diff --git a/README.md b/README.md index ce9f9ea..5f8cc72 100644 --- a/README.md +++ b/README.md @@ -194,6 +194,30 @@ To use custom storage classes for cassandra statefulsets, you can populate the ` - anthos-vsphere-csi *Note: If you face any issues with any of the provisioners, please create a github issue in this repository* +#### To update cert-manager + +To update cert-manager, follow these steps: + +1. Specify the version in the vars.yaml file: + Modify the cert_manager_version variable in the vars/vars.yaml file to the desired version. For example: +``` +cert_manager_version: v1.14.0 +``` + +Run the Ansible playbook: +Execute the Ansible playbook which includes the logic to check the current version of cert-manager, compare it with the specified version, and update if necessary. +``` +ansible-playbook playbook.yaml -e @vars/vars.yaml --tags "cert-manager" +``` +The playbook will: + +- Check the currently installed version of cert-manager. +- Compare it with the version specified in the vars.yaml file. +- If the versions differ, the playbook will download and apply the new cert-manager manifest. +- If the versions are the same and cert-manager is running, no action will be taken. +- If cert-manager is not installed, the playbook will install it using the specified version. + + ## Limitations * Refer [link](https://cloud.google.com/apigee/docs/hybrid/preview/helm-install#limitations) diff --git a/roles/cert-manager/tasks/main.yml b/roles/cert-manager/tasks/main.yml index 29a9554..bdf8f1f 100644 --- a/roles/cert-manager/tasks/main.yml +++ b/roles/cert-manager/tasks/main.yml @@ -13,23 +13,39 @@ # limitations under the License. --- # tasks file for cert-manager +# tasks file for cert-manager - name: Certificates directory exists file: path: "{{ setup_path }}" state: directory -- name: Install cert manager +- name: Check if cert-manager is installed + kubernetes.core.k8s_info: + kind: Deployment + namespace: cert-manager + label_selectors: + - "app.kubernetes.io/instance=cert-manager" + register: cert_manager_deployments + ignore_errors: true + +- name: Get the currently running version of cert-manager + shell: "kubectl get deployment -n cert-manager -l app.kubernetes.io/instance=cert-manager -o jsonpath='{.items[0].metadata.labels.app\\.kubernetes\\.io/version}'" + register: running_cert_manager_version + when: "cert_manager_deployments.resources | length > 0" + +- name: Install or upgrade cert-manager block: - name: Download cert-manager uri: - url: https://github.com/jetstack/cert-manager/releases/download/{{ cert_manager_version }}/cert-manager.yaml + url: "https://github.com/jetstack/cert-manager/releases/download/{{ cert_manager_version }}/cert-manager.yaml" dest: "{{ setup_path }}/cert-manager.yaml" + when: "cert_manager_deployments.resources | length == 0 or running_cert_manager_version.stdout != cert_manager_version" - name: Apply cert-manager manifest to the cluster. kubernetes.core.k8s: - state: "{{cert_manager_status}}" + state: "present" src: "{{ setup_path }}/cert-manager.yaml" - when: "install_cert_manager" + when: "cert_manager_deployments.resources | length == 0 or running_cert_manager_version.stdout != cert_manager_version" - name: Wait for cert-manager to be up. kubernetes.core.k8s_info: