homeserver/friedhof/mgrote_sealed_secrets/tasks/main.yml

---
- name: include user tasks
  ansible.builtin.include_tasks: user.yml

- name: check if kubeseal is installed
  ansible.builtin.command: which kubeseal
  changed_when: false
  failed_when: kubeseal_installed.rc not in [0,1]
  register: kubeseal_installed

- name: download sealed_secrets binary
  ansible.builtin.unarchive:
    src: "{{ kubeseal_download_url }}"
    dest: "{{ kubeseal_path_bin }}"
    mode: "0755"
    owner: "{{ sealed_secrets_user }}"
    group: "{{ sealed_secrets_user_group }}"
    remote_src: true
    creates: "{{ kubeseal_path_bin }}/kubeseal"
  when: kubeseal_installed.rc not in [ 0 ]

- name: include import tasks
  ansible.builtin.include_tasks: import.yml
  # der ganze block nur auf enem host
  run_once: true
  when: ansible_host == flux_install_host
fix linter errors (#584) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/584 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de> 2023-10-25 22:26:17 +02:00			`---`
			`- name: include user tasks`
			`ansible.builtin.include_tasks: user.yml`

			`- name: check if kubeseal is installed`
			`ansible.builtin.command: which kubeseal`
			`changed_when: false`
			`failed_when: kubeseal_installed.rc not in [0,1]`
			`register: kubeseal_installed`

			`- name: download sealed_secrets binary`
			`ansible.builtin.unarchive:`
			`src: "{{ kubeseal_download_url }}"`
			`dest: "{{ kubeseal_path_bin }}"`
			`mode: "0755"`
			`owner: "{{ sealed_secrets_user }}"`
			`group: "{{ sealed_secrets_user_group }}"`
			`remote_src: true`
			`creates: "{{ kubeseal_path_bin }}/kubeseal"`
			`when: kubeseal_installed.rc not in [ 0 ]`

			`- name: include import tasks`
			`ansible.builtin.include_tasks: import.yml`
			`# der ganze block nur auf enem host`
			`run_once: true`
			`when: ansible_host == flux_install_host`