4 Commits

Author SHA1 Message Date
5000c324e1 fix: Register correct redirect/callback url
All checks were successful
continuous-integration/drone/push Build is passing
2023-08-24 10:05:08 +02:00
87e89cfa27 fix: Incorrect linebreak in ca-bundle 2023-08-24 10:04:38 +02:00
ac5d3e3668 fix: Create folderstructure after cloning git repository 2023-08-24 09:47:58 +02:00
616f8b9a53 fix: Incorrect path 2023-08-24 09:47:16 +02:00
5 changed files with 12 additions and 5 deletions

View File

@ -16,8 +16,6 @@
- /opt/metacluster/helm-charts - /opt/metacluster/helm-charts
- /opt/metacluster/k3s - /opt/metacluster/k3s
- /opt/metacluster/kube-vip - /opt/metacluster/kube-vip
- /opt/workloadcluster/git-repositories/gitops/charts
- /opt/workloadcluster/git-repositories/gitops/values
- /opt/workloadcluster/helm-charts - /opt/workloadcluster/helm-charts
- /opt/workloadcluster/node-templates - /opt/workloadcluster/node-templates
- /var/lib/rancher/k3s/agent/images - /var/lib/rancher/k3s/agent/images

View File

@ -69,7 +69,7 @@
dest: /opt/metacluster/container-images dest: /opt/metacluster/container-images
remote_src: no remote_src: no
when: when:
- lookup('ansible.builtin.fileglob', 'opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz') - lookup('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz')
- name: Get all stored fully qualified container image names - name: Get all stored fully qualified container image names
ansible.builtin.shell: ansible.builtin.shell:

View File

@ -11,6 +11,14 @@
dest: /opt/workloadcluster/git-repositories/gitops dest: /opt/workloadcluster/git-repositories/gitops
version: main version: main
- name: Create folder structure within new git-repository
ansible.builtin.file:
path: "{{ item }}"
state: directory
loop:
- /opt/workloadcluster/git-repositories/gitops/charts
- /opt/workloadcluster/git-repositories/gitops/values
- name: Create hard-links to populate new git-repository - name: Create hard-links to populate new git-repository
ansible.builtin.shell: ansible.builtin.shell:
cmd: >- cmd: >-
@ -26,6 +34,7 @@
vars: vars:
manifest: "{{ item.0 }}" manifest: "{{ item.0 }}"
src: "{{ item.1.src }}" src: "{{ item.1.src }}"
_newline: "\n"
_template: "{{ item.1._template }}" _template: "{{ item.1._template }}"
loop: "{{ query('ansible.builtin.subelements', query('ansible.builtin.dict', downstream_components), 'value.extra_manifests') }}" loop: "{{ query('ansible.builtin.subelements', query('ansible.builtin.dict', downstream_components), 'value.extra_manifests') }}"
loop_control: loop_control:

View File

@ -114,7 +114,7 @@ components:
secret: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) }}" secret: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) }}"
name: Pinniped Supervisor client name: Pinniped Supervisor client
redirectURIs: redirectURIs:
- https://auth.{{ vapp['metacluster.fqdn'] }}/callback - https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback
enablePasswordDB: true enablePasswordDB: true
staticPasswords: staticPasswords:
- email: admin@{{ vapp['metacluster.fqdn'] }} - email: admin@{{ vapp['metacluster.fqdn'] }}

View File

@ -36,7 +36,7 @@ downstream:
issuer: https://auth.{{ vapp['metacluster.fqdn'] }}/sso issuer: https://auth.{{ vapp['metacluster.fqdn'] }}/sso
audience: "{{ vapp['workloadcluster.name'] | lower }}" audience: "{{ vapp['workloadcluster.name'] | lower }}"
tls: tls:
certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ '\n' ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}" certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ _newline ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
sealed-secrets: sealed-secrets:
version: 2.8.1 # (= Sealed Secrets v0.20.2) version: 2.8.1 # (= Sealed Secrets v0.20.2)