Fix risky-file-permissions (#8370)
When running ansible-lint directly, we can see a lot of warning message like risky-file-permissions File permissions unset or incorrect This fixes the warning messages.
This commit is contained in:
parent
51bd9bee0d
commit
f80fd24a55
48 changed files with 76 additions and 1 deletions
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}"
|
src: "{{ item.file }}"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.dest }}"
|
dest: "{{ kube_config_dir }}/{{ item.dest }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { file: glusterfs-kubernetes-endpoint.json.j2, type: ep, dest: glusterfs-kubernetes-endpoint.json}
|
- { file: glusterfs-kubernetes-endpoint.json.j2, type: ep, dest: glusterfs-kubernetes-endpoint.json}
|
||||||
- { file: glusterfs-kubernetes-pv.yml.j2, type: pv, dest: glusterfs-kubernetes-pv.yml}
|
- { file: glusterfs-kubernetes-pv.yml.j2, type: pv, dest: glusterfs-kubernetes-pv.yml}
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
template:
|
template:
|
||||||
src: docker-storage-setup.j2
|
src: docker-storage-setup.j2
|
||||||
dest: /etc/sysconfig/docker-storage-setup
|
dest: /etc/sysconfig/docker-storage-setup
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: docker-storage-override-directory | docker service storage-setup override dir
|
- name: docker-storage-override-directory | docker service storage-setup override dir
|
||||||
file:
|
file:
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
loop:
|
loop:
|
||||||
- { name: coredns, file: coredns-clusterrole.yml, type: clusterrole }
|
- { name: coredns, file: coredns-clusterrole.yml, type: clusterrole }
|
||||||
- { name: coredns, file: coredns-clusterrolebinding.yml, type: clusterrolebinding }
|
- { name: coredns, file: coredns-clusterrolebinding.yml, type: clusterrolebinding }
|
||||||
|
@ -27,6 +28,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.src }}.j2"
|
src: "{{ item.src }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment }
|
- { name: coredns, src: coredns-deployment.yml, file: coredns-deployment-secondary.yml, type: deployment }
|
||||||
- { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc }
|
- { name: coredns, src: coredns-svc.yml, file: coredns-svc-secondary.yml, type: svc }
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { file: dashboard.yml, type: deploy, name: kubernetes-dashboard }
|
- { file: dashboard.yml, type: deploy, name: kubernetes-dashboard }
|
||||||
register: manifests
|
register: manifests
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { file: etcd_metrics-endpoints.yml, type: endpoints, name: etcd-metrics }
|
- { file: etcd_metrics-endpoints.yml, type: endpoints, name: etcd-metrics }
|
||||||
- { file: etcd_metrics-service.yml, type: service, name: etcd-metrics }
|
- { file: etcd_metrics-service.yml, type: service, name: etcd-metrics }
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ netchecker_templates }}"
|
with_items: "{{ netchecker_templates }}"
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: nodelocaldns, file: nodelocaldns-config.yml, type: configmap }
|
- { name: nodelocaldns, file: nodelocaldns-config.yml, type: configmap }
|
||||||
- { name: nodelocaldns, file: nodelocaldns-sa.yml, type: sa }
|
- { name: nodelocaldns, file: nodelocaldns-sa.yml, type: sa }
|
||||||
|
@ -48,6 +49,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: nodelocaldns, file: nodelocaldns-second-daemonset.yml, type: daemonset }
|
- { name: nodelocaldns, file: nodelocaldns-second-daemonset.yml, type: daemonset }
|
||||||
register: nodelocaldns_second_manifests
|
register: nodelocaldns_second_manifests
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
get_url:
|
get_url:
|
||||||
url: "{{ item.url }}"
|
url: "{{ item.url }}"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
|
with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.file }}"
|
label: "{{ item.file }}"
|
||||||
|
