From 5cfc5bc86c16942fb29ebf670855c7740d156102 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 18 Feb 2024 21:09:43 +0100 Subject: [PATCH] ci: migrate to woodpecker --- .drone.jsonnet | 159 ---------------- .drone.yml | 153 --------------- .later.yml | 5 +- .markdownlint.yml | 7 + .prettierignore | 2 +- .woodpecker/docs.yaml | 47 +++++ .woodpecker/lint.yaml | 30 +++ .woodpecker/notify.yml | 26 +++ .woodpecker/test.yaml | 25 +++ README.md | 9 - defaults/main.yml | 2 +- handlers/main.yml | 8 +- meta/main.yml | 8 +- molecule/default | 1 - molecule/{rocky9 => default}/converge.yml | 6 +- molecule/default/molecule.yml | 17 ++ molecule/default/prepare.yml | 11 ++ .../{rocky9 => default}/tests/test_default.py | 2 +- molecule/pytest.ini | 3 - molecule/requirements.yml | 5 +- molecule/rocky9/create.yml | 120 ------------ molecule/rocky9/destroy.yml | 78 -------- molecule/rocky9/molecule.yml | 24 --- molecule/rocky9/prepare.yml | 15 -- .../templates/calico-installation.yaml.j2 | 21 --- pyproject.toml | 17 ++ setup.cfg | 12 -- tasks/init.yml | 61 +++--- tasks/iscsi.yml | 43 ++--- tasks/main.yml | 10 +- tasks/prepare.yml | 175 +++++++++--------- tasks/reset.yml | 111 ++++++----- tasks/setup.yml | 167 ++++++++--------- 33 files changed, 469 insertions(+), 911 deletions(-) delete mode 100644 .drone.jsonnet delete mode 100644 .drone.yml create mode 100644 .markdownlint.yml create mode 100644 .woodpecker/docs.yaml create mode 100644 .woodpecker/lint.yaml create mode 100644 .woodpecker/notify.yml create mode 100644 .woodpecker/test.yaml delete mode 120000 molecule/default rename molecule/{rocky9 => default}/converge.yml (93%) create mode 100644 molecule/default/molecule.yml create mode 100644 molecule/default/prepare.yml rename molecule/{rocky9 => default}/tests/test_default.py (95%) delete mode 100644 molecule/pytest.ini delete mode 100644 molecule/rocky9/create.yml delete mode 100644 molecule/rocky9/destroy.yml delete mode 100644 molecule/rocky9/molecule.yml delete mode 100644 molecule/rocky9/prepare.yml delete mode 100644 molecule/rocky9/templates/calico-installation.yaml.j2 create mode 100644 pyproject.toml delete mode 100644 setup.cfg diff --git a/.drone.jsonnet b/.drone.jsonnet deleted file mode 100644 index 32dbf1a..0000000 --- a/.drone.jsonnet +++ /dev/null @@ -1,159 +0,0 @@ -local PipelineLinting = { - kind: 'pipeline', - name: 'linting', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'ansible-later', - image: 'thegeeklab/ansible-later', - commands: [ - 'ansible-later', - ], - }, - { - name: 'python-format', - image: 'python:3.9', - environment: { - PY_COLORS: 1, - }, - commands: [ - 'pip install -qq yapf', - '[ ! -z "$(find . -type f -name *.py)" ] && yapf -rd ./', - ], - }, - { - name: 'python-flake8', - image: 'python:3.9', - environment: { - PY_COLORS: 1, - }, - commands: [ - 'pip install -qq flake8', - 'flake8', - ], - }, - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineDeployment(scenario='rocky9') = { - kind: 'pipeline', - name: 'testing-' + scenario, - platform: { - os: 'linux', - arch: 'amd64', - }, - concurrency: { - limit: 1, - }, - workspace: { - base: '/drone/src', - path: '${DRONE_REPO_NAME}', - }, - steps: [ - { - name: 'ansible-molecule', - image: 'thegeeklab/molecule:4', - environment: { - HCLOUD_TOKEN: { from_secret: 'hcloud_token' }, - }, - commands: [ - 'molecule test -s ' + scenario, - ], - }, - ], - depends_on: [ - 'linting', - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineDocumentation = { - kind: 'pipeline', - name: 'documentation', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'generate', - image: 'thegeeklab/ansible-doctor', - environment: { - ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO', - ANSIBLE_DOCTOR_FORCE_OVERWRITE: true, - ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/', - ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book', - ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}', - ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/', - }, - }, - { - name: 'publish', - image: 'plugins/gh-pages', - settings: { - remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}', - netrc_machine: 'gitea.rknet.org', - username: { from_secret: 'gitea_username' }, - password: { from_secret: 'gitea_token' }, - pages_directory: '_docs/', - target_branch: 'docs', - }, - when: { - ref: ['refs/heads/main'], - }, - }, - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, - depends_on: [ - 'testing-rocky9', - ], -}; - -local PipelineNotification = { - kind: 'pipeline', - name: 'notification', - platform: { - os: 'linux', - arch: 'amd64', - }, - clone: { - disable: true, - }, - steps: [ - { - name: 'matrix', - image: 'thegeeklab/drone-matrix', - settings: { - homeserver: { from_secret: 'matrix_homeserver' }, - roomid: { from_secret: 'matrix_roomid' }, - template: 'Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}', - username: { from_secret: 'matrix_username' }, - password: { from_secret: 'matrix_password' }, - }, - }, - ], - depends_on: [ - 'documentation', - ], - trigger: { - status: ['success', 'failure'], - ref: ['refs/heads/main', 'refs/tags/**'], - }, -}; - -[ - PipelineLinting, - PipelineDeployment(scenario='rocky9'), - PipelineDocumentation, - PipelineNotification, -] diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 