diff --git a/.husky/commit-msg b/.husky/commit-msg old mode 100755 new mode 100644 diff --git a/.husky/pre-commit b/.husky/pre-commit old mode 100755 new mode 100644 diff --git a/install.yaml b/install.yaml index 1320069d..da6af738 100644 --- a/install.yaml +++ b/install.yaml @@ -19,6 +19,7 @@ tags: - cert-manager - cm + - always - name: confSyncer tags: @@ -62,9 +63,9 @@ tags: - vault - - name: sops - tags: - - sops + # - name: sops + # tags: + # - sops - name: argocd tags: diff --git a/roles/gitlab-runner/tasks/main.yaml b/roles/gitlab-runner/tasks/main.yaml index 3676744b..6cae1100 100644 --- a/roles/gitlab-runner/tasks/main.yaml +++ b/roles/gitlab-runner/tasks/main.yaml @@ -9,27 +9,51 @@ msg: "Gitlab ne semble pas avoir été provisionné sur le cluster veuillez l'installer avant" when: gitlab_ns | length == 0 -- name: Install gitlab-runner subscription and role - kubernetes.core.k8s: - template: "{{ item }}" - with_items: - - operator-subscription.yaml.j2 - - gitlab-runner-auth.yaml.j2 - -- name: Wait Gitlab Runner exists +- name: Get dso-config inventory kubernetes.core.k8s_info: - api_version: apps.gitlab.com/v1beta2 - kind: Runner - name: gitlab-runner - namespace: "{{ dsc.gitlab.namespace }}" - register: runner_kind - until: runner_kind.api_found - retries: 5 + namespace: "{{ dsc.console.namespace }}" + kind: ConfigMap + name: dso-config + register: ansible_inventory -- name: Add custom env - kubernetes.core.k8s: - template: custom-env.yaml.j2 +- name: Get gitlab token + ansible.builtin.set_fact: + gitlab_token: "{{ ansible_inventory.resources[0].data.GITLAB_TOKEN }}" + +- name: Initiate a runner in GitLab instance + ansible.builtin.uri: + validate_certs: "{{ dsc.exposedCA.type == 'none' }}" + url: "https://{{ gitlab_domain }}/api/v4/user/runners" + method: POST + headers: + "PRIVATE-TOKEN": "{{ gitlab_token }}" + body: + runner_type: instance_type + description: dso-runner + platform: null + run_untagged: true + body_format: form-urlencoded + status_code: [201] + changed_when: true + register: default_runner -- name: Install gitlab instance +- name: Add GitLab Runner helm repo + kubernetes.core.helm_repository: + name: gitlab + repo_url: https://charts.gitlab.io + +- name: Set GitLab Runner helm values + ansible.builtin.set_fact: + runner_values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}" + +- name: Create gitlab-runner role kubernetes.core.k8s: - template: gitlab-runner-instance.yaml.j2 + template: gitlab-runner-auth.yaml.j2 + +- name: Deploy GitLab Runner helm + kubernetes.core.helm: + name: gitlab-runner + chart_ref: gitlab/gitlab-runner + chart_version: "{{ dsc.gitlabRunner.chartVersion }}" + release_namespace: "{{ dsc.gitlab.namespace }}" + values: "{{ runner_values }}" diff --git a/roles/gitlab-runner/templates/custom-env.yaml.j2 b/roles/gitlab-runner/templates/custom-env.yaml.j2 deleted file mode 100644 index 63c42664..00000000 --- a/roles/gitlab-runner/templates/custom-env.yaml.j2 +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -data: - HTTP_PROXY: "{{ dsc.proxy.enabled | ternary(dsc.proxy.http_proxy, '') }}" - HTTPS_PROXY: "{{ dsc.proxy.enabled | ternary(dsc.proxy.https_proxy, '') }}" - NO_PROXY: "{{ dsc.proxy.enabled | ternary(dsc.proxy.no_proxy, '') }}" -kind: ConfigMap -metadata: - name: custom-env - namespace: {{ dsc.gitlab.namespace }} diff --git a/roles/gitlab-runner/templates/gitlab-runner-auth.yaml.j2 b/roles/gitlab-runner/templates/gitlab-runner-auth.yaml.j2 