awx-operator/roles/installer/tasks/secret_key_configuration.yml

---
- name: Check for specified secret key configuration
  k8s_info:
    kind: Secret
    namespace: '{{ ansible_operator_meta.namespace }}'
    name: '{{ secret_key_secret }}'
  register: _custom_secret_key
  no_log: "{{ no_log }}"
  when: secret_key_secret | length

- name: Check for default secret key configuration
  k8s_info:
    kind: Secret
    namespace: '{{ ansible_operator_meta.namespace }}'
    name: '{{ ansible_operator_meta.name }}-secret-key'
  register: _default_secret_key
  no_log: "{{ no_log }}"

- name: Set secret key secret
  set_fact:
    _secret_key_secret: '{{ _custom_secret_key["resources"] | default([]) | length | ternary(_custom_secret_key, _default_secret_key) }}'
  no_log: "{{ no_log }}"

- block:
    - name: Create secret key secret
      k8s:
        apply: true
        definition: "{{ lookup('template', 'secrets/secret_key.yaml.j2') }}"
      no_log: "{{ no_log }}"

    - name: Read secret key secret
      k8s_info:
        kind: Secret
        namespace: '{{ ansible_operator_meta.namespace }}'
        name: '{{ ansible_operator_meta.name }}-secret-key'
      register: _generated_secret_key
      no_log: "{{ no_log }}"

  when: not _secret_key_secret['resources'] | default([]) | length

- name: Set secret key secret
  set_fact:
    secret_key: '{{ _generated_secret_key["resources"] | default([]) | length | ternary(_generated_secret_key, _secret_key_secret)  }}'
  no_log: "{{ no_log }}"

- name: Store secret key secret name
  set_fact:
    secret_key_secret_name: "{{ secret_key['resources'][0]['metadata']['name'] }}"
  no_log: "{{ no_log }}"