diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 686274e80a8666c8334f2a3618cc185ec616005b..56997d6ea2f5f2128d9e455ed95a84de36409131 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -178,9 +178,11 @@ behave-grafana:
terminate_droplet_after_merge:
stage: cleanup
script: |
- if [ "$(git cat-file -p HEAD | grep -c '^parent')" -gt 1 ]
+ if [ "$(git show -s --pretty=%p HEAD | wc -w)" -gt 1 ]
then
- pipeline=$(git cat-file -p 893aed0e1f1ce02a77b8f2a66ad03c24f09915d9 | grep 'Merge branch' | tr -dc '0-9')
+ subject="$(git show -s --format=%s)"
+ tmp="${subject#*\'}"
+ pipeline="${tmp%%\-*}"
echo "Current HEAD is a merge commit, removing droplet from related merge request pipeline #${pipeline}."
python3 -c "import greenhost_cloud; greenhost_cloud.terminate_droplets_by_name(\"^ci-${pipeline}\.\")"
else
diff --git a/ansible/group_vars/all/oas.yml b/ansible/group_vars/all/oas.yml
index 4f6f0a416cbf01736cc7ae21731521fbbaf73dbf..f1f621fef63fe5e0911aabcd10179b06c9c631b8 100644
--- a/ansible/group_vars/all/oas.yml
+++ b/ansible/group_vars/all/oas.yml
@@ -49,7 +49,6 @@ rke:
checksum: 'sha256:7c05727aa3d6f8c4b5f60b057f1fe7883af48d5a778e3b1668f178dda84883ee'
cert_manager:
- version: '0.9.1'
# cert-manager requires custom resource definitions applied before installing
# the helm chart. See https://hub.helm.sh/charts/jetstack/cert-manager for
# details
diff --git a/ansible/roles/apps/tasks/cert-manager.yml b/ansible/roles/apps/tasks/cert-manager.yml
index f538e72dc4e09a576998ddb67250b9738884ef12..7260efd02b9a5e87f388689da8b4964a9dcffa00 100644
--- a/ansible/roles/apps/tasks/cert-manager.yml
+++ b/ansible/roles/apps/tasks/cert-manager.yml
@@ -39,3 +39,20 @@
server: "https://acme-staging-v02.api.letsencrypt.org/directory"
- name: production
server: "https://acme-v02.api.letsencrypt.org/directory"
+
+- name: Apply cert-manager helmfile
+ tags:
+ - helmfile
+ - cert-manager
+ shell: |
+ set -e -x -o pipefail
+ /usr/local/bin/helmfile \
+ -b /snap/bin/helm \
+ -e oas \
+ -f {{ data_directory }}/source/helmfiles/helmfile.d/05-cert-manager.yaml \
+ apply \
+ --suppress-secrets \
+ | sed 's/\x1B\[[0-9;]*[JKmsu]//g' \
+ >> {{ log_directory }}/helmfile.log
+ args:
+ executable: /bin/bash
diff --git a/ansible/roles/apps/tasks/helmfiles.yml b/ansible/roles/apps/tasks/helmfiles.yml
index 1097135203bd4703f8c56cf8196e7f52880adf77..657726af974af1742e179d802ab9cdc022e06d1a 100644
--- a/ansible/roles/apps/tasks/helmfiles.yml
+++ b/ansible/roles/apps/tasks/helmfiles.yml
@@ -23,6 +23,14 @@
- NEXTCLOUD_MARIADB_PASSWORD: "{{ nextcloud_mariadb_password }}"
- NEXTCLOUD_MARIADB_ROOT_PASSWORD: "{{ nextcloud_mariadb_root_password }}"
- GRAFANA_ADMIN_PASSWORD: "{{ grafana_admin_password }}"
- shell: /usr/local/bin/helmfile -b /snap/bin/helm -e oas -f {{ data_directory }}/source/helmfiles/helmfile.d/{{ item }}.yaml apply --suppress-secrets | sed 's/\x1B\[[0-9;]*[JKmsu]//g' >> {{ log_directory }}/helmfile.log
+ shell: |
+ set -e -x -o pipefail
+ /usr/local/bin/helmfile -b /snap/bin/helm -e oas \
+ -f {{ data_directory }}/source/helmfiles/helmfile.d/{{ item }}.yaml \
+ apply --suppress-secrets \
+ | sed 's/\x1B\[[0-9;]*[JKmsu]//g' \
+ >> {{ log_directory }}/helmfile.log
+ args:
+ executable: /bin/bash
with_items: "{{ helmfiles }}"
when: item is not search("cert-manager")
diff --git a/helmfiles/helmfile.d/05-cert-manager.yaml b/helmfiles/helmfile.d/05-cert-manager.yaml
index 77c077926e32c21b5dfd36fc7a027674760ff2e9..6b75e33e96129a4985eac4daf27376109e25fbfc 100644
--- a/helmfiles/helmfile.d/05-cert-manager.yaml
+++ b/helmfiles/helmfile.d/05-cert-manager.yaml
@@ -11,7 +11,7 @@ releases:
- name: "oas-{{ .Environment.Values.releaseName }}-cert-manager"
namespace: "cert-manager"
chart: "jetstack/cert-manager"
- version: '{{ cert_manager.version }}'
+ version: "0.9.1"
values:
- "../values/cert-manager.yaml.gotmpl"
wait: false