Better first run bootstrap

This commit is contained in:
IamTheFij 2022-09-27 21:59:37 -07:00
parent 75bce82b0f
commit 253069439d

View File

@ -40,9 +40,23 @@
name: hvac name: hvac
extra_args: --index-url https://pypi.org/simple extra_args: --index-url https://pypi.org/simple
# This fails on first run because `root_token` isn't found - name: Check mount
# Fails after taht too because the kv/ space has not been created yet either! Oh noes! community.hashi_vault.vault_read:
# Maybe move data bootstrapping to after the cluster is bootstrapped url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}"
path: "/sys/mounts/kv"
ignore_errors: true
register: check_mount
- name: Create kv mount
community.hashi_vault.vault_write:
url: "http://{{ inventory_hostname }}:8200"
token: "{{ root_token }}"
path: "/sys/mounts/kv"
data:
type: kv-v2
when: check_mount is not succeeded
- name: Write values - name: Write values
no_log: true no_log: true
community.hashi_vault.vault_write: community.hashi_vault.vault_write:
@ -53,6 +67,8 @@
data: data:
"{{ item.value }}" "{{ item.value }}"
loop: "{{ hashi_vault_values | default({}) | dict2items }}" loop: "{{ hashi_vault_values | default({}) | dict2items }}"
retries: 2
delay: 5
- name: Write userpass - name: Write userpass
no_log: true no_log: true