feat(role): add kubectl role

2024-07-07 00:00:00 +00:00 · 2024-07-07 00:00:00 +00:00 · 41cb71e364
commit 41cb71e364
parent 247e2dbdad
8 changed files with 105 additions and 0 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/README.md
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/README.md
@ -0,0 +1,29 @@
+Kubectl
+=========
+
+This role handles the installation of the kubectl binary and optionally supports version pining or unconditional upgrade.
+
+Requirements
+------------
+
+Only tested and used on Debian (uses the `ansible.builtin.apt` module).
+
+Role Variables
+--------------
+### `kubectl_binary_path`
+Path where the kubectl binary is installed (no discovery is performed so pre-existing binaries will remain untouched).
+
+**Default value**: `kubectl_binary_path: /usr/local/bin/kubectl`
+
+### `kubectl_install_version`
+Version of kubectl to install. It allows multiple values:
+- empty: will install the binary if not already present, else nothing is changed,
+- 'vX.Y.Z': will install the specified version (e.g. `v3.15.2`), upgrading / downgrading the local binary if required,
+- latest: will install the latest available version unless the local binary is already up-to-date.
+
+**Default value**: `kubectl_install_version: latest`
+
+License
+-------
+
+MIT
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/defaults/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/defaults/main.yml
@ -0,0 +1,3 @@
+---
+kubectl_binary_path: '/usr/local/bin/kubectl'
+kubectl_install_version: latest
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/handlers/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/handlers/main.yml
@ -0,0 +1,2 @@
+---
+# handlers file for kubectl
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/meta/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/meta/main.yml
@ -0,0 +1,15 @@
+galaxy_info:
+  author: Florian L.
+  description: Install kubectl binary
+  issue_tracker_url: https://gitlab.0x2a.ninja/infrastructure/configuration
+  license: MIT
+  min_ansible_version: 2.15
+  platforms:
+    - name: Debian
+      versions:
+        - 11
+        - 12
+  galaxy_tags:
+    - kubectl
+    - kubernetes
+dependencies: []
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml
@ -0,0 +1,47 @@
+---
+- name: install required packages
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    force_apt_get: true
+    cache_valid_time: 3600
+    pkg:
+      - curl
+      - jq
+
+- name: find if binary is already installed
+  ansible.builtin.file:
+    path: '{{ kubectl_binary_path }}'
+  register: kubectl_stat
+  changed_when: false
+  failed_when: false
+
+- name: find current installed version
+  when: kubectl_stat.state != "absent"
+  ansible.builtin.shell: "{{ kubectl_binary_path }} version --client=true --output=json | jq --raw-output '.clientVersion.gitVersion'"
+  changed_when: false
+  register: kubectl_local_version_exec
+
+- name: find latest available version
+  connection: local
+  ansible.builtin.command: curl -L -s https://dl.k8s.io/release/stable.txt
+  register: latest_kubectl_version_exec
+  when: kubectl_install_version is falsy or kubectl_install_version == "latest"
+  changed_when: false
+
+- name: set kubectl facts
+  ansible.builtin.set_fact:
+    kubectl_latest_version_available: '{{ latest_kubectl_version_exec.get("stdout", "") if latest_kubectl_version_exec is defined }}'
+    kubectl_local_version: '{{ kubectl_local_version_exec.get("stdout", "") if kubectl_local_version_exec is defined }}'
+    kubectl_target_install_version: '{{ kubectl_install_version if kubectl_install_version != "latest" else latest_kubectl_version_exec.get("stdout", "") }}'
+
+- name: install binary
+  become: true
+  when: kubectl_stat.state == "absent" or (kubectl_local_version != kubectl_target_install_version and kubectl_install_version is not falsy)
+  ansible.builtin.get_url:
+    url: "https://dl.k8s.io/release/{{ kubectl_target_install_version }}/bin/linux/amd64/kubectl"
+    dest: /usr/local/bin/kubectl
+    owner: root
+    group: root
+    mode: '0755'
+    force: true
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tests/inventory
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tests/inventory
@ -0,0 +1,2 @@
+localhost
+
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tests/test.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/tests/test.yml
@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - kubectl
--- a/collections/ansible_collections/nullified/infrastructure/roles/kubectl/vars/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/kubectl/vars/main.yml
@ -0,0 +1,2 @@
+---
+# vars file for kubectl