opendev/system-config
Code Issues Proposed changes
system-config/kubernetes/gitea/gitea-playbook.yaml
James E. Blair 7610682b6f Configure .kube/config on bridge 
Add the gitea k8s cluster to root's .kube/config file on bridge.

The default context does not exist in order to force us to explicitly
specify a context for all commands (so that we do not inadvertently
deploy something on the wrong k8s cluster).

Change-Id: I53368c76e6f5b3ab45b1982e9a977f9ce9f08581
2019-02-06 15:43:19 -08:00

126 lines
4.2 KiB
YAML
Raw Blame History

- hosts: localhost
tasks:
- name: Set up gitea namespace
k8s:
context: gitea
state: present
definition: "{{ lookup('template', 'k8s/namespace.yaml') | from_yaml }}"
- name: Set up gitea secrets
k8s:
context: gitea
state: present
definition: "{{ lookup('template', 'k8s/secret.yaml') | from_yaml }}"
- name: Set up gitea configmap
k8s:
context: gitea
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: gitea-conf
namespace: gitea
data:
# Note: we are not asking ansible to template this, it
# will be run by jinja-init
app.ini.j2: "{{ lookup('file', 'app.ini.j2') }}"
- name: Set up gitea deployment
k8s:
context: gitea
state: present
definition: "{{ lookup('template', 'k8s/deployment.yaml') | from_yaml }}"
- name: Set up gitea service
k8s:
context: gitea
state: present
definition: "{{ lookup('template', 'k8s/service.yaml') | from_yaml }}"
- name: Get service IP
k8s:
context: gitea
namespace: gitea
kind: Service
name: gitea-service
register: gitea_service
until: gitea_service.result.status.loadBalancer and gitea_service.result.status.loadBalancer.ingress and gitea_service.result.status.loadBalancer.ingress | length > 0 and gitea_service.result.status.loadBalancer.ingress[0].ip
delay: 1
retries: 300
- name: Set service url fact
set_fact:
gitea_url: "http://{{ gitea_service.result.status.loadBalancer.ingress[0].ip }}"
- name: Check if root user exists
uri:
url: "{{ gitea_url }}/api/v1/users/root"
status_code: 200, 404
register: root_user_check
- name: Create root user
when: root_user_check.status==404
block:
- name: Find gitea pods
k8s_facts:
namespace: gitea
kind: Pod
label_selectors:
- "app = gitea"
register: gitea_pods
- name: Create root user
command: "kubectl --context gitea exec {{ gitea_pods.resources[0].metadata.name }} -n gitea -c gitea -- gitea admin create-user --name root --password {{ gitea_root_password }} --email {{ gitea_root_email }} --admin"
no_log: true
- name: Check if gerrit user exists
uri:
url: "{{ gitea_url }}/api/v1/users/gerrit"
status_code: 200, 404
register: gerrit_user_check
- name: Create gerrit user
when: gerrit_user_check.status==404
no_log: true
uri:
url: "{{ gitea_url }}/api/v1/admin/users"
method: POST
user: root
password: "{{ gitea_root_password }}"
force_basic_auth: true
status_code: 201
body_format: json
body:
email: "gerrit@review.opendev.org"
full_name: Gerrit
login_name: gerrit
password: "{{ gitea_gerrit_password }}"
send_notify: false
source_id: 0
username: gerrit
- name: Check if gerrit ssh key exists
uri:
user: root
password: "{{ gitea_root_password }}"
force_basic_auth: true
url: "{{ gitea_url }}/api/v1/users/gerrit/keys"
status_code: 200
register: gerrit_key_check
no_log: true
- name: Delete old gerrit ssh key
when: gerrit_key_check.json | length > 0 and gerrit_key_check.json[0].key != gitea_gerrit_public_key
no_log: true
uri:
user: root
password: "{{ gitea_root_password }}"
force_basic_auth: true
url: "{{ gitea_url }}/api/v1/user/keys/{{ gerrit_key_check.json[0].id }}"
method: DELETE
status_code: 204
- name: Add gerrit ssh key
when: gerrit_key_check.json | length == 0
no_log: true
uri:
user: root
password: "{{ gitea_root_password }}"
force_basic_auth: true
url: "{{ gitea_url }}/api/v1/admin/users/gerrit/keys"
method: POST
status_code: 201
body_format: json
body:
key: "{{ gitea_gerrit_public_key }}"
read_only: false
title: "Gerrit replication key"
View Git Blame Copy Permalink