gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a0f70890f1'
${ noResults }
hetzner-ansible/roles/elastic/tasks/_configure_roles.yml

89 lines
2.4 KiB
YAML
Raw Blame History

---
- set_fact:
api_path: '/api/security/role'
role_exists: False
elastic_role_cleaned: {}
- name: "Get all roles in elasticsearch"
delegate_to: localhost
uri:
url: "https://{{ api_endpoint }}{{ api_path }}"
method: GET
status_code: [200]
user: "{{ elastic_admin_username_vault }}"
password: "{{ elastic_admin_password_vault }}"
force_basic_auth: yes
register: all_roles
become: false
- set_fact:
lookup_role_object: '{{ all_roles.json | community.general.json_query(roles_query) }}'
vars:
roles_query: "[?name=='{{ elastic_role.name }}']"
- set_fact:
role_exists: True
when:
- lookup_role_object | length > 0
- set_fact:
elastic_role_cleaned: "{{ elastic_role_cleaned | combine({item.key: item.value}) }}"
with_dict: '{{ elastic_role }}'
when:
- item.key not in ['elastic_state','name']
- name: "Create role <<{{ elastic_role.name }}>>"
delegate_to: localhost
uri:
url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
method: PUT
status_code: [204]
user: "{{ elastic_admin_username_vault }}"
password: "{{ elastic_admin_password_vault }}"
force_basic_auth: yes
headers:
Content-Type: application/json
kbn-xsrf: true
body_format: json
body: '{{ elastic_role_cleaned | to_json }}'
become: false
when:
- not role_exists
- elastic_role.elastic_state == 'present'
- name: "Update role <<{{ elastic_role.name }}>>"
delegate_to: localhost
uri:
url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
method: PUT
status_code: [204]
user: "{{ elastic_admin_username_vault }}"
password: "{{ elastic_admin_password_vault }}"
force_basic_auth: yes
headers:
Content-Type: application/json
kbn-xsrf: true
body_format: json
body: '{{ elastic_role_cleaned | to_json }}'
become: false
when:
- role_exists
- elastic_role.elastic_state == 'present'
- name: "DELETE role <<{{ elastic_role.name }}>>"
delegate_to: localhost
uri:
url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
method: DELETE
status_code: [204]
user: "{{ elastic_admin_username_vault }}"
password: "{{ elastic_admin_password_vault }}"
force_basic_auth: yes
headers:
Content-Type: application/json
kbn-xsrf: true
become: false
when:
- role_exists
- elastic_role.elastic_state == 'absent'
Reference in New Issue View Git Blame Copy Permalink