openstack-ansible-ops/converge.yml at 6a600eb981aeda03fb558efa2ba3f38af0fd6b20 - openstack-ansible-ops - OpenDev: Free Software Needs Free Tools

openstack/openstack-ansible-ops

Files

Dmitriy Rabotyagov 6a600eb981 Add a collection for managing encryption of secret data

Best practices should referring to at least basic encryption of data
including SSH keypairs, PKI certificates, user_secrets, etc.

This collection aims to help/assist with managing data in encrypted
state, in case ansuble_vault is used as an encryption mechanism.

The collection should allow adding more supproted mechanism,
like SOPS for managing data encryption in the future.

Change-Id: I8af3118946682af4ec31bb1d4f6bea93be34f68c

2025-05-02 08:03:24 +00:00

12 lines

218 B

YAML

Raw Blame History

 ---
 - name: Encrypt secrets
   hosts: encrypt-default
   tasks:
     - name: Importing ansible_vault role
       ansible.builtin.import_role:
         name: ansible_vault
       vars:
         ansible_vault_action: encrypt