Update roles

roles/ikke_t.podman_container_systemd/tasks/deploy_pod_yaml.yml

@@ -0,0 +1,58 @@
+---
+- name: Deploy container-pod-yaml with validation
+  block:
+  - name: Make sure unzip is installed
+    become: true
+    ansible.builtin.package:
+      name: unzip
+      state: present
+
+  - name: Set correct kubeval version for 64bit
+    ansible.builtin.set_fact:
+      kubeval_arch: amd64
+    when: ansible_architecture == "x86_64"
+
+  - name: Set correct kubeval version for 64bit
+    ansible.builtin.set_fact:
+      kubeval_arch: 386
+    when: ansible_architecture == "i386"
+
+  - name: Continue without validation as we can't get kubeval for this arch
+    ansible.builtin.set_fact:
+      container_pod_yaml_template_validation: false
+    when: kubeval_arch is undefined
+
+  - name: Get latest kubeval version
+    become: true
+    ansible.builtin.unarchive:
+      src: "{{ kubeval_url }}/download/kubeval-linux-{{ kubeval_arch }}.tar.gz"
+      dest: "/usr/local/bin"
+      owner: "root"
+      group: "root"
+      mode: "0755"
+      exclude:
+        - README.md
+        - LICENSE
+      remote_src: true
+      keep_newer: true
+
+  - name: Deploy container configuration
+    ansible.builtin.template:
+      src: "{{ container_pod_yaml_template }}"
+      dest: "{{ container_pod_yaml }}"
+      owner: "{{ container_run_as_user }}"
+      group: "{{ container_run_as_group }}"
+      mode: '0640'
+      validate: /usr/local/bin/kubeval %s
+    notify: restart service
+  when: container_pod_yaml_template_validation
+
+- name: container-pod-yaml without validation
+  ansible.builtin.template:
+    src: "{{ container_pod_yaml_template }}"
+    dest: "{{ container_pod_yaml }}"
+    owner: "{{ container_run_as_user }}"
+    group: "{{ container_run_as_group }}"
+    mode: '0640'
+  notify: restart service
+  when: not container_pod_yaml_template_validation