--- - name: Gitea setup block: - name: Install Gitea dynamic files kubernetes.core.k8s: state: present context: "{{ my_context }}" merge_type: merge resource_definition: "{{ lookup('template', 'gitea/' + item) | from_yaml }}" with_items: - gitea-Namespace.yaml.j2 - gitea-pvc.yml.j2 - gitea-IngressRoute.yml.j2 # - gitea-IngressRouteTCP.yml.j2 # - name: Install Gitea static files # kubernetes.core.k8s: # state: present # context: "{{ my_context }}" # merge_type: merge # resource_definition: "{{ lookup('file', 'gitea/' + item) | from_yaml }}" # with_items: # - gitea-ConfigMap.yaml # - gitea-Deployment.yaml # - gitea-Service.yaml - name: Defined gitea repository kubernetes.core.helm_repository: name: gitea repo_url: "https://dl.gitea.io/charts" - name: Deploy latest version of Gitea kubernetes.core.helm: context: "{{ my_context }}" name: gitea chart_ref: gitea/gitea release_namespace: "{{ gitea_namespace }}" values: "{{ lookup('template', 'gitea/helm-value.yaml.j2') | from_yaml }}" tags: - gitea # https://github.com/drone/charts/tree/master/charts - name: Drone setup block: - name: Defined drone repository kubernetes.core.helm_repository: name: drone repo_url: "https://charts.drone.io" tags: - drone-server - drone-runner - drone - name: Drone install kubernetes.core.helm: context: "{{ my_context }}" name: drone chart_ref: drone/drone release_namespace: "{{ drone_namespace }}" create_namespace: true values: "{{ lookup('template', 'drone-helm-value.yaml.j2') | from_yaml }}" tags: - drone-server - drone - name: Drone Runner install kubernetes.core.helm: context: "{{ my_context }}" name: drone chart_ref: drone/drone-runner-kube release_namespace: "{{ drone_runner_namespace }}" create_namespace: true values: "{{ lookup('template', 'drone-runner-helm-value.yaml.j2') | from_yaml }}" tags: - drone-runner - drone # https://github.com/aquasecurity/trivy/tree/main/helm/trivy - name: Trivy Setup block: # - name: Git clone stable repo on HEAD # ansible.builtin.git: # repo: "https://github.com/aquasecurity/trivy.git" # dest: tmp/trivy # version: "{{ trivy_version }}" - name: Defined trivy repository kubernetes.core.helm_repository: name: aquasecurity repo_url: "https://aquasecurity.github.io/helm-charts/" - name: Deploy trivy chart kubernetes.core.helm: state: present name: trivy context: "{{ my_context }}" chart_ref: aquasecurity/trivy release_namespace: "{{ trivy_namespace }}" create_namespace: true # values: # image: # tag: "{{ trivy_version }}" # persistence: # storageClass: "{{ trivy_storage_classname }}" # trivy: # gitHubToken: "" # cache: # redis: # enabled: false # url: "" # e.g. redis://redis.redis.svc:6379 # ingress: # enabled: false # annotations: {} # # kubernetes.io/ingress.class: traefik # hosts: # - host: trivy.{{ cluster_domain }} tags: - trivy #- name: Registry setup # block: # - name: Defined Registry repository # kubernetes.core.helm_repository: # name: cesanta # repo_url: "https://cesanta.github.io/docker_auth/" # - name: Deploy latest version of Registry # kubernetes.core.helm: # context: "{{ my_context }}" # name: docker-auth # chart_ref: cesanta/docker-auth # release_namespace: "{{ registry_namespace }}" # values: "{{ lookup('template', 'registry-value.yaml.j2') | from_yaml }}" # tags: # - registry # https://github.com/helm/chartmuseum # https://artifacthub.io/packages/helm/chartmuseum/chartmuseum - name: ChartMuseum Setup block: - name: Defined ChartMuseum repository kubernetes.core.helm_repository: name: chartmuseum repo_url: "https://chartmuseum.github.io/charts" - name: Deploy trivy chart from local path kubernetes.core.helm: state: present name: chartmuseum context: "{{ my_context }}" chart_ref: chartmuseum/chartmuseum release_namespace: "{{ chartmuseum_namespace }}" create_namespace: true values: persistence: enabled: true # path: "/storage" # storageClass: accessMode: ReadWriteOnce size: 2Gi env: open: STORAGE: local extraArgs: [] ingress: enabled: true annotations: {} labels: {} hosts[0]: name: chartmuseum.{{ cluster_domain }} tags: - chartmuseum