Configure OIDC, make idempotent, fix bugs. Claude.ai

2026-02-25 13:20:12 -05:00
parent 995b7c4070
commit d981b69669
23 changed files with 2269 additions and 760 deletions
--- a/roles/sno_deploy/tasks/main.yml
+++ b/roles/sno_deploy/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+# Entry point for the sno_deploy role.
+#
+# Each phase is gated by tags so individual steps can be run with --tags.
+# When invoked from deploy_openshift.yml, individual task files are
+# called directly via include_role + tasks_from to control play ordering.
+
+- name: Create SNO VM in Proxmox
+  ansible.builtin.include_tasks:
+    file: create_vm.yml
+    apply:
+      tags: sno_deploy_vm
+  tags: sno_deploy_vm
+
+- name: Install SNO via agent-based installer
+  ansible.builtin.include_tasks:
+    file: install.yml
+    apply:
+      tags: sno_deploy_install
+  tags: sno_deploy_install
+
+- name: Configure OpenShift OAuth with OIDC
+  ansible.builtin.include_tasks:
+    file: configure_oidc.yml
+    apply:
+      tags: sno_deploy_oidc
+  tags: sno_deploy_oidc
+
+- name: Configure cert-manager and LetsEncrypt certificates
+  ansible.builtin.include_tasks:
+    file: configure_certmanager.yml
+    apply:
+      tags: sno_deploy_certmanager
+  tags: sno_deploy_certmanager
+
+- name: Delete kubeadmin user
+  ansible.builtin.include_tasks:
+    file: delete_kubeadmin.yml
+    apply:
+      tags: sno_deploy_delete_kubeadmin
+  tags: sno_deploy_delete_kubeadmin