-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathcreate_databases_vault.yml
42 lines (34 loc) · 1.27 KB
/
create_databases_vault.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
---
- name: Create databases vault
hosts: local
gather_facts: false
tasks:
- name: Display playbook name
ansible.builtin.debug: msg="==== Starting create_databases_vault playbook ===="
- name: Set vars
ansible.builtin.import_tasks: tasks/set_vars.yml
- name: Set databases vault destination path
ansible.builtin.set_fact:
databases_vault_path: "group_vars/customer/{{ customer }}/{{ env_type }}/secrets/databases.vault.yml"
- name: Check databases vault file
ansible.builtin.stat:
path: "{{ databases_vault_path }}"
register: databases_vault
- name: Import databases vault
ansible.builtin.include_vars:
file: "{{ databases_vault.stat.path }}"
when: databases_vault.stat.exists
- name: Run tasks for apps
ansible.builtin.include_tasks: tasks/run_tasks_for_apps.yml
vars:
tasks:
- tasks/create_app_database_vault
- name: Save databases vault
ansible.builtin.template:
src: "templates/databases.vault.yml.j2"
dest: "{{ databases_vault_path }}"
mode: 0644
when: databases is defined
- name: Encrypt databases vault
ansible.builtin.command: ansible-vault encrypt {{ databases_vault_path }}
when: databases is defined