Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/stable/2023.2 / . / roles / barbican / tasks / main.yml
blob: 033a4e1eda73890ff917223e848c5584f2f93b04 [file] [log] [blame]
okozachenko43771bd2022-04-30 01:22:46 +1000[diff] [blame]1# Copyright (c) 2022 VEXXHOST, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
okozachenko43771bd2022-04-30 01:22:46 +1000[diff] [blame]15- name: Deploy Helm chart
guilhermesteinmuller6f99fc52023-01-24 17:41:53 +0000[diff] [blame]16 run_once: true
17 kubernetes.core.helm:
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]18 name: "{{ barbican_helm_release_name }}"
19 chart_ref: "{{ barbican_helm_chart_ref }}"
20 release_namespace: "{{ barbican_helm_release_namespace }}"
guilhermesteinmuller6f99fc52023-01-24 17:41:53 +0000[diff] [blame]21 create_namespace: true
22 kubeconfig: /etc/kubernetes/admin.conf
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]23 values: "{{ _barbican_helm_values | combine(barbican_helm_values, recursive=True) }}"
okozachenko43771bd2022-04-30 01:22:46 +1000[diff] [blame]24
25- name: Create Ingress
26 ansible.builtin.include_role:
27 name: openstack_helm_ingress
28 vars:
Julian Poss0aad3332022-05-18 09:37:20 +0000[diff] [blame]29 openstack_helm_ingress_endpoint: key_manager
okozachenko43771bd2022-04-30 01:22:46 +1000[diff] [blame]30 openstack_helm_ingress_service_name: barbican-api
31 openstack_helm_ingress_service_port: 9311
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]32 openstack_helm_ingress_annotations: "{{ barbican_ingress_annotations }}"
Mohammed Naser58052682025-02-05 14:03:20 -0500[diff] [blame]33 openstack_helm_ingress_class_name: "{{ barbican_ingress_class_name }}"
Michiel Piscaer86248232024-04-21 08:53:50 +0200[diff] [blame]34
35- name: Create creator role
36 openstack.cloud.identity_role:
37 cloud: atmosphere
38 state: present
39 name: creator
40
41- name: Add implied roles
42 run_once: true
43 ansible.builtin.shell: |
Tadas Sutkaitis7a286582024-05-01 02:12:08 +0300[diff] [blame]44 set -o posix
45 source /etc/profile.d/atmosphere.sh
Michiel Piscaer86248232024-04-21 08:53:50 +0200[diff] [blame]46 openstack implied role create \
47 --implied-role {{ item.implies }} \
48 {{ item.role }}
Tadas Sutkaitis7a286582024-05-01 02:12:08 +0300[diff] [blame]49 args:
50 executable: /bin/bash
Michiel Piscaer86248232024-04-21 08:53:50 +0200[diff] [blame]51 loop:
52 - role: member
53 implies: creator
54 environment:
55 OS_CLOUD: atmosphere
56 register: _octavia_implied_role_create
57 changed_when: _octavia_implied_role_create.rc == 0
58 failed_when: _octavia_implied_role_create.rc != 0 and 'Duplicate entry.' not in _octavia_implied_role_create.stderr
vexxhost-bot69a7f3c2024-06-20 14:16:03 +0200[diff] [blame]59 retries: 10
60 delay: 1
61 until: _octavia_implied_role_create.rc == 0 or 'Duplicate entry.' in _octavia_implied_role_create.stderr