Compare commits
4 Commits
2c5e8e10b5
...
5000c324e1
Author | SHA1 | Date | |
---|---|---|---|
5000c324e1 | |||
87e89cfa27 | |||
ac5d3e3668 | |||
616f8b9a53 |
@ -16,8 +16,6 @@
|
||||
- /opt/metacluster/helm-charts
|
||||
- /opt/metacluster/k3s
|
||||
- /opt/metacluster/kube-vip
|
||||
- /opt/workloadcluster/git-repositories/gitops/charts
|
||||
- /opt/workloadcluster/git-repositories/gitops/values
|
||||
- /opt/workloadcluster/helm-charts
|
||||
- /opt/workloadcluster/node-templates
|
||||
- /var/lib/rancher/k3s/agent/images
|
||||
|
@ -69,7 +69,7 @@
|
||||
dest: /opt/metacluster/container-images
|
||||
remote_src: no
|
||||
when:
|
||||
- lookup('ansible.builtin.fileglob', 'opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz')
|
||||
- lookup('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tgz') is match('.*image-tarballs.tgz')
|
||||
|
||||
- name: Get all stored fully qualified container image names
|
||||
ansible.builtin.shell:
|
||||
|
@ -11,6 +11,14 @@
|
||||
dest: /opt/workloadcluster/git-repositories/gitops
|
||||
version: main
|
||||
|
||||
- name: Create folder structure within new git-repository
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
loop:
|
||||
- /opt/workloadcluster/git-repositories/gitops/charts
|
||||
- /opt/workloadcluster/git-repositories/gitops/values
|
||||
|
||||
- name: Create hard-links to populate new git-repository
|
||||
ansible.builtin.shell:
|
||||
cmd: >-
|
||||
@ -26,6 +34,7 @@
|
||||
vars:
|
||||
manifest: "{{ item.0 }}"
|
||||
src: "{{ item.1.src }}"
|
||||
_newline: "\n"
|
||||
_template: "{{ item.1._template }}"
|
||||
loop: "{{ query('ansible.builtin.subelements', query('ansible.builtin.dict', downstream_components), 'value.extra_manifests') }}"
|
||||
loop_control:
|
||||
|
@ -114,7 +114,7 @@ components:
|
||||
secret: "{{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['metacluster.fqdn']) }}"
|
||||
name: Pinniped Supervisor client
|
||||
redirectURIs:
|
||||
- https://auth.{{ vapp['metacluster.fqdn'] }}/callback
|
||||
- https://auth.{{ vapp['metacluster.fqdn'] }}/sso/callback
|
||||
enablePasswordDB: true
|
||||
staticPasswords:
|
||||
- email: admin@{{ vapp['metacluster.fqdn'] }}
|
||||
|
@ -36,7 +36,7 @@ downstream:
|
||||
issuer: https://auth.{{ vapp['metacluster.fqdn'] }}/sso
|
||||
audience: "{{ vapp['workloadcluster.name'] | lower }}"
|
||||
tls:
|
||||
certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ '\n' ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
|
||||
certificateAuthorityData: "{{ (stepca_cm_certs.resources[0].data['intermediate_ca.crt'] ~ _newline ~ stepca_cm_certs.resources[0].data['root_ca.crt']) | b64encode }}"
|
||||
|
||||
sealed-secrets:
|
||||
version: 2.8.1 # (= Sealed Secrets v0.20.2)
|
||||
|
Reference in New Issue
Block a user