ansible/roles/openshift/secret-file/tasks/main.yml

---
- name: Copy template {{template}}
  template: src={{roles_path}}/openshift-apps/{{app}}/templates/{{template}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
  when: template is defined
  register: secret_template

- name: Copy file {{file}}
  copy: src={{roles_path}}/openshift-apps/{{app}}/files/{{file}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
  when: file is defined
  register: secret_file

- name: Copy private file {{privatefile}}
  copy: src={{private}}/files/{{privatefile}} dest=/etc/openshift_apps/{{os_app}}/{{key}}
  when: privatefile is defined
  register: secret_privatefile

- name: Delete existing secrets
  shell: oc -n {{os_app}} delete secret/{{secret_name}}
  register: delete_out
  changed_when: "'NotFound' in delete_out.stderr"
  failed_when: "('NotFound' not in delete_out.stderr) and (delete_out.rc != 0)"
  when: secret_template.changed or secret_file.changed or secret_privatefile.changed

- name: Call `oc secrets new` on the copied file
  shell: oc -n {{os_app}} secrets new {{secret_name}} {{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
  register: create_out
  when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)

- name: Call `oc create secret generic` on the copied file
  shell: oc -n {{os_app}} create secret generic {{secret_name}} --from-file={{key}}=/etc/openshift_apps/{{os_app}}/{{key}}
  register: create_out
  when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)
Fix majority of remaining yamllint warnings and errors Signed-off-by: Ryan Lerch <rlerch@redhat.com> 2024-11-27 13:48:08 +10:00			`---`
Fix dest= missing Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-17 01:04:01 +00:00			`- name: Copy template {{template}}`
Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2020-11-30 14:06:09 +01:00			`template: src={{roles_path}}/openshift-apps/{{app}}/templates/{{template}} dest=/etc/openshift_apps/{{os_app}}/{{key}}`
try waiverdb openshift stuff, what could go wrong Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org> 2017-07-27 17:31:04 +00:00			`when: template is defined`
Only do secret apply if changed Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-19 17:37:08 +02:00			`register: secret_template`
try waiverdb openshift stuff, what could go wrong Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org> 2017-07-27 17:31:04 +00:00
Fix dest= missing Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-17 01:04:01 +00:00			`- name: Copy file {{file}}`
Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2020-11-30 14:06:09 +01:00			`copy: src={{roles_path}}/openshift-apps/{{app}}/files/{{file}} dest=/etc/openshift_apps/{{os_app}}/{{key}}`
try waiverdb openshift stuff, what could go wrong Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org> 2017-07-27 17:31:04 +00:00			`when: file is defined`
Only do secret apply if changed Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-19 17:37:08 +02:00			`register: secret_file`
try waiverdb openshift stuff, what could go wrong Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org> 2017-07-27 17:31:04 +00:00
Fix dest= missing Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-17 01:04:01 +00:00			`- name: Copy private file {{privatefile}}`
Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2020-11-30 14:06:09 +01:00			`copy: src={{private}}/files/{{privatefile}} dest=/etc/openshift_apps/{{os_app}}/{{key}}`
Allow using files from the private repo in openshift secrets. 2017-10-19 00:57:45 +00:00			`when: privatefile is defined`
Only do secret apply if changed Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-04-19 17:37:08 +02:00			`register: secret_privatefile`
Allow using files from the private repo in openshift secrets. 2017-10-19 00:57:45 +00:00
Attempt delete/add on change Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-05-15 21:37:27 +02:00			`- name: Delete existing secrets`
Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2020-11-30 14:06:09 +01:00			`shell: oc -n {{os_app}} delete secret/{{secret_name}}`
Attempt delete/add on change Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-05-15 21:37:27 +02:00			`register: delete_out`
The notfound is on stderr Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-05-31 03:42:41 +02:00			`changed_when: "'NotFound' in delete_out.stderr"`
			`failed_when: "('NotFound' not in delete_out.stderr) and (delete_out.rc != 0)"`
Attempt delete/add on change Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-05-15 21:37:27 +02:00			`when: secret_template.changed or secret_file.changed or secret_privatefile.changed`

try waiverdb openshift stuff, what could go wrong Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org> 2017-07-27 17:31:04 +00:00			- name: Call `oc secrets new` on the copied file
Add support for installing OS app that don't match with the ansible app And use it for the CentOS instance of Noggin. Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2020-11-30 14:06:09 +01:00			`shell: oc -n {{os_app}} secrets new {{secret_name}} {{key}}=/etc/openshift_apps/{{os_app}}/{{key}}`
If the secret already exists, don't crash Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> 2018-01-17 16:52:21 +00:00			`register: create_out`
Adjust the secret-file role to work with OCP4 Signed-off-by: Aurélien Bompard <aurelien@bompard.org> 2022-04-14 11:17:38 +02:00			`when: not ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)`

			- name: Call `oc create secret generic` on the copied file
			`shell: oc -n {{os_app}} create secret generic {{secret_name}} --from-file={{key}}=/etc/openshift_apps/{{os_app}}/{{key}}`
			`register: create_out`
			`when: ocp4 and (secret_template.changed or secret_file.changed or secret_privatefile.changed)`