@ -44,6 +45,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ argocd_templates | selectattr('url', 'undefined') | list }}"
|
with_items: "{{ argocd_templates | selectattr('url', 'undefined') | list }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.file }}"
|
label: "{{ item.file }}"
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
template:
|
template:
|
||||||
src: controller-manager-config.yml.j2
|
src: controller-manager-config.yml.j2
|
||||||
dest: "{{ kube_config_dir }}/controller-manager-config.yml"
|
dest: "{{ kube_config_dir }}/controller-manager-config.yml"
|
||||||
|
mode: 0644
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
tags: oci
|
tags: oci
|
||||||
|
|
||||||
|
@ -25,6 +26,7 @@
|
||||||
template:
|
template:
|
||||||
src: oci-cloud-provider.yml.j2
|
src: oci-cloud-provider.yml.j2
|
||||||
dest: "{{ kube_config_dir }}/oci-cloud-provider.yml"
|
dest: "{{ kube_config_dir }}/oci-cloud-provider.yml"
|
||||||
|
mode: 0644
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
tags: oci
|
tags: oci
|
||||||
|
|
||||||
|
|
|
@ -33,6 +33,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/container_engine_accelerator/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/container_engine_accelerator/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: nvidia-driver-install-daemonset, file: nvidia-driver-install-daemonset.yml, type: daemonset }
|
- { name: nvidia-driver-install-daemonset, file: nvidia-driver-install-daemonset.yml, type: daemonset }
|
||||||
- { name: k8s-device-plugin-nvidia-daemonset, file: k8s-device-plugin-nvidia-daemonset.yml, type: daemonset }
|
- { name: k8s-device-plugin-nvidia-daemonset, file: k8s-device-plugin-nvidia-daemonset.yml, type: daemonset }
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir}}/addons/gvisor/{{ item.file }}"
|
dest: "{{ kube_config_dir}}/addons/gvisor/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ gvisor_templates }}"
|
with_items: "{{ gvisor_templates }}"
|
||||||
register: gvisor_manifests
|
register: gvisor_manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/kata_containers/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/kata_containers/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ kata_containers_templates }}"
|
with_items: "{{ kata_containers_templates }}"
|
||||||
register: kata_containers_manifests
|
register: kata_containers_manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: aws-ebs-csi-driver, file: aws-ebs-csi-driver.yml}
|
- {name: aws-ebs-csi-driver, file: aws-ebs-csi-driver.yml}
|
||||||
- {name: aws-ebs-csi-controllerservice, file: aws-ebs-csi-controllerservice-rbac.yml}
|
- {name: aws-ebs-csi-controllerservice, file: aws-ebs-csi-controllerservice-rbac.yml}
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: azure-csi-azuredisk-driver, file: azure-csi-azuredisk-driver.yml}
|
- {name: azure-csi-azuredisk-driver, file: azure-csi-azuredisk-driver.yml}
|
||||||
- {name: azure-csi-cloud-config-secret, file: azure-csi-cloud-config-secret.yml}
|
- {name: azure-csi-cloud-config-secret, file: azure-csi-cloud-config-secret.yml}
|
||||||
|
|
|
@ -34,6 +34,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: cinder-csi-driver, file: cinder-csi-driver.yml}
|
- {name: cinder-csi-driver, file: cinder-csi-driver.yml}
|
||||||
- {name: cinder-csi-cloud-config-secret, file: cinder-csi-cloud-config-secret.yml}
|
- {name: cinder-csi-cloud-config-secret, file: cinder-csi-cloud-config-secret.yml}
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: volumesnapshotclasses, file: volumesnapshotclasses.yml}
|
- {name: volumesnapshotclasses, file: volumesnapshotclasses.yml}
|
||||||
- {name: volumesnapshotcontents, file: volumesnapshotcontents.yml}
|
- {name: volumesnapshotcontents, file: volumesnapshotcontents.yml}
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: gcp-pd-csi-cred-secret, file: gcp-pd-csi-cred-secret.yml}
|
- {name: gcp-pd-csi-cred-secret, file: gcp-pd-csi-cred-secret.yml}
