Add support for ansible-vault for secret generation
Sem-Ver: feature Change-Id: I4e56ea595618c2646158a29395856958fa567b59
This commit is contained in:
parent
97967b16c4
commit
498593aa86
|
@ -30,3 +30,9 @@
|
|||
ansible.builtin.copy:
|
||||
content: "{{ secrets | to_nice_yaml }}"
|
||||
dest: "{{ secrets_path }}"
|
||||
|
||||
- name: Encrypt secrets file with Vault password
|
||||
ansible.builtin.shell:
|
||||
ansible-vault encrypt --vault-password-file {{ secrets_vault_password_file }} {{ secrets_path }}
|
||||
when:
|
||||
- secrets_vault_password_file is defined
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- The ``generate_secrets`` playbook can now be used to generate secrets that
|
||||
are encrypted using ``ansible-vault``.
|
Loading…
Reference in New Issue