31 lines
1.1 KiB
YAML
31 lines
1.1 KiB
YAML
---
|
|
# See repository **.env.sample** — copy to **.env** (gitignored).
|
|
- name: Stat repository .env for deploy secrets
|
|
ansible.builtin.stat:
|
|
path: "{{ noble_repo_root }}/.env"
|
|
register: noble_deploy_env_file
|
|
changed_when: false
|
|
|
|
- name: Create newt-pangolin-auth Secret from .env
|
|
ansible.builtin.shell: |
|
|
set -euo pipefail
|
|
set -a
|
|
. "{{ noble_repo_root }}/.env"
|
|
set +a
|
|
if [ -z "${PANGOLIN_ENDPOINT:-}" ] || [ -z "${NEWT_ID:-}" ] || [ -z "${NEWT_SECRET:-}" ]; then
|
|
echo NO_VARS
|
|
exit 0
|
|
fi
|
|
kubectl -n newt create secret generic newt-pangolin-auth \
|
|
--from-literal=PANGOLIN_ENDPOINT="${PANGOLIN_ENDPOINT}" \
|
|
--from-literal=NEWT_ID="${NEWT_ID}" \
|
|
--from-literal=NEWT_SECRET="${NEWT_SECRET}" \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
echo APPLIED
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
when: noble_deploy_env_file.stat.exists | default(false)
|
|
no_log: true
|
|
register: noble_newt_secret_from_env
|
|
changed_when: "'APPLIED' in (noble_newt_secret_from_env.stdout | default(''))"
|