feat(ansible): deploy Agola deploy role
This commit is contained in:
Peter Kurfer
parent
bb36acbed0
commit
8d9465a9f5
8 changed files with 58 additions and 14 deletions
|
|
@ -9,20 +9,23 @@
|
||||||
- name: Create Agola manifests
|
- name: Create Agola manifests
|
||||||
kubernetes.core.k8s:
|
kubernetes.core.k8s:
|
||||||
state: present
|
state: present
|
||||||
namespace: agola
|
namespace: "{{ item.namespace | default('agola') }}"
|
||||||
definition: "{{ lookup('template', item) | from_yaml }}"
|
definition: "{{ lookup('template', item.file) | from_yaml }}"
|
||||||
with_items:
|
with_items:
|
||||||
- config.yml.j2
|
- file: config.yml.j2
|
||||||
- pvc.yml.j2
|
- file: pvc.yml.j2
|
||||||
- all-deployment.yml.j2
|
- file: all-deployment.yml.j2
|
||||||
- all-internal-svc.yml.j2
|
- file: all-internal-svc.yml.j2
|
||||||
- all-svc.yml.j2
|
- file: all-svc.yml.j2
|
||||||
- role.yml.j2
|
- file: ingress.yml.j2
|
||||||
- rolebinding.yml.j2
|
- file: rbac/role.yml.j2
|
||||||
- serviceaccount.yml.j2
|
- file: rbac/rolebinding.yml.j2
|
||||||
- clusterrole.yml.j2
|
- file: rbac/serviceaccount.yml.j2
|
||||||
- clusterrolebinding.yml.j2
|
- file: rbac/clusterrole.yml.j2
|
||||||
- ingress.yml.j2
|
- file: rbac/clusterrolebinding.yml.j2
|
||||||
|
- file: rbac/agola-deploy-role.yml.j2
|
||||||
|
- file: rbac/agola-deploy-rolebinding.yml.j2
|
||||||
|
namespace: blog
|
||||||
# - gateway-deployment.yml.j2
|
# - gateway-deployment.yml.j2
|
||||||
# - gateway-svc.yml.j2
|
# - gateway-svc.yml.j2
|
||||||
# - gitserver-deployment.yml.j2
|
# - gitserver-deployment.yml.j2
|
||||||
|
|
|
||||||
29
k8s/roles/agola/templates/rbac/agola-deploy-role.yml.j2
Normal file
29
k8s/roles/agola/templates/rbac/agola-deploy-role.yml.j2
Normal file
|
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRole
|
||||||
|
metadata:
|
||||||
|
name: agola-deploy
|
||||||
|
rules:
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
- secrets
|
||||||
|
- services
|
||||||
|
verbs:
|
||||||
|
- "*"
|
||||||
|
|
||||||
|
- apiGroups:
|
||||||
|
- "apps"
|
||||||
|
resources:
|
||||||
|
- deployments
|
||||||
|
- statefulsets
|
||||||
|
verbs:
|
||||||
|
- "*"
|
||||||
|
|
||||||
|
- apiGroups:
|
||||||
|
- "networking.k8s.io"
|
||||||
|
resources:
|
||||||
|
- "ingresses"
|
||||||
|
verbs:
|
||||||
|
- "*"
|
||||||
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: agola-deploy
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: agola-agola
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: agola
|
||||||
|
namespace: agola
|
||||||
|
|
@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: Role
|
kind: Role
|
||||||
metadata:
|
metadata:
|
||||||
name: agola
|
name: agola
|
||||||
namespace: agola
|
|
||||||
rules:
|
rules:
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
Loading…
Reference in a new issue