Zitadel role: some leftovers from the last review. (#505)

Author: Gerrit91

control-plane/roles/zitadel/README.md

@@ -21,10 +21,11 @@ You can look up all the default values of this role [here](defaults/main.yaml).
 | Name                      | Mandatory | Description                                                                            |
 | ------------------------- | --------- | -------------------------------------------------------------------------------------- |
 | zitadel_chart_version     |           | The chart version for deploying zitadel                                                |
+| zitadel_namespace         |           | The namespace into which zitadel is deployed                                           |
 | zitadel_init_image        | yes       | The zitadel-init image tag                                                             |
 | zitadel_init_image_tag    | yes       | The zitadel-init image name                                                            |
 | zitadel_image_tag         |           | An optional image overwrite for zitadel when not using the default from the helm chart |
-| zitadel_external_domain   |           | The external domain used by zitadel                                                    |
+| zitadel_external_domain   | yes       | The external domain used by zitadel                                                    |
 | zitadel_image_pull_policy |           | The image pull policy to use for zitadel-init                                          |
 | zitadel_ingress_dns       |           | The DNS ingress domain used for the ingress-controller                                 |
 | zitadel_initial_instance  |           | The name of the initial instance                                                       |

control-plane/roles/zitadel/defaults/main.yaml

@@ -7,6 +7,7 @@ zitadel_init_image_tag: v0.2.0
 zitadel_image_tag: v4.7.0
 
 zitadel_endpoint: zitadel.{{ metal_control_plane_ingress_dns }}
+zitadel_namespace: "{{ metal_control_plane_namespace }}"
 zitadel_external_domain:
 zitadel_ingress_dns: https://zitadel.{{ metal_control_plane_ingress_dns }}:443
 zitadel_port: 443
@@ -23,8 +24,7 @@ zitadel_db_password: change-me
 
 zitadel_enabled_ingress: true
 
-zitadel_init_config:
-  {}
+zitadel_init_config: {}
   # static_users:
   #   - first_name: Olli
   #     last_name: Owner

control-plane/roles/zitadel/meta/main.yaml

@@ -0,0 +1,17 @@
+---
+galaxy_info:
+  role_name: zitadel
+  author: metal-stack
+  description: Deploys zitadel into the control plane.
+  license: MIT
+  min_ansible_version: "2.10"
+  galaxy_tags: []
+
+  platforms:
+    - name: GenericLinux
+      versions:
+        - all
+
+dependencies:
+  - role: metal-roles/common/roles/defaults
+  - role: metal-roles/control-plane/roles/defaults

control-plane/roles/zitadel/tasks/main.yaml

@@ -13,6 +13,7 @@
       - zitadel_chart_version is not none
       - zitadel_init_image is not none
       - zitadel_init_image_tag is not none
+      - zitadel_external_domain is not none
 
 - name: Deploy static users secret
   kubernetes.core.k8s:
@@ -21,7 +22,7 @@
       kind: Secret
       metadata:
         name: zitadel-init-config
-        namespace: "{{ metal_control_plane_namespace }}"
+        namespace: "{{ zitadel_namespace }}"
       type: Opaque
       stringData:
         config.yaml: "{{ zitadel_init_config | to_json }}"
@@ -32,7 +33,7 @@
     chart_ref: zitadel
     chart_version: "{{ zitadel_chart_version }}"
     chart_repo_url: https://charts.zitadel.com/
-    release_namespace: "{{ metal_control_plane_namespace }}"
+    release_namespace: "{{ zitadel_namespace }}"
     create_namespace: true
     values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}"
     wait: true
@@ -41,20 +42,20 @@
   kubernetes.core.k8s:
     state: absent
     definition: "{{ lookup('template', 'zitadel-init.yaml') }}"
-    namespace: "{{ metal_control_plane_namespace }}"
+    namespace: "{{ zitadel_namespace }}"
 
 - name: Create init job
   kubernetes.core.k8s:
     state: present
     definition: "{{ lookup('template', 'zitadel-init.yaml') }}"
-    namespace: "{{ metal_control_plane_namespace }}"
+    namespace: "{{ zitadel_namespace }}"
 
 - name: Wait for Secret zitadel-client-credentials
   kubernetes.core.k8s_info:
     api_version: v1
     kind: Secret
     name: zitadel-client-credentials
-    namespace: "{{ metal_control_plane_namespace }}"
+    namespace: "{{ zitadel_namespace }}"
   register: secret_info
   until: secret_info.resources | length > 0
   retries: 10

control-plane/roles/zitadel/templates/zitadel-init.yaml

@@ -45,7 +45,7 @@ spec:
             - "--zitadel-external-domain={{ zitadel_external_domain }}"
             - "--zitadel-port={{ zitadel_port }}"
             - "--zitadel-pat=$(ZITADEL_PAT)"
-            - "--namespace={{ metal_control_plane_namespace }}"
+            - "--namespace={{ zitadel_namespace }}"
             - "--secret=zitadel-client-credentials"
             - "--zitadel-skip-verify-tls={{ zitadel_skip_verify_tls }}"
             - "--zitadel-insecure={{ zitadel_insecure }}"