From c639603bb4978f9ee1a03894feef2370fa1a5d98 Mon Sep 17 00:00:00 2001 From: okozachenko1203 Date: Wed, 17 Jan 2024 02:54:28 +1100 Subject: [PATCH] resolve comments --- .ansible-lint | 1 - roles/octavia/tasks/generate_resources.yml | 76 +++++++++++----------- roles/octavia/vars/main.yml | 2 +- 3 files changed, 39 insertions(+), 40 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 485d85727..b2dde889c 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -7,7 +7,6 @@ exclude_paths: - playbooks - roles/defaults/vars/main.yml - roles/kube_prometheus_stack/files/jsonnet - - roles/secretgen_controller/tasks/main.yml - vendir.lock.yml warn_list: diff --git a/roles/octavia/tasks/generate_resources.yml b/roles/octavia/tasks/generate_resources.yml index c59dd49a5..16a2ba071 100644 --- a/roles/octavia/tasks/generate_resources.yml +++ b/roles/octavia/tasks/generate_resources.yml @@ -153,42 +153,42 @@ image: "{{ octavia_amphora_image_name }}" register: _octavia_amphora_image -- name: Deploy Amphora jumpbox +- name: Create amphora ssh key run_once: true - block: - - name: Create amphora ssh key - kubernetes.core.k8s: - state: present - definition: - apiVersion: secretgen.k14s.io/v1alpha1 - kind: SSHKey - metadata: - name: octavia-amphora-ssh-key - namespace: openstack - spec: - secretTemplate: - type: Opaque - stringData: - "id_rsa": $(privateKey) - "id_rsa.pub": $(authorizedKey) - wait: true - wait_timeout: 60 - wait_condition: - type: ReconcileSucceeded - status: true - - - name: Grab Amphora jumpbox public key - kubernetes.core.k8s_info: - api_version: v1 - kind: Secret - name: octavia-amphora-ssh-key - namespace: openstack - register: _octavia_ssh_key_secret - - - name: Create Amphora ssh key pair in Openstack - openstack.cloud.keypair: - cloud: atmosphere - state: present - name: octavia-amphora-ssh-key - public_key: "{{ _octavia_ssh_key_secret.resources[0]['data']['id_rsa.pub'] | b64decode }}" - register: _octavia_amphora_ssh_keypair + kubernetes.core.k8s: + state: present + definition: + apiVersion: secretgen.k14s.io/v1alpha1 + kind: SSHKey + metadata: + name: "{{ octavia_helm_release_name }}-amphora-ssh-key" + namespace: "{{ octavia_helm_release_namespace }}" + spec: + secretTemplate: + type: Opaque + stringData: + "id_rsa": $(privateKey) + "id_rsa.pub": $(authorizedKey) + wait: true + wait_timeout: 60 + wait_condition: + type: ReconcileSucceeded + status: true + +- name: Grab Amphora jumpbox public key + run_once: true + kubernetes.core.k8s_info: + api_version: v1 + kind: Secret + name: "{{ octavia_helm_release_name }}-amphora-ssh-key" + namespace: "{{ octavia_helm_release_namespace }}" + register: _octavia_ssh_key_secret + +- name: Create Amphora ssh key pair in Openstack + run_once: true + openstack.cloud.keypair: + cloud: atmosphere + state: present + name: "{{ octavia_helm_release_name }}-amphora-ssh-key" + public_key: "{{ _octavia_ssh_key_secret.resources[0]['data']['id_rsa.pub'] | b64decode }}" + register: _octavia_amphora_ssh_keypair diff --git a/roles/octavia/vars/main.yml b/roles/octavia/vars/main.yml index 2b88ce9b8..71204a51b 100644 --- a/roles/octavia/vars/main.yml +++ b/roles/octavia/vars/main.yml @@ -58,7 +58,7 @@ _octavia_helm_values: secretName: octavia-client-certs - name: octavia-amphora-ssh-key secret: - secretName: octavia-amphora-ssh-key + secretName: "{{ octavia_helm_release_name }}-amphora-ssh-key" defaultMode: 0444 # noqa: yaml[octal-values] - name: octavia-amphora-ssh-key-dir emptyDir: {}