--- apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: generate-ssh-keys namespace: tekton-pipelines namespace: {{ .Values.pipelineNamespace }} labels: {{- include "tekton-pipelines.labels" . | nindent 4 }} spec: description: |- This task should prepare a ssh key that will be used for bootstrapping wotkload nodes. If ssh-key secret already exists, should not run params: - name: namespace type: string - name: environment type: string steps: - name: check-whether-a-key-exists image: alpine/k8s:1.29.2 script: |- #!/bin/bash if kubectl get secret "$(params.environment)-ssh" --namespace "$(params.namespace)"; then echo 1 > /tmp/outputs/ready fi - name: prepare-ssh-key image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest script: |- #!/bin/bash if ! [ -f /tmp/outputs/ready ]; then ansible-playbook /src/playbooks/other/ssh-key-gen/playbook.yml fi - name: save-ssh-keys image: alpine/k8s:1.29.2 script: |- #!/bin/sh if ! [ -f /tmp/outputs/ready ]; then kubectl create secret generic \ "$(params.environment)"-ssh \ --namespace "$(params.namespace)" \ --from-file /tmp/outputs fi workspaces: - name: ssh-keys description: A folder to store ssh keys optional: false mountPath: /tmp/outputs