softplayer-helmfile/charts/tekton-pipelines/templates/tasks/generate-ssh-keys.yml

50 lines
1.4 KiB
YAML

---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: generate-ssh-keys
namespace: tekton-pipelines
namespace: {{ .Values.pipelineNamespace }}
labels:
{{- include "tekton-pipelines.labels" . | nindent 4 }}
spec:
description: |-
This task should prepare a ssh key that will be used for
bootstrapping wotkload nodes. If ssh-key secret already
exists, should not run
params:
- name: namespace
type: string
- name: environment
type: string
steps:
- name: check-whether-a-key-exists
image: alpine/k8s:1.29.2
script: |-
#!/bin/bash
if kubectl get secret "$(params.environment)-ssh" --namespace "$(params.namespace)"; then
echo 1 > /tmp/outputs/ready
fi
- name: prepare-ssh-key
image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
script: |-
#!/bin/bash
if ! [ -f /tmp/outputs/ready ]; then
ansible-playbook /src/playbooks/other/ssh-key-gen/playbook.yml
fi
- name: save-ssh-keys
image: alpine/k8s:1.29.2
script: |-
#!/bin/sh
if ! [ -f /tmp/outputs/ready ]; then
kubectl create secret generic \
"$(params.environment)"-ssh \
--namespace "$(params.namespace)" \
--from-file /tmp/outputs
fi
workspaces:
- name: ssh-keys
description: A folder to store ssh keys
optional: false
mountPath: /tmp/outputs