Fix ssh public key (#47)

* Fix ssh public key

* Fix tests for Jinja2 3.x

* Fix tab indent

* Use matrix for CI build

* Update backup job

* Fix matrix

* Update to ansible 2.9

.github/workflows/backups.yml

@@ -1,10 +1,5 @@
 ---
-
-name: Backup Github Respository
-
-# -------------------------------------------------------------------------------------------------
-# When to run
-# -------------------------------------------------------------------------------------------------
+name: Backup Repository
 
 on:
   push:
@@ -13,11 +8,10 @@ on:
 
 jobs:
   backup:
-    uses: Flaconi/github-reusable-workflow/.github/workflows/backups.yml@stable
+    uses: Flaconi/github-reusable-workflow/.github/workflows/backups.yml@v1
     with:
       enabled: True
       region: eu-central-1
     secrets:
       iam_role_arn: ${{ secrets.BACKUP_REPO_IAM_ROLE }}
       bucket_name: ${{ secrets.BACKUP_REPO_BUCKET }}
-      git_read_token: ${{ secrets.REPO_READ_TOKEN }}

.github/workflows/ci.yaml

@@ -3,20 +3,25 @@ name: CI build
 on: [push]
 
 jobs:
-  ci_test:
+  lint:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@master
+        uses: actions/checkout@v3
 
       - name: Lint Files
         run: |
           make lint
 
-      - name: Test Asserts with sample value ansible=2.8
-        run: |
-          make test
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        version: [2.9, latest]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
 
-      - name: Test Asserts with sample value ansible=latest
+      - name: Test Asserts with for ansible=${{ matrix.version }}
         run: |
-          make test ANSIBLE_VERSION=latest
+          make test ANSIBLE_VERSION=${{ matrix.version }}

Makefile

@@ -1,7 +1,7 @@
 ###
 ### Variables
 ###
-ANSIBLE_VERSION=2.8
+ANSIBLE_VERSION=2.9
 
 
 ###
@@ -15,6 +15,7 @@ help:
 
 test:
 	docker run --rm --pull=always \
+		--network=host \
 		-v ${PWD}:/etc/ansible/roles/rolename \
 		--workdir /etc/ansible/roles/rolename/tests \
 		flaconi/ansible:${ANSIBLE_VERSION} ./support/run-tests.sh

README.md

@@ -19,9 +19,9 @@ This Ansible role is tagged according to the latest compatible (and tested by us
 
 ## Requirements
 
-* Ansible 2.8
+* Ansible 2.9
 * Python lib: [pyaml](https://github.com/yaml/pyyaml)
-* Binary: [kops](https://github.com/kubernetes/kops/blob/master/docs/install.md)
+* Binary: [kops](https://github.com/kubernetes/kops/blob/master/docs/install.md) 1.22+
 
 ## Run-time variables
 

meta/main.yml

@@ -6,7 +6,7 @@ galaxy_info:
   author: Patrick Plocke
   license: Apache 2.0
   description: Create customized KOPS (Kubernetes) templates.
-  min_ansible_version: 2.8
+  min_ansible_version: 2.9
   platforms:
     - name: all
       versions:

tasks/asserts.yml

@@ -94,7 +94,7 @@
   assert:
     that:
       - item.enabled is defined
-      - item.enabled | type_debug == 'bool'
+      - item.enabled is boolean
     msg: "enabled should be true or false"
   with_items:
     - >-
@@ -153,7 +153,7 @@
   assert:
     that:
       - item.anonymousAuth is defined
-      - item.anonymousAuth | type_debug == 'bool'
+      - item.anonymousAuth is boolean
     msg: "kubelet.anonymousAuth should be true or false"
   with_items:
     - >-
@@ -167,7 +167,7 @@
   assert:
     that:
       - item.authenticationTokenWebhook is defined
-      - item.authenticationTokenWebhook | type_debug == 'bool'
+      - item.authenticationTokenWebhook is boolean
     msg: "kubelet.authenticationTokenWebhook should be true or false"
   with_items:
     - >-
@@ -195,7 +195,7 @@
   assert:
     that:
       - item.tlsCipherSuites is defined
-      - item.tlsCipherSuites | type_debug == "list"
+      - item.tlsCipherSuites is sequence
     msg: "kops_kubelet.tlsCipherSuites should be list(string)"
   with_items:
     - >-
@@ -209,7 +209,7 @@
   assert:
     that:
       - item.enableProfiling is defined
-      - item.enableProfiling | type_debug == 'bool'
+      - item.enableProfiling is boolean
     msg: "kubeControllerManager.enableProfiling should be true or false"
   with_items:
     - >-
@@ -238,7 +238,7 @@
   assert:
     that:
       - item.tlsCipherSuites is defined
-      - item.tlsCipherSuites | type_debug == "list"
+      - item.tlsCipherSuites is iterable
     msg: "kube_controller_manager.tlsCipherSuites should be list(string)"
   with_items:
     - >-
@@ -252,7 +252,7 @@
   assert:
     that:
       - item.enableProfiling is defined
-      - item.enableProfiling | type_debug == 'bool'
+      - item.enableProfiling is boolean
     msg: "kubeScheduler.enableProfiling should be true or false"
   with_items:
     - >-

tasks/run_kops.yml

@@ -91,7 +91,7 @@
         export AWS_PROFILE="{{ kops_aws_profile | default('') }}";
       fi
       # Don't fail to show that remote has nothing yet
-      kops get secret admin --type SSHPublicKey -o table \
+      kops get sshpublickey \
         --state s3://{{ cluster.s3_bucket_name }} \
         --name {{ cluster.name }} \
         | grep -Eo "[:a-f0-9]{16,}" || true