Bertrand Lanson
ff66fe22ae
All checks were successful
development / Check commit compliance (push) Successful in 27s
48 lines
1.7 KiB
YAML
48 lines
1.7 KiB
YAML
---
|
|
# task/load_credentials_vars file for hashistack
|
|
- name: "Variables | Stat credentials file"
|
|
ansible.builtin.stat:
|
|
path: "{{ hashistack_sub_configuration_directories['secrets'] }}/{{ hashistack_configuration_credentials_vars_file }}"
|
|
register: _credentials_file
|
|
delegate_to: localhost
|
|
|
|
- name: "Variables | Stat vault credentials file"
|
|
ansible.builtin.stat:
|
|
path: "{{ hashistack_sub_configuration_directories['secrets'] }}/vault.yml"
|
|
register: _vault_credentials_file
|
|
delegate_to: localhost
|
|
|
|
- name: "Variables | Make sure credentials file exists"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- _credentials_file.stat.exists
|
|
fail_msg: >-
|
|
Credentials file {{ _credentials_file.stat.path }} was not found, cannot continue without it.
|
|
delegate_to: localhost
|
|
|
|
- name: "Variables | Load credentials variables"
|
|
ansible.builtin.include_vars:
|
|
dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
|
|
files_matching: "{{ hashistack_configuration_credentials_vars_file }}"
|
|
depth: 1
|
|
name: _credentials
|
|
delegate_to: localhost
|
|
|
|
- name: "Variables | Load vault credentials if vault.yml exists"
|
|
ansible.builtin.include_vars:
|
|
dir: "{{ hashistack_sub_configuration_directories['secrets'] }}"
|
|
files_matching: "vault.yml"
|
|
depth: 1
|
|
name: _vault_credentials
|
|
when: _vault_credentials_file.stat.exists
|
|
delegate_to: localhost
|
|
|
|
- name: "Variables | Merge vault credentials into _credentials"
|
|
vars:
|
|
_config_to_merge:
|
|
vault: "{{ _vault_credentials }}"
|
|
ansible.builtin.set_fact:
|
|
_credentials: "{{ _credentials | combine(_config_to_merge, recursive=true) }}"
|
|
when: _vault_credentials_file.stat.exists
|
|
delegate_to: localhost
|