From 514cd5a1da3f898589f3226c00e53c0df0819ef6 Mon Sep 17 00:00:00 2001 From: Adrien Reslinger Date: Sun, 5 Jun 2022 14:18:08 +0200 Subject: [PATCH] Fix api keys secret generation --- tasks/main.yml | 7 +++++-- templates/api-key-secret.yml.j2 | 17 +++++++++++------ 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 0330145..411c322 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -111,12 +111,15 @@ context: "{{ my_context }}" apply: true namespace: "{{ cert_manager_namespace }}" - resource_definition: "{{ lookup('template', 'api-key-secret.yml.j2') | from_yaml }}" + resource_definition: "{{ lookup('template', 'api-key-secret.yml.j2') | from_yaml_all }}" with_items: - "{{ cert_manager_issuer }}" + #- "{{ cert_manager_issuer | json_query(\"solvers.[?solver=="dns01"]\") }}" when: - item.acme_provider is defined - - item.dns_provider is defined + - item.solvers is defined + #- item.solvers.[].solver == "dns01" + #- item.solvers.[].dns_provider is defined # Tempo ici diff --git a/templates/api-key-secret.yml.j2 b/templates/api-key-secret.yml.j2 index a595b0f..773e301 100644 --- a/templates/api-key-secret.yml.j2 +++ b/templates/api-key-secret.yml.j2 @@ -1,14 +1,19 @@ +{% for i in item.solvers %} +{% if i.solver == "dns01" %} --- apiVersion: v1 kind: Secret metadata: - name: "{{ item.dns_provider }}-api-key" + name: "{{ i.dns_provider }}-api-key" type: Opaque data: -{% if item.dns_provider == "cloudflare" %} - api-key: "{{ item.cloudflare_api_key | b64encode }}" -{% elif item.dns_provider == "route53" %} +{% if i.dns_provider == "cloudflare" %} + api-key: "{{ i.cloudflare_api_key | b64encode }}" +{% elif i.dns_provider == "route53" %} secret-access-key: "{{ lookup('hashi_vault', 'secret=clusters/route53:secret-access-key') | b64encode }}" -{% elif item.dns_provider == "ovh" %} - applicationSecret: "{{ item.applicationSecret | b64encode }}" +{% elif i.dns_provider == "ovh" %} + applicationSecret: "{{ i.applicationSecret | b64encode }}" {% endif %} + +{% endif %} +{% endfor %}