078eb99..0000000 --- a/.drone.yml +++ /dev/null @@ -1,153 +0,0 @@ ---- -kind: pipeline -name: linting - -platform: - os: linux - arch: amd64 - -steps: - - name: ansible-later - image: thegeeklab/ansible-later - commands: - - ansible-later - - - name: python-format - image: python:3.9 - commands: - - pip install -qq yapf - - "[ ! -z \"$(find . -type f -name *.py)\" ] && yapf -rd ./" - environment: - PY_COLORS: 1 - - - name: python-flake8 - image: python:3.9 - commands: - - pip install -qq flake8 - - flake8 - environment: - PY_COLORS: 1 - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - ---- -kind: pipeline -name: testing-rocky9 - -platform: - os: linux - arch: amd64 - -concurrency: - limit: 1 - -workspace: - base: /drone/src - path: ${DRONE_REPO_NAME} - -steps: - - name: ansible-molecule - image: thegeeklab/molecule:4 - commands: - - molecule test -s rocky9 - environment: - HCLOUD_TOKEN: - from_secret: hcloud_token - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - linting - ---- -kind: pipeline -name: documentation - -platform: - os: linux - arch: amd64 - -steps: - - name: generate - image: thegeeklab/ansible-doctor - environment: - ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/ - ANSIBLE_DOCTOR_FORCE_OVERWRITE: true - ANSIBLE_DOCTOR_LOG_LEVEL: INFO - ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/ - ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.} - ANSIBLE_DOCTOR_TEMPLATE: hugo-book - - - name: publish - image: plugins/gh-pages - settings: - netrc_machine: gitea.rknet.org - pages_directory: _docs/ - password: - from_secret: gitea_token - remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME} - target_branch: docs - username: - from_secret: gitea_username - when: - ref: - - refs/heads/main - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - testing-rocky9 - ---- -kind: pipeline -name: notification - -platform: - os: linux - arch: amd64 - -clone: - disable: true - -steps: - - name: matrix - image: thegeeklab/drone-matrix - settings: - homeserver: - from_secret: matrix_homeserver - password: - from_secret: matrix_password - roomid: - from_secret: matrix_roomid - template: "Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}" - username: - from_secret: matrix_username - -trigger: - ref: - - refs/heads/main - - refs/tags/** - status: - - success - - failure - -depends_on: - - documentation - ---- -kind: signature -hmac: 2b0cc784b55812ac281219c9c8d789a1414b208a4341a277deb865a8aebad87e - -... diff --git a/.later.yml b/.later.yml index 0efe5d5..45f5d4e 100644 --- a/.later.yml +++ b/.later.yml @@ -10,10 +10,9 @@ ansible: rules: exclude_files: - - molecule/ - "LICENSE*" - "**/*.md" - "**/*.ini" - exclude_filter: - - LINT0009 + warning_filter: + - ANS126 diff --git a/.markdownlint.yml b/.markdownlint.yml new file mode 100644 index 0000000..da116c7 --- /dev/null +++ b/.markdownlint.yml @@ -0,0 +1,7 @@ +--- +default: True +MD013: False +MD041: False +MD024: False +MD004: + style: dash diff --git a/.prettierignore b/.prettierignore index ef05acb..6b1d0bf 100644 --- a/.prettierignore +++ b/.prettierignore @@ -1 +1 @@ -.drone* +LICENSE diff --git a/.woodpecker/docs.yaml b/.woodpecker/docs.yaml new file mode 100644 index 0000000..f053ca8 --- /dev/null +++ b/.woodpecker/docs.yaml @@ -0,0 +1,47 @@ +--- +when: + - event: [pull_request] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +steps: + - name: generate + image: quay.io/thegeeklab/ansible-doctor + environment: + ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/ + ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true" + ANSIBLE_DOCTOR_LOG_LEVEL: INFO + ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME} + ANSIBLE_DOCTOR_TEMPLATE: readme + + - name: format + image: quay.io/thegeeklab/alpine-tools + commands: + - prettier -w README.md + + - name: diff + image: quay.io/thegeeklab/alpine-tools + commands: + - git diff --color=always README.md + + - name: publish + image: quay.io/thegeeklab/wp-git-action + settings: + action: + - commit + - push + author_email: ci-bot@rknet.org + author_name: ci-bot + branch: main + message: "[skip ci] automated docs update" + netrc_machine: gitea.rknet.org + netrc_password: + from_secret: gitea_token + when: + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +depends_on: + - test diff --git a/.woodpecker/lint.yaml b/.woodpecker/lint.yaml new file mode 100644 index 0000000..ca4facd --- /dev/null +++ b/.woodpecker/lint.yaml @@ -0,0 +1,30 @@ +--- +when: + - event: [pull_request, tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +steps: + - name: ansible-later + image: quay.io/thegeeklab/ansible-later:4 + commands: + - ansible-later + environment: + FORCE_COLOR: "1" + + - name: python-format + image: docker.io/python:3.12 + commands: + - pip install -qq ruff + - ruff format --check --diff . + environment: + PY_COLORS: "1" + + - name: python-lint + image: docker.io/python:3.12 + commands: + - pip install -qq ruff + - ruff . + environment: + PY_COLORS: "1" diff --git a/.woodpecker/notify.yml b/.woodpecker/notify.yml new file mode 100644 index 0000000..9957125 --- /dev/null +++ b/.woodpecker/notify.yml @@ -0,0 +1,26 @@ +--- +when: + - event: [tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +runs_on: [success, failure] + +steps: + - name: matrix + image: quay.io/thegeeklab/wp-matrix + settings: + homeserver: + from_secret: matrix_homeserver + password: + from_secret: matrix_password + roomid: + from_secret: matrix_roomid + username: + from_secret: matrix_username + when: + - status: [success, failure] + +depends_on: + - docs diff --git a/.woodpecker/test.yaml b/.woodpecker/test.yaml new file mode 100644 index 0000000..a4991f7 --- /dev/null +++ b/.woodpecker/test.yaml @@ -0,0 +1,25 @@ +--- +when: + - event: [pull_request, tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +variables: + - &molecule_base + image: quay.io/thegeeklab/molecule:6 + group: molecule + secrets: + - source: molecule_hcloud_token + target: HCLOUD_TOKEN + environment: + PY_COLORS: "1" + +steps: + - name: molecule-default + <<: *molecule_base + commands: + - molecule test -s default + +depends_on: + - lint diff --git a/README.md b/README.md index 482d4eb..0668e18 100644 --- a/README.md +++ b/README.md @@ -1,10 +1 @@ # xoxys.k3s - -[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.k3s?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.k3s) -[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](LICENSE) - -Setup K3s cluster nodes. You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/k3s/). - -## License - -This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. diff --git a/defaults/main.yml b/defaults/main.yml index dbdb507..85192ff 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,5 @@ --- -k3s_version: 1.27.5+k3s1 +k3s_version: 1.28.6+k3s2 k3s_packages: - epel-release diff --git a/handlers/main.yml b/handlers/main.yml index 8afcd79..f48d8f7 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,20 +1,16 @@ --- - name: Restart K3s service - service: + ansible.builtin.service: name: k3s state: restarted daemon_reload: yes enabled: yes listen: __k3s_restart - become: True - become_user: root - name: Restart iscsid service - service: + ansible.builtin.service: name: iscsid state: restarted daemon_reload: yes enabled: yes listen: __iscsid_restart - become: True - become_user: root diff --git a/meta/main.yml b/meta/main.yml index 1ee53ef..f114ac0 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,4 +1,3 @@ -# Standards: 0.2 --- galaxy_info: # @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys) @@ -6,18 +5,17 @@ galaxy_info: namespace: xoxys role_name: k3s # @meta description: > - # [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.k3s) - # [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.k3s?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.k3s) + # [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.k3s/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.k3s) # [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.k3s/src/branch/main/LICENSE) # # Setup K3s cluster nodes. # @end description: Setup K3s cluster nodes license: MIT - min_ansible_version: 2.10 + min_ansible_version: "2.10" platforms: - name: EL versions: - - 7 + - "9" galaxy_tags: [] dependencies: [] diff --git a/molecule/default b/molecule/default deleted file mode 120000 index afa9fc6..0000000 --- a/molecule/default +++ /dev/null @@ -1 +0,0 @@ -rocky9 \ No newline at end of file diff --git a/molecule/rocky9/converge.yml b/molecule/default/converge.yml similarity index 93% rename from molecule/rocky9/converge.yml rename to molecule/default/converge.yml index bff9e93..fdd4f5d 100644 --- a/molecule/rocky9/converge.yml +++ b/molecule/default/converge.yml @@ -17,7 +17,7 @@ value: 25000000 k3s_reset: False k3s_packages_extra: - - https://github.com/k3s-io/k3s-selinux/releases/download/v1.2.stable.2/k3s-selinux-1.2-2.el8.noarch.rpm + - https://github.com/k3s-io/k3s-selinux/releases/download/v1.5.stable.1/k3s-selinux-1.5-1.el9.noarch.rpm k3s_server_flannel_backend_enabled: False k3s_server_network_policy_enabled: False k3s_server_cloud_controller_enabled: True @@ -25,7 +25,7 @@ k3s_server_manifests_templates: - "calico-installation.yaml.j2" k3s_server_manifests_urls: - - url: https://raw.githubusercontent.com/projectcalico/calico/v3.24.2/manifests/tigera-operator.yaml + - url: https://raw.githubusercontent.com/projectcalico/calico/v3.27.2/manifests/tigera-operator.yaml dest: tigera-operator.yaml # - url: https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm.yaml # dest: hcloud-ccm.yaml @@ -47,7 +47,7 @@ k3s_iscsi_enabled: True pre_tasks: - name: Override host variables - set_fact: + ansible.builtin.set_fact: k3s_node_ip: "{{ ansible_default_ipv4.address }}" roles: - role: xoxys.kernel diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..e31fb47 --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,17 @@ +--- +driver: + name: molecule_hetznercloud +dependency: + name: galaxy + options: + role-file: molecule/requirements.yml + requirements-file: molecule/requirements.yml +platforms: + - name: "rocky9-k3s" + server_type: "cx11" + image: "rocky-9" +provisioner: + name: ansible + log: False +verifier: + name: testinfra diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml new file mode 100644 index 0000000..0df1d77 --- /dev/null +++ b/molecule/default/prepare.yml @@ -0,0 +1,11 @@ +--- +- name: Prepare + hosts: all + gather_facts: False + tasks: + - name: Bootstrap Python for Ansible + ansible.builtin.raw: | + command -v python3 python || + ((test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || + echo "Warning: Python not boostrapped due to unknown platform.") + changed_when: False diff --git a/molecule/rocky9/tests/test_default.py b/molecule/default/tests/test_default.py similarity index 95% rename from molecule/rocky9/tests/test_default.py rename to molecule/default/tests/test_default.py index 45b3b74..532175a 100644 --- a/molecule/rocky9/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -28,7 +28,7 @@ def test_k3s_node_ready(host): def test_k3s_node_labels(host): - jsonpth = '{.items[0].metadata.labels}' # noqa + jsonpth = "{.items[0].metadata.labels}" # noqa nodes = host.run(f"k3s kubectl get nodes -o jsonpath='{jsonpth}'").stdout assert '"node.kubernetes.io/exclude-from-external-load-balancers":"true"' in nodes diff --git a/molecule/pytest.ini b/molecule/pytest.ini deleted file mode 100644 index c24fe5b..0000000 --- a/molecule/pytest.ini +++ /dev/null @@ -1,3 +0,0 @@ -[pytest] -filterwarnings = - ignore::DeprecationWarning diff --git a/molecule/requirements.yml b/molecule/requirements.yml index 507c3aa..93481b0 100644 --- a/molecule/requirements.yml +++ b/molecule/requirements.yml @@ -1,8 +1,5 @@ --- -collections: - - name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz - - name: community.general - +collections: [] roles: - src: https://gitea.rknet.org/ansible/xoxys.kernel scm: git diff --git a/molecule/rocky9/create.yml b/molecule/rocky9/create.yml deleted file mode 100644 index 719600d..0000000 --- a/molecule/rocky9/create.yml +++ /dev/null @@ -1,120 +0,0 @@ ---- -- name: Create - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - vars: - ssh_port: 22 - ssh_user: root - ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" - tasks: - - name: Create SSH key - user: - name: "{{ lookup('env', 'USER') }}" - generate_ssh_key: true - ssh_key_file: "{{ ssh_path }}" - force: true - register: generated_ssh_key - - - name: Register the SSH key name - set_fact: - ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}" - - - name: Register SSH key for test instance(s) - hcloud_ssh_key: - name: "{{ ssh_key_name }}" - public_key: "{{ generated_ssh_key.ssh_public_key }}" - state: present - - - name: Create molecule instance(s) - hcloud_server: - name: "{{ item.name }}" - server_type: "{{ item.server_type }}" - ssh_keys: - - "{{ ssh_key_name }}" - image: "{{ item.image }}" - location: "{{ item.location | default(omit) }}" - datacenter: "{{ item.datacenter | default(omit) }}" - user_data: "{{ item.user_data | default(omit) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: present - register: server - loop: "{{ molecule_yml.platforms }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - name: Create volume(s) - hcloud_volume: - name: "{{ item.name }}" - server: "{{ item.name }}" - location: "{{ item.location | default(omit) }}" - size: "{{ item.volume_size | default(10) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "present" - loop: "{{ molecule_yml.platforms }}" - when: item.volume | default(False) | bool - register: volumes - async: 7200 - poll: 0 - - - name: Wait for volume(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config dict - set_fact: - instance_conf_dict: - { - "instance": "{{ item.hcloud_server.name }}", - "ssh_key_name": "{{ ssh_key_name }}", - "address": "{{ item.hcloud_server.ipv4_address }}", - "user": "{{ ssh_user }}", - "port": "{{ ssh_port }}", - "identity_file": "{{ ssh_path }}", - "volume": "{{ item.item.item.volume | default(False) | bool }}", - } - loop: "{{ hetzner_jobs.results }}" - register: instance_config_dict - when: server.changed | bool - - - name: Convert instance config dict to a list - set_fact: - instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" - when: server.changed | bool - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool - - - name: Wait for SSH - wait_for: - port: "{{ ssh_port }}" - host: "{{ item.address }}" - search_regex: SSH - delay: 10 - loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}" - - - name: Wait for VM to settle down - pause: - seconds: 30 \ No newline at end of file diff --git a/molecule/rocky9/destroy.yml b/molecule/rocky9/destroy.yml deleted file mode 100644 index ed0b2ed..0000000 --- a/molecule/rocky9/destroy.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- -- name: Destroy - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - tasks: - - name: Check existing instance config file - stat: - path: "{{ molecule_instance_config }}" - register: cfg - - - name: Populate the instance config - set_fact: - instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}" - - - name: Destroy molecule instance(s) - hcloud_server: - name: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: absent - register: server - loop: "{{ instance_conf }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - pause: - seconds: 5 - - - name: Destroy volume(s) - hcloud_volume: - name: "{{ item.instance }}" - server: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "absent" - register: volumes - loop: "{{ instance_conf }}" - when: item.volume | default(False) | bool - async: 7200 - poll: 0 - - - name: Wait for volume(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - - name: Remove registered SSH key - hcloud_ssh_key: - name: "{{ instance_conf[0].ssh_key_name }}" - state: absent - when: (instance_conf | default([])) | length > 0 - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config - set_fact: - instance_conf: {} - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool \ No newline at end of file diff --git a/molecule/rocky9/molecule.yml b/molecule/rocky9/molecule.yml deleted file mode 100644 index fc548ba..0000000 --- a/molecule/rocky9/molecule.