djpbessems/Packer.Images
djpbessems/Packer.Images
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5cdd6ef052
Packer.Images/ansible/roles/assets/tasks/manifests.yml
Danny Bessems 5cdd6ef052
Some checks failed
continuous-integration/drone/push Build is failing
Details
feat: Include pinniped local-user-authenticator
2023-10-22 15:20:34 +02:00

137 lines
7.8 KiB
YAML
Raw Blame History

- block:
- name: Aggregate meta-cluster chart_values into dict
ansible.builtin.set_fact:
metacluster_chartvalues: "{{ metacluster_chartvalues | default({}) | combine({ item.key: { 'chart_values': (item.value.helm.chart_values | from_yaml) } }) }}"
when: item.value.helm.chart_values is defined
loop: "{{ query('ansible.builtin.dict', components) }}"
loop_control:
label: "{{ item.key }}"
- name: Combine and write dict to vars_file
ansible.builtin.copy:
dest: /opt/firstboot/ansible/vars/metacluster.yml
content: >-
{{
{ 'components': (
metacluster_chartvalues |
combine({ 'clusterapi' : components['clusterapi'] }) |
combine({ 'kubevip' : components['kubevip'] }) |
combine({ 'local-user-auth': components['local-user-auth'] })),
'appliance': {
'version': (applianceversion)
}
} | to_nice_yaml(indent=2, width=4096)
}}
- name: Aggregate workload-cluster chart_values into dict
ansible.builtin.set_fact:
workloadcluster_chartvalues: |
{{
workloadcluster_chartvalues | default({}) | combine({
item.key: {
'chart_values': (item.value.chart_values | default('') | from_yaml),
'extra_manifests': (item.value.extra_manifests | default([])),
'namespace': (item.value.namespace)
}
})
}}
loop: "{{ query('ansible.builtin.dict', downstream.helm_charts) }}"
loop_control:
label: "{{ item.key }}"
- name: Write dict to vars_file
ansible.builtin.copy:
dest: /opt/firstboot/ansible/vars/workloadcluster.yml
content: >-
{{
{ 'downstream_components': ( workloadcluster_chartvalues )
} | to_nice_yaml(indent=2, width=4096)
}}
- name: Download Cluster-API manifests
ansible.builtin.get_url:
url: "{{ item.url }}"
dest: /opt/metacluster/cluster-api/{{ item.dest }}
register: clusterapi_manifests
loop:
# This list is based on `clusterctl config repositories`
# Note: Each manifest also needs a `metadata.yaml` file stored in the respective folder
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/bootstrap-components.yaml
dest: bootstrap-kubeadm/{{ components.clusterapi.management.version.base }}/bootstrap-components.yaml
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/core-components.yaml
dest: cluster-api/{{ components.clusterapi.management.version.base }}/core-components.yaml
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/control-plane-components.yaml
dest: control-plane-kubeadm/{{ components.clusterapi.management.version.base }}/control-plane-components.yaml
# This downloads the same `metadata.yaml` file to three separate folders
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/metadata.yaml
dest: bootstrap-kubeadm/{{ components.clusterapi.management.version.base }}/metadata.yaml
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/metadata.yaml
dest: cluster-api/{{ components.clusterapi.management.version.base }}/metadata.yaml
- url: https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ components.clusterapi.management.version.base }}/metadata.yaml
dest: control-plane-kubeadm/{{ components.clusterapi.management.version.base }}/metadata.yaml
# The vsphere infrastructure provider requires multiple files (`cluster-template.yaml` and `metadata.yaml` on top of default files)
- url: https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/releases/download/{{ components.clusterapi.management.version.infrastructure_vsphere }}/infrastructure-components.yaml
dest: infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}/infrastructure-components.yaml
- url: https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/releases/download/{{ components.clusterapi.management.version.infrastructure_vsphere }}/cluster-template.yaml
dest: infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}/cluster-template.yaml
- url: https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/releases/download/{{ components.clusterapi.management.version.infrastructure_vsphere }}/metadata.yaml
dest: infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}/metadata.yaml
# Additionally, cert-manager is a prerequisite
- url: https://github.com/cert-manager/cert-manager/releases/download/{{ components.clusterapi.management.version.cert_manager }}/cert-manager.yaml
dest: cert-manager/{{ components.clusterapi.management.version.cert_manager }}/cert-manager.yaml
# Finally, workload clusters will need a CNI plugin
- url: https://raw.githubusercontent.com/projectcalico/calico/{{ components.clusterapi.workload.version.calico }}/manifests/calico.yaml
dest: cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
# IPAM in-cluster provider (w/ metadata.yaml)
- url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
- url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
loop_control:
label: "{{ item.url | basename }}"
retries: 5
delay: 5
until: clusterapi_manifests is not failed
- name: Update cluster-template with image tags
ansible.builtin.replace:
dest: /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}/cluster-template.yaml
regexp: ':\${CPI_IMAGE_K8S_VERSION}'
replace: ":{{ components.clusterapi.management.version.cpi_vsphere }}"
- name: Download kube-vip RBAC manifest
ansible.builtin.get_url:
url: https://kube-vip.io/manifests/rbac.yaml
dest: /opt/metacluster/kube-vip/rbac.yaml
register: kubevip_manifest
retries: 5
delay: 5
until: kubevip_manifest is not failed
- name: Download pinniped local-user-authenticator manifest
ansible.builtin.get_url:
url: https://get.pinniped.dev/{{ components['local-user-authenticator'].version }}/install-local-user-authenticator.yaml
dest: /opt/metacluster/pinniped/local-user-authenticator.yaml
register: pinniped_manifest
retries: 5
delay: 5
until: pinniped_manifest is not failed
- name: Trim image hash from manifest
ansible.builtin.copy:
dest: /opt/metacluster/pinniped/local-user-authenticator.yaml
content: "{{ lookup('ansible.builtin.file', '/opt/metacluster/pinniped/local-user-authenticator.yaml') | regex_replace('([ ]*image: .*)@.*', '\\1') }}"
no_log: true
# - name: Inject manifests
# ansible.builtin.template:
# src: "{{ item.type }}.j2"
# dest: /var/lib/rancher/k3s/server/manifests/{{ item.name }}-manifest.yaml
# owner: root
# group: root
# mode: 0600
# loop: "{{ query('ansible.builtin.dict', components) | map(attribute='value.manifests') | list | select('defined') | flatten }}"
# loop_control:
# label: "{{ item.type ~ '/' ~ item.name }}"
Reference in New Issue View Git Blame Copy Permalink