ansible-collections/hcp-ansible
ansible-collections/hcp-ansible
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
20344bdebe
hcp-ansible/roles/vault/tasks/main.yml
Bertrand Lanson 20344bdebe
All checks were successful
development / Check commit compliance (push) Successful in 25s
Details
pull-requests-open / Check commit compliance (pull_request) Successful in 8s
Details
test / Retrieve Credentials (pull_request) Successful in 32s
Details
test / end_to_end_consul (consul_default, debian11) (pull_request) Successful in 3m33s
Details
test / end_to_end_consul (consul_default, debian12) (pull_request) Successful in 3m32s
Details
test / end_to_end_consul (consul_default, ubuntu2004) (pull_request) Successful in 3m45s
Details
test / end_to_end_consul (consul_default, ubuntu2204) (pull_request) Successful in 1m35s
Details
test / end_to_end_consul (consul_default, ubuntu2404) (pull_request) Successful in 1m34s
Details
test / end_to_end_consul (consul_with_acl_enabled, debian11) (pull_request) Successful in 1m23s
Details
test / end_to_end_consul (consul_with_acl_enabled, debian12) (pull_request) Successful in 1m36s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2204) (pull_request) Successful in 1m33s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2004) (pull_request) Successful in 1m47s
Details
test / end_to_end_nomad (nomad_default, debian11) (pull_request) Successful in 1m6s
Details
test / end_to_end_nomad (nomad_default, debian12) (pull_request) Successful in 1m8s
Details
test / end_to_end_consul (consul_with_acl_enabled, ubuntu2404) (pull_request) Successful in 1m33s
Details
test / end_to_end_nomad (nomad_default, ubuntu2004) (pull_request) Successful in 1m13s
Details
test / end_to_end_nomad (nomad_default, ubuntu2404) (pull_request) Successful in 1m15s
Details
test / end_to_end_nomad (nomad_default, ubuntu2204) (pull_request) Successful in 1m31s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, debian11) (pull_request) Successful in 1m7s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, debian12) (pull_request) Successful in 1m9s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2004) (pull_request) Successful in 1m15s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2204) (pull_request) Successful in 1m12s
Details
test / end_to_end_nomad (nomad_with_acl_enabled, ubuntu2404) (pull_request) Successful in 1m17s
Details
test / end_to_end_vault (vault_default, debian11) (pull_request) Successful in 1m32s
Details
test / end_to_end_vault (vault_default, debian12) (pull_request) Successful in 1m39s
Details
test / end_to_end_vault (vault_default, ubuntu2004) (pull_request) Successful in 1m36s
Details
test / end_to_end_vault (vault_default, ubuntu2204) (pull_request) Successful in 1m24s
Details
test / end_to_end_vault (vault_default, ubuntu2404) (pull_request) Successful in 1m41s
Details
test / end_to_end_vault (vault_with_raft_enabled, debian11) (pull_request) Successful in 1m23s
Details
test / end_to_end_vault (vault_with_raft_enabled, debian12) (pull_request) Successful in 1m24s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2004) (pull_request) Successful in 1m28s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2204) (pull_request) Successful in 1m30s
Details
test / end_to_end_vault (vault_with_raft_enabled, ubuntu2404) (pull_request) Successful in 1m32s
Details
feat: add automatic reload of vault service for certificate reloading 
This feature adds logic to automatically reload the vault service if tls is
enbabled and the certificates have changed. This only tracks certificates copied
by the extra_files logic.
2024-11-10 17:07:14 +01:00

58 lines
1.7 KiB
YAML
Raw Blame History

---
# task/main file for vault
- name: "Vault | Set reload-check & restart-check variable"
ansible.builtin.set_fact:
_vault_service_need_daemon_reload: false
_vault_service_need_reload: false
_vault_service_need_restart: false
- name: "Vault | Import merge_variables.yml"
ansible.builtin.include_tasks: merge_variables.yml
- name: "Vault | Import prerequisites.yml"
ansible.builtin.include_tasks: prerequisites.yml
- name: "Vault | Import install.yml"
ansible.builtin.include_tasks: "install.yml"
- name: "Vault | Import configure.yml"
ansible.builtin.include_tasks: configure.yml
- name: "Vault | Populate service facts"
ansible.builtin.service_facts:
- name: "Vault | Set restart-check variable"
ansible.builtin.set_fact:
_vault_service_need_restart: true
when: ansible_facts.services[vault_service_name~'.service'].state != 'running'
- name: "Vault | Enable service: {{ vault_service_name }}"
ansible.builtin.service:
name: "{{ vault_service_name }}"
enabled: true
- name: "Vault | Reload systemd daemon"
ansible.builtin.systemd:
daemon_reload: true
when: _vault_service_need_daemon_reload
- name: "Vault | Start service: {{ vault_service_name }}"
ansible.builtin.include_tasks: rolling_restart.yml
when:
- vault_start_service
- _vault_service_need_restart
- "hostvars[host_item].inventory_hostname == inventory_hostname"
with_items: "{{ ansible_play_batch }}"
loop_control:
loop_var: host_item
- name: "Vault | Reload service: {{ vault_service_name }}"
ansible.builtin.service:
name: "{{ vault_service_name }}"
state: reloaded
throttle: 1
when:
- vault_start_service
- _vault_service_need_reload
- not _vault_service_need_restart
Reference in New Issue View Git Blame Copy Permalink