|
||||||
- {name: gcp-pd-csi-setup, file: gcp-pd-csi-setup.yml}
|
- {name: gcp-pd-csi-setup, file: gcp-pd-csi-setup.yml}
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item }}.j2"
|
src: "{{ item }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item }}"
|
dest: "{{ kube_config_dir }}/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- vsphere-csi-driver.yml
|
- vsphere-csi-driver.yml
|
||||||
- vsphere-csi-controller-rbac.yml
|
- vsphere-csi-controller-rbac.yml
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item }}.j2"
|
src: "{{ item }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item }}"
|
dest: "{{ kube_config_dir }}/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- external-vsphere-cpi-cloud-config-secret.yml
|
- external-vsphere-cpi-cloud-config-secret.yml
|
||||||
- external-vsphere-cloud-controller-manager-roles.yml
|
- external-vsphere-cloud-controller-manager-roles.yml
|
||||||
|
|
|
@ -63,6 +63,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/cephfs_provisioner/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/cephfs_provisioner/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ cephfs_provisioner_templates }}"
|
with_items: "{{ cephfs_provisioner_templates }}"
|
||||||
register: cephfs_provisioner_manifests
|
register: cephfs_provisioner_manifests
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ local_path_provisioner_claim_root }}"
|
path: "{{ local_path_provisioner_claim_root }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
- name: Local Path Provisioner | Render Template
|
- name: Local Path Provisioner | Render Template
|
||||||
set_fact:
|
set_fact:
|
||||||
|
@ -40,6 +41,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/local_path_provisioner/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/local_path_provisioner/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ local_path_provisioner_templates }}"
|
with_items: "{{ local_path_provisioner_templates }}"
|
||||||
register: local_path_provisioner_manifests
|
register: local_path_provisioner_manifests
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -40,6 +40,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/local_volume_provisioner/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/local_volume_provisioner/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ local_volume_provisioner_templates }}"
|
with_items: "{{ local_volume_provisioner_templates }}"
|
||||||
register: local_volume_provisioner_manifests
|
register: local_volume_provisioner_manifests
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -24,4 +24,5 @@
|
||||||
copy:
|
copy:
|
||||||
dest: /etc/bash_completion.d/helm.sh
|
dest: /etc/bash_completion.d/helm.sh
|
||||||
content: "{{ helm_completion.stdout }}"
|
content: "{{ helm_completion.stdout }}"
|
||||||
|
mode: 0755
|
||||||
become: True
|
become: True
|
||||||
|
|
|
@ -12,6 +12,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/alb_ingress/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/alb_ingress/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: alb-ingress-clusterrole, file: alb-ingress-clusterrole.yml, type: clusterrole }
|
- { name: alb-ingress-clusterrole, file: alb-ingress-clusterrole.yml, type: clusterrole }
|
||||||
- { name: alb-ingress-clusterrolebinding, file: alb-ingress-clusterrolebinding.yml, type: clusterrolebinding }
|
- { name: alb-ingress-clusterrolebinding, file: alb-ingress-clusterrolebinding.yml, type: clusterrolebinding }
|
||||||
|
|
|
@ -38,6 +38,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/cert_manager/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/cert_manager/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ cert_manager_templates }}"
|
with_items: "{{ cert_manager_templates }}"
|
||||||
register: cert_manager_manifests
|
register: cert_manager_manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -35,6 +35,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/ingress_nginx/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/ingress_nginx/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ ingress_nginx_templates }}"
|
with_items: "{{ ingress_nginx_templates }}"
|
||||||
register: ingress_nginx_manifests
|
register: ingress_nginx_manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -8,11 +8,13 @@
|
||||||
template:
|
template:
|
||||||
src: krew.j2
|
src: krew.j2
|
||||||
dest: /etc/bash_completion.d/krew
|
dest: /etc/bash_completion.d/krew
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Krew | Copy krew manifest
|
- name: Krew | Copy krew manifest
|
||||||
template:
|
template:
|
||||||
src: krew.yml.j2
|
src: krew.yml.j2
|
||||||
dest: "{{ local_release_dir }}/krew.yml"
|
dest: "{{ local_release_dir }}/krew.yml"
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Krew | Install krew # noqa 301 305
|
- name: Krew | Install krew # noqa 301 305
|
||||||
shell: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }} install --archive={{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz --manifest={{ local_release_dir }}/krew.yml"
|
shell: "{{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }} install --archive={{ local_release_dir }}/krew-{{ host_os }}_{{ image_arch }}.tar.gz --manifest={{ local_release_dir }}/krew.yml"
|
||||||
|
@ -31,5 +33,6 @@
|
||||||
copy:
|
copy:
|
||||||
dest: /etc/bash_completion.d/krew.sh
|
dest: /etc/bash_completion.d/krew.sh
|
||||||
content: "{{ krew_completion.stdout }}"
|
content: "{{ krew_completion.stdout }}"
|
||||||
|
mode: 0755
|
||||||
become: True
|
become: True
|
||||||
when: krew_completion.rc == 0
|
when: krew_completion.rc == 0
|
||||||
|
|
|
@ -34,7 +34,10 @@
|
||||||
|
|
||||||
- name: Kubernetes Apps | Lay Down MetalLB
|
- name: Kubernetes Apps | Lay Down MetalLB
|
||||||
become: true
|
become: true
|
||||||
template: { src: "{{ item }}.j2", dest: "{{ kube_config_dir }}/{{ item }}" }
|
template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: "{{ kube_config_dir }}/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
with_items: ["metallb.yml", "metallb-config.yml"]
|
with_items: ["metallb.yml", "metallb-config.yml"]
|
||||||
register: "rendering"
|
register: "rendering"
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -39,6 +39,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/metrics_server/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/metrics_server/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ metrics_server_templates }}"
|
with_items: "{{ metrics_server_templates }}"
|
||||||
register: metrics_server_manifests
|
register: metrics_server_manifests
|
||||||
when:
|
when:
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "aws-ebs-csi-storage-class.yml.j2"
|
src: "aws-ebs-csi-storage-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/aws-ebs-csi-storage-class.yml"
|
dest: "{{ kube_config_dir }}/aws-ebs-csi-storage-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "azure-csi-storage-class.yml.j2"
|
src: "azure-csi-storage-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/azure-csi-storage-class.yml"
|
dest: "{{ kube_config_dir }}/azure-csi-storage-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "cinder-csi-storage-class.yml.j2"
|
src: "cinder-csi-storage-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/cinder-csi-storage-class.yml"
|
dest: "{{ kube_config_dir }}/cinder-csi-storage-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "gcp-pd-csi-storage-class.yml.j2"
|
src: "gcp-pd-csi-storage-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/gcp-pd-csi-storage-class.yml"
|
dest: "{{ kube_config_dir }}/gcp-pd-csi-storage-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "openstack-storage-class.yml.j2"
|
src: "openstack-storage-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/openstack-storage-class.yml"
|
