Move tower_broadcast_websocket_secret to a Secret

2026-05-07 22:02:53 +00:00 · 2021-03-04 10:22:46 +01:00
parent e4fd5aeb32
commit 9683dc23a4
10 changed files with 71 additions and 5 deletions
--- a/roles/finalizer/defaults/main.yml
+++ b/roles/finalizer/defaults/main.yml
@@ -15,3 +15,7 @@ tower_secret_key_secret: ''
 # Secret to lookup that provide the PostgreSQL configuration
 #
 tower_postgres_configuration_secret: ''
+
+# Secret to lookup that provide the broadcast websocket key
+#
+tower_broadcast_websocket_secret: ''
--- a/roles/finalizer/tasks/main.yml
+++ b/roles/finalizer/tasks/main.yml
@@ -5,6 +5,8 @@
        _admin_password: '{{ tower_admin_password_secret | length | ternary(tower_admin_password_secret, meta.name + "-admin-password") }}'
        _secret_key: '{{ tower_secret_key_secret | length | ternary(tower_secret_key_secret, meta.name + "-secret-key") }}'
        # yamllint disable-line rule:line-length
+        _broadcast_websocket_secret: '{{ tower_broadcast_websocket_secret | length | ternary(tower_broadcast_websocket_secret, meta.name + "-broadcast-websocket") }}'  # noqa 204
+        # yamllint disable-line rule:line-length
        _postgres_configuration: '{{ tower_postgres_configuration_secret | length | ternary(tower_postgres_configuration_secret, meta.name + "-postgres-configuration") }}'  # noqa 204

    - name: Remove ownerReferences reference
@@ -20,5 +22,6 @@
        - '{{ _admin_password }}'
        - '{{ _secret_key }}'
        - '{{ _postgres_configuration }}'
+        - '{{ _broadcast_websocket_secret }}'

  when: not tower_garbage_collect_secrets | bool