hcp-ansible/roles/hashistack/tasks/load_credentials_vars.yml

---
# task/load_credentials_vars file for hashistack
- name: "Variables | Stat credentials file"
  ansible.builtin.stat:
    path: "{{ hashistack_sub_configuration_directories['secrets'] }}/{{ hashistack_configuration_credentials_vars_file }}"
  register: _credentials_file
  delegate_to: localhost

- name: "Variables | Stat vault credentials file"
  ansible.builtin.stat:
    path: "{{ hashistack_sub_configuration_directories['secrets'] }}/vault.yml"
  register: _vault_credentials_file
  delegate_to: localhost

- name: "Variables | Make sure credentials file exists"
  ansible.builtin.assert:
    that:
      - _credentials_file.stat.exists
    fail_msg: >-
      Credentials file {{ _credentials_file.stat.path }} was not found, cannot continue without it.
  delegate_to: localhost

- name: "Variables | Load credentials variables"
  ansible.builtin.include_vars:
    dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
    files_matching: "{{ hashistack_configuration_credentials_vars_file }}"
    depth: 1
    name: _credentials
  delegate_to: localhost

- name: "Variables | Load vault credentials if vault.yml exists"
  ansible.builtin.include_vars:
    dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
    files_matching: "vault.yml"
    depth: 1
    name: _vault_credentials
  when: _vault_credentials_file.stat.exists
  delegate_to: localhost

- name: "Variables | Merge vault credentials into _credentials"
  vars:
    _config_to_merge:
      vault: "{{ _vault_credentials }}"
  ansible.builtin.set_fact:
    _credentials: "{{ _credentials | combine(_config_to_merge, recursive=true) }}"
  when: _vault_credentials_file.stat.exists
  delegate_to: localhost
feat(hashistack): move variable loading to specific role 2024-07-22 21:04:05 +00:00			`---`
			`# task/load_credentials_vars file for hashistack`
			`- name: "Variables \| Stat credentials file"`
			`ansible.builtin.stat:`
			`path: "{{ hashistack_sub_configuration_directories['secrets'] }}/{{ hashistack_configuration_credentials_vars_file }}"`
			`register: _credentials_file`
			`delegate_to: localhost`

			`- name: "Variables \| Stat vault credentials file"`
			`ansible.builtin.stat:`
			`path: "{{ hashistack_sub_configuration_directories['secrets'] }}/vault.yml"`
			`register: _vault_credentials_file`
			`delegate_to: localhost`

			`- name: "Variables \| Make sure credentials file exists"`
			`ansible.builtin.assert:`
			`that:`
			`- _credentials_file.stat.exists`
			`fail_msg: >-`
			`Credentials file {{ _credentials_file.stat.path }} was not found, cannot continue without it.`
			`delegate_to: localhost`

			`- name: "Variables \| Load credentials variables"`
			`ansible.builtin.include_vars:`
			`dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"`
			`files_matching: "{{ hashistack_configuration_credentials_vars_file }}"`
			`depth: 1`
			`name: _credentials`
			`delegate_to: localhost`

			`- name: "Variables \| Load vault credentials if vault.yml exists"`
			`ansible.builtin.include_vars:`
			`dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"`
			`files_matching: "vault.yml"`
			`depth: 1`
			`name: _vault_credentials`
			`when: _vault_credentials_file.stat.exists`
			`delegate_to: localhost`

			`- name: "Variables \| Merge vault credentials into _credentials"`
			`vars:`
			`_config_to_merge:`
			`vault: "{{ _vault_credentials }}"`
			`ansible.builtin.set_fact:`
			`_credentials: "{{ _credentials \| combine(_config_to_merge, recursive=true) }}"`
			`when: _vault_credentials_file.stat.exists`
			`delegate_to: localhost`