diff --git a/defaults/main.yml b/defaults/main.yml index 21d5061..187cf57 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -29,4 +29,4 @@ storage_linode: false storage_digitalocean: false # local-path, longhorn, linode-block-storage, linode-block-storage-retain, do-block-storage -#storage_default_storageclass: local-path +# storage_default_storageclass: local-path diff --git a/meta/main.yml b/meta/main.yml index a3c8a17..b4266a6 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,6 +6,6 @@ galaxy_info: galaxy_tags: [] license: GPL2 platforms: - - name: kubernetes - version: - - all + - name: kubernetes + version: + - all diff --git a/tasks/digital_ocean.yml b/tasks/digital_ocean.yml index 24759bd..15d9b30 100644 --- a/tasks/digital_ocean.yml +++ b/tasks/digital_ocean.yml @@ -1,22 +1,22 @@ --- # https://github.com/digitalocean/csi-digitalocean - name: Include file list - include_vars: "digitalocean.yaml" + ansible.builtin.include_vars: "digitalocean.yaml" - name: Defined digitalocean-storage state to present - set_fact: + ansible.builtin.set_fact: storage_digitalocean_state: present when: - storage_digitalocean|bool - name: find state of digitalocean-storage - set_fact: + ansible.builtin.set_fact: storage_digitalocean_state: absent when: - not storage_digitalocean|bool - name: Secret for DigitalOcean Access Key need to be {{ storage_digitalocean_state }} - k8s: + kubernetes.core.k8s: state: "{{ storage_digitalocean_state }}" context: "{{ my_context }}" definition: @@ -30,7 +30,7 @@ access-token: "{{ digitalocean_token | default('token_missing') }}" - name: digitalocean-storage need to be {{ storage_digitalocean_state }} - k8s: + kubernetes.core.k8s: state: "{{ storage_digitalocean_state }}" context: "{{ my_context }}" merge_type: merge diff --git a/tasks/linode.yml b/tasks/linode.yml index 02b3d06..1147f41 100644 --- a/tasks/linode.yml +++ b/tasks/linode.yml @@ -1,22 +1,22 @@ --- # https://github.com/linode/linode-blockstorage-csi-driver - name: Include file list - include_vars: "linode.yaml" + ansible.builtin.include_vars: "linode.yaml" - name: Defined linode-storage state to present - set_fact: + ansible.builtin.set_fact: storage_linode_state: present when: - storage_linode|bool - name: find state of linode-storage - set_fact: + ansible.builtin.set_fact: storage_linode_state: absent when: - not storage_linode|bool - name: Add secret for Linode Access Key - k8s: + kubernetes.core.k8s: state: "{{ storage_linode_state }}" context: "{{ my_context }}" definition: @@ -31,7 +31,7 @@ region: "{{ LINODE_REGION | default('token_missing') }}" - name: linode-storage need to be {{ storage_linode_state }} - k8s: + kubernetes.core.k8s: state: "{{ storage_linode_state }}" context: "{{ my_context }}" merge_type: merge diff --git a/tasks/local-path.yml b/tasks/local-path.yml index 57bf76e..f2cc6b0 100644 --- a/tasks/local-path.yml +++ b/tasks/local-path.yml @@ -4,44 +4,44 @@ # https://github.com/rancher/local-path-provisioner/tree/master/deploy/chart - name: Install Local-path block: - - name: Git clone stable repo on HEAD - ansible.builtin.git: - repo: "https://github.com/rancher/local-path-provisioner.git" - dest: tmp/local-path-provisioner - version: "{{ storage_localpath.version }}" + - name: Git clone stable repo on HEAD + ansible.builtin.git: + repo: "https://github.com/rancher/local-path-provisioner.git" + dest: tmp/local-path-provisioner + version: "{{ storage_localpath.version }}" - - name: Deploy local-path chart from local path - kubernetes.core.helm: - state: "present" - name: local-path-provisioner - context: "{{ my_context }}" - chart_ref: tmp/local-path-provisioner/deploy/chart - release_namespace: "{{ storage_localpath.namespace }}" - create_namespace: true - values: - nodePathMap: - - node: DEFAULT_PATH_FOR_NON_LISTED_NODES - paths: ["{{ storage_localpath.default_path }}"] + - name: Deploy local-path chart from local path + kubernetes.core.helm: + state: "present" + name: local-path-provisioner + context: "{{ my_context }}" + chart_ref: tmp/local-path-provisioner/deploy/chart + release_namespace: "{{ storage_localpath.namespace }}" + create_namespace: true + values: + nodePathMap: + - node: DEFAULT_PATH_FOR_NON_LISTED_NODES + paths: ["{{ storage_localpath.default_path }}"] when: - storage_localpath.enabled - name: Uninstall Local-path block: - - name: Uninstall local-path - kubernetes.core.helm: - context: "{{ my_context }}" - name: local-path-provisioner - release_state: absent - release_namespace: "{{ storage_localpath.namespace }}" - - name: namespace - kubernetes.core.k8s: - state: absent - context: "{{ my_context }}" - namespace: "{{ storage_localpath.namespace }}" - resource_definition: "{{ lookup('template', 'local-path/' + item) | from_yaml }}" - with_items: - - "local-path-namespace.yml.j2" + - name: Uninstall local-path + kubernetes.core.helm: + context: "{{ my_context }}" + name: local-path-provisioner + release_state: absent + release_namespace: "{{ storage_localpath.namespace }}" + - name: namespace + kubernetes.core.k8s: + state: absent + context: "{{ my_context }}" + namespace: "{{ storage_localpath.namespace }}" + resource_definition: "{{ lookup('template', 'local-path/' + item) | from_yaml }}" + with_items: + - "local-path-namespace.yml.j2" when: - not storage_localpath.enabled diff --git a/tasks/longhorn.yml b/tasks/longhorn.yml index 9e468bb..203aa4a 100644 --- a/tasks/longhorn.yml +++ b/tasks/longhorn.yml @@ -1,122 +1,122 @@ --- - name: longhorn need to be present block: - - name: Defined longhorn repository - kubernetes.core.helm_repository: - name: longhorn - repo_url: "https://charts.longhorn.io" - - name: Deploy latest version of longhorn - kubernetes.core.helm: - context: "{{ my_context }}" - name: longhorn - chart_ref: longhorn/longhorn - chart_version: "{{ storage_longhorn.version }}" - create_namespace: yes - release_namespace: "{{ storage_longhorn.namespace }}" - values: - persistence: - defaultClass: true -# defaultClassReplicaCount: 3 -# reclaimPolicy: Delete - recurringJobSelector: - enable: true - jobList: '[ - { - "name":"snapshot", - "isGroup":true, - }, - { - "name":"backup-daily", - "isGroup":true, - } - ]' - defaultSettings: - defaultDataPath: "/var/lib/longhorn/" - backupTarget: "nfs://longhorn-test-nfs-svc.default:/opt/backupstore" - allowRecurringJobWhileVolumeDetached: true - createDefaultDiskLabeledNodes: true - replicaSoftAntiAffinity: false -# defaultReplicaCount: 2 - defaultDataLocality: best-effort -# defaultLonghornStaticStorageClass: longhorn -# disableSchedulingOnCordonedNode: false - replicaZoneSoftAntiAffinity: false - guaranteed-engine-manager-cpu: 6 - guaranteed-replica-manager-cpu: 6 - ingress: - enabled: true - host: "longhorn.{{ cluster_domain }}" -# tls: false -# tlsSecret: longhorn.local-tls - annotations: - kubernetes.io/ingress.class: traefik -# cert-manager.io/cluster-issuer: letsencrypt-prod -#{% if ingress_whitelist is defined %} -# ingress.kubernetes.io/whitelist-source-range: "{% for acl_whitelist in ingress_whitelist %}{{ acl_whitelist }}{% if not loop.last %}, {% endif %}{% endfor %}" -#{% endif %} - traefik.ingress.kubernetes.io/router.entrypoints: web,websecure -#{% if basic_auth is defined %} -# traefik.ingress.kubernetes.io/router.middlewares: {{ traefik_namespace }}-traefik-dashboard-basicauth@kubernetescrd -# traefik.ingress.kubernetes.io/router.middlewares: basic-auth@file -# #traefik.ingress.kubernetes.io/router.middlewares: tools-traefik-ipwhitelist@kubernetescrd,tools-basic-auth@kubernetescrd -#{% endif %} -# enablePSP: true + - name: Defined longhorn repository + kubernetes.core.helm_repository: + name: longhorn + repo_url: "https://charts.longhorn.io" + - name: Deploy latest version of longhorn + kubernetes.core.helm: + context: "{{ my_context }}" + name: longhorn + chart_ref: longhorn/longhorn + chart_version: "{{ storage_longhorn.version }}" + create_namespace: true + release_namespace: "{{ storage_longhorn.namespace }}" + values: + persistence: + defaultClass: true +# defaultClassReplicaCount: 3 +# reclaimPolicy: Delete + recurringJobSelector: + enable: true + jobList: '[ + { + "name":"snapshot", + "isGroup":true, + }, + { + "name":"backup-daily", + "isGroup":true, + } + ]' + defaultSettings: + defaultDataPath: "/var/lib/longhorn/" + backupTarget: "nfs://longhorn-test-nfs-svc.default:/opt/backupstore" + allowRecurringJobWhileVolumeDetached: true + createDefaultDiskLabeledNodes: true + replicaSoftAntiAffinity: false +# defaultReplicaCount: 2 + defaultDataLocality: best-effort +# defaultLonghornStaticStorageClass: longhorn +# disableSchedulingOnCordonedNode: false + replicaZoneSoftAntiAffinity: false + guaranteed-engine-manager-cpu: 6 + guaranteed-replica-manager-cpu: 6 + ingress: + enabled: true + host: "longhorn.{{ cluster_domain }}" +# tls: false +# tlsSecret: longhorn.local-tls + annotations: + kubernetes.io/ingress.class: traefik +# cert-manager.io/cluster-issuer: letsencrypt-prod +# {% if ingress_whitelist is defined %} +# ingress.kubernetes.io/whitelist-source-range: "{% for acl_whitelist in ingress_whitelist %}{{ acl_whitelist }}{% if not loop.last %}, {% endif %}{% endfor %}" +# {% endif %} + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure +# {% if basic_auth is defined %} +# traefik.ingress.kubernetes.io/router.middlewares: {{ traefik_namespace }}-traefik-dashboard-basicauth@kubernetescrd +# traefik.ingress.kubernetes.io/router.middlewares: basic-auth@file +# #traefik.ingress.kubernetes.io/router.middlewares: tools-traefik-ipwhitelist@kubernetescrd,tools-basic-auth@kubernetescrd +# {% endif %} +# enablePSP: true - - name: Configure Longhorn - kubernetes.core.k8s: - state: present - context: "{{ my_context }}" - definition: - kind: Setting - apiVersion: longhorn.io/v1beta1 - metadata: - name: "{{ item.name }}" - namespace: "{{ storage_longhorn_namespace }}" - value: "{{ item.value }}" - with_items: - - { - name: "guaranteed-engine-manager-cpu", - value: "6" - } - - { - name: "guaranteed-replica-manager-cpu", - value: "6" - } - - { - name: "default-data-locality", - value: "best-effort" - } + - name: Configure Longhorn + kubernetes.core.k8s: + state: present + context: "{{ my_context }}" + definition: + kind: Setting + apiVersion: longhorn.io/v1beta1 + metadata: + name: "{{ item.name }}" + namespace: "{{ storage_longhorn_namespace }}" + value: "{{ item.value }}" + with_items: + - { + name: "guaranteed-engine-manager-cpu", + value: "6" + } + - { + name: "guaranteed-replica-manager-cpu", + value: "6" + } + - { + name: "default-data-locality", + value: "best-effort" + } - - name: Install longhorn Recurring Jobs - kubernetes.core.k8s: - state: present - context: "{{ my_context }}" - apply: true - namespace: "{{ storage_longhorn.namespace }}" - resource_definition: "{{ lookup('template', 'longhorn/longhorn/longhorn_recurringjob.yml.j2') | from_yaml }}" - with_items: - - { - name: "snapshot", - cron: "1 * * * *", - task: "snapshot", - retain: 25 - } - - { - name: "backup-daily", - cron: "0 1 * * *", - task: "backup", - retain: 8 - } + - name: Install longhorn Recurring Jobs + kubernetes.core.k8s: + state: present + context: "{{ my_context }}" + apply: true + namespace: "{{ storage_longhorn.namespace }}" + resource_definition: "{{ lookup('template', 'longhorn/longhorn/longhorn_recurringjob.yml.j2') | from_yaml }}" + with_items: + - { + name: "snapshot", + ansible.builtin.cron: "1 * * * *", + task: "snapshot", + retain: 25 + } + - { + name: "backup-daily", + ansible.builtin.cron: "0 1 * * *", + task: "backup", + retain: 8 + } -# - name: Install longhorn UI Ingress -# kubernetes.core.k8s: -# state: present -# context: "{{ my_context }}" -# apply: true -# namespace: "{{ storage_longhorn.namespace }}" -# resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}" -# with_items: -# - "longhorn_ingressroute.yaml.j2" +# - name: Install longhorn UI Ingress +# kubernetes.core.k8s: +# state: present +# context: "{{ my_context }}" +# apply: true +# namespace: "{{ storage_longhorn.namespace }}" +# resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}" +# with_items: +# - "longhorn_ingressroute.yaml.j2" when: - storage_longhorn.enabled tags: @@ -125,22 +125,22 @@ - name: longhorn need to be absent block: - - name: Deploy latest version of longhorn - kubernetes.core.helm: - context: "{{ my_context }}" - name: longhorn - state: absent - release_namespace: "{{ storage_longhorn.namespace }}" - - - name: Remove Ingress for longhorn UI - kubernetes.core.k8s: - state: absent - context: "{{ my_context }}" - namespace: "{{ storage_longhorn.namespace }}" - resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}" - with_items: -# - "longhorn_ingressroute.yaml.j2" - - "longhorn-namespace.yml.j2" + - name: Deploy latest version of longhorn + kubernetes.core.helm: + context: "{{ my_context }}" + name: longhorn + state: absent + release_namespace: "{{ storage_longhorn.namespace }}" + + - name: Remove Ingress for longhorn UI + kubernetes.core.k8s: + state: absent + context: "{{ my_context }}" + namespace: "{{ storage_longhorn.namespace }}" + resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}" + with_items: +# - "longhorn_ingressroute.yaml.j2" + - "longhorn-namespace.yml.j2" when: - not storage_longhorn.enabled tags: diff --git a/tasks/main.yml b/tasks/main.yml index 32d240c..e1fe3b0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,39 +1,43 @@ - name: Local Path setup block: - - name: Define Manual StorageClass - k8s: - state: present - context: "{{ my_context }}" - definition: - kind: StorageClass - apiVersion: storage.k8s.io/v1 - metadata: - name: manual - provisioner: kubernetes.io/no-provisioner - volumeBindingMode: WaitForFirstConsumer - allowVolumeExpansion: true - when: - - storage_manual.enabled - tags: - - manual - - storage + - name: Define Manual StorageClass + kubernetes.core.k8s: + state: present + context: "{{ my_context }}" + definition: + kind: StorageClass + apiVersion: storage.k8s.io/v1 + metadata: + name: manual + provisioner: kubernetes.io/no-provisioner + volumeBindingMode: WaitForFirstConsumer + allowVolumeExpansion: true + when: + - storage_manual.enabled + tags: + - manual + - storage - - include_tasks: "local-path.yml" - tags: - - local-path - - storage - - include_tasks: "longhorn.yml" - tags: - - longhorn - - storage - - include_tasks: "nfs.yml" - tags: - - nfs - - storage - - include_tasks: "secrets-store.yml" - tags: - - secrets-store - - storage + - name: include local-path tasks + ansible.builtin.include_tasks: "local-path.yml" + tags: + - local-path + - storage + - name: include longhorn tasks + ansible.builtin.include_tasks: "longhorn.yml" + tags: + - longhorn + - storage + - name: include nfs tasks + ansible.builtin.include_tasks: "nfs.yml" + tags: + - nfs + - storage + - name: include secrets store tasks + ansible.builtin.include_tasks: "secrets-store.yml" + tags: + - secrets-store + - storage # https://medium.com/asl19-developers/create-readwritemany-persistentvolumeclaims-on-your-kubernetes-cluster-3a8db51f98e3 # https://github.com/ctrox/csi-s3 @@ -41,40 +45,40 @@ # https://github.com/reactr-io/gocachefs -# - include_tasks: "digital_ocean.yml" -# - include_tasks: "linode.yml" +# - ansible.builtin.include_tasks: "digital_ocean.yml" +# - ansible.builtin.include_tasks: "linode.yml" - - name: Select the default StorageClass - k8s: - state: present - context: "{{ my_context }}" - definition: - apiVersion: v1 - kind: StorageClass - metadata: - name: "{{ storage.default_storageclass }}" - annotations: - storageclass.kubernetes.io/is-default-class: "true" - when: - - storage.default_storageclass is defined - tags: - - manual - - local-path - - nfs - - longhorn - - storage + - name: Select the default StorageClass + kubernetes.core.k8s: + state: