48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
---
|
|
- name: Create OPA configuration directory
|
|
file:
|
|
path: "{{ openpolicyagent_config_path }}"
|
|
state: directory
|
|
owner: "{{ openpolicyagent_user }}"
|
|
group: "{{ openpolicyagent_group }}"
|
|
mode: "0755"
|
|
|
|
- name: Create OPA config.d directory
|
|
file:
|
|
path: "{{ openpolicyagent_config_d_path }}"
|
|
state: directory
|
|
owner: "{{ openpolicyagent_user }}"
|
|
group: "{{ openpolicyagent_group }}"
|
|
mode: "0755"
|
|
|
|
- name: Merge OPA dictionary configuration
|
|
openpolicyagent_merge:
|
|
suffix: _openpolicyagent_{{ item }}
|
|
var_name: openpolicyagent_{{ item }}_merged
|
|
type: list
|
|
loop:
|
|
- services
|
|
- bundles
|
|
|
|
- name: Merge OPA dictionary configuration
|
|
openpolicyagent_merge:
|
|
suffix: _openpolicyagent_{{ item }}
|
|
var_name: openpolicyagent_{{ item }}_merged
|
|
loop:
|
|
- labels
|
|
- plugins
|
|
|
|
- name: Generate final configuration
|
|
openpolicyagent_config_generate:
|
|
config: "{{ openpolicyagent_config }}"
|
|
var_name: openpolicyagent_config
|
|
|
|
- name: Deploy generated configuration
|
|
copy:
|
|
content: "{{ openpolicyagent_config | to_nice_yaml(indent=2) }}"
|
|
dest: "{{ openpolicyagent_config_file }}"
|
|
owner: "{{ openpolicyagent_user }}"
|
|
group: "{{ openpolicyagent_group }}"
|
|
mode: "0600"
|
|
validate: "{{ openpolicyagent_bin }}/opa run --addr :8182 --shutdown-grace-period 1 --config-file '%s'"
|
|
notify: Restart OPA
|