Refactor cilium_ipsec_enabled check (#7520)

This is a followup to

https://github.com/kubernetes-sigs/kubespray/pull/7413

Although the code worked there was a desire for a better solution.
Hopefully people will be happy with this alternative.
This commit is contained in:
Frank Ritchie 2021-04-19 05:06:36 -04:00 committed by GitHub
parent 3ac92689f0
commit ce0b7834ff
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -33,14 +33,14 @@
- {name: cilium, file: cilium-config.yml, type: cm} - {name: cilium, file: cilium-config.yml, type: cm}
- {name: cilium, file: cilium-crb.yml, type: clusterrolebinding} - {name: cilium, file: cilium-crb.yml, type: clusterrolebinding}
- {name: cilium, file: cilium-cr.yml, type: clusterrole} - {name: cilium, file: cilium-cr.yml, type: clusterrole}
- {name: cilium, file: cilium-secret.yml, type: secret} - {name: cilium, file: cilium-secret.yml, type: secret, when: "{{ cilium_ipsec_enabled }}"}
- {name: cilium, file: cilium-ds.yml, type: ds} - {name: cilium, file: cilium-ds.yml, type: ds}
- {name: cilium, file: cilium-deploy.yml, type: deploy} - {name: cilium, file: cilium-deploy.yml, type: deploy}
- {name: cilium, file: cilium-sa.yml, type: sa} - {name: cilium, file: cilium-sa.yml, type: sa}
register: cilium_node_manifests register: cilium_node_manifests
when: when:
- inventory_hostname in groups['kube_control_plane'] - inventory_hostname in groups['kube_control_plane']
- item.file != "cilium-secret.yml" or (item.file == "cilium-secret.yml" and cilium_ipsec_enabled) - item.when | default(True) | bool
- name: Cilium | Enable portmap addon - name: Cilium | Enable portmap addon
template: template: