Create a new postgres configuration secret when restoring a new instance

ansible · Apr 4, 2024 · 4418233 · 4418233
1 parent d1f9b7f
commit 4418233
Showing 1 changed file with 20 additions and 2 deletions.
diff --git a/roles/restore/tasks/secrets.yml b/roles/restore/tasks/secrets.yml
@@ -26,6 +26,18 @@
   include_vars: "{{ tmp_secrets.path }}"
   no_log: "{{ no_log }}"
 
+- name: If deployment is managed, set the new postgres_configuration_secret name
+  block:
+  - name: Set new postgres_configuration_secret name
+    set_fact:
+      _generated_pg_secret_name: "{{ deployment_name }}-postgres-configuration"
+
+  - name: Override postgres_configuration_secret
+    set_fact:
+      spec:
+        "{{ spec | combine({'postgres_configuration_secret': _generated_pg_secret_name}, recursive=True) }}"
+  when: secrets['postgresConfigurationSecret']['data']['type'] | b64decode == 'managed'
+
 - name: If deployment is managed, set the database_host in the pg config secret
   block:
     - name: Set new database host
@@ -38,12 +50,18 @@
         _pg_secret: "{{ secrets['databaseConfigurationSecret'] }}"
       no_log: "{{ no_log }}"
 
-    - name: Change postgres host value
+    - name: Change postgres host and name value
       set_fact:
         _pg_data: "{{ _pg_secret['data'] | combine({'host': database_host | b64encode }) }}"
+        _pg_secret_name: "{{ deployment_name }}-postgres-configuration"
+      no_log: "{{ no_log }}"
+
+    - name: Override postgres secret name
+      set_fact:
+        _pg_secret: "{{ _pg_secret | combine({'name': _pg_secret_name}) }}"
       no_log: "{{ no_log }}"
 
-    - name: Create a postgres secret with the new host value
+    - name: Override postgres secret host with new Postgres service
       set_fact:
         _pg_secret: "{{ _pg_secret | combine({'data': _pg_data}) }}"
       no_log: "{{ no_log }}"