From c4e3bcde6230809077e8a025e19190588d91fa6a Mon Sep 17 00:00:00 2001
From: Matej Focko <me@mfocko.xyz>
Date: Sun, 29 Dec 2024 17:51:21 +0100
Subject: [PATCH] fix(secrets_hcv): fix DEB package install

* Install HC Vault on both Debian and Ubuntu in the same way
* Fix the branching for userspace install vs package manager install

Signed-off-by: Matej Focko <me@mfocko.xyz>
---
 roles/secrets_hcv/tasks/install_Debian.yml |  1 +
 roles/secrets_hcv/tasks/install_Ubuntu.yml | 14 +-------------
 roles/secrets_hcv/tasks/install_deb.yml    | 12 ++++++++++++
 roles/secrets_hcv/tasks/main.yml           |  4 ++--
 4 files changed, 16 insertions(+), 15 deletions(-)
 create mode 120000 roles/secrets_hcv/tasks/install_Debian.yml
 mode change 100644 => 120000 roles/secrets_hcv/tasks/install_Ubuntu.yml
 create mode 100644 roles/secrets_hcv/tasks/install_deb.yml

diff --git a/roles/secrets_hcv/tasks/install_Debian.yml b/roles/secrets_hcv/tasks/install_Debian.yml
new file mode 120000
index 0000000..38e6c00
--- /dev/null
+++ b/roles/secrets_hcv/tasks/install_Debian.yml
@@ -0,0 +1 @@
+install_deb.yml
\ No newline at end of file
diff --git a/roles/secrets_hcv/tasks/install_Ubuntu.yml b/roles/secrets_hcv/tasks/install_Ubuntu.yml
deleted file mode 100644
index 951d4f0..0000000
--- a/roles/secrets_hcv/tasks/install_Ubuntu.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: Add HashiCorp GPG Key
-  ansible.builtin.get_url:
-    url: https://apt.releases.hashicorp.com/gpg
-    dest: /etc/apt/keyrings/hashicorp.asc
-    mode: 0640
-  become: true
-
-- name: Add HashiCorp repository
-  ansible.builtin.apt_repository:
-    repo: "deb [signed-by=/etc/apt/keyrings/hashicorp.gpg] https://apt.releases.hashicorp.com {{ ansible_distribution_release }} main"
-    state: present
-  become: true
diff --git a/roles/secrets_hcv/tasks/install_Ubuntu.yml b/roles/secrets_hcv/tasks/install_Ubuntu.yml
new file mode 120000
index 0000000..38e6c00
--- /dev/null
+++ b/roles/secrets_hcv/tasks/install_Ubuntu.yml
@@ -0,0 +1 @@
+install_deb.yml
\ No newline at end of file
diff --git a/roles/secrets_hcv/tasks/install_deb.yml b/roles/secrets_hcv/tasks/install_deb.yml
new file mode 100644
index 0000000..44fd050
--- /dev/null
+++ b/roles/secrets_hcv/tasks/install_deb.yml
@@ -0,0 +1,12 @@
+---
+- name: Add HashiCorp repository
+  ansible.builtin.deb822_repository:
+    name: hashicorp
+    types: deb
+    uris: https://apt.releases.hashicorp.com
+    suites: "{{ ansible_distribution_release }}"
+    components:
+      - main
+    signed_by: https://apt.releases.hashicorp.com/gpg
+    state: present
+  become: true
diff --git a/roles/secrets_hcv/tasks/main.yml b/roles/secrets_hcv/tasks/main.yml
index 43c8b75..9250c7d 100644
--- a/roles/secrets_hcv/tasks/main.yml
+++ b/roles/secrets_hcv/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Install HC Vault via package manager
-  when: ansible_distribution in [ "AlmaLinux", "CentOS", "Fedora", "Rocky", "Ubuntu"]
+  when: ansible_distribution in [ "AlmaLinux", "CentOS", "Debian", "Fedora", "Rocky", "Ubuntu" ]
   tags: install
   block:
     - name: Enable repository
@@ -14,7 +14,7 @@
 
 - name: Install HC Vault to userspace
   ansible.builtin.include_tasks: install_user.yml
-  when: ansible_distribution not in [ "AlmaLinux", "CentOS", "Fedora", "Ubuntu"]
+  when: ansible_distribution not in [ "AlmaLinux", "CentOS", "Debian", "Fedora", "Rocky", "Ubuntu" ]
   tags: install
 
 - name: Install ‹vssh› script