dest: "{{ kube_config_dir }}/openstack-storage-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -12,6 +12,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: calico-kube-controllers, file: calico-kube-controllers.yml, type: deployment}
|
- {name: calico-kube-controllers, file: calico-kube-controllers.yml, type: deployment}
|
||||||
- {name: calico-kube-controllers, file: calico-kube-sa.yml, type: sa}
|
- {name: calico-kube-controllers, file: calico-kube-sa.yml, type: sa}
|
||||||
|
|
|
@ -65,6 +65,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items: "{{ registry_templates }}"
|
with_items: "{{ registry_templates }}"
|
||||||
register: registry_manifests
|
register: registry_manifests
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
when: inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
@ -84,6 +85,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- { name: registry-pvc, file: registry-pvc.yml, type: pvc }
|
- { name: registry-pvc, file: registry-pvc.yml, type: pvc }
|
||||||
register: registry_manifests
|
register: registry_manifests
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "cinder-csi-snapshot-class.yml.j2"
|
src: "cinder-csi-snapshot-class.yml.j2"
|
||||||
dest: "{{ kube_config_dir }}/cinder-csi-snapshot-class.yml"
|
dest: "{{ kube_config_dir }}/cinder-csi-snapshot-class.yml"
|
||||||
|
mode: 0644
|
||||||
register: manifests
|
register: manifests
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: rbac-snapshot-controller, file: rbac-snapshot-controller.yml}
|
- {name: rbac-snapshot-controller, file: rbac-snapshot-controller.yml}
|
||||||
- {name: snapshot-controller, file: snapshot-controller.yml}
|
- {name: snapshot-controller, file: snapshot-controller.yml}
|
||||||
|
|
|
@ -20,6 +20,7 @@
|
||||||
template:
|
template:
|
||||||
src: "cni-calico.conflist.j2"
|
src: "cni-calico.conflist.j2"
|
||||||
dest: "/etc/cni/net.d/calico.conflist.template"
|
dest: "/etc/cni/net.d/calico.conflist.template"
|
||||||
|
mode: 0644
|
||||||
owner: root
|
owner: root
|
||||||
register: calico_conflist
|
register: calico_conflist
|
||||||
notify: reset_calico_cni
|
notify: reset_calico_cni
|
||||||
|
@ -126,6 +127,7 @@
|
||||||
assemble:
|
assemble:
|
||||||
src: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds"
|
src: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds"
|
||||||
dest: "{{ kube_config_dir }}/kdd-crds.yml"
|
dest: "{{ kube_config_dir }}/kdd-crds.yml"
|
||||||
|
mode: 0644
|
||||||
delimiter: "---\n"
|
delimiter: "---\n"
|
||||||
regexp: ".*\\.yaml"
|
regexp: ".*\\.yaml"
|
||||||
remote_src: true
|
remote_src: true
|
||||||
|
@ -330,6 +332,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: calico-config, file: calico-config.yml, type: cm}
|
- {name: calico-config, file: calico-config.yml, type: cm}
|
||||||
- {name: calico-node, file: calico-node.yml, type: ds}
|
- {name: calico-node, file: calico-node.yml, type: ds}
|
||||||
|
@ -346,6 +349,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: calico, file: calico-typha.yml, type: typha}
|
- {name: calico, file: calico-typha.yml, type: typha}
|
||||||
register: calico_node_typha_manifest
|
register: calico_node_typha_manifest
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
file:
|
file:
|
||||||
path: /etc/calico/certs
|
path: /etc/calico/certs
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: 0755
|
||||||
when: typha_server_secret.rc != 0
|
when: typha_server_secret.rc != 0
|
||||||
|
|
||||||
- name: Calico | Copy ssl script for typha certs
|
- name: Calico | Copy ssl script for typha certs
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
template:
|
template:
|
||||||
src: "cni-canal.conflist.j2"
|
src: "cni-canal.conflist.j2"
|
||||||
dest: "/etc/cni/net.d/canal.conflist.template"
|
dest: "/etc/cni/net.d/canal.conflist.template"
|
||||||
|
mode: 0644
|
||||||
owner: kube
|
owner: kube
|
||||||
register: canal_conflist
|
register: canal_conflist
|
||||||
notify: reset_canal_cni
|
notify: reset_canal_cni
|
||||||
|
@ -50,6 +51,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: canal-config, file: canal-config.yaml, type: cm}
|
- {name: canal-config, file: canal-config.yaml, type: cm}
|
||||||
- {name: canal-node, file: canal-node.yaml, type: ds}
|
- {name: canal-node, file: canal-node.yaml, type: ds}
|
||||||
|
@ -74,3 +76,4 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ canal_policy_dir }}"
|
path: "{{ canal_policy_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
file:
|
file:
|
||||||
src: "{{ etcd_cert_dir }}/{{ item.s }}"
|
src: "{{ etcd_cert_dir }}/{{ item.s }}"
|
||||||
dest: "{{ cilium_cert_dir }}/{{ item.d }}"
|
dest: "{{ cilium_cert_dir }}/{{ item.d }}"
|
||||||
|
mode: 0644
|
||||||
state: hard
|
state: hard
|
||||||
force: yes
|
force: yes
|
||||||
loop:
|
loop:
|
||||||
|
@ -40,6 +41,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
loop:
|
loop:
|
||||||
- {name: cilium, file: cilium-config.yml, type: cm}
|
- {name: cilium, file: cilium-config.yml, type: cm}
|
||||||
- {name: cilium, file: cilium-crb.yml, type: clusterrolebinding}
|
- {name: cilium, file: cilium-crb.yml, type: clusterrolebinding}
|
||||||
|
@ -57,6 +59,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/addons/hubble/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/addons/hubble/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
loop:
|
loop:
|
||||||
- {name: hubble, file: hubble-config.yml, type: cm}
|
- {name: hubble, file: hubble-config.yml, type: cm}
|
||||||
- {name: hubble, file: hubble-crb.yml, type: clusterrolebinding}
|
- {name: hubble, file: hubble-crb.yml, type: clusterrolebinding}
|
||||||
|
@ -76,4 +79,5 @@
|
||||||
template:
|
template:
|
||||||
src: 000-cilium-portmap.conflist.j2
|
src: 000-cilium-portmap.conflist.j2
|
||||||
dest: /etc/cni/net.d/000-cilium-portmap.conflist
|
dest: /etc/cni/net.d/000-cilium-portmap.conflist
|
||||||
|
mode: 0644
|
||||||
when: cilium_enable_portmap
|
when: cilium_enable_portmap
|
||||||
|
|
|
@ -15,6 +15,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: flannel, file: cni-flannel-rbac.yml, type: sa}
|
- {name: flannel, file: cni-flannel-rbac.yml, type: sa}
|
||||||
- {name: kube-flannel, file: cni-flannel.yml, type: ds}
|
- {name: kube-flannel, file: cni-flannel.yml, type: ds}
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: kube-ovn-crd, file: cni-kube-ovn-crd.yml}
|
- {name: kube-ovn-crd, file: cni-kube-ovn-crd.yml}
|
||||||
- {name: ovn, file: cni-ovn.yml}
|
- {name: ovn, file: cni-ovn.yml}
|
||||||
|
|
|
@ -15,6 +15,7 @@
|
||||||
template:
|
template:
|
||||||
src: kubeconfig.yml.j2
|
src: kubeconfig.yml.j2
|
||||||
dest: /var/lib/kube-router/kubeconfig
|
dest: /var/lib/kube-router/kubeconfig
|
||||||
|
mode: 0644
|
||||||
owner: kube
|
owner: kube
|
||||||
notify:
|
notify:
|
||||||
- reset_kube_router
|
- reset_kube_router
|
||||||
|
@ -42,6 +43,7 @@
|
||||||
template:
|
template:
|
||||||
src: cni-conf.json.j2
|
src: cni-conf.json.j2
|
||||||
dest: /etc/cni/net.d/10-kuberouter.conflist
|
dest: /etc/cni/net.d/10-kuberouter.conflist
|
||||||
|
mode: 0644
|
||||||
owner: kube
|
owner: kube
|
||||||
notify:
|
notify:
|
||||||
- reset_kube_router
|
- reset_kube_router
|
||||||
|
@ -55,5 +57,6 @@
|
||||||
template:
|
template:
|
||||||
src: kube-router.yml.j2
|
src: kube-router.yml.j2
|
||||||
dest: "{{ kube_config_dir }}/kube-router.yml"
|
dest: "{{ kube_config_dir }}/kube-router.yml"
|
||||||
|
mode: 0644
|
||||||
delegate_to: "{{ groups['kube_control_plane'] | first }}"
|
delegate_to: "{{ groups['kube_control_plane'] | first }}"
|
||||||
run_once: true
|
run_once: true
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
template:
|
template:
|
||||||
src: debian-network-macvlan.cfg.j2
|
src: debian-network-macvlan.cfg.j2
|
||||||
dest: /etc/network/interfaces.d/60-mac0.cfg
|
dest: /etc/network/interfaces.d/60-mac0.cfg
|
||||||
|
mode: 0644
|
||||||
notify: Macvlan | restart network
|
notify: Macvlan | restart network
|
||||||
