- name: Generate executor ssh key command: ssh-keygen -t rsa -m PEM -N '' -f 'id_rsa' -q -C 'zuul-executor' args: creates: id_rsa # Note: Using lookup(file) is somehow failing with 'NoneType' object has no attribute 'startswith' - name: Read generated ssh key command: cat id_rsa register: _ssh_key - name: Read generated ssh public key command: cat id_rsa.pub register: _ssh_key_pub - name: Read kube server address command: kubectl config view -o jsonpath='{.clusters[0].cluster.server}' register: _kube_config - name: Read generated kubectl configuration shell: "kubectl config view --flatten | sed -e 's#{{ _kube_config.stdout }}#https://kubernetes/#g'" register: _kube_config - name: Read current context name command: kubectl config current-context register: _kube_context - name: Setup user provided secrets k8s: namespace: "{{ namespace }}" definition: apiVersion: v1 kind: Secret metadata: name: "{{ item.name }}" stringData: "{{ item.data }}" loop: - name: static-node-authorized-keys data: authorized_keys: "{{ _ssh_key_pub.stdout }}" - name: executor-ssh-key data: sshkey: "{{ _ssh_key.stdout }}" - name: zuul-yaml-conf data: main.yaml: | - tenant: name: local source: opendev.org: config-projects: - zuul/zuul-base-jobs untrusted-projects: - zuul/zuul-jobs - name: nodepool-yaml-conf data: nodepool.yaml: | labels: - name: pod-fedora-40 min-ready: 1 - name: ubuntu-focal min-ready: 1 providers: - name: kube-cluster driver: kubernetes context: {{ _kube_context.stdout }} max-pods: 15 pools: - name: default labels: - name: pod-fedora-40 type: pod image: quay.io/fedora/fedora:40 python-path: /bin/python3 - name: static-vms driver: static pools: - name: main nodes: - name: node.default labels: ubuntu-focal host-key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgHJYejINIKzUiuSJ2MN8uPc+dfFrZ9JH1hLWS8gI+g" python-path: /usr/bin/python3 username: root - name: nodepool-kube-config data: kube.config: "{{ _kube_config.stdout }}" - name: zuul-registry-conf data: registry.yaml: | registry: users: - name: testuser pass: testpass access: write