On 13.04.2019 23:53, Sergio Fernández wrote:
> Currently as the script is displayed, it creates 1 and send it all to all
> of the servers.
> But the requirements are to give each one its own secret_id, so if I have 3
> servers, I need to create 3 different secret_id and send them!
Then you need to run both task for all the host and with delegate_to you can
run the task on localhost, but the variable will be registered on the remote
host.
---
- hosts: MyServers
gather_facts: no
tasks:
- name: Generate secret_id
shell: vault write -f auth/approle/role/my_role/secret-id -format=json | jq
'.data.secret_id'
register: secret_id
delegate_to: localhost
- set_fact:
secret_id_clean: "{{ secret_id.stdout | replace('\"', '') |
replace('\','') }}"
- name: Get Approle Token
shell: source /etc/profile && vault write auth/approle/login
role_id=$VAULT_ROLE_ID secret_id="{{ secret_id_clean }}" -format=json | jq
'.auth.client_token'
args:
executable: /bin/bash
register: token
- set_fact:
token_clean: "{{ token.stdout | replace('\"', '') | replace('\','') }}"
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/0cef7a4e-a91c-75cd-10f7-22abcd7dab8b%40olstad.com.
For more options, visit https://groups.google.com/d/optout.
