ansible/roles/harbor/tasks/secrets.yaml

- block:
  - name: Set DB namespace for secret lookup
    set_fact:
      db_namespace: "{{ harbor_db_namespace | default(postgres_db_namespace) | default(postgres_namespace) | default(postgres_operator_namespace) | default(namespace) }}"

  - name: Set DB secret name for lookup
    set_fact:
      db_secret_name: "harbor.{{ postgres_db_team | default(namespace) }}-postgres.credentials.postgresql.acid.zalan.do"

  - name: Lookup Harbor DB secret
    set_fact:
      harbor_db_secret: "{{ lookup('k8s', kind='Secret', namespace=db_namespace, resource_name=db_secret_name) }}"

  - debug:
      msg: "{{ harbor_db_secret }}"
      verbosity: 2

  - name: Set Harbor DB username
    set_fact:
      harbor_db_username: "{{ harbor_db_secret.data.username | b64decode }}"

  - name: Set Harbor DB password
    set_fact:
      harbor_db_password: "{{ harbor_db_secret.data.password | b64decode }}"
use harbor for docker and helm 2021-02-01 18:17:48 +00:00			`- block:`
			`- name: Set DB namespace for secret lookup`
			`set_fact:`
			`db_namespace: "{{ harbor_db_namespace \| default(postgres_db_namespace) \| default(postgres_namespace) \| default(postgres_operator_namespace) \| default(namespace) }}"`

			`- name: Set DB secret name for lookup`
			`set_fact:`
			`db_secret_name: "harbor.{{ postgres_db_team \| default(namespace) }}-postgres.credentials.postgresql.acid.zalan.do"`

			`- name: Lookup Harbor DB secret`
			`set_fact:`
			`harbor_db_secret: "{{ lookup('k8s', kind='Secret', namespace=db_namespace, resource_name=db_secret_name) }}"`

			`- debug:`
			`msg: "{{ harbor_db_secret }}"`
			`verbosity: 2`

			`- name: Set Harbor DB username`
			`set_fact:`
			`harbor_db_username: "{{ harbor_db_secret.data.username \| b64decode }}"`

			`- name: Set Harbor DB password`
			`set_fact:`
			`harbor_db_password: "{{ harbor_db_secret.data.password \| b64decode }}"`