From 0e6dd1af63b2a8e85773c2593d1ae175bf88be10 Mon Sep 17 00:00:00 2001 From: Matej Focko Date: Wed, 6 Sep 2023 13:10:48 +0200 Subject: [PATCH] fix(user/secrets/hcv): add tags and missing privilege escalation Signed-off-by: Matej Focko --- roles/user/secrets/hcv/tasks/install_Fedora.yml | 1 + roles/user/secrets/hcv/tasks/install_Ubuntu.yml | 2 ++ roles/user/secrets/hcv/tasks/install_el.yml | 1 + roles/user/secrets/hcv/tasks/main.yml | 2 ++ 4 files changed, 6 insertions(+) diff --git a/roles/user/secrets/hcv/tasks/install_Fedora.yml b/roles/user/secrets/hcv/tasks/install_Fedora.yml index 667ea1d..c443a60 100644 --- a/roles/user/secrets/hcv/tasks/install_Fedora.yml +++ b/roles/user/secrets/hcv/tasks/install_Fedora.yml @@ -4,3 +4,4 @@ url: https://rpm.releases.hashicorp.com/fedora/hashicorp.repo dest: /etc/yum.repos.d/hashicorp.repo mode: 0640 + become: true diff --git a/roles/user/secrets/hcv/tasks/install_Ubuntu.yml b/roles/user/secrets/hcv/tasks/install_Ubuntu.yml index 932240d..951d4f0 100644 --- a/roles/user/secrets/hcv/tasks/install_Ubuntu.yml +++ b/roles/user/secrets/hcv/tasks/install_Ubuntu.yml @@ -4,8 +4,10 @@ url: https://apt.releases.hashicorp.com/gpg dest: /etc/apt/keyrings/hashicorp.asc mode: 0640 + become: true - name: Add HashiCorp repository ansible.builtin.apt_repository: repo: "deb [signed-by=/etc/apt/keyrings/hashicorp.gpg] https://apt.releases.hashicorp.com {{ ansible_distribution_release }} main" state: present + become: true diff --git a/roles/user/secrets/hcv/tasks/install_el.yml b/roles/user/secrets/hcv/tasks/install_el.yml index 615f1b6..87d77d3 100644 --- a/roles/user/secrets/hcv/tasks/install_el.yml +++ b/roles/user/secrets/hcv/tasks/install_el.yml @@ -4,3 +4,4 @@ url: https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo dest: /etc/yum.repos.d/hashicorp.repo mode: 0640 + become: true diff --git a/roles/user/secrets/hcv/tasks/main.yml b/roles/user/secrets/hcv/tasks/main.yml index 0ea6c5c..ea55bc9 100644 --- a/roles/user/secrets/hcv/tasks/main.yml +++ b/roles/user/secrets/hcv/tasks/main.yml @@ -1,6 +1,7 @@ --- - name: Install HC Vault via package manager when: ansible_distribution in [ "AlmaLinux", "CentOS", "Fedora", "Ubuntu"] + tags: install block: - name: Enable repository ansible.builtin.include_tasks: "install_{{ ansible_distribution }}.yml" @@ -14,6 +15,7 @@ - name: Install HC Vault to userspace ansible.builtin.include_tasks: install_user.yml when: ansible_distribution not in [ "AlmaLinux", "CentOS", "Fedora", "Ubuntu"] + tags: install - name: Install ‹vssh› script ansible.builtin.copy: