feat(role): add helm role

2024-07-07 00:00:00 +00:00 · 2024-07-07 00:00:00 +00:00 · d151db8ebf
commit d151db8ebf
parent 60a9f0a8cb
8 changed files with 122 additions and 0 deletions
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/README.md
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/README.md
@ -0,0 +1,29 @@
 Helm
 =========
 This role handles the installation of the Helm binary and optionally supports version pining or unconditional upgrade.
 Requirements
 ------------
 Only tested and used on Debian (uses the `ansible.builtin.apt` module).
 Role Variables
 --------------
 ### `helm_binary_path`
 Path where the Helm binary is installed (no discovery is performed so pre-existing binaries will remain untouched).
 **Default value**: `helm_binary_path: /usr/local/bin/helm`
 ### `helm_install_version`
 Version of Helm to install. It allows multiple values:
 - empty: will install the binary if not already present, else nothing is changed,
 - 'vX.Y.Z': will install the specified version (e.g. `v3.15.2`), upgrading / downgrading the local binary if required,
 - latest: will install the latest available version unless the local binary is already up-to-date.
 **Default value**: `helm_install_version: latest`
 License
 -------
 MIT
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/defaults/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/defaults/main.yml
@ -0,0 +1,3 @@
 ---
 helm_binary_path: '/usr/local/bin/helm'
 helm_install_version: latest
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/handlers/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/handlers/main.yml
@ -0,0 +1,2 @@
 ---
 # handlers file for helm
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/meta/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/meta/main.yml
@ -0,0 +1,15 @@
 galaxy_info:
  author: Florian L.
  description: Install helm binary
  issue_tracker_url: https://gitlab.0x2a.ninja/infrastructure/configuration
  license: MIT
  min_ansible_version: 2.15
  platforms:
    - name: Debian
      versions:
        - 11
        - 12
  galaxy_tags:
    - helm
    - kubernetes
 dependencies: []
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml
@ -0,0 +1,64 @@
 ---
 - name: install required packages
  become: true
  ansible.builtin.apt:
    update_cache: true
    force_apt_get: true
    cache_valid_time: 3600
    pkg:
      - curl
      - jq
 - name: find if binary is already installed
  ansible.builtin.file:
    path: '{{ helm_binary_path }}'
  register: helm_stat
  changed_when: false
  failed_when: false
 - name: find current installed version
  when: helm_stat.state != "absent"
  ansible.builtin.command: "{{ helm_binary_path }} version --template='{% raw %}{{.Version}}{% endraw %}'"
  changed_when: false
  register: helm_local_version_exec
 - name: find latest available version
  connection: local
  ansible.builtin.shell: |-
    curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name'
  register: latest_helm_version_exec
  when: helm_install_version is falsy or helm_install_version == "latest"
  changed_when: false
 - name: set helm facts
  ansible.builtin.set_fact:
    helm_latest_version_available: '{{ latest_helm_version_exec.get("stdout", "") if latest_helm_version_exec is defined }}'
    helm_local_version: '{{ helm_local_version_exec.get("stdout", "") if helm_local_version_exec is defined }}'
    helm_target_install_version: '{{ helm_install_version if helm_install_version != "latest" else latest_helm_version_exec.get("stdout", "") }}'
 - name: install binary
  become: true
  when: helm_stat.state == "absent" or (helm_local_version != helm_target_install_version and helm_install_version is not falsy)
  block:
    - name: create temporary directory
      ansible.builtin.tempfile:
        state: directory
      register: tmp_dir
      changed_when: false
    - name: retrieve archive
      ansible.builtin.unarchive:
        remote_src: true
        src: "https://get.helm.sh/helm-{{ helm_install_version if helm_install_version is not match('^$|^latest$') else helm_latest_version_available }}-linux-amd64.tar.gz"
        dest: '{{ tmp_dir.path }}'
    - name: install binary
      ansible.builtin.copy:
        remote_src: true
        src: '{{ tmp_dir.path }}/linux-amd64/helm'
        dest: '{{ helm_binary_path }}'
        owner: root
        group: root
        mode: '0755'
    - name: cleanup
      ansible.builtin.file:
        path: '{{ tmp_dir.path }}'
        state: absent
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/inventory
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/inventory
@ -0,0 +1,2 @@
 localhost
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/test.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/tests/test.yml
@ -0,0 +1,5 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - helm
--- a/collections/ansible_collections/nullified/infrastructure/roles/helm/vars/main.yml
+++ b/collections/ansible_collections/nullified/infrastructure/roles/helm/vars/main.yml
@ -0,0 +1,2 @@
 ---
 # vars file for helm