48 lines
1.7 KiB
YAML
48 lines
1.7 KiB
YAML
|
---
|
||
|
# task/load_credentials_vars file for hashistack
|
||
|
- name: "Variables | Stat credentials file"
|
||
|
ansible.builtin.stat:
|
||
|
path: "{{ hashistack_sub_configuration_directories['secrets'] }}/{{ hashistack_configuration_credentials_vars_file }}"
|
||
|
register: _credentials_file
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: "Variables | Stat vault credentials file"
|
||
|
ansible.builtin.stat:
|
||
|
path: "{{ hashistack_sub_configuration_directories['secrets'] }}/vault.yml"
|
||
|
register: _vault_credentials_file
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: "Variables | Make sure credentials file exists"
|
||
|
ansible.builtin.assert:
|
||
|
that:
|
||
|
- _credentials_file.stat.exists
|
||
|
fail_msg: >-
|
||
|
Credentials file {{ _credentials_file.stat.path }} was not found, cannot continue without it.
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: "Variables | Load credentials variables"
|
||
|
ansible.builtin.include_vars:
|
||
|
dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
|
||
|
files_matching: "{{ hashistack_configuration_credentials_vars_file }}"
|
||
|
depth: 1
|
||
|
name: _credentials
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: "Variables | Load vault credentials if vault.yml exists"
|
||
|
ansible.builtin.include_vars:
|
||
|
dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
|
||
|
files_matching: "vault.yml"
|
||
|
depth: 1
|
||
|
name: _vault_credentials
|
||
|
when: _vault_credentials_file.stat.exists
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: "Variables | Merge vault credentials into _credentials"
|
||
|
vars:
|
||
|
_config_to_merge:
|
||
|
vault: "{{ _vault_credentials }}"
|
||
|
ansible.builtin.set_fact:
|
||
|
_credentials: "{{ _credentials | combine(_config_to_merge, recursive=true) }}"
|
||
|
when: _vault_credentials_file.stat.exists
|
||
|
delegate_to: localhost
|