Rename role

.github/workflows/lint.yml

@@ -10,7 +10,7 @@ on:
 defaults:
 
   run:
-    working-directory: 'nephelaiio.kubectl'
+    working-directory: 'nephelaiio.k8s_repo'
 
 jobs:
 
@@ -22,7 +22,7 @@ jobs:
       - name: Check out the codebase
         uses: actions/checkout@v4
         with:
-          path: 'nephelaiio.kubectl'
+          path: 'nephelaiio.k8s_repo'
 
       - name: Set up python 3
         uses: actions/setup-python@v4

.github/workflows/molecule.yml

@@ -12,7 +12,7 @@ on:
 defaults:
 
   run:
-    working-directory: 'nephelaiio.kubectl'
+    working-directory: 'nephelaiio.k8s_repo'
 
 jobs:
 
@@ -37,7 +37,7 @@ jobs:
       - name: Check out the codebase
         uses: actions/checkout@v4
         with:
-          path: 'nephelaiio.kubectl'
+          path: 'nephelaiio.k8s_repo'
 
       - name: Set up python 3
         uses: actions/setup-python@v4

.github/workflows/release.yml

@@ -14,7 +14,7 @@ on:
 defaults:
 
   run:
-    working-directory: 'nephelaiio.kubectl'
+    working-directory: 'nephelaiio.k8s_repo'
 
 jobs:
 
@@ -26,7 +26,7 @@ jobs:
       - name: Check out the codebase.
         uses: actions/checkout@v4
         with:
-          path: 'nephelaiio.kubectl'
+          path: 'nephelaiio.k8s_repo'
 
       - name: Set up Python 3
         uses: actions/setup-python@v4

.talismanrc

@@ -1,5 +1,7 @@
 fileignoreconfig:
   - filename: poetry.lock
     ignore_detectors: [filecontent]
+  - filename: defaults/main.yml
+    ignore_detectors: [filecontent]
   - filename: .github/workflows/release.yml
     ignore_detectors: [filecontent]

README.md

@@ -1,13 +1,9 @@
-# nephelaiio.kubectl
+# nephelaiio.k8s_repo
 
-[![Build Status](https://github.com/nephelaiio/ansible-role-kubectl/actions/workflows/molecule.yml/badge.svg)](https://github.com/nephelaiio/ansible-role-kubectl/actions/wofklows/molecule.yml)
-[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-nephelaiio.kubectl.vim-blue.svg)](https://galaxy.ansible.com/nephelaiio/kubectl/)
+[![Build Status](https://github.com/nephelaiio/ansible-role-k8s-repo/actions/workflows/molecule.yml/badge.svg)](https://github.com/nephelaiio/ansible-role-k8s-repo/actions/wofklows/molecule.yml)
+[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-nephelaiio.k8s-repo.vim-blue.svg)](https://galaxy.ansible.com/nephelaiio/k8s-repo/)
 
-<!--
-[![Ansible Galaxy](https://img.shields.io/badge/dynamic/json?color=blueviolet&label=nephelaiio/kubectl&query=%24.summary_fields.versions%5B0%5D.name&url=https%3A%2F%2Fgalaxy.ansible.com%2Fapi%2Fv1%2Froles%2F<galaxy_id>%2F%3Fformat%3Djson)](https://galaxy.ansible.com/nephelaiio/kubectl/)
- -->
-
-An [ansible role](https://galaxy.ansible.com/nephelaiio/kubectl) to install and configure kubectl
+An [ansible role](https://galaxy.ansible.com/nephelaiio/k8s-repo) to install and configure Kubernetes package repostiories
 
 ## Role Variables
 
@@ -21,19 +17,18 @@ By default this role does not depend on any external roles. If any such dependen
 
 - hosts: servers
   roles:
-     - role: nephelaiio.kubectl
-       kubectl_package_state: latest
+     - role: nephelaiio.k8s_repo
 
 ## Testing
 
 Please make sure your environment has [docker](https://www.docker.com) installed in order to run role validation tests. Additional python dependencies are listed in the [requirements file](https://github.com/nephelaiio/ansible-role-requirements/blob/master/requirements.txt)
 
 Role is tested against the following distributions (docker images):
 
-  * Ubuntu Focal
   * Ubuntu Jammy
-  * Debian Buster
+  * Ubuntu Focal
   * Debian Bullseye
+  * Debian Bookworm
 
