1.0.0 Release IaaS

ansible/roles/console/tasks/node/load_secret_vars.yaml

@@ -0,0 +1,29 @@
+---
+- name: Check sops installation (Prerequisite)
+  ansible.builtin.shell: |
+    command -v sops
+  changed_when: false
+  failed_when: false
+  register: "is_sops_installed"
+  ignore_errors: true
+
+- name: Failure when sops is missing
+  ansible.builtin.fail:
+    msg: "sops is not installed. Please install sops manually as described in README.md before running this playbook"
+  when: is_sops_installed.rc != 0
+
+- name: Decrypt secret values in console
+  environment:
+    SOPS_AGE_KEY: "{{ hostvars['console']['age_key'] }}"
+  ansible.builtin.command: |
+    sops -d --output-type yaml {{ hostvars['console']['node']['config_path'] }}/secrets/secrets.yaml
+  changed_when: false
+  register: "decrypted_secrets"
+  run_once: true
+  no_log: true
+
+- name: Load decrypted secret vaules in console
+  ansible.builtin.set_fact:
+    "{{ item.key }}": "{{ item.value }}"
+  loop: "{{ decrypted_secrets.stdout | from_yaml | dict2items }}"
+  no_log: true