fix reading preshared keys

lookup('file') does not work with binary files and causes failures depending on the content of a preshared key file
linux-system-roles · Apr 9, 2021 · ce06946 · ce06946
1 parent 8cf6cff
commit ce06946
Showing 1 changed file with 26 additions and 11 deletions.
diff --git a/tasks/presharedkey.yml b/tasks/presharedkey.yml
@@ -5,13 +5,28 @@
 # key from cluster nodes. If no node has a key, a random key generated in step
 # 2 is going to be used.
 
-- name: "Fetch {{ preshared_key_label }} if provided"
-  set_fact:
-    __ha_cluster_some_preshared_key: >
-      "{{ lookup('file', preshared_key_src) | b64encode }}"
+- name: "Retrieve {{ preshared_key_label }} from the controller"
+  block:
+    - name: "Check if {{ preshared_key_label }} exists on the controller"
+      stat:
+        path: "{{ preshared_key_src }}"
+      register: __ha_cluster_preshared_key_stat_controller
+
+    - name: "Slurp existing {{ preshared_key_label }} from the controller"
+      slurp:
+        src: "{{ preshared_key_src }}"
+      register: __ha_cluster_preshared_key_slurp_controller
+      when: __ha_cluster_preshared_key_stat_controller.stat.exists
+
+    - name: "Use the slurped {{ preshared_key_label }} from the controller"
+      set_fact:
+        __ha_cluster_some_preshared_key: >
+          "{{ __ha_cluster_preshared_key_slurp_controller.content }}"
+      when: __ha_cluster_preshared_key_stat_controller.stat.exists
   when:
     - preshared_key_src is string and preshared_key_src | length > 1
   run_once: yes
+  delegate_to: localhost
 
 - name: "Generate random {{ preshared_key_label }}"
   set_fact:
@@ -23,22 +38,22 @@
 
 - name: "Retrieve {{ preshared_key_label }} from cluster nodes"
   block:
-    - name: Check if {{ preshared_key_label }} exists on cluster nodes
+    - name: "Check if {{ preshared_key_label }} exists on cluster nodes"
       stat:
         path: "{{ preshared_key_dest }}"
-      register: preshared_key_stat
+      register: __ha_cluster_preshared_key_stat
 
     - name: "Slurp existing {{ preshared_key_label }} from cluster nodes"
       slurp:
         src: "{{ preshared_key_dest }}"
-      register: preshared_key_slurp
-      when: preshared_key_stat.stat.exists
+      register: __ha_cluster_preshared_key_slurp
+      when: __ha_cluster_preshared_key_stat.stat.exists
 
-    - name: "Use the slurped {{ preshared_key_label }}"
+    - name: "Use the slurped {{ preshared_key_label }} from cluster nodes"
       set_fact:
         __ha_cluster_some_preshared_key: >
-          "{{ preshared_key_slurp.content }}"
-      when: preshared_key_stat.stat.exists
+          "{{ __ha_cluster_preshared_key_slurp.content }}"
+      when: __ha_cluster_preshared_key_stat.stat.exists
       # Following variables set the fact for all nodes
       delegate_facts: yes
       delegate_to: "{{ item }}"