Few additional checks for ansible dry-run (--check) mode
This commit is contained in:
parent
da3fbc7753
commit
8baef1fc01
5 changed files with 8 additions and 0 deletions
|
@ -35,6 +35,7 @@
|
|||
vault_temp_unseal_keys: "{{ vault_temp_init.json['keys'] }}"
|
||||
vault_temp_root_token: "{{ vault_temp_init.json.root_token }}"
|
||||
vault_headers: "{{ vault_client_headers|combine({'X-Vault-Token': vault_temp_init.json.root_token}) }}"
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: bootstrap/start_vault_temp | Unseal vault-temp
|
||||
uri:
|
||||
|
|
|
@ -19,3 +19,4 @@
|
|||
type: "{{ auth_backend_type }}"
|
||||
status_code: 204
|
||||
when: vault_auth_backend_check|failed
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
{%- endif -%}
|
||||
status_code: 204
|
||||
when: inventory_hostname == groups[create_role_group]|first
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: create_role | Create the new role in the pki mount
|
||||
uri:
|
||||
|
@ -36,6 +37,7 @@
|
|||
{%- endif -%}
|
||||
status_code: 204
|
||||
when: inventory_hostname == groups[create_role_group]|first
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
## Cert based auth method
|
||||
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
ip_sans: "{{ issue_cert_ip_sans | default([]) | join(',') }}"
|
||||
register: issue_cert_result
|
||||
when: inventory_hostname == issue_cert_hosts|first
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: issue_cert | Copy the cert to all hosts
|
||||
copy:
|
||||
|
@ -47,6 +48,7 @@
|
|||
group: "{{ issue_cert_file_group | d('root' )}}"
|
||||
mode: "{{ issue_cert_file_mode | d('0644') }}"
|
||||
owner: "{{ issue_cert_file_owner | d('root') }}"
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: issue_cert | Copy the key to all hosts
|
||||
copy:
|
||||
|
@ -55,6 +57,7 @@
|
|||
group: "{{ issue_cert_file_group | d('root' )}}"
|
||||
mode: "{{ issue_cert_file_mode | d('0640') }}"
|
||||
owner: "{{ issue_cert_file_owner | d('root') }}"
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: issue_cert | Copy issuing CA cert
|
||||
copy:
|
||||
|
|
|
@ -16,3 +16,4 @@
|
|||
body: "{{ mount_options|d() }}"
|
||||
status_code: 204
|
||||
when: vault_pki_mount_check|failed
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
|
Loading…
Reference in a new issue