--- # Clean up existing Gitea resources to ensure clean installation # First make sure to uninstall any existing Helm release - name: Uninstall Gitea Helm release if it exists kubernetes.core.helm: name: "{{ gitea_helm_release_name }}" release_namespace: "{{ gitea_namespace }}" state: absent kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true tags: - gitea - cleanup # Find and remove the finalizers from any existing PVCs - name: Find all PVCs in the Gitea namespace kubernetes.core.k8s_info: kind: PersistentVolumeClaim namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: gitea_pvcs ignore_errors: true tags: - gitea - cleanup - name: Force remove finalizers from any stuck PVCs kubernetes.core.k8s: state: patched api_version: v1 kind: PersistentVolumeClaim namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" definition: metadata: finalizers: null kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: "{{ gitea_pvcs.resources }}" when: gitea_pvcs.resources is defined and gitea_pvcs.resources | length > 0 tags: - gitea - cleanup # Force delete specific PVCs by name - name: Force delete specific PVCs by name shell: > kubectl delete pvc {{ item }} -n {{ gitea_namespace }} --force --grace-period=0 with_items: - gitea-shared-storage - data-gitea-postgresql-ha-postgresql-0 - data-gitea-postgresql-ha-postgresql-1 - data-gitea-postgresql-ha-postgresql-2 - redis-data-gitea-redis-cluster-0 - redis-data-gitea-redis-cluster-1 - redis-data-gitea-redis-cluster-2 - redis-data-gitea-redis-master ignore_errors: true tags: - gitea - cleanup # Wait a moment for resources to be deleted - name: Wait for PVC deletion to complete pause: seconds: 10 tags: - gitea - cleanup # Now find and cleanup any existing PVs - name: Find all Gitea PVs kubernetes.core.k8s_info: kind: PersistentVolume kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: all_pvs ignore_errors: true tags: - gitea - cleanup - name: Filter Gitea-related PVs ansible.builtin.set_fact: gitea_pvs: "{{ all_pvs.resources | selectattr('metadata.name', 'match', '(gitea|pv-postgresql|pv-redis)') | list }}" when: all_pvs.resources is defined and all_pvs.resources | length > 0 tags: - gitea - cleanup - name: Remove claimRefs from any stuck PVs kubernetes.core.k8s: state: patched definition: apiVersion: v1 kind: PersistentVolume metadata: name: "{{ item.metadata.name }}" spec: claimRef: null kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: "{{ gitea_pvs }}" when: gitea_pvs is defined and item.spec.claimRef is defined tags: - gitea - cleanup # Delete specific PVs by name - name: Delete specific PersistentVolumes by name kubernetes.core.k8s: state: absent api_version: v1 kind: PersistentVolume name: "{{ item }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: - pv-gitea-shared-storage - pv-postgresql-ha-data-0 - pv-postgresql-ha-data-1 - pv-postgresql-ha-data-2 - pv-redis-cluster-data-0 - pv-redis-cluster-data-1 - pv-redis-cluster-data-2 - pv-redis-master-data - gitea-local-pv-data ignore_errors: true tags: - gitea - cleanup # Pause to wait for resource deletion - name: Pause to wait for resource deletion pause: seconds: 10 tags: - gitea - cleanup # Find and delete all deployments and statefulsets in the namespace - name: Find all deployments in Gitea namespace kubernetes.core.k8s_info: kind: Deployment namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_deployments tags: - gitea - cleanup - name: Delete all deployments in Gitea namespace kubernetes.core.k8s: state: absent api_version: apps/v1 kind: Deployment namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_deployments.resources }}" ignore_errors: true tags: - gitea - cleanup - name: Find all statefulsets in Gitea namespace kubernetes.core.k8s_info: kind: StatefulSet namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_statefulsets tags: - gitea - cleanup - name: Delete all statefulsets in Gitea namespace kubernetes.core.k8s: state: absent api_version: apps/v1 kind: StatefulSet namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_statefulsets.resources }}" ignore_errors: true tags: - gitea - cleanup # Find all service accounts, configmaps, and secrets in the namespace and delete them (except critical ones) - name: Find all service accounts in the Gitea namespace kubernetes.core.k8s_info: kind: ServiceAccount namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: gitea_sas - name: Delete specific service accounts in the Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: ServiceAccount namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: "{{ gitea_sas.resources }}" when: item.metadata.name != 'builder' and item.metadata.name != 'default' and item.metadata.name != 'deployer' - name: Find all configmaps in the Gitea namespace kubernetes.core.k8s_info: kind: ConfigMap namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: gitea_configmaps - name: Delete specific configmaps in the Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: ConfigMap namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: "{{ gitea_configmaps.resources }}" when: item.metadata.name != 'kube-root-ca.crt' and not item.metadata.name.startswith('openshift-') and not item.metadata.name.startswith('namespace-') - name: Find all secrets in the Gitea namespace kubernetes.core.k8s_info: kind: Secret namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: gitea_secrets - name: Delete specific secrets in the Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: Secret namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: "{{ gitea_secrets.resources }}" when: not item.metadata.name.startswith('builder-dockercfg-') and not item.metadata.name.startswith('builder-token-') and not item.metadata.name.startswith('default-dockercfg-') and not item.metadata.name.startswith('default-token-') and not item.metadata.name.startswith('deployer-dockercfg-') and not item.metadata.name.startswith('deployer-token-') # Delete Cluster Role Bindings - name: Delete specific Cluster Role Bindings kubernetes.core.k8s: state: absent api_version: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding name: "{{ item }}-privileged" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true with_items: - "{{ gitea_storage_init_sa }}" - "{{ gitea_app_sa }}" # Pause to wait for resource deletion - name: Pause to wait for resource deletion pause: seconds: "{{ gitea_resource_deletion_wait }}" # Find and delete all PVCs in the namespace - name: Find all PVCs in Gitea namespace kubernetes.core.k8s_info: kind: PersistentVolumeClaim namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_pvcs tags: - gitea - cleanup - name: Delete all PVCs in Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: PersistentVolumeClaim namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_pvcs.resources }}" ignore_errors: true tags: - gitea - cleanup # Force delete any stuck PVCs - name: Force delete stuck PVCs with kubectl shell: > kubectl delete pvc --all -n {{ gitea_namespace }} --force --grace-period=0 ignore_errors: true tags: - gitea - cleanup # Uninstall Gitea helm release if it exists - name: Check if Gitea Helm release exists kubernetes.core.helm_info: name: "{{ gitea_helm_release_name }}" namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" register: helm_status ignore_errors: true tags: - gitea - cleanup - name: Uninstall Gitea Helm release kubernetes.core.helm: name: "{{ gitea_helm_release_name }}" state: absent namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" when: helm_status.status is defined and helm_status.status.status == 'deployed' ignore_errors: true tags: - gitea - cleanup # Find and delete all deployments in the namespace - name: Find all deployments in Gitea namespace kubernetes.core.k8s_info: kind: Deployment namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_deployments tags: - gitea - cleanup - name: Delete all deployments in Gitea namespace kubernetes.core.k8s: state: absent api_version: apps/v1 kind: Deployment namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_deployments.resources }}" ignore_errors: true tags: - gitea - cleanup # Find and delete all statefulsets in the namespace - name: Find all statefulsets in Gitea namespace kubernetes.core.k8s_info: kind: StatefulSet namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_statefulsets tags: - gitea - cleanup - name: Delete all statefulsets in Gitea namespace kubernetes.core.k8s: state: absent api_version: apps/v1 kind: StatefulSet namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_statefulsets.resources }}" ignore_errors: true tags: - gitea - cleanup # Find and delete all service accounts in the namespace - name: Find all service accounts in Gitea namespace kubernetes.core.k8s_info: kind: ServiceAccount namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_sa tags: - gitea - cleanup - name: Delete all service accounts in Gitea namespace (except default) kubernetes.core.k8s: state: absent api_version: v1 kind: ServiceAccount namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_sa.resources }}" when: item.metadata.name != 'default' ignore_errors: true tags: - gitea - cleanup # Find and delete all configmaps in the namespace - name: Find all configmaps in Gitea namespace kubernetes.core.k8s_info: kind: ConfigMap namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_cm tags: - gitea - cleanup - name: Delete all configmaps in Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: ConfigMap namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_cm.resources }}" when: item.metadata.name != 'kube-root-ca.crt' ignore_errors: true tags: - gitea - cleanup # Find and delete all secrets in the namespace - name: Find all secrets in Gitea namespace kubernetes.core.k8s_info: kind: Secret namespace: "{{ gitea_namespace }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" register: existing_secrets tags: - gitea - cleanup - name: Delete all secrets in Gitea namespace kubernetes.core.k8s: state: absent api_version: v1 kind: Secret namespace: "{{ gitea_namespace }}" name: "{{ item.metadata.name }}" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" with_items: "{{ existing_secrets.resources }}" when: "item.type != 'kubernetes.io/service-account-token' and 'default-token' not in item.metadata.name" ignore_errors: true tags: - gitea - cleanup # Delete Cluster Role Bindings - name: Delete Gitea privileged ClusterRoleBinding kubernetes.core.k8s: state: absent api_version: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding name: "{{ gitea_app_sa }}-privileged" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true tags: - gitea - cleanup - name: Delete Gitea anyuid ClusterRoleBinding kubernetes.core.k8s: state: absent api_version: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding name: "{{ gitea_app_sa }}-anyuid" kubeconfig: "{{ k8s_auth_params.kubeconfig }}" validate_certs: "{{ k8s_auth_params.validate_certs }}" ignore_errors: true tags: - gitea - cleanup # Pause to wait for resource deletion - name: Pause to wait for resource deletion pause: seconds: 10 tags: - gitea - cleanup