feat(role): add helm role

2024-07-07 00:00:00 +00:00 · 2024-07-07 00:00:00 +00:00 · d151db8ebf
commit d151db8ebf
parent 60a9f0a8cb
8 changed files with 122 additions and 0 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/README.md
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/README.md
@ -0,0 +1,29 @@
+Helm
+=========
+
+This role handles the installation of the Helm binary and optionally supports version pining or unconditional upgrade.
+
+Requirements
+------------
+
+Only tested and used on Debian (uses the `ansible.builtin.apt` module).
+
+Role Variables
+--------------
+### `helm_binary_path`
+Path where the Helm binary is installed (no discovery is performed so pre-existing binaries will remain untouched).
+
+**Default value**: `helm_binary_path: /usr/local/bin/helm`
+
+### `helm_install_version`
+Version of Helm to install. It allows multiple values:
+- empty: will install the binary if not already present, else nothing is changed,
+- 'vX.Y.Z': will install the specified version (e.g. `v3.15.2`), upgrading / downgrading the local binary if required,
+- latest: will install the latest available version unless the local binary is already up-to-date.
+
+**Default value**: `helm_install_version: latest`
+
+License
+-------
+
+MIT
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/defaults/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/defaults/main.yml
@ -0,0 +1,3 @@
+---
+helm_binary_path: '/usr/local/bin/helm'
+helm_install_version: latest
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/handlers/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/handlers/main.yml
@ -0,0 +1,2 @@
+---
+# handlers file for helm
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/meta/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/meta/main.yml
@ -0,0 +1,15 @@
+galaxy_info:
+  author: Florian L.
+  description: Install helm binary
+  issue_tracker_url: https://gitlab.0x2a.ninja/infrastructure/configuration
+  license: MIT
+  min_ansible_version: 2.15
+  platforms:
+    - name: Debian
+      versions:
+        - 11
+        - 12
+  galaxy_tags:
+    - helm
+    - kubernetes
+dependencies: []
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml
@ -0,0 +1,64 @@
+---
+- name: install required packages
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    force_apt_get: true
+    cache_valid_time: 3600
+    pkg:
+      - curl
+      - jq
+
+- name: find if binary is already installed
+  ansible.builtin.file:
+    path: '{{ helm_binary_path }}'
+  register: helm_stat
+  changed_when: false
+  failed_when: false
+
+- name: find current installed version
+  when: helm_stat.state != "absent"
+  ansible.builtin.command: "{{ helm_binary_path }} version --template='{% raw %}{{.Version}}{% endraw %}'"
+  changed_when: false
+  register: helm_local_version_exec
+
+- name: find latest available version
+  connection: local
+  ansible.builtin.shell: |-
+    curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name'
+  register: latest_helm_version_exec
+  when: helm_install_version is falsy or helm_install_version == "latest"
+  changed_when: false
+
+- name: set helm facts
+  ansible.builtin.set_fact:
+    helm_latest_version_available: '{{ latest_helm_version_exec.get("stdout", "") if latest_helm_version_exec is defined }}'
+    helm_local_version: '{{ helm_local_version_exec.get("stdout", "") if helm_local_version_exec is defined }}'
+    helm_target_install_version: '{{ helm_install_version if helm_install_version != "latest" else latest_helm_version_exec.get("stdout", "") }}'
+
+- name: install binary
+  become: true
+  when: helm_stat.state == "absent" or (helm_local_version != helm_target_install_version and helm_install_version is not falsy)
+  block:
+    - name: create temporary directory
+      ansible.builtin.tempfile:
+        state: directory
+      register: tmp_dir
+      changed_when: false
+    - name: retrieve archive
+      ansible.builtin.unarchive:
+        remote_src: true
+        src: "https://get.helm.sh/helm-{{ helm_install_version if helm_install_version is not match('^$|^latest$') else helm_latest_version_available }}-linux-amd64.tar.gz"
+        dest: '{{ tmp_dir.path }}'
+    - name: install binary
+      ansible.builtin.copy:
+        remote_src: true
+        src: '{{ tmp_dir.path }}/linux-amd64/helm'
+        dest: '{{ helm_binary_path }}'
+        owner: root
+        group: root
+        mode: '0755'
+    - name: cleanup
+      ansible.builtin.file:
+        path: '{{ tmp_dir.path }}'
+        state: absent
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/inventory
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/inventory
@ -0,0 +1,2 @@
+localhost
+
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/test.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/test.yml
@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - helm
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/vars/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/vars/main.yml
@ -0,0 +1,2 @@
+---
+# vars file for helm