From 0be99b28b391b98a741c3e0df841370c05a41518 Mon Sep 17 00:00:00 2001
From: tico88612 <17496418+tico88612@users.noreply.github.com>
Date: Sat, 13 Jul 2024 14:53:17 +0800
Subject: [PATCH] Feat: add external OCI cloud controller manager workflow

Signed-off-by: tico88612 <17496418+tico88612@users.noreply.github.com>
---
 .../external_cloud_controller/meta/main.yml   | 10 ++++++
 .../oci/tasks/main.yml                        | 34 +++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml

diff --git a/roles/kubernetes-apps/external_cloud_controller/meta/main.yml b/roles/kubernetes-apps/external_cloud_controller/meta/main.yml
index b1fc4ad69fd..468fae8eb98 100644
--- a/roles/kubernetes-apps/external_cloud_controller/meta/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/meta/main.yml
@@ -40,3 +40,13 @@ dependencies:
     tags:
       - external-cloud-controller
       - external-huaweicloud
+  - role: kubernetes-apps/external_cloud_controller/oci
+    when:
+      - cloud_provider is defined
+      - cloud_provider == "external"
+      - external_cloud_provider is defined
+      - external_cloud_provider == "oci"
+      - inventory_hostname == groups['kube_control_plane'][0]
+    tags:
+      - external-cloud-controller
+      - external-oci
diff --git a/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml
new file mode 100644
index 00000000000..431404ae6a5
--- /dev/null
+++ b/roles/kubernetes-apps/external_cloud_controller/oci/tasks/main.yml
@@ -0,0 +1,34 @@
+---
+- name: External OCI Cloud Controller Manager | Get base64 cloud-config
+  set_fact:
+    external_oci_cloud_config_secret: "{{ lookup('template', 'external-oci-cloud-config.j2') | b64encode }}"
+  when: inventory_hostname == groups['kube_control_plane'][0]
+  tags: external-oci
+
+- name: External OCI Cloud Controller Manager | Generate Manifests
+  template:
+    src: "{{ item.file }}.j2"
+    dest: "{{ kube_config_dir }}/{{ item.file }}"
+    group: "{{ kube_cert_group }}"
+    mode: 0640
+  with_items:
+    - {name: external-oci-cloud-config-secret, file: external-oci-cloud-config-secret.yml}
+    - {name: external-oci-cloud-controller-manager-rbac, file: external-oci-cloud-controller-manager-rbac.yml}
+    - {name: external-oci-cloud-controller-manager, file: external-oci-cloud-controller-manager.yml}
+  register: external_oci_manifests
+  when: inventory_hostname == groups['kube_control_plane'][0]
+  tags: external-oci
+
+- name: External OCI Cloud Controller Manager | Apply Manifests
+  kube:
+    kubectl: "{{ bin_dir }}/kubectl"
+    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
+    state: "latest"
+  with_items:
+    - "{{ external_oci_manifests.results }}"
+  when:
+    - inventory_hostname == groups['kube_control_plane'][0]
+    - not item is skipped
+  loop_control:
+    label: "{{ item.item.file }}"
+  tags: external-oci