softplayer-helmfile/charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml

---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: bootstrap-k3s
  namespace: {{ .Values.pipelineNamespace }}
  labels:
    {{- include "tekton-pipelines.labels" . | nindent 4 }}
spec:
  params:
    - name: namespace
      type: string
    - name: environment
      type: string
  steps:
    - name: get-ssh-key-and-inventory
      image: alpine/k8s:1.29.2
      script: |-
        #!/bin/sh
        kubectl get secret "$(params.environment)"-ssh \
          --namespace "$(params.namespace)" -o yaml \
          | yq '.data.ssh_key' \
          | base64 -d > /tmp/outputs/ssh_key
        kubectl get secret "$(params.environment)"-ssh \
          --namespace "$(params.namespace)" -o yaml \
          | yq '.data."ssh_key.pub"' \
          | base64 -d > /tmp/outputs/ssh_key.pub
        kubectl get secret "$(params.environment)"-inventory \
          --namespace "$(params.namespace)" -o yaml \
          | yq '.data."inventory.yaml"' \
          | base64 -d > /tmp/outputs/inventory.yaml
        chmod 0600 /tmp/outputs/ssh_key
        chmod 0600 /tmp/outputs/ssh_key.pub
    - name: prepare-servers
      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
      env:
        - name: SP_ENV
          value: $(params.environment)
        - name: SP_CUSTOMER
          value: $(params.namespace)
        - name: ANSIBLE_INVENTORY
          value: /tmp/outputs/inventory.yaml
        - name: ANSIBE_PRIVATE_KEY_FILE
          value: /tmp/outputs/ssh_key
        - name: ANSIBLE_HOST_KEY_CHECKING
          value: "false"
      script: |
        #!/bin/sh
        ansible-playbook /src/playbooks/systems/system-bootstrap/playbook.yml
    - name: prepare-k3s
      env:
        - name: SP_ENV
          value: $(params.environment)
        - name: SP_CUSTOMER
          value: $(params.namespace)
        - name: ANSIBLE_INVENTORY
          value: /tmp/outputs/inventory.yaml
        - name: ANSIBE_PRIVATE_KEY_FILE
          value: /tmp/outputs/ssh_key
        - name: ANSIBLE_HOST_KEY_CHECKING
          value: "false"
      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
      script: |-
        #!/bin/sh
        ansible-playbook /src/playbooks/systems/k3s-bootstrap/playbook.yml
    - name: prepare-kubeconfig
      env:
        - name: SP_ENV
          value: $(params.environment)
        - name: SP_CUSTOMER
          value: $(params.namespace)
        - name: ANSIBLE_INVENTORY
          value: /tmp/outputs/inventory.yaml
        - name: ANSIBE_PRIVATE_KEY_FILE
          value: /tmp/outputs/ssh_key
        - name: ANSIBLE_HOST_KEY_CHECKING
          value: "false"
      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
      script: |-
        #!/bin/sh
        ansible-playbook /src/playbooks/other/k8s-create-user/playbook.yml
    - name: save-kubeconfig
      image: alpine/k8s:1.29.2
      script: |-
        #!/bin/sh
        kubectl delete secret \
          "$(params.environment)"-config \
          --namespace "$(params.namespace)"
        kubectl create secret generic \
          "$(params.environment)"-config \
          --namespace "$(params.namespace)" \
          --from-file=kubeconfig=/tmp/outputs/admin-default-config
  workspaces:
    - name: outputs
      description: A folder to store outputs
      optional: false
      mountPath: /tmp/outputs
Add tekton pipelines 2024-04-02 17:15:40 +00:00			`---`
			`apiVersion: tekton.dev/v1beta1`
			`kind: Task`
			`metadata:`
			`name: bootstrap-k3s`
			`namespace: {{ .Values.pipelineNamespace }}`
			`labels:`
			`{{- include "tekton-pipelines.labels" . \| nindent 4 }}`
			`spec:`
			`params:`
			`- name: namespace`
			`type: string`
			`- name: environment`
			`type: string`
			`steps:`
			`- name: get-ssh-key-and-inventory`
			`image: alpine/k8s:1.29.2`
			`script: \|-`
			`#!/bin/sh`
			`kubectl get secret "$(params.environment)"-ssh \`
			`--namespace "$(params.namespace)" -o yaml \`
			`\| yq '.data.ssh_key' \`
			`\| base64 -d > /tmp/outputs/ssh_key`
			`kubectl get secret "$(params.environment)"-ssh \`
			`--namespace "$(params.namespace)" -o yaml \`
			`\| yq '.data."ssh_key.pub"' \`
			`\| base64 -d > /tmp/outputs/ssh_key.pub`
			`kubectl get secret "$(params.environment)"-inventory \`
			`--namespace "$(params.namespace)" -o yaml \`
			`\| yq '.data."inventory.yaml"' \`
			`\| base64 -d > /tmp/outputs/inventory.yaml`
			`chmod 0600 /tmp/outputs/ssh_key`
			`chmod 0600 /tmp/outputs/ssh_key.pub`
			`- name: prepare-servers`
			`image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest`
			`env:`
			`- name: SP_ENV`
			`value: $(params.environment)`
			`- name: SP_CUSTOMER`
			`value: $(params.namespace)`
			`- name: ANSIBLE_INVENTORY`
			`value: /tmp/outputs/inventory.yaml`
			`- name: ANSIBE_PRIVATE_KEY_FILE`
			`value: /tmp/outputs/ssh_key`
			`- name: ANSIBLE_HOST_KEY_CHECKING`
			`value: "false"`
			`script: \|`
			`#!/bin/sh`
			`ansible-playbook /src/playbooks/systems/system-bootstrap/playbook.yml`
			`- name: prepare-k3s`
			`env:`
			`- name: SP_ENV`
			`value: $(params.environment)`
			`- name: SP_CUSTOMER`
			`value: $(params.namespace)`
			`- name: ANSIBLE_INVENTORY`
			`value: /tmp/outputs/inventory.yaml`
			`- name: ANSIBE_PRIVATE_KEY_FILE`
			`value: /tmp/outputs/ssh_key`
			`- name: ANSIBLE_HOST_KEY_CHECKING`
			`value: "false"`
			`image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest`
			`script: \|-`
			`#!/bin/sh`
			`ansible-playbook /src/playbooks/systems/k3s-bootstrap/playbook.yml`
			`- name: prepare-kubeconfig`
			`env:`
			`- name: SP_ENV`
			`value: $(params.environment)`
			`- name: SP_CUSTOMER`
			`value: $(params.namespace)`
			`- name: ANSIBLE_INVENTORY`
			`value: /tmp/outputs/inventory.yaml`
			`- name: ANSIBE_PRIVATE_KEY_FILE`
			`value: /tmp/outputs/ssh_key`
			`- name: ANSIBLE_HOST_KEY_CHECKING`
			`value: "false"`
			`image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest`
			`script: \|-`
			`#!/bin/sh`
			`ansible-playbook /src/playbooks/other/k8s-create-user/playbook.yml`
			`- name: save-kubeconfig`
			`image: alpine/k8s:1.29.2`
			`script: \|-`
			`#!/bin/sh`
			`kubectl delete secret \`
			`"$(params.environment)"-config \`
			`--namespace "$(params.namespace)"`
			`kubectl create secret generic \`
			`"$(params.environment)"-config \`
			`--namespace "$(params.namespace)" \`
			`--from-file=kubeconfig=/tmp/outputs/admin-default-config`
			`workspaces:`
			`- name: outputs`
			`description: A folder to store outputs`
			`optional: false`
			`mountPath: /tmp/outputs`