skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml - buildbot - Git at Google

 ---
 # tasks file for load-secret-vars
 - name: mktemp
   delegate_to: 127.0.0.1
   tempfile:
     state: directory
   register: secrets_dir

 - name: Extract secrets and trigger `clean_up_tempfile` handler for cleanup.
   delegate_to: 127.0.0.1
   command:
     argv:
       - '{{ role_path }}/../../../../../kube/secrets/get-secret-at-path.sh'
       - etc
       - ansible-secret-vars
       - '.data."secrets.yml"'
       - '{{ secrets_dir.path }}/secrets.yml'
     creates: '{{ secrets_dir.path }}/secrets.yml'
   notify: clean_up_tempfile

 - name: Import secrets as vars
   include_vars:
     file: '{{ secrets_dir.path }}/secrets.yml'
	---
	# tasks file for load-secret-vars
	- name: mktemp
	delegate_to: 127.0.0.1
	tempfile:
	state: directory
	register: secrets_dir

	- name: Extract secrets and trigger `clean_up_tempfile` handler for cleanup.
	delegate_to: 127.0.0.1
	command:
	argv:
	- '{{ role_path }}/../../../../../kube/secrets/get-secret-at-path.sh'
	- etc
	- ansible-secret-vars
	- '.data."secrets.yml"'
	- '{{ secrets_dir.path }}/secrets.yml'
	creates: '{{ secrets_dir.path }}/secrets.yml'
	notify: clean_up_tempfile

	- name: Import secrets as vars
	include_vars:
	file: '{{ secrets_dir.path }}/secrets.yml'