Compare commits
4 Commits
2c5e8e10b5
...
5000c324e1
Author | SHA1 | Date | |
---|---|---|---|
5000c324e1 | |||
87e89cfa27 | |||
ac5d3e3668 | |||
616f8b9a53 |
@ -16,8 +16,6 @@
|
|||||||
- /opt/metacluster/helm-charts
|
- /opt/metacluster/helm-charts
|
||||||
- /opt/metacluster/k3s
|
- /opt/metacluster/k3s
|
||||||
- /opt/metacluster/kube-vip
|
- /opt/metacluster/kube-vip
|
||||||
- /opt/workloadcluster/git-repositories/gitops/charts
|
|
||||||
- /opt/workloadcluster/git-repositories/gitops/values
|
|
||||||
- /opt/workloadcluster/helm-charts
|
- /opt/workloadcluster/helm-charts
|
||||||
- /opt/workloadcluster/node-templates
|
- /opt/workloadcluster/node-templates
|
||||||
- /var/lib/rancher/k3s/agent/images
|
- /var/lib/rancher/k3s/agent/images
|
||||||
|
@ -69,7 +69,7 @@
|
|||||||
dest: /opt/metacluster/container-images
|
dest: /opt/metacluster/container-images
|
||||||
remote_src: no
|
remote_src: no
|
||||||
when:
|
when:
|
||||||
- lookup('ansible.builtin.fileglob', 'opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz')
|
- lookup('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz')
|
||||||
|
|
||||||
- name: Get all stored fully qualified container image names
|
- name: Get all stored fully qualified container image names
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
|
@ -11,6 +11,14 @@
|
|||||||
dest: /opt/workloadcluster/git-repositories/gitops
|
dest: /opt/workloadcluster/git-repositories/gitops
|
||||||
version: main
|
version: main
|
||||||
|
|
||||||
|
- name: Create folder structure within new git-repository
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- /opt/workloadcluster/git-repositories/gitops/charts
|
||||||
|
- /opt/workloadcluster/git-repositories/gitops/values
|
||||||
|
|
||||||
- name: Create hard-links to populate new git-repository
|
- name: Create hard-links to populate new git-repository
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
cmd: >-
|
cmd: >-
|
||||||
@ -26,6 +34,7 @@
|
|||||||
vars:
|
vars:
|
||||||
manifest: "{{ item.0 }}"
|
manifest: "{{ item.0 }}"
|
||||||
src: "{{ item.1.src }}"
|
src: "{{ item.1.src }}"
|
||||||
|
_newline: "\n"
|
||||||
_template: "{{ item.1._template }}"
|
_template: "{{ item.1._template }}"
|
||||||
loop: "{{ query('ansible.builtin.subelements', query('ansible.builtin.dict', downstream_components), 'value.extra_manifests') }}"
|
loop: "{{ query('ansible.builtin.subelements', query('ansible.builtin.dict', downstream_components), 'value.extra_manifests') }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
|
@ -114,7 +114,7 @@ components:
|
|||||||
secret: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) }}"
|
secret: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) }}"
|
||||||
name: Pinniped Supervisor client
|
name: Pinniped Supervisor client
|
||||||
redirectURIs:
|
redirectURIs:
|
||||||
- https://auth.{{ vapp['metacluster.fqdn'] }}/callback
|
- https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback
|
||||||
enablePasswordDB: true
|
enablePasswordDB: true
|
||||||
staticPasswords:
|
staticPasswords:
|
||||||
- email: admin@{{ vapp['metacluster.fqdn'] }}
|
- email: admin@{{ vapp['metacluster.fqdn'] }}
|
||||||
|
@ -36,7 +36,7 @@ downstream:
|
|||||||
issuer: https://auth.{{ vapp['metacluster.fqdn'] }}/sso
|
issuer: https://auth.{{ vapp['metacluster.fqdn'] }}/sso
|
||||||
audience: "{{ vapp['workloadcluster.name'] | lower }}"
|
audience: "{{ vapp['workloadcluster.name'] | lower }}"
|
||||||
tls:
|
tls:
|
||||||
certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ '\n' ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
|
certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ _newline ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
|
||||||
|
|
||||||
sealed-secrets:
|
sealed-secrets:
|
||||||
version: 2.8.1 # (= Sealed Secrets v0.20.2)
|
version: 2.8.1 # (= Sealed Secrets v0.20.2)
|
||||||
|
Reference in New Issue
Block a user