-
Notifications
You must be signed in to change notification settings - Fork 9
/
main.yaml
148 lines (131 loc) · 4.35 KB
/
main.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
---
- name: Import facts
ansible.builtin.import_role:
name: k3s
tasks_from: facts
- name: Role Validation
ansible.builtin.import_tasks:
file: validation.yaml
- name: Role Provisioning
when: ansible_host in k3s_server_hosts
block:
- name: Install packages
ansible.builtin.apt:
name: '{{ item }}'
autoremove: true
update_cache: true
loop:
- apt-transport-https
- python3-kubernetes
- name: Add variables to environment file
ansible.builtin.lineinfile:
path: /etc/environment
line: '{{ item.key }}={{ item.value }}'
regexp: ^{{ item.key }}
loop: "{{ lookup('ansible.builtin.dict', helm_environment_vars | combine(helm_vars.environment)) | sort(attribute='key') }}"
- name: Initialize variables
ansible.builtin.shell: |
set -eo pipefail
source /etc/environment
args:
executable: /bin/bash
changed_when: true
- name: Get file status
ansible.builtin.stat:
path: /usr/share/keyrings/{{ helm_vars.release.key }}
changed_when: not gpg_key.stat.exists
register: gpg_key
- name: Helm Package
when: not gpg_key.stat.exists
block:
- name: Download key
ansible.builtin.get_url:
url: '{{ helm_release_key }}'
dest: /tmp/{{ helm_vars.release.repository.key }}
owner: root
group: root
mode: '0644'
register: result
delay: 1
retries: 3
until: result is not failed
- name: Dearmor key
ansible.builtin.command:
cmd: gpg --dearmor -o /usr/share/keyrings/{{ helm_vars.release.key }} /tmp/{{ helm_vars.release.repository.key }}
changed_when: dearmor_key.rc == 0
register: dearmor_key
- name: Remove key
ansible.builtin.file:
path: /tmp/{{ helm_vars.release.repository.key }}
state: absent
- name: Get architecture
ansible.builtin.command:
cmd: dpkg --print-architecture
changed_when: false
register: architecture
- name: Install repository
ansible.builtin.deb822_repository:
architectures: '{{ architecture.stdout }}'
components: main
name: helm-{{ helm_vars.release.repository.channel }}
signed_by: /usr/share/keyrings/{{ helm_vars.release.key }}
suites: all
uris: '{{ helm_release_channel }}/{{ helm_vars.release.distro }}/'
enabled: true
trusted: true
- name: Install helm package
ansible.builtin.apt:
name: helm
autoremove: true
update_cache: true
- name: Helm Cache
notify: Start service
block:
- name: Create service file
ansible.builtin.template:
src: service.j2
dest: /etc/systemd/system/helm-cache.service
owner: root
group: root
mode: '0644'
- name: Create service timer file
ansible.builtin.template:
src: timer.j2
dest: /etc/systemd/system/helm-cache.timer
owner: root
group: root
mode: '0644'
- name: Remove Helm Plugins
notify: Restart service
block:
- name: Remove plugins
kubernetes.core.helm_plugin:
plugin_name: '{{ item.name }}'
state: absent
loop: '{{ helm_vars.plugins }}'
- name: Remove plugin packages
ansible.builtin.apt:
name: '{{ item }}'
state: absent
autoremove: true
clean: true
purge: true
loop: '{{ helm_plugin_packages_disabled | default([]) }}'
- name: Install Helm Plugins
block:
- name: Install plugin packages
ansible.builtin.apt:
name: '{{ item }}'
autoremove: true
update_cache: true
loop: '{{ helm_plugin_packages | default([]) }}'
- name: Install plugins
kubernetes.core.helm_plugin:
plugin_path: '{{ item.repository.url }}'
plugin_version: '{{ item.version }}'
loop: '{{ helm_vars.plugins }}'
register: result
delay: 1
retries: 3
until: result is not failed
when: item.enabled