index 952f7116..c974c502 100644 --- a/roles/gitlab-runner/templates/gitlab-runner-auth.yaml.j2 +++ b/roles/gitlab-runner/templates/gitlab-runner-auth.yaml.j2 @@ -1,21 +1,4 @@ apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: gitlab-runner - namespace: {{ dsc.gitlab.namespace }} -rules: - - apiGroups: [""] - resources: ["pods", "secrets", "configmaps"] - verbs: ["list", "get", "watch", "create", "delete", "update"] - - apiGroups: [""] - resources: ["pods/exec", "pods/attach"] - verbs: ["create"] - - apiGroups: [""] - resources: ["pods/log"] - verbs: ["get"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 kind: "RoleBinding" metadata: name: gitlab-runner-gitlab-runner @@ -26,7 +9,7 @@ roleRef: name: gitlab-runner subjects: - kind: ServiceAccount - name: gitlab-runner-sa + name: gitlab-runner namespace: {{ dsc.gitlab.namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -41,5 +24,5 @@ roleRef: name: system:openshift:scc:anyuid subjects: - kind: ServiceAccount - name: gitlab-runner-sa + name: gitlab-runner namespace: {{ dsc.gitlab.namespace }} \ No newline at end of file diff --git a/roles/gitlab-runner/templates/gitlab-runner-instance.yaml.j2 b/roles/gitlab-runner/templates/gitlab-runner-instance.yaml.j2 deleted file mode 100644 index 0926eafe..00000000 --- a/roles/gitlab-runner/templates/gitlab-runner-instance.yaml.j2 +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: apps.gitlab.com/v1beta2 -kind: Runner -metadata: - name: gitlab-runner - namespace: {{ dsc.gitlab.namespace }} -spec: - buildImage: alpine -{% if dsc.ingress.tls.type == 'tlsSecret' %} - ca: {{ dsc.ingress.tls.tlsSecret.name }} -{% elif dsc.exposedCA.type != 'none' %} - ca: exposed-ca -{% else %} - ca: -{% endif %} - #config: custom-config-toml - env: custom-env - gitlabUrl: https://{{ gitlab_domain }}/ - runUntagged: true - tags: openshift - token: gitlab-gitlab-runner-secret diff --git a/roles/gitlab-runner/templates/operator-subscription.yaml.j2 b/roles/gitlab-runner/templates/operator-subscription.yaml.j2 deleted file mode 100644 index ab1a68f8..00000000 --- a/roles/gitlab-runner/templates/operator-subscription.yaml.j2 +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: gitlab-runner-operator-kubernetes - namespace: {{ dsc.gitlab.namespace }} -spec: - channel: stable - installPlanApproval: Automatic - name: gitlab-runner-operator - source: certified-operators - sourceNamespace: openshift-marketplace - #startingCSV: gitlab-runner-operator.v1.10.0 diff --git a/roles/gitlab-runner/templates/values.yaml.j2 b/roles/gitlab-runner/templates/values.yaml.j2 new file mode 100644 index 00000000..f628a7c1 --- /dev/null +++ b/roles/gitlab-runner/templates/values.yaml.j2 @@ -0,0 +1,171 @@ +image: + registry: registry.gitlab.com + image: gitlab-org/gitlab-runner + # tag: alpine-v11.6.0 + +imagePullPolicy: IfNotPresent + +replicas: 1 + +## How many old ReplicaSets for this Deployment you want to retain +revisionHistoryLimit: 2 + +gitlabUrl: https://{{ gitlab_domain }}/ + +runnerToken: "{{ default_runner.json.token }}" + +terminationGracePeriodSeconds: 3600 + +## Set the certsSecretName in order to pass custom certficates for GitLab Runner to use +## Provide resource name for a Kubernetes Secret Object in the same namespace, +## this is used to populate the /home/gitlab-runner/.gitlab-runner/certs/ directory +## ref: https://docs.gitlab.com/runner/configuration/tls-self-signed.html#supported-options-for-self-signed-certificates-targeting-the-gitlab-server + +## +#certsSecretName: gitlab-wildcard-tls-chain +{% if dsc.exposedCA != 'none' %} +certsSecretName: exposed-ca +{% endif %} + +concurrent: 10 + +checkInterval: 30 + +rbac: + create: true + rules: +# - apiGroups: [""] +# resources: ["pods", "secrets", "configmaps"] +# verbs: ["list", "get", "watch", "create", "delete", "update"] +# - apiGroups: [""] +# resources: ["pods/exec", "pods/attach"] +# verbs: ["create"] +# - apiGroups: [""] +# resources: ["pods/log"] +# verbs: ["get"] + - resources: ["configmaps", "events", "pods", "pods/attach", "pods/exec", "secrets", "services"] + verbs: ["get", "list", "watch", "create", "patch", "update", "delete"] + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["create", "patch", "delete"] + clusterWideAccess: false + serviceAccountName: gitlab-runner + podSecurityPolicy: + enabled: true + resourceNames: + - gitlab-runner + +## Configuration for the Pods that the runner launches for each new job +## +runners: + # runner configuration, where the multi line strings is evaluated as + # template so you can specify helm values inside of it. + # + # tpl: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function + # runner configuration: https://docs.gitlab.com/runner/configuration/advanced-configuration.html + config: | + [[runners]] + [runners.kubernetes] + namespace = "{{ dsc.gitlab.namespace }}" + image = "ubuntu:22.04" + + ## Absolute path for an existing runner configuration file + ## Can be used alongside "volumes" and "volumeMounts" to use an external config file + ## Active if runners.config is empty or null + configPath: "" + + ## Which executor should be used + ## + # executor: kubernetes + + ## Specify the name for the runner. + ## + name: gitlab-runner + + ## The name of the secret containing runner-token and runner-registration-token + secret: gitlab-runner-secret + + cache: {} + +## Configure securitycontext for the main container +## ref: https://kubernetes.io/docs/concepts/security/pod-security-standards/ +## +securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + runAsNonRoot: true + privileged: false + capabilities: + drop: ["ALL"] + +## Configure securitycontext valid for the whole pod +## ref: https://kubernetes.io/docs/concepts/security/pod-security-standards/ +## +podSecurityContext: + runAsUser: 100 + fsGroup: 65533 + +## Configure resource requests and limits +## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +## +resources: {} + # limits: + # memory: 256Mi + # cpu: 200m + # requests: + # memory: 128Mi + # cpu: 100m + +## Configure environment variables that will be present when the registration command runs +## This provides further control over the registration process and the config.toml file +## ref: `gitlab-runner register --help` +## ref: https://docs.gitlab.com/runner/configuration/advanced-configuration.html +## +envVars: + - name: RUNNER_EXECUTOR + value: kubernetes +{% if dsc.proxy.enabled %} + - name: HTTP_PROXY + value: "{{ dsc.proxy.http_proxy }}" + - name: HTTPS_PROXY + value: "{{ dsc.proxy.https_proxy }}" + - name: NO_PROXY + value: "{{ dsc.proxy.no_proxy }}" +{% endif %} + +## Annotations to be added to deployment +## +deploymentAnnotations: {} + # Example: + # downscaler/uptime: + +## Labels to be added to deployment +## +deploymentLabels: {} + # Example: + # owner.team: + +## Annotations to be added to manager pod +## +podAnnotations: {} + # Example: + # iam.amazonaws.com/role: + +## Labels to be added to manager pod +## +podLabels: {} + # Example: + # owner.team: + +## Configure priorityClassName for manager pod. See k8s docs for more info on how pod priority works: +## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +priorityClassName: "" + +volumeMounts: + - name: root-gitlab-runner + mountPath: /.gitlab-runner + +volumes: + - name: root-gitlab-runner + emptyDir: + medium: "Memory" diff --git a/roles/gitlab/tasks/main.yaml b/roles/gitlab/tasks/main.yaml index 84290a26..6f11d478 100644 --- a/roles/gitlab/tasks/main.yaml +++ b/roles/gitlab/tasks/main.yaml @@ -4,22 +4,41 @@ npm_file: "{{ lookup('file', '{{ playbook_dir }}/roles/gitlab/npm_file') }}" mvn_config_file: "{{ lookup('ansible.builtin.template', 'mvn_conf_file.j2') }}" -- name: Install gitlab subscription - kubernetes.core.k8s: - template: "{{ item }}" - with_items: - - operator-group.yaml.j2 - - operator-subscription.yaml.j2 +- name: Install GitLab Operator + block: + - name: Create GitLab namespace + kubernetes.core.k8s: + name: "{{ dsc.gitlab.namespace }}" + api_version: v1 + kind: Namespace + state: present -- name: Wait Gitlab CRD exist - kubernetes.core.k8s_info: - api_version: apps.gitlab.com/v1beta1 - kind: GitLab - namespace: "{{ dsc.gitlab.namespace }}" - register: gitlab_kind - until: gitlab_kind.api_found - retries: 15 - delay: 5 + - name: Add GitLab Operator helm repo + kubernetes.core.helm_repository: + name: gitlab-operator + repo_url: https://gitlab.com/api/v4/projects/18899486/packages/helm/stable + + - name: Set GitLab Operator helm values + ansible.builtin.set_fact: + operator_values: "{{ lookup('template', 'operator-values.yaml.j2') | from_yaml }}" + + - name: Deploy GitLab Operator helm + kubernetes.core.helm: + name: gitlab-operator + chart_ref: gitlab-operator/gitlab-operator + chart_version: "{{ dsc.gitlabOperator.chartVersion }}" + release_namespace: "{{ dsc.gitlab.namespace }}" + values: "{{ operator_values }}" + + - name: Wait gitlab-webhook-service endpoint + kubernetes.core.k8s_info: + kind: Endpoints + namespace: "{{ dsc.gitlab.namespace }}" + name: gitlab-webhook-service + register: endpoint + until: endpoint.resources[0].subsets[0].addresses[0] is defined + retries: 15 + delay: 5 - name: Get Gitlab client secret kubernetes.core.k8s_info: @@ -89,17 +108,6 @@ version: "{{ dsc.gitlab.chartVersion }}" values: "{{ gitlab_values }}" - # - name: Wait gitlab instance to be 'Running' - # kubernetes.core.k8s_info: - # api_version: apps.gitlab.com/v1beta1 - # kind: GitLab - # namespace: "{{ dsc.gitlab.namespace }}" - # name: gitlab - # register: gitlab_instance - # until: gitlab_instance.resources[0] is defined and gitlab_instance.resources[0].status is defined and gitlab_instance.resources[0].status.phase == 'Running' - # retries: 45 - # delay: 20 - - name: Wait Gitlab webservice endpoint to be available kubernetes.core.k8s_info: kind: Endpoints @@ -155,14 +163,13 @@ command: > bash -c "echo 'PersonalAccessToken.create!