jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Deploy-Laboratory/ansible/roles/verify_common/tasks/ensure-cloudflare-api-token-secret.yml
Jack befdefd222 日常更新
2026-03-29 09:08:01 +08:00

23 lines
1.0 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 可复用:在 kube-system 下确保 cloudflare-api-token Secretkey=api-token
# 必填环境/变量:调用方须将 token 传入 verify_cf_api_token非空则 apply不要在日志中回显
- name: Assert verify_cf_api_token for secret creation
ansible.builtin.assert:
that:
- verify_cf_api_token is defined
- (verify_cf_api_token | trim | length) > 0
fail_msg: "verify_common ensure-cloudflare-api-token-secretverify_cf_api_token 为空"
- name: Apply cloudflare-api-token Secret in kube-system
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl -n kube-system create secret generic cloudflare-api-token \
--from-literal=api-token="$CF_API_TOKEN" \
--dry-run=client -o yaml \
| KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl apply -f -
environment:
CF_API_TOKEN: "{{ verify_cf_api_token | trim }}"
args:
executable: /bin/bash
changed_when: true
no_log: true
Reference in New Issue View Git Blame Copy Permalink