summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--roles/kubernetes/standalone/pod/defaults/main.yml23
-rw-r--r--roles/kubernetes/standalone/pod/tasks/main.yml72
2 files changed, 95 insertions, 0 deletions
diff --git a/roles/kubernetes/standalone/pod/defaults/main.yml b/roles/kubernetes/standalone/pod/defaults/main.yml
new file mode 100644
index 00000000..87e849d8
--- /dev/null
+++ b/roles/kubernetes/standalone/pod/defaults/main.yml
@@ -0,0 +1,23 @@
+---
+# kubernetes_standalone_pod:
+# name: example
+# labels:
+# foo: bar
+# annotations:
+# hello: world
+# spec: |
+# containers:
+# - name: test
+# image: "debian:stable"
+# command:
+# - /bin/bash
+# - -c
+# - "sleep inf"
+
+# config_hash_items:
+# - path: /path/to/configfile
+# properties:
+# - checksum
+# - mode
+# - uid
+# - gid
diff --git a/roles/kubernetes/standalone/pod/tasks/main.yml b/roles/kubernetes/standalone/pod/tasks/main.yml
new file mode 100644
index 00000000..b59e4f38
--- /dev/null
+++ b/roles/kubernetes/standalone/pod/tasks/main.yml
@@ -0,0 +1,72 @@
+---
+- name: generate config-hash
+ when: "'config_hash_items' in kubernetes_standalone_pod"
+ block:
+ - name: create directory for config-hash files
+ file:
+ path: /etc/kubernetes/config-hashes
+ state: directory
+
+ - name: gather stats for config-hash items
+ loop: "{{ kubernetes_standalone_pod.config_hash_items }}"
+ loop_control:
+ label: "{{ item.path }} ({{ item.properties | sort | join(', ') }})"
+ stat:
+ path: "{{ item.path }}"
+ get_checksum: yes
+ checksum_algorithm: sha256
+ register: config_hash_items_stat
+
+ - assert:
+ msg: "at least one config-hash item does not exist"
+ that: false not in (config_hash_items_stat.results | map(attribute='stat.exists'))
+
+ - name: generate config-hash file
+ copy:
+ content: |
+ {% for result in config_hash_items_stat.results %}
+ {{ result.item.path }}:
+ {% for property in (result.item.properties | sort) %}
+ {{ property }}: {{ result.stat[property] }}
+ {% endfor %}
+ {% endfor %}
+ dest: "/etc/kubernetes/config-hashes/{{ kubernetes_standalone_pod.name }}.yml"
+
+ - name: compute config-hash value from file
+ stat:
+ path: "/etc/kubernetes/config-hashes/{{ kubernetes_standalone_pod.name }}.yml"
+ get_checksum: yes
+ checksum_algorithm: sha256
+ register: config_hash_file_stat
+
+ - name: set config-hash value
+ set_fact:
+ config_hash_value: "{{ config_hash_file_stat.stat.checksum }}"
+
+- name: remove config-hash file
+ when: "'config_hash_items' not in kubernetes_standalone_pod"
+ file:
+ path: "/etc/kubernetes/config-hashes/{{ kubernetes_standalone_pod.name }}.yml"
+ state: absent
+
+- name: generate pod manifest
+ copy:
+ content: |
+ apiVersion: v1
+ kind: Pod
+ metadata:
+ name: {{ kubernetes_standalone_pod.name }}
+ {% if 'labels' in kubernetes_standalone_pod %}
+ labels:
+ {{ kubernetes_standalone_pod.labels | to_nice_yaml(indent=2) | indent(4) }}{% endif %}
+ {% if config_hash_value is defined or'annotations' in kubernetes_standalone_pod %}
+ annotations:
+ {% if config_hash_value is defined %}
+ config-hash: {{ config_hash_value }}
+ {% endif %}
+ {% if 'annotations' in kubernetes_standalone_pod %}
+ {{ kubernetes_standalone_pod.annotations | default({}) | to_nice_yaml(indent=2) | indent(4) }}{% endif %}
+ {% endif %}
+ spec:
+ {{ kubernetes_standalone_pod.spec | indent(2) }}
+ dest: "/etc/kubernetes/manifests/{{ kubernetes_standalone_pod.name }}.yml"