testing

2024-12-31 22:29:53 -05:00 · 2024-12-31 22:29:53 -05:00 · 5b19d40aed
commit 5b19d40aed
parent 1335f6c437
2 changed files with 8 additions and 6 deletions
--- a/.forgejo/workflows/CD.yml
+++ b/.forgejo/workflows/CD.yml
@ -156,5 +156,5 @@ jobs:
          ANSIBLE_CONFIG: ansible/ansible.cfg
        run: |
          ansible-playbook -i ansible/hosts.ini ./ansible/playbooks/deploy-docker.yml \
-            --extra-vars "target_host=${{ env.target_host }} folder=${{ env.folder }}"
+            --extra-vars "target_host=${{ env.target_host }} folder=${{ env.folder }} bw_access_token=${{ secrets.BW_ACCESS_TOKEN }}"

--- a/ansible/playbooks/deploy-docker.yml
+++ b/ansible/playbooks/deploy-docker.yml
@ -14,12 +14,14 @@
      ansible.builtin.set_fact:
        secret_mapping: "{{ secret_mapping_content['content'] | b64decode | from_yaml }}"

-    - name: Generate .env content
-      vars:
-        env_variables: "{{ secret_mapping[target_host]['env_variables'] | default({}) }}"
-      ansible.builtin.template:
-        src: env_template.j2
+    - name: Write .env file to target host
+      ansible.builtin.copy:
        dest: "{{ repo_path }}/.env"
+        content: |
+          {% for key, secret_id in env_variables.items() %}
+          {{ key }}={{ lookup('community.general.bws', secret_id, base_url='https://vault.bitwarden.com', access_token=bw_access_token) }}
+          {% endfor %}
+

    - name: Verify .env file content
      ansible.builtin.shell: cat "{{ repo_path }}/.env"