♻️ refactor(ansible): move gitea secret user-propagation list to inventory (#4)
Co-authored-by: Gabriel Radureau <arcodange@gmail.com> Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
This commit was merged in pull request #4.
This commit is contained in:
11
ansible/arcodange/factory/inventory/group_vars/all/gitea.yml
Normal file
11
ansible/arcodange/factory/inventory/group_vars/all/gitea.yml
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
---
|
||||||
|
# Gitea ownership configuration consumed by playbooks running on `localhost`
|
||||||
|
# (e.g. tools/hashicorp_vault.yml). Role-level defaults (gitea_username,
|
||||||
|
# gitea_organization) live in roles/gitea_secret/defaults/main.yml ; this file
|
||||||
|
# is for fact lists that the inventory should declare.
|
||||||
|
|
||||||
|
# Users (Gitea owner_type=user) to which org-level Gitea Action secrets must
|
||||||
|
# also be propagated. Repos owned by these users cannot read org-level secrets,
|
||||||
|
# so the secret propagation playbook iterates over this list.
|
||||||
|
gitea_secret_propagation_users:
|
||||||
|
- arcodange
|
||||||
@@ -123,7 +123,6 @@
|
|||||||
}) | b64encode }}
|
}) | b64encode }}
|
||||||
gitea_owner_type: 'user'
|
gitea_owner_type: 'user'
|
||||||
gitea_owner_name: '{{ item }}'
|
gitea_owner_name: '{{ item }}'
|
||||||
loop:
|
loop: '{{ gitea_secret_propagation_users }}'
|
||||||
- arcodange
|
|
||||||
loop_control:
|
loop_control:
|
||||||
label: '{{ item }}'
|
label: '{{ item }}'
|
||||||
Reference in New Issue
Block a user