---
-- name: Build scoped path
+- name: Set scope variables
set_fact:
- rundeck_key_full_path: "{{ rundeck_keys_scoped_by_project | default(true) | ternary('project/' + rundeck_project + '/' + key_group_path, key_group_path) }}"
+ rundeck_keys_base_path: "{{ rundeck_keys_scoped_by_project | default(true) | ternary('project/' + rundeck_project + '/' + rundeck_keys_group_path, rundeck_keys_group_path) }}"
vars:
group_name: "{{ rundeck_jobs_group | default('') }}"
- key_group_path: "{{ rundeck_keys_scoped_by_group | default((group_name|length) > 0) | ternary(group_name + '/' + item.path, item.path) }}"
+ rundeck_keys_group_path: "{{ rundeck_keys_scoped_by_group | default((group_name|length) > 0) | ternary(group_name, '') }}"
-- name: Check key existence
- uri:
- url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
- method: GET
- headers:
- Accept: application/json
- X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
- status_code: [200, 404]
- register: rundeck_existing_key
+- name: Include rundeck key
+ include_tasks: key.yml
+ with_items: "{{ rundeck_jobs_keys }}"
+
+- name: Get all stored keys
+ script:
+ cmd: "{{ role_path }}/files/fetch_keys.sh {{ rundeck_api_url }}/{{ rundeck_api_version }} {{ rundeck_api_token }} keys/{{ rundeck_keys_base_path }}"
+ register: rundeck_existing_keys
+ when: rundeck_remove_missing_keys
-- name: Set method
+- name: "Prepare list of keys to remove"
set_fact:
- rundeck_key_uri_method: "{{ (rundeck_existing_key.status == 404) | ternary('POST', 'PUT') }}"
+ rundeck_existing_keys: "{{ rundeck_existing_keys.stdout_lines | list }}"
+ rundeck_known_keys: "{{ rundeck_jobs_keys | map(attribute='path') | list }}"
+ when: rundeck_remove_missing_keys
-- name: Import key
+- name: "Remove jobs not declared"
uri:
- url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_key_full_path }}"
- method: "{{ rundeck_key_uri_method }}"
+ url: "{{ rundeck_api_url }}/{{ rundeck_api_version }}/storage/keys/{{ rundeck_keys_base_path }}/{{ item }}"
+ method: DELETE
headers:
Accept: application/json
- Content-Type: "{{ item.type }}"
X-Rundeck-Auth-Token: "{{ rundeck_api_token }}"
- status_code: [200, 201]
- body: "{{ item.value }}"
- body_format: raw
+ status_code: [204, 404]
+ with_items: "{{ rundeck_existing_keys | difference(rundeck_known_keys) }}"
+ when: rundeck_remove_missing_keys