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -dependency: - name: galaxy - options: - role-file: molecule/requirements.yml - requirements-file: molecule/requirements.yml - env: - ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false" -driver: - name: delegated -platforms: - - name: rocky9-k3s - image: rocky-9 - server_type: cx11 -lint: | - /usr/local/bin/flake8 -provisioner: - name: ansible - env: - ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter} - ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library} - log: False -verifier: - name: testinfra diff --git a/molecule/rocky9/prepare.yml b/molecule/rocky9/prepare.yml deleted file mode 100644 index 183f4d3..0000000 --- a/molecule/rocky9/prepare.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Prepare - hosts: all - gather_facts: false - tasks: - - name: Bootstrap python for Ansible - raw: | - command -v python3 python || ( - (test -e /usr/bin/dnf && sudo dnf install -y python3) || - (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || - (test -e /usr/bin/yum && sudo yum -y -qq install python3) || - echo "Warning: Python not boostrapped due to unknown platform." - ) - become: true - changed_when: false diff --git a/molecule/rocky9/templates/calico-installation.yaml.j2 b/molecule/rocky9/templates/calico-installation.yaml.j2 deleted file mode 100644 index 096e096..0000000 --- a/molecule/rocky9/templates/calico-installation.yaml.j2 +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: operator.tigera.io/v1 -kind: Installation -metadata: - name: default -spec: - calicoNetwork: - ipPools: - - blockSize: 26 - cidr: "10.42.0.0/16" - encapsulation: "VXLANCrossSubnet" - natOutgoing: Enabled - nodeSelector: all() - nodeMetricsPort: 9091 - typhaMetricsPort: 9093 ---- -apiVersion: operator.tigera.io/v1 -kind: APIServer -metadata: - name: default -spec: {} diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..7193140 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,17 @@ +[tool.ruff] +exclude = [".git", "__pycache__"] + +line-length = 99 +indent-width = 4 + +[tool.ruff.lint] +ignore = ["W191", "E111", "E114", "E117", "S101", "S105"] +select = ["F", "E", "I", "W", "S"] + +[tool.ruff.format] +quote-style = "double" +indent-style = "space" +line-ending = "lf" + +[tool.pytest.ini_options] +filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"] diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index 2bb8674..0000000 --- a/setup.cfg +++ /dev/null @@ -1,12 +0,0 @@ -[flake8] -ignore = D100, D101, D102, D103, D105, D107, E402, W503 -max-line-length = 99 -inline-quotes = double -exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env* - -[yapf] -based_on_style = google -column_limit = 99 -dedent_closing_brackets = true -coalesce_brackets = true -split_before_logical_operator = true diff --git a/tasks/init.yml b/tasks/init.yml index 2a65012..066ee61 100644 --- a/tasks/init.yml +++ b/tasks/init.yml @@ -1,34 +1,32 @@ --- -- block: - - name: Ensure k3s-init service is stopped - systemd: - name: k3s-init - state: stopped - failed_when: False +- name: Ensure k3s-init service is stopped + ansible.builtin.service: + name: k3s-init + state: stopped + failed_when: False - - name: Clean previous runs of k3s-init - command: systemctl reset-failed k3s-init - failed_when: False - changed_when: False - tags: - - skip_ansible_later +- name: Clean previous runs of k3s-init + ansible.builtin.command: systemctl reset-failed k3s-init + failed_when: False + changed_when: False + tags: + - skip_ansible_later - - name: Init cluster inside the transient k3s-init service - command: - cmd: >- - systemd-run - -p RestartSec=2 - -p Restart=on-failure - --unit=k3s-init - {{ __k3s_binary }} server {{ __k3s_server_init_args }} - creates: "{{ __k3s_service_file }}" - register: __k3s_init - become: True - become_user: root +- name: Init cluster inside the transient k3s-init service + ansible.builtin.command: + cmd: >- + systemd-run + -p RestartSec=2 + -p Restart=on-failure + --unit=k3s-init + {{ __k3s_binary }} server {{ __k3s_server_init_args }} + creates: "{{ __k3s_service_file }}" + register: __k3s_init -- block: +- when: __k3s_init.changed | bool + block: - name: Verify that all nodes actually joined - command: >- + ansible.builtin.command: >- {{ __k3s_binary }} kubectl get nodes -l "node-role.kubernetes.io/control-plane=true" -o=jsonpath="{.items[*].metadata.name}" @@ -39,22 +37,19 @@ changed_when: False always: - name: Fetch k3s-init logs - command: journalctl --all --unit=k3s-init.service + ansible.builtin.command: journalctl --all --unit=k3s-init.service changed_when: False register: __k3s_init_log - name: Save k3s-init logs - copy: + ansible.builtin.copy: content: "{{ __k3s_init_log.stdout }}" dest: "{{ __k3s_log_dir }}/k3s-init.log" - mode: 0640 + mode: "0640" when: k3s_init_log_enabled | bool - name: Kill the temporary