Disable vault role properly on ansible 2.2.0

when condition does not seem to work correctly at playbook level for ansible 2.2.0.
8 years ago · 45274560ec
2 changed files with 3 additions and 8 deletions
--- a/roles/kubernetes/secrets/tasks/main.yml
+++ b/roles/kubernetes/secrets/tasks/main.yml
@ -71,8 +71,7 @@
  delegate_to: "{{groups['kube-master'][0]}}"
  when: gen_tokens|default(false)

- include: gen_certs_script.yml
-  when: cert_management == "script"
+- include: "gen_certs_{{ cert_management }}.yml"
  tags: k8s-secrets

 - include: sync_kube_master_certs.yml
@ -83,9 +82,5 @@
  when: cert_management == "vault" and inventory_hostname in groups['k8s-cluster']
  tags: k8s-secrets

- include: gen_certs_vault.yml
-  when: cert_management == "vault"
-  tags: k8s-secrets
-
 - include: gen_tokens.yml
  tags: k8s-secrets
--- a/roles/vault/tasks/main.yml
+++ b/roles/vault/tasks/main.yml
@ -12,8 +12,8 @@

 ## Bootstrap
 - include: bootstrap/main.yml
-  when: vault_bootstrap | d()
+  when: cert_management == 'vault' and vault_bootstrap | d()

 ## Cluster
 - include: cluster/main.yml
-  when: not vault_bootstrap | d()
+  when: cert_management == 'vault' and not vault_bootstrap | d()