59 lines
1.7 KiB
YAML
59 lines
1.7 KiB
YAML
---
|
|
- name: Deploy container-pod-yaml with validation
|
|
block:
|
|
- name: Make sure unzip is installed
|
|
become: true
|
|
ansible.builtin.package:
|
|
name: unzip
|
|
state: present
|
|
|
|
- name: Set correct kubeval version for 64bit
|
|
ansible.builtin.set_fact:
|
|
kubeval_arch: amd64
|
|
when: ansible_architecture == "x86_64"
|
|
|
|
- name: Set correct kubeval version for 64bit
|
|
ansible.builtin.set_fact:
|
|
kubeval_arch: 386
|
|
when: ansible_architecture == "i386"
|
|
|
|
- name: Continue without validation as we can't get kubeval for this arch
|
|
ansible.builtin.set_fact:
|
|
container_pod_yaml_template_validation: false
|
|
when: kubeval_arch is undefined
|
|
|
|
- name: Get latest kubeval version
|
|
become: true
|
|
ansible.builtin.unarchive:
|
|
src: "{{ kubeval_url }}/download/kubeval-linux-{{ kubeval_arch }}.tar.gz"
|
|
dest: "/usr/local/bin"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0755"
|
|
exclude:
|
|
- README.md
|
|
- LICENSE
|
|
remote_src: true
|
|
keep_newer: true
|
|
|
|
- name: Deploy container configuration
|
|
ansible.builtin.template:
|
|
src: "{{ container_pod_yaml_template }}"
|
|
dest: "{{ container_pod_yaml }}"
|
|
owner: "{{ container_run_as_user }}"
|
|
group: "{{ container_run_as_group }}"
|
|
mode: '0640'
|
|
validate: /usr/local/bin/kubeval %s
|
|
notify: restart service
|
|
when: container_pod_yaml_template_validation
|
|
|
|
- name: container-pod-yaml without validation
|
|
ansible.builtin.template:
|
|
src: "{{ container_pod_yaml_template }}"
|
|
dest: "{{ container_pod_yaml }}"
|
|
owner: "{{ container_run_as_user }}"
|
|
group: "{{ container_run_as_group }}"
|
|
mode: '0640'
|
|
notify: restart service
|
|
when: not container_pod_yaml_template_validation
|