service used for initialization - systemd: + ansible.builtin.service: name: k3s-init state: stopped failed_when: False - become: True - become_user: root - when: __k3s_init.changed | bool diff --git a/tasks/iscsi.yml b/tasks/iscsi.yml index ead8107..ad5f7c7 100644 --- a/tasks/iscsi.yml +++ b/tasks/iscsi.yml @@ -1,26 +1,23 @@ --- -- block: - - name: Ensure iscsi is installed - package: - name: "{{ item }}" - state: present - loop: - - iscsi-initiator-utils +- name: Ensure iscsi is installed + ansible.builtin.package: + name: "{{ item }}" + state: present + loop: + - iscsi-initiator-utils - - name: Configure iscsi-initiator - copy: - content: "InitiatorName=$(/sbin/iscsi-iname)" - dest: /etc/iscsi/initiatorname.iscsi - owner: root - group: root - mode: 0644 - notify: __iscsid_restart +- name: Configure iscsi-initiator + ansible.builtin.copy: + content: "InitiatorName=$(/sbin/iscsi-iname)" + dest: /etc/iscsi/initiatorname.iscsi + owner: root + group: root + mode: "0644" + notify: __iscsid_restart - - name: Ensure iscsid service is up and running - service: - name: iscsid - daemon_reload: True - enabled: True - state: started - become: True - become_user: root +- name: Ensure iscsid service is up and running + ansible.builtin.service: + name: iscsid + daemon_reload: True + enabled: True + state: started diff --git a/tasks/main.yml b/tasks/main.yml index 7330aae..df07821 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,9 +1,9 @@ --- -- include_tasks: reset.yml +- ansible.builtin.include_tasks: reset.yml when: k3s_reset | bool -- include_tasks: prepare.yml -- include_tasks: init.yml +- ansible.builtin.include_tasks: prepare.yml +- ansible.builtin.include_tasks: init.yml when: k3s_server | bool -- include_tasks: setup.yml -- include_tasks: iscsi.yml +- ansible.builtin.include_tasks: setup.yml +- ansible.builtin.include_tasks: iscsi.yml when: k3s_iscsi_enabled | bool diff --git a/tasks/prepare.yml b/tasks/prepare.yml index 66a2ff9..e29de0c 100644 --- a/tasks/prepare.yml +++ b/tasks/prepare.yml @@ -1,99 +1,96 @@ --- -- block: - - name: Import Rancher public key - rpm_key: - state: present - key: https://rpm.rancher.io/public.key +- name: Import Rancher public key + ansible.builtin.rpm_key: + state: present + key: https://rpm.rancher.io/public.key - - name: Ensure dependencies are installed - package: - name: "{{ item }}" - state: present - loop: "{{ k3s_packages + k3s_packages_extra }}" +- name: Ensure dependencies are installed + ansible.builtin.package: + name: "{{ item }}" + state: present + loop: "{{ k3s_packages + k3s_packages_extra }}" - - name: Check if cluster is installed - stat: - path: "{{ __k3s_config_dir }}/k3s.yaml" - register: __k3s_installed +- name: Check if cluster is installed + ansible.builtin.stat: + path: "{{ __k3s_config_dir }}/k3s.yaml" + register: __k3s_installed - - name: Prepare directory structure - file: - path: "{{ item }}" - owner: root - group: root - mode: 0700 - state: directory - loop: - - "{{ __k3s_config_dir }}" - - "{{ __k3s_config_dir }}/server" - - "{{ __k3s_data_dir }}" - - "{{ __k3s_manifests_dir }}" - - "{{ __k3s_log_dir }}" +- name: Prepare directory structure + ansible.builtin.file: + path: "{{ item }}" + owner: root + group: root + mode: "0700" + state: directory + loop: + - "{{ __k3s_config_dir }}" + - "{{ __k3s_config_dir }}/server" + - "{{ __k3s_data_dir }}" + - "{{ __k3s_manifests_dir }}" + - "{{ __k3s_log_dir }}" - - name: Download K3s binary - get_url: - url: https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/k3s - checksum: sha256:https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/sha256sum-amd64.txt - dest: /usr/local/bin/k3s - timeout: 30 - owner: root - group: root - mode: 0755 - notify: __k3s_restart +- name: Download K3s binary + ansible.builtin.get_url: + url: https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/k3s + checksum: sha256:https://github.com/k3s-io/k3s/releases/download/v{{ k3s_version }}/sha256sum-amd64.txt + dest: /usr/local/bin/k3s + timeout: 30 + owner: root + group: root + mode: "0755" + notify: __k3s_restart - - name: Copy K3s config file - template: - src: "etc/rancher/k3s/config.yaml.j2" - dest: "{{ __k3s_config_dir }}/config.yaml" - owner: root - group: root - mode: 0600 - notify: __k3s_restart +- name: Copy K3s config file + ansible.builtin.template: + src: "etc/rancher/k3s/config.yaml.j2" + dest: "{{ __k3s_config_dir }}/config.yaml" + owner: root + group: root + mode: "0600" + notify: __k3s_restart - - name: Copy K3s kubelet config file - template: - src: "etc/rancher/k3s/kubelet.yaml.j2" - dest: "{{ __k3s_config_dir }}/kubelet.yaml" - owner: root - group: root - mode: 0600 - notify: __k3s_restart +- name: Copy K3s kubelet config file + ansible.builtin.template: + src: "etc/rancher/k3s/kubelet.yaml.j2" + dest: "{{ __k3s_config_dir }}/kubelet.yaml" + owner: root + group: root + mode: "0600" + notify: __k3s_restart - - name: Copy K3s server config files - template: - src: "etc/rancher/k3s/server/{{ item }}.j2" - dest: "{{ __k3s_config_dir }}/server/{{ item }}" - owner: root - group: root - mode: 0600 - loop: - - admission-config.yaml - when: k3s_server | bool - notify: __k3s_restart +- name: Copy K3s server config files + ansible.builtin.template: + src: "etc/rancher/k3s/server/{{ item }}.j2" + dest: "{{ __k3s_config_dir }}/server/{{ item }}" + owner: root + group: root + mode: "0600" + loop: + - admission-config.yaml + when: k3s_server | bool + notify: __k3s_restart - - name: Copy auto-deploying manifests to the server - template: - src: "{{ item }}" - dest: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}" - mode: 0644 - loop: "{{ k3s_server_manifests_templates }}" - loop_control: - label: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}" - when: - - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname'] - - not __k3s_installed.stat.exists +- name: Copy auto-deploying manifests to the server + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}" + mode: "0644" + loop: "{{ k3s_server_manifests_templates }}" + loop_control: + label: "{{ __k3s_manifests_dir }}/{{ item | basename | replace('.j2', '') }}" + when: + - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname'] + - not __k3s_installed.stat.exists - - name: Download auto-deploying manifests to the server - get_url: - url: "{{ item.url }}" - dest: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}" - timeout: 30 - mode: 0644 - loop: "{{ k3s_server_manifests_urls }}" - loop_control: - label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}" - when: - - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname'] - - not __k3s_installed.stat.exists - become: True - become_user: root +- name: Download auto-deploying manifests to the server + ansible.builtin.get_url: + url: "{{ item.url }}" + dest: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}" + timeout: 30 + mode: "0644" + loop: "{{ k3s_server_manifests_urls }}" + loop_control: + label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url | basename) }}" + when: + - ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname'] + - not __k3s_installed.stat.exists diff --git a/tasks/reset.yml b/tasks/reset.yml index 3df2dfc..942c181 100644 --- a/tasks/reset.yml +++ b/tasks/reset.yml @@ -1,63 +1,60 @@ --- -- block: - - name: Disable services - service: - name: "{{ item }}" - state: stopped - enabled: False - failed_when: False - loop: - - k3s - - k3s-init - - kubepods +- name: Disable services + ansible.builtin.service: + name: "{{ item }}" + state: stopped + enabled: False + failed_when: False + loop: + - k3s + - k3s-init + - kubepods - - name: Kill containerd-shim-runc - register: __k3s_pkill_containerd_shim_runc - command: pkill -9 -f "k3s/data/[^/]+/bin/containerd-shim-runc" - changed_when: __k3s_pkill_containerd_shim_runc.rc == 0 - failed_when: False +- name: Kill containerd-shim-runc + register: __k3s_pkill_containerd_shim_runc + ansible.builtin.command: pkill -9 -f "k3s/data/[^/]+/bin/containerd-shim-runc" + changed_when: __k3s_pkill_containerd_shim_runc.rc == 0 + failed_when: False - - name: Get the list of mounted filesystems - shell: set -o pipefail && cat /proc/mounts | awk '{ print $2}' | grep -E "^{{ item }}" - loop: - - /run/k3s - - /var/lib/kubelet - - /run/netns - - /var/lib/kubelet/pods - - /var/lib/kubelet/plugins - - /run/netns/cni- - - "{{ __k3s_data_dir }}" - register: __k3s_mounted_fs - args: - executable: /bin/bash - failed_when: False - changed_when: False +- name: Get the list of mounted filesystems + ansible.builtin.shell: set -o pipefail && cat /proc/mounts | awk '{ print $2}' | grep -E "^{{ item }}" + loop: + - /run/k3s + - /var/lib/kubelet + - /run/netns + - /var/lib/kubelet/pods + - /var/lib/kubelet/plugins + - /run/netns/cni- + - "{{ __k3s_data_dir }}" + register: __k3s_mounted_fs + args: + executable: /bin/bash + failed_when: False + changed_when: False - - name: Umount filesystem - mount: - path: "{{ item }}" - state: unmounted - loop: "{{ __k3s_mounted_fs.results | map(attribute='stdout_lines') | list | flatten | reverse }}" +- name: Umount filesystem + ansible.posix.mount: + path: "{{ item }}" + state: unmounted + loop: "{{ __k3s_mounted_fs.results | map(attribute='stdout_lines') | list | flatten | reverse }}" - - name: Remove service files, binaries and data - file: - name: "{{ item }}" - state: absent - loop: - - /usr/local/bin/k3s - - "{{ __k3s_service_file }}" - - "{{ __k3s_config_dir }}" - - "{{ __k3s_data_dir }}" - - "{{ __k3s_log_dir }}" - - /etc/cni - - /run/k3s - - /run/flannel - - /var/lib/kubelet - - /var/lib/cni - - /var/run/netns +- name: Remove service files, binaries and data + ansible.builtin.file: + name: "{{ item }}" + state: absent + loop: + - /usr/local/bin/k3s + - "{{ __k3s_service_file }}" + - "{{ __k3s_config_dir }}" + - "{{ __k3s_data_dir }}" + - "{{ __k3s_log_dir }}" + - /etc/cni + - /run/k3s + - /run/flannel + - /var/lib/kubelet + - /var/lib/cni + - /var/run/netns - - name: Reload systemd daemon - systemd: - daemon_reload: True - become: True - become_user: root +- name: Reload systemd daemon + ansible.builtin.service: + daemon_reload: True diff --git a/tasks/setup.yml b/tasks/setup.yml index c9ae158..fd5f1b8 100644 --- a/tasks/setup.yml +++ b/tasks/setup.yml @@ -1,95 +1,92 @@ --- -- block: - - name: Copy K3s service file - template: - src: "etc/systemd/system/k3s.service.j2" - dest: "{{ __k3s_service_file }}" - owner: root - group: root - mode: 0644 - notify: __k3s_restart +- name: Copy K3s service file + ansible.builtin.template: + src: "etc/systemd/system/k3s.service.j2" + dest: "{{ __k3s_service_file }}" + owner: root + group: root + mode: "0644" + notify: __k3s_restart - - name: Force restart - meta: flush_handlers +- name: Force restart + ansible.builtin.meta: flush_handlers - - name: Ensure K3s service is up and running - service: - name: k3s - daemon_reload: True - enabled: True - state: started +- name: Ensure K3s service is up and running + ansible.builtin.service: + name: k3s + daemon_reload: True + enabled: True + state: started - - name: Wait for Kubernetes API - command: >- - {{ __k3s_binary }} kubectl get --raw='/readyz' - register: __k3s_api_readyz - until: __k3s_api_readyz.rc == 0 and __k3s_api_readyz.stdout == "ok" - retries: 30 - delay: 10 - changed_when: False - when: k3s_server | bool +- name: Wait for Kubernetes API + ansible.builtin.command: >- + {{ __k3s_binary }} kubectl get --raw='/readyz' + register: __k3s_api_readyz + until: __k3s_api_readyz.rc == 0 and __k3s_api_readyz.stdout == "ok" + retries: 30 + delay: 10 + changed_when: False + when: k3s_server | bool - - name: Set server address - command: >- - {{ __k3s_binary }} kubectl config set-cluster default - --server=https://{{ __k3s_server_ip }}:6443 - --kubeconfig {{ __k3s_config_dir }}/k3s.yaml - changed_when: False +- name: Set server address + ansible.builtin.command: >- + {{ __k3s_binary }} kubectl config set-cluster default + --server=https://{{ __k3s_server_ip }}:6443 + --kubeconfig {{ __k3s_config_dir }}/k3s.yaml + changed_when: False - - name: Create setup resources - k8s: - kind: "{{ item.kind }}" - name: "{{ item.name }}" - kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" - state: present - definition: "{{ item.definition }}" - loop: "{{ k3s_server_resource_creations }}" - loop_control: - label: "{{ item.kind | lower }}/{{ item.name | lower }}" - when: k3s_server | bool +- name: Create setup resources + kubernetes.core.k8s: + kind: "{{ item.kind }}" + name: "{{ item.name }}" + kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" + state: present + definition: "{{ item.definition }}" + loop: "{{ k3s_server_resource_creations }}" + loop_control: + label: "{{ item.kind | lower }}/{{ item.name | lower }}" + when: k3s_server | bool - - name: Wait for initial setup - command: >- - {{ __k3s_binary }} kubectl get deployment coredns - -n kube-system - -o go-template={% raw %}'{{ .status.availableReplicas }}'{% endraw %} - register: __k3s_init_setup - until: __k3s_init_setup.rc == 0 and __k3s_init_setup.stdout == "1" - retries: 30 - delay: 10 - changed_when: False - when: k3s_server | bool +- name: Wait for initial setup + ansible.builtin.command: >- + {{ __k3s_binary }} kubectl get deployment coredns + -n kube-system + -o go-template={% raw %}'{{ .status.availableReplicas }}'{% endraw %} + register: __k3s_init_setup + until: __k3s_init_setup.rc == 0 and __k3s_init_setup.stdout == "1" + retries: 30 + delay: 10 + changed_when: False + when: k3s_server | bool - - name: Add node role label - k8s: - kind: "Node" - name: "{{ k3s_node_name }}" - kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" - state: patched - definition: - metadata: - labels: "{{ (__k3s_node_lables['control'] if k3s_server | bool else __k3s_node_lables['worker']) | combine(__k3s_node_lables['general'], k3s_node_labels) }}" - delegate_to: "{{ hostvars[k3s_server_nodes[0]]['inventory_hostname'] }}" +- name: Add node role label + kubernetes.core.k8s: + kind: "Node" + name: "{{ k3s_node_name }}" + kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" + state: patched + definition: + metadata: + labels: "{{ (__k3s_node_lables['control'] if k3s_server | bool else __k3s_node_lables['worker']) | combine(__k3s_node_lables['general'], k3s_node_labels) }}" + delegate_to: "{{ hostvars[k3s_server_nodes[0]]['inventory_hostname'] }}" - - name: Patch existing resources - k8s: - kind: "{{ item.kind }}" - name: "{{ item.name }}" - kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" - state: patched - definition: "{{ item.definition }}" - loop: "{{ k3s_server_resource_patches }}" - loop_control: - label: "{{ item.kind | lower }}/{{ item.name | lower }}" - when: k3s_server | bool +- name: Patch existing resources + kubernetes.core.k8s: + kind: "{{ item.kind }}" + name: "{{ item.name }}" + kubeconfig: "{{ __k3s_config_dir }}/k3s.yaml" + state: patched + definition: "{{ item.definition }}" + loop: "{{ k3s_server_resource_patches }}" + loop_control: + label: "{{ item.kind | lower }}/{{ item.name | lower }}" + when: k3s_server | bool - - name: Remove auto-deploying manifests - file: - path: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}" - state: absent - loop: "{{ k3s_server_manifests_urls + k3s_server_manifests_templates }}" - loop_control: - label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}" - when: ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname'] - become: True - become_user: root +- name: Remove auto-deploying manifests + ansible.builtin.file: + path: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}" + state: absent + loop: "{{ k3s_server_manifests_urls + k3s_server_manifests_templates }}" + loop_control: + label: "{{ __k3s_manifests_dir }}/{{ item.dest | default(item.url) | default(item) | basename | replace('.j2', '') }}" + when: ansible_hostname == hostvars[k3s_server_nodes[0]]['ansible_hostname']