ansible/roles/openshift/secret-file/tasks/main.yml

---
- name: Copy template {{secret_file_template}}
  template: src={{roles_path}}/openshift-apps/{{secret_file_app}}/templates/{{secret_file_template}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
  when: secret_file_template is defined
  register: secret_template

- name: Copy file {{secret_file_file}}
  ansible.builtin.copy: src={{roles_path}}/openshift-apps/{{secret_file_app}}/files/{{secret_file_file}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
  when: secret_file_file is defined
  register: secret_file

- name: Copy private file {{secret_file_privatefile}}
  ansible.builtin.copy: src={{private}}/files/{{secret_file_privatefile}} dest=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
  when: secret_file_privatefile is defined
  register: secret_privatefile

- name: Delete existing secrets
  ansible.builtin.shell: oc -n {{os_app}} delete secret/{{secret_file_secret_name}}
  register: delete_out
  changed_when: "'NotFound' in delete_out.stderr"
  failed_when: "('NotFound' not in delete_out.stderr) and (delete_out.rc != 0)"
  when: secret_template.changed or secret_file.changed or secret_privatefile.changed

- name: Call `oc secrets new` on the copied file
  ansible.builtin.shell: oc -n {{os_app}} secrets new {{secret_file_secret_name}} {{secret_file_key}}=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
  register: create_out
  when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)

- name: Call `oc create secret generic` on the copied file
  ansible.builtin.shell: oc -n {{os_app}} create secret generic {{secret_file_secret_name}} --from-file={{secret_file_key}}=/etc/openshift_apps/{{os_app}}/{{secret_file_key}}
  register: create_out
  when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)