From f5b2bc12acde78c41f570516f39f83dd3211559b Mon Sep 17 00:00:00 2001
From: Andrew Schoen <aschoen@redhat.com>
Date: Fri, 13 Mar 2015 15:51:33 -0500
Subject: [PATCH] Use ansible-vault to encrypt secret vars for redhat setup

We'll do this instead of prompting for these values

Signed-off-by: Andrew Schoen <aschoen@redhat.com>
---
 roles/common/defaults/main.yml      |  8 +++-----
 roles/common/tasks/main.yml         |  2 +-
 roles/common/tasks/setup-redhat.yml |  8 ++++++--
 testnodes.yml                       | 13 -------------
 4 files changed, 10 insertions(+), 21 deletions(-)

diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
index 94f2221..5c8966d 100644
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -1,6 +1,4 @@
 ---
-# you will be prompted to provide these values
-# if you do not provide them, the tasks that need them
-# will be skipped
-subscription_manager_activationkey: "" 
-subscription_manager_org: "" 
+# these are encrypted in vars/redhat.yml
+subscription_manager_activationkey: ""
+subscription_manager_org: ""
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index e5a9678..f046a0d 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,4 +1,4 @@
 ---
 # Setup/install tasks.
- - include: setup-RedHat.yml
+ - include: setup-redhat.yml
    when: ansible_os_family == 'RedHat'
diff --git a/roles/common/tasks/setup-redhat.yml b/roles/common/tasks/setup-redhat.yml
index f469d55..cc13a9c 100644
--- a/roles/common/tasks/setup-redhat.yml
+++ b/roles/common/tasks/setup-redhat.yml
@@ -1,5 +1,9 @@
 ---
-- name: determine if node is registered with subscription-manager
+- name: Include Red Hat encrypted variables.
+  include_vars: redhat.yml
+  no_log: true
+
+- name: Determine if node is registered with subscription-manager.
   command: subscription-manager identity
   register: subscription 
   ignore_errors: yes
@@ -7,7 +11,7 @@
   when: subscription_manager_activationkey and
         subscription_manager_org 
 
-- name: register with subscription-manager
+- name: Register with subscription-manager.
   command: subscription-manager register
            --activationkey={{ subscription_manager_activationkey }}
            --org={{ subscription_manager_org }}
diff --git a/testnodes.yml b/testnodes.yml
index cd4a21a..48a6eb2 100644
--- a/testnodes.yml
+++ b/testnodes.yml
@@ -2,16 +2,3 @@
 - hosts: testnodes
   roles:
     - common
-
-  # get secret vars
-  vars_prompt:
-
-    - name: "subscription_manager_activationkey"
-      prompt: "Enter subscription-manager activationkey"
-      private: no
-      default: false
-
-    - name: "subscription_manager_org"
-      prompt: "Enter subscription-manager org"
-      private: no
-      default: false
-- 
2.39.5