 You can test the role directly from sources using command ` molecule test `
 

defaults/main.yml

@@ -1,3 +1,4 @@
 ---
-# kubectl_release: v1.28
-kubectl_state: present
+# k8s_repo_release: v1.28
+k8s_repo_state: latest
+k8s_repo_keyring_debian: /etc/apt/keyrings/kubernetes-apt-keyring.gpg

meta/main.yml

@@ -1,8 +1,8 @@
 ---
 galaxy_info:
-  role_name: kubectl
+  role_name: k8s_repo
   author: nephelaiio
-  description: An Ansible role to install and configure kubectl
+  description: An Ansible role to configure K8s package repositories
   license: MIT
   min_ansible_version: '2.15'
   platforms:
@@ -15,6 +15,6 @@ galaxy_info:
     - name: Debian
       versions:
         - all
-  galaxy_tags: ['kubectl']
+  galaxy_tags: ['k8s', 'k8s_repo', 'repo', 'repository']
 
 dependencies: []

molecule/default/converge.yml

@@ -1,9 +1,6 @@
 ---
 - name: Converge
-
   hosts: all
-
+  become: true
   roles:
-
-    - nephelaiio.plugins
-    - nephelaiio.kubectl
+    - nephelaiio.k8s_repo

molecule/default/molecule.yml

@@ -7,7 +7,7 @@ dependency:
 driver:
   name: docker
 platforms:
-  - name: kubectl-install-01
+  - name: k8s-repo-install-01
     image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2004}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     cgroupns_mode: host

molecule/default/prepare.yml

@@ -1,14 +1,9 @@
 ---
 - name: Prepare
-
   hosts: all
-
   gather_facts: true
-
   become: true
-
   tasks:
-
     - name: Update apt package cache
       ansible.builtin.apt:
         update_cache: yes

molecule/default/verify.yml

@@ -1,10 +1,6 @@
 ---
 - name: Verify
-
   hosts: all
-
   gather_facts: true
-
   become: true
-
   tasks:

pyproject.toml

@@ -1,5 +1,5 @@
 [tool.poetry]
-name = "nephelaiio.kubectl"
+name = "nephelaiio.k8s_repo"
 version = "0.1.0"
 description = ""
 authors = ["nephelaiio"]

tasks/main.yml

@@ -1,22 +1,52 @@
 ---
-- name: Set kubectl install target release
+- name: Set Kubernetes repository version
   ansible.builtin.set_fact:
-    kubectl_version: "{{ lookup('ansible.builtin.url', 'https://dl.k8s.io/release/stable.txt', split_lines=False) }}"
-  when: kubectl_version is not defined
+    k8s_repo_version: "{{ lookup('ansible.builtin.url', 'https://dl.k8s.io/release/stable.txt', split_lines=False) }}"
+  when: k8s_repo_version is not defined
 
-- name: Set kubectl release facts
+- name: Set Kuberentes repository release facts
   ansible.builtin.set_fact:
-    _kubectl_target: "{{ '.'.join(kubectl_version.split('.')[0:2]) }}"
+    _k8s_repo_target: "{{ '.'.join(k8s_repo_version.split('.')[0:2]) }}"
 
-- name: Deploy on Debian systems
+- name: Configure Kubernetes apt repository
   when: ansible_os_family == "Debian"
   block:
+    - name: Create tempfile
+      ansible.builtin.tempfile:
+        suffix: k8s
+
+    - name: Set distribution facts
+      ansible.builtin.set_fact:
+        _apt_repo_url: "https://pkgs.k8s.io/core:/stable:/{{ _k8s_repo_target }}/deb"
+
     - name: Install Debian package helpers
       ansible.builtin.package:
         name:
           - apt-transport-https
           - ca-certificates
+          - curl
+
+    - name: Create keyring directory
+      ansible.builtin.file:
+        path: "{{ k8s_repo_keyring_debian | dirname }}"
+        state: directory
+        owner: root
+        group: root
+        mode: 0755
+
+    - name: Install gpg certificate
+      ansible.builtin.shell:
+        cmd: >-
+          curl -fsSL {{ _apt_repo_url }}/Release.key | gpg --dearmor -o {{ k8s_repo_keyring_debian }}
+        executable: /bin/bash
+      changed_when: false
+
+    - name: Configure apt repository
+      ansible.builtin.apt_repository:
+        filename: k8s_repo
+        repo: "deb [signed-by={{ k8s_repo_keyring_debian }}] {{ _apt_repo_url }} /"
 
-- name: Deploy on RedHat systems
+- name: Configure Kubernetes yum repository
   when: ansible_os_family == "RedHat"
   block:
+    - fail: