From 7151afa3f9d8207c4a3e44e1d6ec29eba92a244e Mon Sep 17 00:00:00 2001
From: Adw8 <adwaitgharpure@gmail.com>
Date: Wed, 18 Sep 2024 19:05:37 +0530
Subject: [PATCH] Add tasks to setup gpg agent

---
 service-provider-setup/.gitignore           |  2 ++
 service-provider-setup/dns-vars.yml         |  5 ----
 service-provider-setup/k8s-vars.example.yml |  3 ++
 service-provider-setup/setup-k8s.yml        | 31 +++++++++++++++++++--
 4 files changed, 34 insertions(+), 7 deletions(-)
 create mode 100644 service-provider-setup/.gitignore
 delete mode 100644 service-provider-setup/dns-vars.yml
 create mode 100644 service-provider-setup/k8s-vars.example.yml

diff --git a/service-provider-setup/.gitignore b/service-provider-setup/.gitignore
new file mode 100644
index 0000000..f727d47
--- /dev/null
+++ b/service-provider-setup/.gitignore
@@ -0,0 +1,2 @@
+dns-vars.yml
+k8s-vars.yml
diff --git a/service-provider-setup/dns-vars.yml b/service-provider-setup/dns-vars.yml
deleted file mode 100644
index 5e0b0c0..0000000
--- a/service-provider-setup/dns-vars.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-domain: "test.wireitin.com"
-subdomain_prefix: "dss-ind"
-subdomain_cluster_control: "{{ subdomain_prefix }}-cluster-control"
-cluster_control_ip: "64.227.134.44"
-do_api_token: ""
diff --git a/service-provider-setup/k8s-vars.example.yml b/service-provider-setup/k8s-vars.example.yml
new file mode 100644
index 0000000..3ceb227
--- /dev/null
+++ b/service-provider-setup/k8s-vars.example.yml
@@ -0,0 +1,3 @@
+target_host: ""
+gpg_key_id: ""
+vault_passphrase: ""
diff --git a/service-provider-setup/setup-k8s.yml b/service-provider-setup/setup-k8s.yml
index 6139b36..2936aab 100644
--- a/service-provider-setup/setup-k8s.yml
+++ b/service-provider-setup/setup-k8s.yml
@@ -4,8 +4,8 @@
 - name: Setup k8s
   hosts: "{{ target_host }}"
 
-  vars:
-    target_host: "localhost"
+  vars_files:
+    - k8s-vars.yml
 
   tasks:
     - name: Install Python and pip
@@ -29,3 +29,30 @@
         line: 'export PATH="$HOME/.local/bin:$PATH"'
         state: present
         create: yes
+
+    - name: Clone the service provider template repo
+      git:
+        repo: "https://git.vdb.to/cerc-io/service-provider-template.git"
+        dest: "{{ ansible_env.HOME }}/service-provider-template"
+
+    - name: Update .vault/vault-keys file
+      lineinfile:
+        path: "service-provider-template/.vault/vault-keys"
+        regexp: '^.*$'
+        line: "{{ gpg_key_id }}"
+        create: yes
+
+    - name: Start GPG agent
+      command: gpg-agent --daemon
+      ignore_errors: yes
+
+    - name: Set VAULT_KEY environment variable
+      shell: export VAULT_KEY='{{ vault_passphrase }}'
+
+    - name: Run vault-rekey.sh
+      expect:
+        command: bash .vault/vault-rekey.sh
+        responses:
+          "Enter passphrase:": "{{ vault_passphrase }}"
+      args:
+        chdir: "service-provider-template"