hetzner-ansible/roles/harbor/tasks/main.yml

---

### tags:

- name: "Send mattermost message"
  uri:
    url: "{{ mattermost_hook_smardigo }}"
    method: POST
    body: "{{ lookup('template','mattermost-deploy-start.json.j2') }}"
    body_format: json
    headers:
      Content-Type: "application/json"
  delegate_to: 127.0.0.1
  become: false
  when:
    - send_status_messages

- name: "Setup DNS configuration for {{ inventory_hostname }} harbor"
  include_role:
    name: _digitalocean
    tasks_from: domain
  vars:
    record_data: "{{ stage_server_ip }}"
    record_name: "{{ inventory_hostname }}"

- name: 'Ensures {{ service_base_path }}/{{ inventory_hostname }} directory exists'
  file:
    state: directory
    path: '{{ service_base_path }}/{{ inventory_hostname }}'
  tags:
    - update_deployment
    - update_config

- name: 'Ensure directory structure for harbor exists'
  file:
    path: "{{ service_base_path }}/{{ inventory_hostname }}/{{ item.path }}"
    state: directory
    owner: "{{ docker_owner }}"
    group: "{{ docker_group }}"
    mode: 0755
  with_filetree: "templates/harbor"
  when: item.state == "directory"
  tags:
    - update_config

- name: Ensure config template files are populated from templates/harbor
  template:
    src: "{{ item.src }}"
    dest: "{{ service_base_path }}/{{ inventory_hostname }}/{{ item.path | regex_replace('\\.j2$', '') }}"
    owner: "{{ docker_owner }}"
    group: "{{ docker_group }}"
    mode: 0644
  with_filetree: "templates/harbor"
  when: item.state == 'file' and item.src is match('.*\.j2$')
  tags:
    - update_config

- name: Ensure config files are populated from from templates/harbor
  copy:
    src: "{{ item.src }}"
    dest: "{{ service_base_path }}/{{ inventory_hostname }}/{{ item.path }}"
    owner: "{{ docker_owner }}"
    group: "{{ docker_group }}"
    mode: 0644
  with_filetree: "templates/harbor"
  when: item.state == 'file' and item.src is not match('.*\.j2$')
  tags:
    - update_config

- name: Download harbor offline installer
  get_url:
    url: https://github.com/goharbor/harbor/releases/download/{{ harbor_version }}/harbor-offline-installer-{{ harbor_version }}.tgz
    dest: "{{ service_base_path }}/{{ inventory_hostname }}/harbor-offline-installer-{{ harbor_version }}.tgz"

- name: Extract harbor-offline-installer-{{ harbor_version }}.tgz into {{ service_base_path }}/{{ inventory_hostname }}
  ansible.builtin.unarchive:
    src: "{{ service_base_path }}/{{ inventory_hostname }}/harbor-offline-installer-{{ harbor_version }}.tgz"
    dest: "{{ service_base_path }}/{{ inventory_hostname }}"
    remote_src: yes

- name: "Check if {{ inventory_hostname }}/harbor/docker-compose.yml exists"
  stat:
    path: '{{ service_base_path }}/harbor/{{ inventory_hostname }}/docker-compose.yml'
  register: check_docker_compose_file
  tags:
    - update_deployment

- name: "Stop {{ inventory_hostname }}"
  shell: docker-compose down
  args:
    chdir: '{{ service_base_path }}/{{ inventory_hostname }}/harbor'
  when: check_docker_compose_file.stat.exists
  ignore_errors: yes
  tags:
    - update_deployment

# TODO
# sudo ./install.sh --with-trivy --with-chartmuseum

# update nginx onfig
# -> #proxy_set_header Host $host;
# -> #proxy_set_header X-Forwarded-Proto $scheme;

# update compose file

- name: "Send mattermost messsge"
  uri:
    url: "{{ mattermost_hook_smardigo }}"
    method: POST
    body: "{{ lookup('template','mattermost-deploy-end.json.j2') }}"
    body_format: json
    headers:
      Content-Type: "application/json"
  delegate_to: 127.0.0.1
  become: false
  when:
    - send_status_messages