Created
June 9, 2021 12:05
-
-
Save egeneralov/7b75970bce4736c2649de01c1914e9f0 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: integrate gitlab instance with k8s | |
| hosts: kube-master[0] | |
| gather_facts: no | |
| tasks: | |
| - apt: | |
| name: | |
| - python-pip | |
| - python-setuptools | |
| - pip: | |
| name: | |
| - kubernetes==11.0.0 | |
| - openshift==0.11.2 | |
| - PyYAML==5.3.1 | |
| - name: "create gitlab ServiceAccount" | |
| k8s: | |
| state: present | |
| definition: | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: gitlab | |
| namespace: kube-system | |
| register: sa | |
| - wait_for: | |
| timeout: 20 | |
| - k8s_info: | |
| api_version: v1 | |
| kind: Secret | |
| name: "{{ sa.result.secrets[0].name }}" | |
| namespace: kube-system | |
| register: sa_secret | |
| - name: "create ClusterRoleBinding" | |
| k8s: | |
| state: present | |
| definition: | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: gitlab-cluster-admin | |
| subjects: | |
| - kind: ServiceAccount | |
| name: gitlab | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: cluster-admin | |
| apiGroup: rbac.authorization.k8s.io | |
| - name: "create ClusterRoleBinding" | |
| k8s: | |
| state: present | |
| definition: | |
| kind: ClusterRoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: gitlab-ns-cluster-admin | |
| subjects: | |
| - kind: ServiceAccount | |
| name: default | |
| namespace: gitlab-managed-apps | |
| roleRef: | |
| kind: ClusterRole | |
| name: cluster-admin | |
| apiGroup: rbac.authorization.k8s.io | |
| - block: | |
| - set_fact: | |
| master_ip: "{{ hostvars[groups['kube-master'][0]]['ansible_host'] }}" | |
| payload: | |
| name: cluster-name | |
| environment_scope: "cluster-name-*" | |
| managed: false | |
| platform_kubernetes_attributes: | |
| api_url: "https://{{ hostvars[groups['kube-master'][0]]['ansible_host'] }}:6443" | |
| token: "{{ sa_secret.resources[0].data['token'] | b64decode }}" | |
| ca_cert: "{{ sa_secret.resources[0].data['ca.crt'] | b64decode }}" | |
| - name: Create a gitlab cluster for group | |
| uri: | |
| url: https://gitlab.example.com/api/v4/groups/${GROUP_ID}/clusters/user | |
| headers: | |
| Private-Token: "${PERSONAL_ACCESS_TOKEN}" | |
| method: POST | |
| body: "{{ payload | to_json }}" | |
| status_code: 201 | |
| body_format: json | |
| register: answer | |
| - name: Create a gitlab cluster for project | |
| uri: | |
| url: https://gitlab.example.com/api/v4/projects/${PROJECT_ID}/clusters/user | |
| headers: | |
| Private-Token: "${PERSONAL_ACCESS_TOKEN}" | |
| method: POST | |
| body: "{{ payload | to_json }}" | |
| status_code: 201 | |
| body_format: json | |
| register: answer | |
| - name: Create a instance-wide cluster | |
| uri: | |
| url: https://gitlab.example.com/api/v4/admin/clusters/add | |
| headers: | |
| Private-Token: "${PERSONAL_ACCESS_TOKEN}" | |
| method: POST | |
| body: "{{ payload | to_json }}" | |
| status_code: 201 | |
| body_format: json | |
| register: answer | |
| delegate_to: localhost |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment