zuul-operator/playbooks/zuul-operator-functional/tasks/create_test_secrets.yaml

- name: Generate executor ssh key
  command: ssh-keygen -t rsa -m PEM -N '' -f 'id_rsa' -q -C 'zuul-executor'
  args:
    creates: id_rsa

# Note: Using lookup(file) is somehow failing with 'NoneType' object has no attribute 'startswith'
- name: Read generated ssh key
  command: cat id_rsa
  register: _ssh_key

- name: Read generated ssh public key
  command: cat id_rsa.pub
  register: _ssh_key_pub

- name: Read kube server address
  command: kubectl config view -o jsonpath='{.clusters[0].cluster.server}'
  register: _kube_config

- name: Read generated kubectl configuration
  shell: "kubectl config view --flatten | sed -e 's#{{ _kube_config.stdout }}#https://kubernetes/#g'"
  register: _kube_config

- name: Read current context name
  command: kubectl config current-context
  register: _kube_context

- name: Setup user provided secrets
  k8s:
    namespace: "{{ namespace }}"
    definition:
      apiVersion: v1
      kind: Secret
      metadata:
        name: "{{ item.name }}"
      stringData: "{{ item.data }}"
  loop:
    - name: static-node-authorized-keys
      data:
        authorized_keys: "{{ _ssh_key_pub.stdout }}"

    - name: executor-ssh-key
      data:
        sshkey: "{{ _ssh_key.stdout }}"

    - name: zuul-yaml-conf
      data:
        main.yaml: |
          - tenant:
              name: local
              source:
                opendev.org:
                  config-projects:
                    - zuul/zuul-base-jobs
                  untrusted-projects:
                    - zuul/zuul-jobs          

    - name: nodepool-yaml-conf
      data:
        nodepool.yaml: |
          labels:
            - name: pod-fedora-40
              min-ready: 1
            - name: ubuntu-focal
              min-ready: 1
          providers:
            - name: kube-cluster
              driver: kubernetes
              context: {{ _kube_context.stdout }}
              max-pods: 15
              pools:
              - name: default
                labels:
                  - name: pod-fedora-40
                    type: pod
                    image: quay.io/fedora/fedora:40
                    python-path: /bin/python3
            - name: static-vms
              driver: static
              pools:
                - name: main
                  nodes:
                    - name: node.default
                      labels: ubuntu-focal
                      host-key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgHJYejINIKzUiuSJ2MN8uPc+dfFrZ9JH1hLWS8gI+g"
                      python-path: /usr/bin/python3
                      username: root          

    - name: nodepool-kube-config
      data:
        kube.config: "{{ _kube_config.stdout }}"

    - name: zuul-registry-conf
      data:
        registry.yaml: |
          registry:
            users:
              - name: testuser
                pass: testpass
                access: write