(user_id: 1 , name: \"ANSIBLE-DSO\" - , scopes: [:api, :read_repository, :write_repository] + , scopes: [:api, :read_repository, :write_repository, :create_runner] , expires_at: 365.days.from_now).token' | gitlab-rails console" register: token - name: Set new gitlab token ansible.builtin.set_fact: gitlab_token: "{{ token.stdout_lines[-2][1:-1] }}" - # when: ansible_inventory.resources[0].data.GITLAB_TOKEN is defined - name: Update inventory kubernetes.core.k8s: diff --git a/roles/gitlab/templates/gitlab-instance.yaml.j2 b/roles/gitlab/templates/gitlab-instance.yaml.j2 index 36fec8cf..5d53d0ef 100644 --- a/roles/gitlab/templates/gitlab-instance.yaml.j2 +++ b/roles/gitlab/templates/gitlab-instance.yaml.j2 @@ -21,7 +21,7 @@ gitlab: minio: ingress: tls: - secretName: gitlab-minio + secretName: gitlab-minio-secret {% else %} gitlab: webservice: @@ -40,6 +40,7 @@ minio: ingress: tls: {} {% endif %} + global: registry: enabled: false diff --git a/roles/gitlab/templates/operator-group.yaml.j2 b/roles/gitlab/templates/operator-group.yaml.j2 deleted file mode 100644 index 108e7631..00000000 --- a/roles/gitlab/templates/operator-group.yaml.j2 +++ /dev/null @@ -1,13 +0,0 @@ -kind: Namespace -apiVersion: v1 -metadata: - name: {{ dsc.gitlab.namespace }} ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: gitlab-opgroup - namespace: {{ dsc.gitlab.namespace }} -spec: - targetNamespaces: - - {{ dsc.gitlab.namespace }} diff --git a/roles/gitlab/templates/operator-subscription.yaml.j2 b/roles/gitlab/templates/operator-subscription.yaml.j2 deleted file mode 100644 index 83c979cc..00000000 --- a/roles/gitlab/templates/operator-subscription.yaml.j2 +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: gitlab-operator-kubernetes - namespace: {{ dsc.gitlab.namespace }} -spec: - channel: stable - installPlanApproval: Automatic - name: gitlab-operator-kubernetes - source: community-operators - sourceNamespace: openshift-marketplace diff --git a/roles/gitlab/templates/operator-values.yaml.j2 b/roles/gitlab/templates/operator-values.yaml.j2 new file mode 100644 index 00000000..5f276873 --- /dev/null +++ b/roles/gitlab/templates/operator-values.yaml.j2 @@ -0,0 +1,73 @@ +watchCluster: false + +image: + registry: registry.gitlab.com + repository: gitlab-org/cloud-native + name: gitlab-operator + tag: {{ dsc.gitlabOperator.chartVersion }} + # digest: + pullPolicy: IfNotPresent + # pullSecrets: [] + prepend: "false" + +nameOverride: "gitlab" +fullnameOverride: "" + +extraEnvs: [] + +podAnnotations: {} + +resources: + limits: + cpu: 200m + memory: 300Mi + requests: + cpu: 200m + memory: 100Mi + +affinity: {} +nodeSelector: {} +tolerations: [] + +manager: + debug: + enabled: true + serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the name template + # name: + webhook: + selfSignedCert: + # Specifies whether CertManager Issuer and Certificate should be created + # to generate a self-signed certificate for the Manager's webhook. + create: true + +app: + serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the name template + # name: + +nginx-ingress: + serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the name template + # name: + +scc: {} +# apiVersion: "" + +cert-manager: + install: false diff --git a/roles/socle-config/files/cr-conf-dso-default.yaml b/roles/socle-config/files/cr-conf-dso-default.yaml index a4a92c0a..963d2520 100644 --- a/roles/socle-config/files/cr-conf-dso-default.yaml +++ b/roles/socle-config/files/cr-conf-dso-default.yaml @@ -16,6 +16,7 @@ spec: dbPassword: myAwesomePassword values: {} gitlab: {} + gitlabOperator: {} global: environment: production projectsRootDir: diff --git a/roles/socle-config/files/crd-conf-dso.yaml b/roles/socle-config/files/crd-conf-dso.yaml index 7dc910c1..b41005ca 100644 --- a/roles/socle-config/files/crd-conf-dso.yaml +++ b/roles/socle-config/files/crd-conf-dso.yaml @@ -208,6 +208,20 @@ spec: Configuring tools in pipelines container is not an easy job. type: boolean type: object + gitlabOperator: + description: Configuration for GitLab Operator. + properties: + chartVersion: + description: GitLab Operator release version (e.g., "0.24.1"). + type: string + type: object + gitlabRunner: + description: Configuration for GitLab Runner. + properties: + chartVersion: + description: GitLab Runner chart version (e.g., "0.57.0"). + type: string + type: object global: description: Global configuration not specific to one service properties: @@ -504,6 +518,7 @@ spec: - console - exposedCA - gitlab + - gitlabOperator - global - harbor - ingress diff --git a/roles/socle-config/files/releases.yaml b/roles/socle-config/files/releases.yaml index 796ed8b5..abc4d254 100644 --- a/roles/socle-config/files/releases.yaml +++ b/roles/socle-config/files/releases.yaml @@ -14,10 +14,16 @@ spec: chartVersion: 0.18.2 console: # https://github.com/cloud-pi-native/console/releases - release: "5.9.1" + release: "5.11.0" gitlab: # https://artifacthub.io/packages/helm/gitlab/gitlab chartVersion: "7.3.4" + gitlabOperator: + # https://gitlab.com/gitlab-org/cloud-native/gitlab-operator/-/tags + chartVersion: "0.24.0" + gitlabRunner: + # https://gitlab.com/gitlab-org/charts/gitlab-runner/-/tags + chartVersion: "0.57.0" harbor: # https://artifacthub.io/packages/helm/harbor/harbor chartVersion: 1.13.0 diff --git a/uninstall.yaml b/uninstall.yaml index fc1b032f..3d1580d2 100644 --- a/uninstall.yaml +++ b/uninstall.yaml @@ -4,7 +4,7 @@ tasks: - - name: "Get socle config from conf-dso dsc (default)" + - name: "Récupération de la conf socle à partir de la dsc conf-dso (défaut)" kubernetes.core.k8s_info: kind: dsc name: conf-dso @@ -13,7 +13,7 @@ tags: - always - - name: Get socle config from dsc_cr extra var when defined + - name: "Récupération de la conf socle à partir de l'extra var dsc_cr quand définie" kubernetes.core.k8s_info: kind: dsc name: "{{ dsc_cr }}" @@ -23,7 +23,7 @@ tags: - always - - name: Check socle_config_custom and exit if empty + - name: "Vérification de socle_config_custom et arrêt si vide" when: (dsc_cr is defined) and (socle_config_custom.resources | length == 0) tags: - always @@ -50,25 +50,44 @@ - name: Exit playbook ansible.builtin.meta: end_play - - name: Set socle_config fact when dsc_cr defined and not empty + - name: "Déclaration du fact socle_config quand dsc_cr est définie et non vide" ansible.builtin.set_fact: socle_config: "{{ socle_config_custom }}" when: (socle_config_custom is not skipped) and (socle_config_custom.resources | length > 0) tags: - always - - name: Set DSC Name fact + - name: "Déclaration du fact dsc_name" ansible.builtin.set_fact: dsc_name: "{{ socle_config.resources[0].metadata.name }}" tags: - always - - name: Set DSC fact + - name: "Déclaration du fact dsc" ansible.builtin.set_fact: dsc: "{{ socle_config.resources[0].spec }}" tags: - always + - name: "Déclaration des facts config et releases" + ansible.builtin.set_fact: + dsc_default_config: "{{ lookup('ansible.builtin.file', './roles/socle-config/files/config.yaml') | from_yaml }}" + dsc_default_releases: "{{ lookup('ansible.builtin.file', './roles/socle-config/files/releases.yaml') | from_yaml }}" + tags: + - always + + - name: "Combinaison des nouveaux facts avec le fact dsc" + ansible.builtin.set_fact: + dsc: "{{ dsc_default_releases | combine(dsc_default_config, recursive=True) | combine(dsc, recursive=True) }}" + tags: + - always + + - name: "Mise à jour du fact dsc" + ansible.builtin.set_fact: + dsc: "{{ dsc.spec }}" + tags: + - always + - name: Suppression de cert-manager kubernetes.core.helm: name: cert-manager @@ -79,7 +98,7 @@ - never - cert-manager - - name: Suppression du namespace cert-manager + - name: "Suppression du namespace cert-manager" kubernetes.core.k8s: state: absent kind: Namespace @@ -88,7 +107,7 @@ - never - cert-manager - - name: Désinstallation de Kubed + - name: "Désinstallation de Kubed" kubernetes.core.helm: name: kubed chart_ref: appscode/kubed @@ -100,18 +119,18 @@ - confSyncer - kubed - - name: Suppression de l'instance CloudNativePG + - name: "Suppression de l'instance CloudNativePG" kubernetes.core.helm: name: cloudnative-pg release_namespace: "{{ dsc.cloudnativepg.namespace }}" - state: absent + release_state: absent wait: true tags: - never - cnpg - cloudnativepg - - name: Suppression du namespace CloudNativePG + - name: "Suppression du namespace CloudNativePG" kubernetes.core.k8s: state: absent kind: Namespace @@ -121,7 +140,7 @@ - cnpg - cloudnativepg - - name: Suppression de l'instance Keycloak + - name: "Suppression de l'instance Keycloak" kubernetes.core.helm: name: keycloak release_namespace: "{{ dsc.keycloak.namespace }}" @@ -130,7 +149,7 @@ tags: - keycloak - - name: Suppression du namespace Keycloak + - name: "Suppression du namespace Keycloak" kubernetes.core.k8s: state: absent kind: Namespace @@ -138,7 +157,7 @@ tags: - keycloak - - name: Suppression du namespace Nexus + - name: "Suppression du namespace Nexus" kubernetes.core.k8s: state: absent kind: Namespace @@ -146,7 +165,7 @@ tags: - nexus - - name: Suppression du namespace Sonarqube + - name: "Suppression du namespace Sonarqube" kubernetes.core.k8s: state: absent kind: Namespace @@ -154,18 +173,28 @@ tags: - sonarqube - - name: Suppression du gitlab runner + - name: "Suppression du GitLab Runner" + kubernetes.core.helm: + name: gitlab-runner + release_namespace: "{{ dsc.gitlab.namespace }}" + release_state: absent + wait: true + tags: + - gitlab-runner + - gitlab + + - name: "Suppression de l'instance GitLab" kubernetes.core.k8s: state: absent - api_version: apps.gitlab.com/v1beta2 - kind: Runner - name: gitlab-runner + api_version: apps.gitlab.com/v1beta1 + kind: GitLab + name: gitlab namespace: "{{ dsc.gitlab.namespace }}" + wait: true tags: - - gitlab-runner - gitlab - - name: Suppression du namespace GitLab + - name: "Suppression du namespace GitLab" kubernetes.core.k8s: state: absent kind: Namespace @@ -173,7 +202,7 @@ tags: - gitlab - - name: Suppression du namespace Vault + - name: "Suppression du namespace Vault" kubernetes.core.k8s: state: absent kind: Namespace @@ -181,7 +210,7 @@ tags: - vault - - name: Suppression du namespace SOPS + - name: "Suppression du namespace SOPS" kubernetes.core.k8s: state: absent kind: Namespace @@ -189,7 +218,7 @@ tags: - sops - - name: Suppression du namespace ArgoCD + - name: "Suppression du namespace ArgoCD" kubernetes.core.k8s: state: absent kind: Namespace @@ -199,7 +228,7 @@ - argo - gitops - - name: Suppression du namespace Harbor + - name: "Suppression du namespace Harbor" kubernetes.core.k8s: state: absent kind: Namespace @@ -208,7 +237,7 @@ - harbor - registry - - name: Suppression du namespace Console + - name: "Suppression du namespace Console" kubernetes.core.k8s: state: absent kind: Namespace