Ydrab
Reputation: 31
Ansible create kubernetes secret from file
Is it possible to create and k8s secret from a file in ansible?
Currently, I am doing it like this but it only works on the first run because if I run the playbook again it says the secret already exists
- name: generate keypair
openssh_keypair:
path: /srv/{{item.namespace}}/id_{{item.name}}_rsa
when: item.additional_keys == true
loop: "{{ containers_release }}"
- name: create private key secret for auth api
shell: kubectl -n {{ item.namespace }} create secret generic id-{{ item.name }}-rsa-priv --from-file=/srv/{{ item.namespace }}/id_authapi_rsa
when: item.additional_keys == true
loop: "{{ containers_release }}"
- name: create public key secret for {{ item.name }}
shell: kubectl -n {{ item.namespace }} create secret generic id-{{ item.name }}-rsa-pub --from-file=/srv/{{ item.namespace }}/id_{{ item.name }}_rsa.pub
when: item.additional_keys == true
loop: "{{ containers_release }}"
Upvotes: 0
Views: 4430
Answers (1)
Malgorzata
Reputation: 7023
As I have mentioned in comment section ansible is idempotent. If the configuration is already in place, ansible makes no change after redeploying. That is why after running playbook again your are getting playbook again it say info that the secret already exists.
Take a look: create-secret-with-ansible.
You can try to use SecretHub.
See: ansible-playbook-secret.
Upvotes: 1
Related Questions
- How can I create a Kubernetes Secret with Ansible?
- How to set secret files to kubernetes secrets by yaml?
- How can I update a secret on Kubernetes when it is generated from a file?
- Helm create secret from env file
- How can I print an Ansible vaulted variable that includes a Kubernetes secret from the CLI?
- Create kubernetes secret from .json file
- Use Kubernetes Secret as Environment Variable when secret is create from a file
- How to create a secret file in kubernetes
- How to set kubernetes secret key name when using --from-file other than filename?
- How to pass variables to a Kubernetes YAML file from Ansible?