present + context: "{{ my_context }}" + definition: + apiVersion: v1 + kind: StorageClass + metadata: + name: "{{ storage.default_storageclass }}" + annotations: + storageclass.kubernetes.io/is-default-class: "true" + when: + - storage.default_storageclass is defined + tags: + - manual + - local-path + - nfs + - longhorn + - storage - - name: Select the default VolumeSnapshotClass - k8s: - state: present - context: "{{ my_context }}" - definition: - apiVersion: v1 - kind: VolumeSnapshotClass - metadata: - name: "{{ storage.default_storageclass }}" - annotations: - snapshot.storage.kubernetes.io/is-default-class: "true" - when: - - storage.default_storageclass is defined - - storage.default_storageclass == "do-block-storage" + - name: Select the default VolumeSnapshotClass + kubernetes.core.k8s: + state: present + context: "{{ my_context }}" + definition: + apiVersion: v1 + kind: VolumeSnapshotClass + metadata: + name: "{{ storage.default_storageclass }}" + annotations: + snapshot.storage.kubernetes.io/is-default-class: "true" + when: + - storage.default_storageclass is defined + - storage.default_storageclass == "do-block-storage" diff --git a/tasks/nfs.yml b/tasks/nfs.yml index c288efc..541cd16 100644 --- a/tasks/nfs.yml +++ b/tasks/nfs.yml @@ -6,30 +6,30 @@ # ou alors tourner le container en privileged # https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/blob/master/charts/nfs-subdir-external-provisioner/README.md - - name: Defined NFS Provisioner repository - kubernetes.core.helm_repository: - name: nfs-subdir-external-provisioner - repo_url: "https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner" + - name: Defined NFS Provisioner repository + kubernetes.core.helm_repository: + name: nfs-subdir-external-provisioner + repo_url: "https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner" - - name: Deploy latest version of NFS Provisioner - kubernetes.core.helm: - context: "{{ my_context }}" - state: "present" - name: nfs-subdir-external-provisioner - chart_ref: nfs-subdir-external-provisioner/nfs-subdir-external-provisioner - create_namespace: yes - release_namespace: "{{ storage_nfs.namespace }}" - values: - nfs: - server: x.x.x.x - path: /exported/path -# podSecurityPolicy: -# enabled: true -# storageClass: -# name: nfs-client -# defaultClass: false -# provisionerName: "" -# accessModes: ReadWriteOnce + - name: Deploy latest version of NFS Provisioner + kubernetes.core.helm: + context: "{{ my_context }}" + state: "present" + name: nfs-subdir-external-provisioner + chart_ref: nfs-subdir-external-provisioner/nfs-subdir-external-provisioner + create_namespace: true + release_namespace: "{{ storage_nfs.namespace }}" + values: + nfs: + server: x.x.x.x + path: /exported/path +# podSecurityPolicy: +# enabled: true +# storageClass: +# name: nfs-client +# defaultClass: false +# provisionerName: "" +# accessModes: ReadWriteOnce when: - storage_nfs.enabled tags: @@ -38,12 +38,12 @@ - name: NFS client need to be absent block: - - name: Uninstall nfs-subdir-external-provisioner - kubernetes.core.helm: - context: "{{ my_context }}" - name: nfs-subdir-external-provisioner - release_state: absent - release_namespace: "{{ storage_nfs.namespace }}" + - name: Uninstall nfs-subdir-external-provisioner + kubernetes.core.helm: + context: "{{ my_context }}" + name: nfs-subdir-external-provisioner + release_state: absent + release_namespace: "{{ storage_nfs.namespace }}" when: - not storage_nfs.enabled tags: diff --git a/tasks/secrets-store.yml b/tasks/secrets-store.yml index 4690aa8..fea74fa 100644 --- a/tasks/secrets-store.yml +++ b/tasks/secrets-store.yml @@ -2,43 +2,43 @@ - name: Install Secrets Store block: # https://github.com/kubernetes-sigs/secrets-store-csi-driver/tree/master/charts/secrets-store-csi-driver - - name: Defined Secrets Store repository - kubernetes.core.helm_repository: - name: secrets-store-csi-driver - repo_url: "https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts" + - name: Defined Secrets Store repository + kubernetes.core.helm_repository: + name: secrets-store-csi-driver + repo_url: "https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts" - - name: Deploy Secrets Store chart - kubernetes.core.helm: - context: "{{ my_context }}" - name: csi-secrets-store - release_namespace: "kube-system" - chart_version: "{{ storage_secrets_store.version }}" - chart_ref: secrets-store-csi-driver/secrets-store-csi-driver + - name: Deploy Secrets Store chart + kubernetes.core.helm: + context: "{{ my_context }}" + name: csi-secrets-store + release_namespace: "kube-system" + chart_version: "{{ storage_secrets_store.version }}" + chart_ref: secrets-store-csi-driver/secrets-store-csi-driver - # https://github.com/camptocamp/secrets-store-csi-driver-provider-gopass - - name: Deploy Secrets Store CSI driver provider gopass - kubernetes.core.k8s: - state: "present" - context: "{{ my_context }}" - namespace: "kube-system" - apply: true - resource_definition: "{{ lookup('file', 'secrets-provider-gopass/provider-gopass-installer.yaml') | from_yaml }}" + # https://github.com/camptocamp/secrets-store-csi-driver-provider-gopass + - name: Deploy Secrets Store CSI driver provider gopass + kubernetes.core.k8s: + state: "present" + context: "{{ my_context }}" + namespace: "kube-system" + apply: true + resource_definition: "{{ lookup('file', 'secrets-provider-gopass/provider-gopass-installer.yaml') | from_yaml }}" - # https://github.com/Azure/secrets-store-csi-driver-provider-azure - - name: Deploy Secrets Store CSI driver provider azure - kubernetes.core.helm_repository: - name: csi-secrets-store-provider-azure - repo_url: "https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts" - - name: Deploy Secrets Store chart - kubernetes.core.helm: - context: "{{ my_context }}" - name: csi-secrets-store-provider-azure - release_namespace: "kube-system" - chart_version: "{{ storage_secrets_store_azure.version }}" - chart_ref: csi-secrets-store-provider-azure/csi-secrets-store-provider-azure - values: - secrets-store-csi-driver: - install: false + # https://github.com/Azure/secrets-store-csi-driver-provider-azure + - name: Deploy Secrets Store CSI driver provider azure + kubernetes.core.helm_repository: + name: csi-secrets-store-provider-azure + repo_url: "https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts" + - name: Deploy Secrets Store chart + kubernetes.core.helm: + context: "{{ my_context }}" + name: csi-secrets-store-provider-azure + release_namespace: "kube-system" + chart_version: "{{ storage_secrets_store_azure.version }}" + chart_ref: csi-secrets-store-provider-azure/csi-secrets-store-provider-azure + values: + secrets-store-csi-driver: + install: false when: - storage_secrets_store.enabled tags: @@ -49,23 +49,23 @@ - name: Secret Store need to be absent block: - - name: Uninstall Secrets Store - kubernetes.core.helm: - context: "{{ my_context }}" - name: "{{ item }}" - state: absent - release_namespace: "kube-system" - with_items: - - "csi-secrets-store" - - "csi-secrets-store-provider-azure" - - name: Remove Ingress for longhorn UI - kubernetes.core.k8s: - state: absent - context: "{{ my_context }}" - namespace: "kube-system" - resource_definition: "{{ lookup('file', item) | from_yaml }}" - with_items: - - "secrets-provider-gopass/provider-gopass-installer.yaml" + - name: Uninstall Secrets Store + kubernetes.core.helm: + context: "{{ my_context }}" + name: "{{ item }}" + state: absent + release_namespace: "kube-system" + with_items: + - "csi-secrets-store" + - "csi-secrets-store-provider-azure" + - name: Remove Ingress for longhorn UI + kubernetes.core.k8s: + state: absent + context: "{{ my_context }}" + namespace: "kube-system" + resource_definition: "{{ lookup('file', item) | from_yaml }}" + with_items: + - "secrets-provider-gopass/provider-gopass-installer.yaml" when: - not storage_secrets_store.enabled