[SET-651] Enable vault role in playbooks

jboss-set · Jan 18, 2024 · ecc29a3 · ecc29a3
1 parent bab4426
commit ecc29a3
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 1 deletion.
diff --git a/cci_run.yml b/cci_run.yml
@@ -4,8 +4,19 @@
   gather_facts: false
 
   vars_files:
+    - vars/vault.yml
     - vars/cci_automate.yml
 
+  pre_tasks:
+    - name: "Install hvac python library"
+      ansible.builtin.pip:
+        name: hvac>=1.2.1
+        executable: pip3
+
+    - name: "Load Secrets from Vault"
+      ansible.builtin.include_role:
+        name: "vault"
+
   tasks:
     - name: Automate CCI VM using Ansible
       include_tasks: cci_vm_automate.yml
@@ -14,4 +25,4 @@
         - { url: "{{ cci_os_cluster_url_second }}", id: "{{ cci_os_project_id_second }}", network: "{{ cci_os_network_second }}", flavor: "{{ cci_os_flavor_second }}" }
 
     - name: Automate CCI VM using Ansible
-      include_tasks: cci_casc_edit.yml
+      include_tasks: cci_casc_edit.yml
diff --git a/cci_worker.yml b/cci_worker.yml
@@ -5,10 +5,20 @@
   become: yes
 
   vars_files:
+    - vars/vault.yml
     - vars/cci.yml
     - vars/java.yml
 
   pre_tasks:
+    - name: "Install hvac python library"
+      ansible.builtin.pip:
+        name: hvac>=1.2.1
+        executable: pip3
+
+    - name: "Load Secrets from Vault"
+      ansible.builtin.include_role:
+        name: "vault"
+
     - name: Register
       redhat_subscription:
         state: present

diff --git a/jenkins.yml b/jenkins.yml
@@ -4,13 +4,23 @@
   become: yes
   become_user: root
   vars_files:
+    - vars/vault.yml
     - vars/olympus.yml
     - vars/component-alignment.yml
     - vars/aphrodite.yml
     - vars/jobs.yml
     - vars/mailer.yml
 
   pre_tasks:
+    - name: "Install hvac python library"
+      ansible.builtin.pip:
+        name: hvac>=1.2.1
+        executable: pip3
+
+    - name: "Load Secrets from Vault"
+      ansible.builtin.include_role:
+        name: "vault"
+
     - name: Register
       redhat_subscription:
         state: present

diff --git a/zeus.yml b/zeus.yml
@@ -4,6 +4,7 @@
   become: yes
   become_user: root
   vars_files:
+      - vars/vault.yml
       - vars/ansible.yml
       - vars/olympus.yml
       - vars/ssh.yml
@@ -23,6 +24,15 @@
       - vars/qualys.yml
 
   pre_tasks:
+    - name: "Install hvac python library"
+      ansible.builtin.pip:
+        name: hvac>=1.2.1
+        executable: pip3
+
+    - name: "Load Secrets from Vault"
+      ansible.builtin.include_role:
+        name: "vault"
+
     - name: Register
       community.general.redhat_subscription:
         state: present