diff --git a/roles/vault/tasks/shared/sync_file.yml b/roles/vault/tasks/shared/sync_file.yml index b56602eb5..4a1b0d34b 100644 --- a/roles/vault/tasks/shared/sync_file.yml +++ b/roles/vault/tasks/shared/sync_file.yml @@ -38,7 +38,6 @@ loop_var: host_item when: - host_item in play_hosts - - hostvars[host_item]["sync_file_stat"]["stat"] is defined - hostvars[host_item]["sync_file_stat"]["stat"]["exists"]|bool - name: "sync_file | Combine all possible key file sync sources" @@ -47,24 +46,28 @@ with_items: "{{ sync_file_hosts | unique }}" loop_control: loop_var: host_item - when: sync_file_is_cert|d() and hostvars[host_item]["sync_file_key_stat"]["stat"]["exists"]|bool + when: + - host_item in play_hosts + - sync_file_is_cert|d() and hostvars[host_item]["sync_file_key_stat"]["stat"]["exists"]|bool - name: "sync_file | Remove sync sources with files that do not match sync_file_srcs|first" set_fact: _: "{% if inventory_hostname in sync_file_srcs %}{{ sync_file_srcs.remove(inventory_hostname) }}{% endif %}" - when: >- - sync_file_srcs|d([])|length > 1 and - inventory_hostname != sync_file_srcs|first and - sync_file_stat.stat.get("checksum") != hostvars[sync_file_srcs|first]["sync_file_stat"]["stat"]["checksum"] + when: + - host_item in play_hosts + - sync_file_srcs|d([])|length > 1 + - inventory_hostname != sync_file_srcs|first + - sync_file_stat.stat.get("checksum") != hostvars[sync_file_srcs|first]["sync_file_stat"]["stat"]["checksum"] - name: "sync_file | Remove sync sources with keys that do not match sync_file_srcs|first" set_fact: _: "{% if inventory_hostname in sync_file_srcs %}{{ sync_file_srcs.remove(inventory_hostname) }}{% endif %}" - when: >- - sync_file_is_cert|d() and - sync_file_key_srcs|d([])|length > 1 and - inventory_hostname != sync_file_key_srcs|first and - sync_file_key_stat.stat.checksum != hostvars[sync_file_srcs|first]["sync_file_key_stat"]["stat"]["checksum"] + when: + - host_item in play_hosts + - sync_file_is_cert|d() + - sync_file_key_srcs|d([])|length > 1 + - inventory_hostname != sync_file_key_srcs|first + - sync_file_key_stat.stat.checksum != hostvars[sync_file_srcs|first]["sync_file_key_stat"]["stat"]["checksum"] - name: "sync_file | Consolidate file and key sources" set_fact: