Add support for ansible-vault for secret generation
Sem-Ver: feature Change-Id: I4e56ea595618c2646158a29395856958fa567b59
This commit is contained in:
parent
97967b16c4
commit
498593aa86
@ -30,3 +30,9 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ secrets | to_nice_yaml }}"
|
content: "{{ secrets | to_nice_yaml }}"
|
||||||
dest: "{{ secrets_path }}"
|
dest: "{{ secrets_path }}"
|
||||||
|
|
||||||
|
- name: Encrypt secrets file with Vault password
|
||||||
|
ansible.builtin.shell:
|
||||||
|
ansible-vault encrypt --vault-password-file {{ secrets_vault_password_file }} {{ secrets_path }}
|
||||||
|
when:
|
||||||
|
- secrets_vault_password_file is defined
|
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- The ``generate_secrets`` playbook can now be used to generate secrets that
|
||||||
|
are encrypted using ``ansible-vault``.
|
Loading…
Reference in New Issue
Block a user