73 lines
1.7 KiB
YAML
73 lines
1.7 KiB
YAML
---
|
|
# Populates template variables from Secrets + Headlamp token (no_log on kubectl to avoid leaking into Ansible stdout).
|
|
- name: Fetch Argo CD initial admin password (base64)
|
|
ansible.builtin.command:
|
|
argv:
|
|
- kubectl
|
|
- -n
|
|
- argocd
|
|
- get
|
|
- secret
|
|
- argocd-initial-admin-secret
|
|
- -o
|
|
- jsonpath={.data.password}
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
register: noble_fetch_argocd_pw_b64
|
|
failed_when: false
|
|
changed_when: false
|
|
no_log: true
|
|
|
|
- name: Fetch Grafana admin user (base64)
|
|
ansible.builtin.command:
|
|
argv:
|
|
- kubectl
|
|
- -n
|
|
- monitoring
|
|
- get
|
|
- secret
|
|
- kube-prometheus-grafana
|
|
- -o
|
|
- jsonpath={.data.admin-user}
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
register: noble_fetch_grafana_user_b64
|
|
failed_when: false
|
|
changed_when: false
|
|
no_log: true
|
|
|
|
- name: Fetch Grafana admin password (base64)
|
|
ansible.builtin.command:
|
|
argv:
|
|
- kubectl
|
|
- -n
|
|
- monitoring
|
|
- get
|
|
- secret
|
|
- kube-prometheus-grafana
|
|
- -o
|
|
- jsonpath={.data.admin-password}
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
register: noble_fetch_grafana_pw_b64
|
|
failed_when: false
|
|
changed_when: false
|
|
no_log: true
|
|
|
|
- name: Create Headlamp ServiceAccount token (for UI sign-in)
|
|
ansible.builtin.command:
|
|
argv:
|
|
- kubectl
|
|
- -n
|
|
- headlamp
|
|
- create
|
|
- token
|
|
- headlamp
|
|
- "--duration={{ noble_landing_urls_headlamp_token_duration | default('48h') }}"
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
register: noble_fetch_headlamp_token
|
|
failed_when: false
|
|
changed_when: false
|
|
no_log: true
|