| | |
| | | template: |
| | | dest: "{{ output_dir }}/status.txt" |
| | | src: files/status.j2 |
| | | |
| | | |
| | | - name: Run recover cluster actions |
| | | hosts: localhost |
| | | hosts: bastions |
| | | run_once: true |
| | | become: false |
| | | gather_facts: false |
| | |
| | | - name: Set Ansible Python interpreter to k8s virtualenv |
| | | set_fact: |
| | | ansible_python_interpreter: /opt/virtualenvs/k8s/bin/python |
| | | |
| | | - name: Recover cluster if it missed cert rotation |
| | | delegate_to: "{{ groups['bastions'] | first }}" |
| | | when: ACTION == 'start' |
| | | block: |
| | | - name: Wait (default 3m) for Nodes to settle and pods to start |
| | |
| | | k8s_facts: |
| | | api_version: certificates.k8s.io/v1beta1 |
| | | kind: CertificateSigningRequest |
| | | # Field selectors don't seem to work |
| | | # field_selectors: |
| | | # - status.conditions[0].type="Pending" |
| | | register: r_csrs |
| | | |
| | | - when: r_csrs.resources | length > 0 |
| | | name: Approve all Pending CSRs |
| | | - name: Approve all Pending CSRs |
| | | when: r_csrs.resources | length > 0 |
| | | command: "oc adm certificate approve {{ item.metadata.name }}" |
| | | # when: item.status.conditions[0].type == "Pending" |
| | | loop: "{{ r_csrs.resources }}" |
| | | |
| | | # TODO: Implement proper loop to watch for incoming CSRS while we are |
| | |
| | | k8s_facts: |
| | | api_version: certificates.k8s.io/v1beta1 |
| | | kind: CertificateSigningRequest |
| | | # Field selectors don't seem to work |
| | | # field_selectors: |
| | | # - status.conditions[0].type = "Pending" |
| | | register: r_new_csrs |
| | | |
| | | - when: r_csrs.resources | length > 0 |
| | | name: Approve all Pending CSRs |
| | | - name: Approve all additional Pending CSRs |
| | | when: r_new_csrs.resources | length > 0 |
| | | command: "oc adm certificate approve {{ item.metadata.name }}" |
| | | # when: item.status.conditions[0].type == "Pending" |
| | | loop: "{{ r_new_csrs.resources }}" |
| | | |
| | | loop: "{{ r_new_csrs.resources }}" |