From edca98549c777a49a232a959c97d84f1c8f8eda4 Mon Sep 17 00:00:00 2001
From: Danny Bessems <danny@bessems.eu>
Date: Mon, 28 Nov 2022 10:25:25 +0100
Subject: [PATCH] Add explicit version;Add cni plugin;Add vApp properties to
 node template

---
 .../roles/assets/tasks/containerimages.yml    |  5 ++++-
 ansible/roles/assets/tasks/main.yml           |  1 +
 .../workloadcluster/tasks/nodetemplates.yml   | 20 +++++++++++++++++++
 .../ansible_payload/templates/clusterctl.j2   |  1 +
 ansible/vars/metacluster.yml                  |  1 +
 5 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/ansible/roles/assets/tasks/containerimages.yml b/ansible/roles/assets/tasks/containerimages.yml
index 311e609..a50ff68 100644
--- a/ansible/roles/assets/tasks/containerimages.yml
+++ b/ansible/roles/assets/tasks/containerimages.yml
@@ -46,6 +46,9 @@
         # Additionally, cert-manager is a prerequisite
         - url: https://github.com/cert-manager/cert-manager/releases/download/{{ components.clusterapi.management.version.cert_manager }}/cert-manager.yaml
           dest: cert-manager/{{ components.clusterapi.management.version.cert_manager }}/cert-manager.yaml
+        # Finally, workload clusters will need a CNI plugin
+        - url: https://raw.githubusercontent.com/projectcalico/calico/{{ components.clusterapi.workload.version.calico }}/manifests/calico.yaml
+          dest: cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
       loop_control:
         label: "{{ item.url | basename }}"
       retries: 5
@@ -54,7 +57,7 @@
 
     - name: Parse manifests
       ansible.builtin.shell:
-        cmd: cat {{ item.dest }} | yq --no-doc eval '.. | .image? | select(.)' | awk '!/ /' | sort
+        cmd: cat {{ item.dest }} | yq --no-doc eval '.. | .image? | select(.)' | awk '!/ /' | sort -u
       register: parsedmanifests
       loop: "{{ clusterapi_manifests.results }}"
       loop_control:
diff --git a/ansible/roles/assets/tasks/main.yml b/ansible/roles/assets/tasks/main.yml
index 3c41366..74681bf 100644
--- a/ansible/roles/assets/tasks/main.yml
+++ b/ansible/roles/assets/tasks/main.yml
@@ -6,6 +6,7 @@
     - /opt/metacluster/cluster-api/bootstrap-kubeadm/{{ components.clusterapi.management.version.base }}
     - /opt/metacluster/cluster-api/cert-manager/{{ components.clusterapi.management.version.cert_manager }}
     - /opt/metacluster/cluster-api/cluster-api/{{ components.clusterapi.management.version.base }}
+    - /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}
     - /opt/metacluster/cluster-api/control-plane-kubeadm/{{ components.clusterapi.management.version.base }}
     - /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}
     - /opt/metacluster/container-images
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
index ef35a09..f1f9942 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
@@ -37,6 +37,26 @@
       loop_control:
         index_var: index
 
+    - name: Add vApp properties (required for Network Protocol Profiles)
+      community.vmware.vmware_guest:
+        name: "{{ (item | basename | split('.'))[:-1] | join('.') }}"
+        vapp_properties:
+          - id: guestinfo.dns.servers
+            value: ${dns:{{ vcenter_info.network }}}
+          - id: guestinfo.dns.domains
+            value: ${searchPath:{{ vcenter_info.network }}}
+          - id: guestinfo.interface.0.ip.0.address
+            value: ip:{{ vcenter_info.network }}
+          - id: guestinfo.interface.0.ip.0.netmask
+            value: ${netmask:{{ vcenter_info.network }}}
+          - id: guestinfo.interface.0.route.0.gateway
+            value: ${gateway:{{ vcenter_info.network }}}
+      when: existing_ova.results[index] is failed
+      loop: "{{ ova_deploy.results }}"
+      loop_control:
+        index_var: index
+        label: "{{ item.item }}"
+
     - name: Create snapshot on deployed VM's
       community.vmware.vmware_guest_snapshot:
         folder: "{{ vcenter_info.folder }}"
diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
index 58b39d6..b6a3af1 100644
--- a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
@@ -14,6 +14,7 @@ providers:
 
 cert-manager:
   url: "/opt/metacluster/cluster-api/cert-manager/{{ _template.version.cert_manager }}/cert-manager.yaml"
+  version: "{{ _template.version.cert_manager }}"
 
 ## -- Controller settings -- ##
 VSPHERE_SERVER: "{{ _template.hv.fqdn }}"
diff --git a/ansible/vars/metacluster.yml b/ansible/vars/metacluster.yml
index 3e8d8b9..a10e532 100644
--- a/ansible/vars/metacluster.yml
+++ b/ansible/vars/metacluster.yml
@@ -86,6 +86,7 @@ components:
         infrastructure_vsphere: v1.5.0
     workload:
       version:
+        calico: v3.24.5
         k8s: v1.23.5
       node_template:
         # Refer to `https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/v1.3.5/README.md#kubernetes-versions-with-published-ovas` for a list of supported node templates