hetzner-ansible/roles/kubernetes/apps/tasks/awx.yml

---
- name: "Set awx_base_url"
  set_fact:
    awx_base_url: "https://{{ stage }}-kube-awx.{{ domain }}"
  tags:
    - always

- name: "Checkin if awx in k8s cluster is avail"
  uri:
    url: "{{ awx_base_url }}/api/login"
    method: GET
    user: "{{ awx_admin_username }}"
    password: "{{ awx_admin_password }}"
    return_content: true
    validate_certs: false
    force_basic_auth: yes
    status_code: 200
  register: check_awx_available
  retries: 15
  delay: 10
  until: check_awx_available.status in [200]
  when:
  - inventory_hostname == groups['kube_control_plane'][0]

- name: "Get awx admin password from k8s secret object"
  kubernetes.core.k8s_info:
    api_version: v1
    kind: Secret
    name: awx-admin-password
    namespace: awx
  register: awx_admin_creds
  when:
  - inventory_hostname == groups['kube_control_plane'][0]
  tags:
    - always

- name: "Define some VARs"
  set_fact:
    awx_admin_username: admin # overwritting stage-specific VAR declaration due to already existing awx-installation(${stage}-dev-awx...)
    awx_admin_password: '{{ ( awx_admin_creds.resources | first ).data.password | b64decode }}'
  tags:
    - always

- name: "Authenticating with awx server"
  uri:
    url: "{{ awx_base_url }}/api/login"
    method: GET
    user: "{{ awx_admin_username }}"
    password: "{{ awx_admin_password }}"
    return_content: true
    validate_certs: false
    force_basic_auth: yes
    status_code: 200
  register: authentication_response
  tags:
    - always

- name: DEBUG
  debug:
    msg: "{{ authentication_response }}"
  tags:
    - always
  when:
    - debug

- name: "Configure some stuff"
  include_tasks: awx-config.yml
  vars:
    awx_base_url: "https://{{ stage }}-kube-awx.{{ domain }}"
    awx_rest_api_access_user: "{{ awx_admin_username }}"
    awx_rest_api_access_pw: "{{ awx_admin_password }}"
  when:
  - inventory_hostname == groups['kube_control_plane'][0]