50 lines
1.4 KiB
YAML
50 lines
1.4 KiB
YAML
---
|
|
apiVersion: tekton.dev/v1beta1
|
|
kind: Task
|
|
metadata:
|
|
name: generate-ssh-keys
|
|
namespace: tekton-pipelines
|
|
namespace: {{ .Values.pipelineNamespace }}
|
|
labels:
|
|
{{- include "tekton-pipelines.labels" . | nindent 4 }}
|
|
spec:
|
|
description: |-
|
|
This task should prepare a ssh key that will be used for
|
|
bootstrapping wotkload nodes. If ssh-key secret already
|
|
exists, should not run
|
|
params:
|
|
- name: namespace
|
|
type: string
|
|
- name: environment
|
|
type: string
|
|
steps:
|
|
- name: check-whether-a-key-exists
|
|
image: alpine/k8s:1.29.2
|
|
script: |-
|
|
#!/bin/bash
|
|
if kubectl get secret "$(params.environment)-ssh"; then
|
|
echo 1 > /tmp/outputs/ready
|
|
fi
|
|
- name: prepare-ssh-key
|
|
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
|
|
script: |-
|
|
#!/bin/bash
|
|
if ! [ -f /tmp/outputs/ready ]; then
|
|
ansible-playbook /src/playbooks/other/ssh-key-gen/playbook.yml
|
|
fi
|
|
- name: save-ssh-keys
|
|
image: alpine/k8s:1.29.2
|
|
script: |-
|
|
#!/bin/sh
|
|
if ! [ -f /tmp/outputs/ready ]; then
|
|
kubectl create secret generic \
|
|
"$(params.environment)"-ssh \
|
|
--namespace "$(params.namespace)" \
|
|
--from-file /tmp/outputs
|
|
fi
|
|
workspaces:
|
|
- name: ssh-keys
|
|
description: A folder to store ssh keys
|
|
optional: false
|
|
mountPath: /tmp/outputs
|