blsmith/dc-deployments-automation
1
0
Fork 0
mirror of https://bitbucket.org/atlassian/dc-deployments-automation.git synced 2025-12-13 00:13:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

ITPLT-3591 allow basic_auth creds from secrets_manager

Browse Source
This commit is contained in:
bmeehan
2024-03-13 09:11:19 +11:00
parent 036a8e69b4
commit a44d3f8145
2 changed files with 25 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/bitbucket_mesh/defaults/main.yml
View File

@@ -1,3 +1,7 @@
mesh_install_dir: /opt/atlassian/mesh
bitbucket_mesh_maven_repo: https://packages.atlassian.com/maven-external
bitbucket_mesh_version: "1.3.1"
bitbucket_mesh_version: "1.3.1"
# if basic_auth is required for download of atlassian installable artifact, provide the name of an AWS Secrets Manager secret
# with values for both password and username
atl_download_secret_name: ''

24
roles/bitbucket_mesh/tasks/main.yml
View File

@@ -13,15 +13,31 @@
- "{{ atl_home_base }}/{{ atl_product_user }}"
- "{{ mesh_install_dir }}"
# optionally grab basic_auth creds from secrets_manager secret called 'download_atlassian'
- name: set basic_auth facts if the secret exists
ansible.builtin.set_fact:
download_atlassian_password: "{{ lookup('amazon.aws.aws_secret', atl_download_secret_name + '.password', region=ansible_ec2_placement_region, bypath=false, nested=true, on_denied='skip', on_missing='skip') }}"
download_atlassian_username: "{{ lookup('amazon.aws.aws_secret', atl_download_secret_name + '.username', region=ansible_ec2_placement_region, bypath=false, nested=true, on_denied='skip', on_missing='skip') }}"
failed_when: false
ignore_errors: yes
no_log: true
when:
- ansible_ec2_placement_region is defined
- atl_download_secret_name is defined
tags:
- runtime_pkg
- name: download the mesh distribution using maven
community.general.maven_artifact:
group_id: "com.atlassian.bitbucket.mesh"
artifact_id: "mesh-distribution"
extension: "tar.gz"
version: "{{ atl_product_version }}"
repository_url: "{{ bitbucket_mesh_maven_repo }}"
dest: "{{ mesh_install_dir }}"
extension: "tar.gz"
group_id: "com.atlassian.bitbucket.mesh"
keep_name: yes
password: "{{ download_atlassian_password | default(omit) }}"
repository_url: "{{ bitbucket_mesh_maven_repo }}"
username: "{{ download_atlassian_username | default(omit) }}"
version: "{{ atl_product_version }}"
mode: "0644"
owner: "{{ atl_product_user_uid }}"
group: "{{ atl_product_user_uid }}"