when: ansible_os_family in ["Debian"]
|
when: ansible_os_family in ["Debian"]
|
||||||
|
|
||||||
|
@ -50,6 +51,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.src }}.j2"
|
src: "{{ item.src }}.j2"
|
||||||
dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
|
dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
|
- {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
|
||||||
- {src: centos-routes-macvlan.cfg, dst: route-mac0 }
|
- {src: centos-routes-macvlan.cfg, dst: route-mac0 }
|
||||||
|
@ -61,6 +63,7 @@
|
||||||
template:
|
template:
|
||||||
src: coreos-service-nat_ouside.j2
|
src: coreos-service-nat_ouside.j2
|
||||||
dest: /etc/systemd/system/enable_nat_ouside.service
|
dest: /etc/systemd/system/enable_nat_ouside.service
|
||||||
|
mode: 0644
|
||||||
when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway
|
when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway
|
||||||
|
|
||||||
- name: Macvlan | Enable service nat via gateway on Flatcar Container Linux
|
- name: Macvlan | Enable service nat via gateway on Flatcar Container Linux
|
||||||
|
@ -74,6 +77,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.src }}.j2"
|
src: "{{ item.src }}.j2"
|
||||||
dest: "/etc/systemd/network/{{ item.dst }}"
|
dest: "/etc/systemd/network/{{ item.dst }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
|
- {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
|
||||||
- {src: coreos-interface-macvlan.cfg, dst: output.network }
|
- {src: coreos-interface-macvlan.cfg, dst: output.network }
|
||||||
|
@ -85,11 +89,13 @@
|
||||||
template:
|
template:
|
||||||
src: 10-macvlan.conf.j2
|
src: 10-macvlan.conf.j2
|
||||||
dest: /etc/cni/net.d/10-macvlan.conf
|
dest: /etc/cni/net.d/10-macvlan.conf
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Macvlan | Install loopback definition for Macvlan
|
- name: Macvlan | Install loopback definition for Macvlan
|
||||||
template:
|
template:
|
||||||
src: 99-loopback.conf.j2
|
src: 99-loopback.conf.j2
|
||||||
dest: /etc/cni/net.d/99-loopback.conf
|
dest: /etc/cni/net.d/99-loopback.conf
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Enable net.ipv4.conf.all.arp_notify in sysctl
|
- name: Enable net.ipv4.conf.all.arp_notify in sysctl
|
||||||
sysctl:
|
sysctl:
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
copy:
|
copy:
|
||||||
src: "{{ item.file }}"
|
src: "{{ item.file }}"
|
||||||
dest: "{{ kube_config_dir }}"
|
dest: "{{ kube_config_dir }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: multus-crd, file: multus-crd.yml, type: customresourcedefinition}
|
- {name: multus-crd, file: multus-crd.yml, type: customresourcedefinition}
|
||||||
- {name: multus-serviceaccount, file: multus-serviceaccount.yml, type: serviceaccount}
|
- {name: multus-serviceaccount, file: multus-serviceaccount.yml, type: serviceaccount}
|
||||||
|
@ -14,6 +15,7 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ item.file }}.j2"
|
src: "{{ item.file }}.j2"
|
||||||
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
dest: "{{ kube_config_dir }}/{{ item.file }}"
|
||||||
|
mode: 0644
|
||||||
with_items:
|
with_items:
|
||||||
- {name: multus-daemonset, file: multus-daemonset.yml, type: daemonset}
|
- {name: multus-daemonset, file: multus-daemonset.yml, type: daemonset}
|
||||||
register: multus_manifest_2
|
register: multus_manifest_2
|
||||||
|
|
|
@ -3,8 +3,10 @@
|
||||||
template:
|
template:
|
||||||
src: weave-net.yml.j2
|
src: weave-net.yml.j2
|
||||||
dest: "{{ kube_config_dir }}/weave-net.yml"
|
dest: "{{ kube_config_dir }}/weave-net.yml"
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Weave | Fix nodePort for Weave
|
- name: Weave | Fix nodePort for Weave
|
||||||
template:
|
template:
|
||||||
src: 10-weave.conflist.j2
|
src: 10-weave.conflist.j2
|
||||||
dest: /etc/cni/net.d/10-weave.conflist
|
dest: /etc/cni/net.d/10-weave.conflist
|
||||||
|
mode: 0644
|
||||||
|
|
Loading…
Reference in a new issue