108 lines
3.5 KiB
YAML
108 lines
3.5 KiB
YAML
---
|
|
- name: Kubernetes Apps | Download yq
|
|
include_tasks: "../../../download/tasks/download_file.yml"
|
|
vars:
|
|
download: "{{ download_defaults | combine(downloads.yq) }}"
|
|
|
|
- name: Kubernetes Apps | Copy yq binary from download dir
|
|
ansible.posix.synchronize:
|
|
src: "{{ downloads.yq.dest }}"
|
|
dest: "{{ bin_dir }}/yq"
|
|
compress: no
|
|
perms: yes
|
|
owner: no
|
|
group: no
|
|
delegate_to: "{{ inventory_hostname }}"
|
|
|
|
- name: Kubernetes Apps | Set ArgoCD template list
|
|
set_fact:
|
|
argocd_templates:
|
|
- name: namespace
|
|
file: argocd-namespace.yml
|
|
- name: install
|
|
file: argocd-install.yml
|
|
namespace: "{{ argocd_namespace }}"
|
|
url: "{{ argocd_install_url }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
- name: Kubernetes Apps | Download ArgoCD remote manifests
|
|
include_tasks: "../../../download/tasks/download_file.yml"
|
|
vars:
|
|
download_argocd:
|
|
enabled: "{{ argocd_enabled }}"
|
|
file: true
|
|
dest: "{{ local_release_dir }}/{{ item.file }}"
|
|
url: "{{ item.url }}"
|
|
unarchive: false
|
|
owner: "root"
|
|
mode: "0644"
|
|
sha256: ""
|
|
download: "{{ download_defaults | combine(download_argocd) }}"
|
|
with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
|
|
loop_control:
|
|
label: "{{ item.file }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
- name: Kubernetes Apps | Copy ArgoCD remote manifests from download dir
|
|
ansible.posix.synchronize:
|
|
src: "{{ local_release_dir }}/{{ item.file }}"
|
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
|
compress: no
|
|
perms: yes
|
|
owner: no
|
|
group: no
|
|
delegate_to: "{{ inventory_hostname }}"
|
|
with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
- name: Kubernetes Apps | Set ArgoCD namespace for remote manifests
|
|
become: yes
|
|
command: |
|
|
{{ bin_dir }}/yq eval-all -i '.metadata.namespace="{{ argocd_namespace }}"' {{ kube_config_dir }}/{{ item.file }}
|
|
with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
|
|
loop_control:
|
|
label: "{{ item.file }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
- name: Kubernetes Apps | Create ArgoCD manifests from templates
|
|
become: yes
|
|
template:
|
|
src: "{{ item.file }}.j2"
|
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
|
mode: "0644"
|
|
with_items: "{{ argocd_templates | selectattr('url', 'undefined') | list }}"
|
|
loop_control:
|
|
label: "{{ item.file }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
- name: Kubernetes Apps | Install ArgoCD
|
|
become: yes
|
|
kube:
|
|
name: ArgoCD
|
|
kubectl: "{{ bin_dir }}/kubectl"
|
|
filename: "{{ kube_config_dir }}/{{ item.file }}"
|
|
state: latest
|
|
with_items: "{{ argocd_templates }}"
|
|
when:
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|
|
|
|
# https://github.com/argoproj/argo-cd/blob/master/docs/faq.md#i-forgot-the-admin-password-how-do-i-reset-it
|
|
- name: Kubernetes Apps | Set ArgoCD custom admin password
|
|
become: yes
|
|
shell: |
|
|
{{ bin_dir }}/kubectl --kubeconfig /etc/kubernetes/admin.conf -n {{ argocd_namespace }} patch secret argocd-secret -p \
|
|
'{
|
|
"stringData": {
|
|
"admin.password": "{{ argocd_admin_password | password_hash('bcrypt') }}",
|
|
"admin.passwordMtime": "'$(date +%FT%T%Z)'"
|
|
}
|
|
}'
|
|
when:
|
|
- argocd_admin_password is defined
|
|
- "inventory_hostname == groups['kube_control_plane'][0]"
|