+        create_namespace: yes
+        wait: yes
+        kubeconfig: "{{ kubeconfig.path }}"
+        values: "{{ components.gitea.chart_values }}"
 
     - name: Ensure gitea API availability
       ansible.utils.cli_parse:
@@ -140,7 +153,60 @@
 
     - name: Generate gitea API token
       ansible.builtin.uri:
-        url: https://git.{{ vapp['metacluster.fqdn']}}
+        url: https://git.{{ vapp['metacluster.fqdn'] }}/api/v1/users/administrator/tokens
+        method: POST
+        user: administrator
+        password: "{{ vapp['guestinfo.rootpw'] }}"
+        force_basic_auth: yes
+        body:
+          name: token_init_{{ lookup('password', '/dev/null length=5 chars=ascii_letters,digits') }}
+      register: api_token
+
+    - name: Create organization(s)
+      ansible.builtin.uri:
+        url: https://git.{{ vapp['metacluster.fqdn'] }}/api/v1/orgs
+        method: POST
+        headers:
+          Authorization: token {{ api_token.json.sha1 }}
+        body: "{{ item }}"
+      loop:
+        - full_name: Meta-cluster
+          description: Meta-cluster configuration items
+          username: mc
+          website: https://git.{{ vapp['metacluster.fqdn'] }}/mc
+          location: '[...]'
+          visibility: public
+        - full_name: Workload-cluster
+          description: Workload-cluster configuration items
+          username: wl
+          website: https://git.{{ vapp['metacluster.fqdn'] }}/wl
+          location: '[...]'
+          visibility: public
+      loop_control:
+        label: "{{ item.full_name }}"
+
+    - name: Create repositories
+      ansible.builtin.uri:
+        url: https://git.{{ vapp['metacluster.fqdn'] }}/api/v1/orgs/{{ item.organization }}/repos
+        method: POST
+        headers:
+          Authorization: token {{ api_token.json.sha1 }}
+        body: "{{ item.body }}"
+      loop:
+        - organization: mc
+          body:
+            name: ArgoCD.Config,
+            # auto_init: true
+            default_branch: main
+            description: GitOps manifests
+        - organization: wl
+          body:
+            name: Template.ArgoCD.Config,
+            # auto_init: true
+            default_branch: main
+            description: GitOps manifests
+      loop_control:
+        label: "{{ item.organization + '/' + item.body.name }}"
 
 - name: Install argo-cd chart
   kubernetes.core.helm: