External-Mirrors/kubespray
2
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-05-18 06:47:46 -02:30
Code Issues Packages Projects Releases Wiki Activity

Place vault role credentials only to vault group hosts

Browse Source
This commit is contained in:
mkrasilnikov
2017-09-05 11:05:06 +03:00
parent ad313c9d49
commit b930b0ef5a
5 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
roles/vault/tasks/shared/gen_userpass.yml
View File

@@ -10,13 +10,13 @@
password: "{{ gen_userpass_password }}"
policies: "{{ gen_userpass_role }}"
status_code: 204
when: inventory_hostname == groups[gen_userpass_group]|first
delegate_to: "{{ groups.vault|first }}"
run_once: true
- name: shared/gen_userpass | Ensure destination directory exists
file:
path: "{{ vault_roles_dir }}/{{ gen_userpass_role }}"
state: directory
when: inventory_hostname in groups[gen_userpass_group]
- name: shared/gen_userpass | Copy credentials to all hosts in the group
copy:
@@ -26,4 +26,3 @@
'password': gen_userpass_password} | to_nice_json(indent=4)
}}
dest: "{{ vault_roles_dir }}/{{ gen_userpass_role }}/userpass"
when: inventory_hostname in groups[gen_userpass_group]