69 lines
2.4 KiB
YAML
69 lines
2.4 KiB
YAML
---
|
|
# See repository **.env.sample** — copy to **.env** (gitignored).
|
|
- name: Stat repository .env for Velero
|
|
ansible.builtin.stat:
|
|
path: "{{ noble_repo_root }}/.env"
|
|
register: noble_deploy_env_file
|
|
changed_when: false
|
|
|
|
- name: Load NOBLE_VELERO_S3_BUCKET from .env when unset
|
|
ansible.builtin.shell: |
|
|
set -a
|
|
. "{{ noble_repo_root }}/.env"
|
|
set +a
|
|
echo "${NOBLE_VELERO_S3_BUCKET:-}"
|
|
register: noble_velero_s3_bucket_from_env
|
|
when:
|
|
- noble_deploy_env_file.stat.exists | default(false)
|
|
- noble_velero_s3_bucket | default('') | length == 0
|
|
changed_when: false
|
|
|
|
- name: Apply NOBLE_VELERO_S3_BUCKET from .env
|
|
ansible.builtin.set_fact:
|
|
noble_velero_s3_bucket: "{{ noble_velero_s3_bucket_from_env.stdout | trim }}"
|
|
when:
|
|
- noble_velero_s3_bucket_from_env is defined
|
|
- (noble_velero_s3_bucket_from_env.stdout | default('') | trim | length) > 0
|
|
|
|
- name: Load NOBLE_VELERO_S3_URL from .env when unset
|
|
ansible.builtin.shell: |
|
|
set -a
|
|
. "{{ noble_repo_root }}/.env"
|
|
set +a
|
|
echo "${NOBLE_VELERO_S3_URL:-}"
|
|
register: noble_velero_s3_url_from_env
|
|
when:
|
|
- noble_deploy_env_file.stat.exists | default(false)
|
|
- noble_velero_s3_url | default('') | length == 0
|
|
changed_when: false
|
|
|
|
- name: Apply NOBLE_VELERO_S3_URL from .env
|
|
ansible.builtin.set_fact:
|
|
noble_velero_s3_url: "{{ noble_velero_s3_url_from_env.stdout | trim }}"
|
|
when:
|
|
- noble_velero_s3_url_from_env is defined
|
|
- (noble_velero_s3_url_from_env.stdout | default('') | trim | length) > 0
|
|
|
|
- name: Create velero-cloud-credentials from .env when keys present
|
|
ansible.builtin.shell: |
|
|
set -euo pipefail
|
|
set -a
|
|
. "{{ noble_repo_root }}/.env"
|
|
set +a
|
|
if [ -z "${NOBLE_VELERO_AWS_ACCESS_KEY_ID:-}" ] || [ -z "${NOBLE_VELERO_AWS_SECRET_ACCESS_KEY:-}" ]; then
|
|
echo SKIP
|
|
exit 0
|
|
fi
|
|
CLOUD="$(printf '[default]\naws_access_key_id=%s\naws_secret_access_key=%s\n' \
|
|
"${NOBLE_VELERO_AWS_ACCESS_KEY_ID}" "${NOBLE_VELERO_AWS_SECRET_ACCESS_KEY}")"
|
|
kubectl -n velero create secret generic velero-cloud-credentials \
|
|
--from-literal=cloud="${CLOUD}" \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
echo APPLIED
|
|
environment:
|
|
KUBECONFIG: "{{ noble_kubeconfig }}"
|
|
when: noble_deploy_env_file.stat.exists | default(false)
|
|
no_log: true
|
|
register: noble_velero_secret_from_env
|
|
changed_when: "'APPLIED' in (noble_velero_secret_from_env.stdout | default(''))"
|