diff --git a/roles/cloud-azure/tasks/main.yml b/roles/cloud-azure/tasks/main.yml index d3b831a..252894b 100644 --- a/roles/cloud-azure/tasks/main.yml +++ b/roles/cloud-azure/tasks/main.yml @@ -2,13 +2,17 @@ - set_fact: resource_group: "Algo_{{ region }}" + secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET'), true) }}" + tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT'), true) }}" + client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID'), true) }}" + subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID'), true) }}" - name: Create a resource group azure_rm_resourcegroup: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" name: "{{ resource_group }}" location: "{{ region }}" tags: @@ -16,10 +20,10 @@ - name: Create a virtual network azure_rm_virtualnetwork: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" resource_group: "{{ resource_group }}" name: algo_net address_prefixes: "10.10.0.0/16" @@ -28,10 +32,10 @@ - name: Create a security group azure_rm_securitygroup: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" resource_group: "{{ resource_group }}" name: AlgoSecGroup purge_rules: yes @@ -57,10 +61,10 @@ - name: Create a subnet azure_rm_subnet: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" resource_group: "{{ resource_group }}" name: algo_subnet address_prefix: "10.10.0.0/24" @@ -71,10 +75,10 @@ - name: Create an instance azure_rm_virtualmachine: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" resource_group: "{{ resource_group }}" admin_username: ubuntu virtual_network: algo_net @@ -100,10 +104,10 @@ - name: Ensure the network interface includes all required parameters azure_rm_networkinterface: - secret: "{{ azure_secret | default(lookup('env','AZURE_SECRET')) }}" - tenant: "{{ azure_tenant | default(lookup('env','AZURE_TENANT')) }}" - client_id: "{{ azure_client_id | default(lookup('env','AZURE_CLIENT_ID')) }}" - subscription_id: "{{ azure_subscription_id | default(lookup('env','AZURE_SUBSCRIPTION_ID')) }}" + secret: "{{ secret }}" + tenant: "{{ tenant }}" + client_id: "{{ client_id }}" + subscription_id: "{{ subscription_id }}" name: "{{ networkinterface_name }}" resource_group: "{{ resource_group }}" virtual_network_name: algo_net diff --git a/roles/cloud-digitalocean/tasks/main.yml b/roles/cloud-digitalocean/tasks/main.yml index 28dd7f1..15fbbd9 100644 --- a/roles/cloud-digitalocean/tasks/main.yml +++ b/roles/cloud-digitalocean/tasks/main.yml @@ -1,6 +1,6 @@ - name: Set the DigitalOcean Access Token fact set_fact: - do_token: "{{ do_access_token | default(lookup('env','DO_API_TOKEN')) }}" + do_token: "{{ do_access_token | default(lookup('env','DO_API_TOKEN'), true) }}" public_key: "{{ lookup('file', '{{ SSH_keys.public }}') }}" - block: diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml index 46a2942..dfb3b1f 100644 --- a/roles/cloud-ec2/tasks/main.yml +++ b/roles/cloud-ec2/tasks/main.yml @@ -1,7 +1,11 @@ +- set_fact: + access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true) }}" + secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'), true) }}" + - name: Locate official Ubuntu 16.04 AMI for region ec2_ami_find: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" name: "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*" owner: 099720109477 sort: creationDate @@ -18,8 +22,8 @@ - name: Add ssh public key ec2_key: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" name: VPNKEY region: "{{ region }}" key_material: "{{ item }}" @@ -28,8 +32,8 @@ - name: Configure EC2 virtual private clouds ec2_vpc: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" state: present resource_tags: { "Environment":"Algo" } region: "{{ region }}" @@ -42,8 +46,8 @@ - name: Set up Public Subnets Route Table ec2_vpc_route_table: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" vpc_id: "{{ vpc.vpc_id }}" region: "{{ region }}" state: present @@ -58,8 +62,8 @@ - name: Configure EC2 security group ec2_group: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" name: vpn-secgroup description: Security group for VPN servers region: "{{ region }}" @@ -85,8 +89,8 @@ - name: Launch instance ec2: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" keypair: "VPNKEY" vpc_subnet_id: "{{ vpc.subnets[0].id }}" group: vpn-secgroup @@ -120,8 +124,8 @@ - name: Get EC2 instances ec2_remote_facts: - aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" - aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" region: "{{ region }}" filters: instance-state-name: running diff --git a/roles/cloud-gce/tasks/main.yml b/roles/cloud-gce/tasks/main.yml index fce69ce..08a380e 100644 --- a/roles/cloud-gce/tasks/main.yml +++ b/roles/cloud-gce/tasks/main.yml @@ -1,5 +1,5 @@ - set_fact: - credentials_file_path: "{{ credentials_file | default(lookup('env','GCE_CREDENTIALS_FILE_PATH')) }}" + credentials_file_path: "{{ credentials_file | default(lookup('env','GCE_CREDENTIALS_FILE_PATH'), true) }}" ssh_public_key_lookup: "{{ lookup('file', '{{ SSH_keys.public }}') }}" - set_fact: