Merge pull request #1540 from zexi/update-k3s-env

fix(k3s): set CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS when upgrade

Author: zexi

onecloud/roles/k3s/k3s_server/tasks/main.yml

@@ -130,6 +130,13 @@
         group: root
         mode: 0644
 
+    - name: Add service environment variables
+      when: extra_service_envs is defined and extra_service_envs | length > 0
+      ansible.builtin.lineinfile:
+        path: "{{ systemd_dir }}/k3s.service.env"
+        line: "{{ item }}"
+      with_items: "{{ extra_service_envs }}"
+
     - name: Enable and check K3s service
       ansible.builtin.systemd:
         name: k3s

onecloud/roles/utils/controlplane/tasks/main.yml

@@ -17,3 +17,19 @@
     job: "/opt/yunion/bin/ocadm alpha certs renew all"
     cron_file: yunion_ocadm_renew_certs
   become: true
+
+- name: Check if k3s.service.env file exists
+  ansible.builtin.stat:
+    path: /etc/systemd/system/k3s.service.env
+  register: k3s_service_env_file
+  become: true
+
+- name: Add CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS to k3s.service.env if not set
+  ansible.builtin.lineinfile:
+    path: /etc/systemd/system/k3s.service.env
+    line: "CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS=3650"
+    regexp: "^CATTLE_NEW_SIGNED_CERT_EXPIRATION_DAYS="
+    state: present
+    create: false
+  when: k3s_service_env_file.stat.exists
+  become: true