-
Notifications
You must be signed in to change notification settings - Fork 115
/
kiali-new-namespace-detected.yml
35 lines (33 loc) · 1.74 KB
/
kiali-new-namespace-detected.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
- hosts: localhost
gather_facts: no
collections:
- kubernetes.core
tasks:
# This playbook will process new namespaces. The idea is to get the Kiali CRs in the cluster
# to reconcile on every new namespace in case a Kiali server needs to be given access to it.
#
# This playbook behaves the same regardless of the number of Kiali CR resources installed
# in the cluster. Each Kiali CR will be "touched" (an annotation modified) thus causing
# the operator to reconcile the Kiali CRs which enables the operator to determine if a
# Kiali instance should be given access to the new namespace. The Kiali CR will only
# be touched if the namespace was created after the Kiali CR was created.
#
# This playbook is essentially a no-op when there are no Kiali CRs installed in the cluster.
- name: "Touch the Kiali CRs that were created before the new namespace [{{ __namespace.metadata.name }}]"
ignore_errors: yes
vars:
current_timestamp_string: "{{ now(utc=True, fmt='%Y-%m-%dT%H:%M:00Z') }}"
kiali_cr_list: "{{ query('kubernetes.core.k8s', api_version='kiali.io/v1alpha1', kind='Kiali') }}"
k8s:
definition:
apiVersion: "{{ item.apiVersion }}"
kind: "{{ item.kind }}"
metadata:
name: "{{ item.metadata.name }}"
namespace: "{{ item.metadata.namespace }}"
annotations:
kiali.io/reconcile: "{{ current_timestamp_string }}"
loop: "{{ kiali_cr_list }}"
when:
- (item.metadata.creationTimestamp|to_datetime('%Y-%m-%dT%H:%M:%SZ')) < (__namespace.metadata.creationTimestamp|to_datetime('%Y-%m-%dT%H:%M:%SZ'))
- (item.metadata.annotations['kiali.io/reconcile'] is not defined or item.metadata.annotations['kiali.io/reconcile'] != current_timestamp_string)