From ce0b7834ff4fb25ad9809b4b1e0b8f609f770498 Mon Sep 17 00:00:00 2001 From: Frank Ritchie <12985912+fritchie@users.noreply.github.com> Date: Mon, 19 Apr 2021 05:06:36 -0400 Subject: [PATCH] Refactor cilium_ipsec_enabled check (#7520) This is a followup to https://github.com/kubernetes-sigs/kubespray/pull/7413 Although the code worked there was a desire for a better solution. Hopefully people will be happy with this alternative. --- roles/network_plugin/cilium/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network_plugin/cilium/tasks/install.yml b/roles/network_plugin/cilium/tasks/install.yml index 5c2d46639..c6e59f47d 100644 --- a/roles/network_plugin/cilium/tasks/install.yml +++ b/roles/network_plugin/cilium/tasks/install.yml @@ -33,14 +33,14 @@ - {name: cilium, file: cilium-config.yml, type: cm} - {name: cilium, file: cilium-crb.yml, type: clusterrolebinding} - {name: cilium, file: cilium-cr.yml, type: clusterrole} - - {name: cilium, file: cilium-secret.yml, type: secret} + - {name: cilium, file: cilium-secret.yml, type: secret, when: "{{ cilium_ipsec_enabled }}"} - {name: cilium, file: cilium-ds.yml, type: ds} - {name: cilium, file: cilium-deploy.yml, type: deploy} - {name: cilium, file: cilium-sa.yml, type: sa} register: cilium_node_manifests when: - inventory_hostname in groups['kube_control_plane'] - - item.file != "cilium-secret.yml" or (item.file == "cilium-secret.yml" and cilium_ipsec_enabled) + - item.when | default(True) | bool - name: Cilium | Enable portmap addon template: