- name: Dashboard setup block: - name: dashboard install k8s: state: present context: "{{ my_context }}" resource_definition: "{{ lookup('file', item) | from_yaml }}" with_items: - "kubernetes-dashboard-Namespace.yaml" - "kubernetes-dashboard-ServiceAccount.yaml" - "kubernetes-dashboard-Service.yaml" - "kubernetes-dashboard-certs-Secret.yaml" - "kubernetes-dashboard-csrf-Secret.yaml" - "kubernetes-dashboard-key-holder-Secret.yaml" - "kubernetes-dashboard-settings-ConfigMap.yaml" - "kubernetes-dashboard-Role.yaml" - "kubernetes-dashboard-ClusterRole.yaml" - "kubernetes-dashboard-RoleBinding.yaml" - "kubernetes-dashboard-ClusterRoleBinding.yaml" - "kubernetes-dashboard-Deployment.yaml" - "dashboard-metrics-scraper-Service.yaml" - "dashboard-metrics-scraper-Deployment.yaml" - traefik/dashboard-traefik-auth-sa.yaml - traefik/dashboard-traefik-auth-crb.yaml - name: get the dashboard-token secret name command: kubectl --context {{ my_context }} get sa kubernetes-dashboard-traefik -n kubernetes-dashboard -o jsonpath='{.secrets[0].name}' register: secret_name - name: get the sa token command: kubectl --context {{ my_context }} get secret -n kubernetes-dashboard {{ secret_name.stdout }} -o jsonpath='{.data.token}' register: token_value - name: write the token to traefik v2 middleware k8s: state: present context: "{{ my_context }}" definition: apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: name: kubernetes-dashboard-auth namespace: kubernetes-dashboard spec: headers: customRequestHeaders: Authorization: "Bearer {{ token_value.stdout | b64decode }}" when: - traefik_version is defined - traefik_version | regex_search('(^2.)') - name: ingress dashboard install k8s: state: present context: "{{ my_context }}" resource_definition: "{{ lookup('template', item) | from_yaml }}" with_items: - dashboard-ingress.yaml