adrien/ansible-role-k8s-cert-manager
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
ansible-role-k8s-cert-manager/tasks/main.yml
Adrien Reslinger 895fbff2fe
All checks were successful
continuous-integration/drone/push Build is passing
Details
Make some work on OVH weghook deployment
2021-02-21 16:52:04 +01:00

81 lines
2.3 KiB
YAML
Raw Blame History

- name: Cert Manager setup
block:
- name: Defined jetstack repository
community.kubernetes.helm_repository:
name: jetstack
repo_url: "https://charts.jetstack.io"
- name: Deploy latest version of Cert-Manager
community.kubernetes.helm:
context: "{{ my_context }}"
name: cert-manager
chart_ref: jetstack/cert-manager
create_namespace: yes
release_namespace: "{{ cert_manager_namespace }}"
values:
installCRDs: true
global:
podSecurityPolicy:
enabled: true
useAppArmor: false
extraArgs:
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
- name: Create Secret object for API Key authentification
k8s:
state: present
context: "{{ my_context }}"
apply: true
namespace: "{{ cert_manager_namespace }}"
resource_definition: "{{ lookup('template', 'api-key-secret.yml.j2') | from_yaml }}"
when:
- cert_manager_issuer is defined
with_items:
- "{{ cert_manager_issuer }}"
- name: Defined ClusterIssuers
k8s:
state: present
context: "{{ my_context }}"
apply: true
namespace: "{{ cert_manager_namespace }}"
resource_definition: "{{ lookup('template', item) | from_yaml }}"
# debug:
# msg: "{{ lookup('template', item) | from_yaml }}"
with_items:
- clusterissuer.yml.j2
when:
# - false
- cert_manager_issuer is defined
# https://github.com/baarde/cert-manager-webhook-ovh/tree/master/deploy/cert-manager-webhook-ovh
- name: Install OVH webhook
block:
- name: Git clone stable repo on HEAD
ansible.builtin.git:
repo: "https://github.com/baarde/cert-manager-webhook-ovh.git"
dest: tmp/cert-manager-webhook-ovh
- name: Deploy OVH webhook chart from local path
community.kubernetes.helm:
state: present
context: "{{ my_context }}"
name: cert-manager-webhook-ovh
chart_ref: tmp/cert-manager-webhook-ovh/deploy/cert-manager-webhook-ovh
release_namespace: "{{ cert_manager_namespace }}"
when:
- false
- cert_manager_issuer.[].provider == "ovh"
tags: cert-manager
- name: install / uninstall Cert-Manager CSI Kubernetes drivers
include_tasks: "csi.yml"
when:
- certmanager_csi|bool
tags:
- cert-manager
- storage
Reference in a new issue View git blame Copy permalink