--- - name: GCP PD CSI Driver | Check if cloud-sa.json exists fail: msg: "Credentials file cloud-sa.json is mandatory" when: gcp_pd_csi_sa_cred_file is not defined or not gcp_pd_csi_sa_cred_file - name: GCP PD CSI Driver | Copy GCP credentials file copy: src: "{{ gcp_pd_csi_sa_cred_file }}" dest: "{{ kube_config_dir }}/cloud-sa.json" group: "{{ kube_cert_group }}" mode: 0640 when: inventory_hostname == groups['kube_control_plane'][0] - name: GCP PD CSI Driver | Get base64 cloud-sa.json slurp: src: "{{ kube_config_dir }}/cloud-sa.json" register: gcp_cred_secret when: inventory_hostname == groups['kube_control_plane'][0] - name: GCP PD CSI Driver | Generate Manifests template: src: "{{ item.file }}.j2" dest: "{{ kube_config_dir }}/{{ item.file }}" mode: 0644 with_items: - {name: gcp-pd-csi-cred-secret, file: gcp-pd-csi-cred-secret.yml} - {name: gcp-pd-csi-setup, file: gcp-pd-csi-setup.yml} - {name: gcp-pd-csi-controller, file: gcp-pd-csi-controller.yml} - {name: gcp-pd-csi-node, file: gcp-pd-csi-node.yml} - {name: gcp-pd-csi-sc-regional, file: gcp-pd-csi-sc-regional.yml} - {name: gcp-pd-csi-sc-zonal, file: gcp-pd-csi-sc-zonal.yml} register: gcp_pd_csi_manifests when: inventory_hostname == groups['kube_control_plane'][0] - name: GCP PD CSI Driver | Apply Manifests kube: kubectl: "{{ bin_dir }}/kubectl" filename: "{{ kube_config_dir }}/{{ item.item.file }}" state: "latest" with_items: - "{{ gcp_pd_csi_manifests.results }}" when: - inventory_hostname == groups['kube_control_plane'][0] - not item is skipped loop_control: label: "{{ item.item.file }}"