From d652cf034648a53f484c8a5e541f013ca0ea07fc Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Mon, 15 Aug 2022 14:43:55 +0200 Subject: [PATCH] Configure ArgoCD declaratively --- .../roles/metacluster/tasks/main.yml | 13 +++++++++++++ .../files/ansible_payload/templates/gitrepo.j2 | 13 +++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml index ab7808f..44a0a78 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml +++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml @@ -325,6 +325,19 @@ # - name: Create umbrella application # ansible.builtin.template: # + - name: Configure metacluster-gitops repository + ansible.builtin.template: + src: gitrepo.j2 + dest: /var/lib/rancher/k3s/server/manifests/{{ _template.name }}-manifest.yaml + owner: root + group: root + mode: 0600 + vars: + _template: + name: argocd-gitrepo-metacluster + namespace: argo-cd + uid: "{{ lookup('ansible.builtin.password', '/dev/null length=5 chars=ascii_lowercase,digits seed=inventory_hostname') }}" + privatekey: "{{ lookup('ansible.builtin.file', '~/.ssh/git_rsa_id') | indent(4, true) }}" module_defaults: ansible.builtin.uri: diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 b/ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 new file mode 100644 index 0000000..c5351f9 --- /dev/null +++ b/ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ _template.name }}-{{ _template.uid }} + namespace: {{ _template.namespace }} + labels: + argocd.argoproj.io/secret-type: repository +stringData: + url: ssh://git@gitea-ssh.gitea.svc.cluster.local/mc/GitOps.Config.git + name: {{ _template.name }} + insecure: 'true' + sshPrivateKey: | +{{ _template.privatekey }}