blockscout-terraform/roles/s3/tasks/main.yml

- name: Create S3 bucket
  aws_s3:
    bucket: "{{ prefix }}-{{ bucket }}" 
    mode: create
    permission: private

- name: Apply tags and versioning to create S3 bucket
  s3_bucket:
    name: "{{ prefix }}-{{ bucket }}"
    versioning: yes
    tags:
      origin: terraform
      prefix: "{{ prefix }}"

- name: Add lifecycle management policy to created S3 bucket
  s3_lifecycle:
    name: "{{ prefix }}-{{ bucket }}"
    rule_id: "expire"
    noncurrent_version_expiration_days: 90
    status: enabled
    state: present

- name: Check if config file exists 
  stat:
    path: "{{ playbook_dir }}/group_vars/all.yml"
  register: stat_result
  when: upload_config_to_s3|bool == True

- name: Copy temporary file to be uploaded
  command: "cp {{ playbook_dir }}/group_vars/all.yml {{ playbook_dir }}/group_vars/all.yml.temp"
  when: upload_config_to_s3|bool == True

- name: Remove insecure AWS variables
  replace:
    path: "{{ playbook_dir }}/group_vars/all.yml.temp"
    regexp: 'aws_.*'
    replace: '<There was an aws-related insecure variable to keep at S3. Removed>'
  when: upload_config_to_s3|bool == True

- name: Remove other insecure variables
  replace:
    path: "{{ playbook_dir }}/group_vars/all.yml.temp"
    regexp: 'secret_.*'
    replace: '<There was an insecure variable to keep at S3. Removed>'
  when: upload_config_to_s3|bool == True

- name: Upload config to S3 bucket
  aws_s3:
    bucket: "{{ prefix }}-{{ bucket }}"
    object: all.yml
    src: "{{ playbook_dir }}/group_vars/all.yml.temp"
    mode: put
  when: upload_config_to_s3|bool == True and stat_result.stat.exists == True

- name: Remove temp file
  file:
    path: "{{ playbook_dir }}/group_vars/all.yml.temp"
    state: absent
  when: upload_config_to_s3|bool == True
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`- name: Create S3 bucket`
fixed checks and modified roles 2019-02-23 12:47:43 -08:00			`aws_s3:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`bucket: "{{ prefix }}-{{ bucket }}"`
fixed checks and modified roles 2019-02-23 12:47:43 -08:00			`mode: create`
fixes after beta testing 2019-02-23 16:16:07 -08:00			`permission: private`
fixed checks and modified roles 2019-02-23 12:47:43 -08:00
			`- name: Apply tags and versioning to create S3 bucket`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`s3_bucket:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`name: "{{ prefix }}-{{ bucket }}"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`versioning: yes`
			`tags:`
			`origin: terraform`
			`prefix: "{{ prefix }}"`

			`- name: Add lifecycle management policy to created S3 bucket`
			`s3_lifecycle:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`name: "{{ prefix }}-{{ bucket }}"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`rule_id: "expire"`
			`noncurrent_version_expiration_days: 90`
			`status: enabled`
			`state: present`

			`- name: Check if config file exists`
			`stat:`
			`path: "{{ playbook_dir }}/group_vars/all.yml"`
			`register: stat_result`
			`when: upload_config_to_s3\|bool == True`

Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`- name: Copy temporary file to be uploaded`
			`command: "cp {{ playbook_dir }}/group_vars/all.yml {{ playbook_dir }}/group_vars/all.yml.temp"`
			`when: upload_config_to_s3\|bool == True`

remove more insecured variables if upload config to s3 2019-03-21 04:28:04 -07:00			`- name: Remove insecure AWS variables`
Add bug which didnt allow to change s3 bucket name 2019-02-27 04:40:23 -08:00			`replace:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`path: "{{ playbook_dir }}/group_vars/all.yml.temp"`
			`regexp: 'aws_.*'`
remove more insecured variables if upload config to s3 2019-03-21 04:28:04 -07:00			`replace: '<There was an aws-related insecure variable to keep at S3. Removed>'`
			`when: upload_config_to_s3\|bool == True`

			`- name: Remove other insecure variables`
			`replace:`
			`path: "{{ playbook_dir }}/group_vars/all.yml.temp"`
			`regexp: 'secret_.*'`
			`replace: '<There was an insecure variable to keep at S3. Removed>'`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`when: upload_config_to_s3\|bool == True`

Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`- name: Upload config to S3 bucket`
fixed checks and modified roles 2019-02-23 12:47:43 -08:00			`aws_s3:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`bucket: "{{ prefix }}-{{ bucket }}"`
fixes after beta testing 2019-02-23 16:16:07 -08:00			`object: all.yml`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`src: "{{ playbook_dir }}/group_vars/all.yml.temp"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`mode: put`
fix logic bug 2019-04-09 09:17:59 -07:00			`when: upload_config_to_s3\|bool == True and stat_result.stat.exists == True`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00
			`- name: Remove temp file`
			`file:`
Add bug which didnt allow to change s3 bucket name 2019-02-27 04:40:23 -08:00			`path: "{{ playbook_dir }}/group_vars/all.yml.temp"`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`state: absent`
			`when: upload_config_to_s3\|bool == True`