From 79f1be5cbe4594816f448e8d529071d86116be03 Mon Sep 17 00:00:00 2001
From: uumas <gitcommit@uumas.fi>
Date: Tue, 19 Nov 2024 22:27:29 +0200
Subject: [PATCH] service: move secrets definition from set_fact to vars

---
 roles/service/tasks/main.yaml |  9 ---------
 roles/service/vars/main.yaml  | 11 +++++++++++
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/roles/service/tasks/main.yaml b/roles/service/tasks/main.yaml
index a4b1869..5e523f4 100644
--- a/roles/service/tasks/main.yaml
+++ b/roles/service/tasks/main.yaml
@@ -6,15 +6,6 @@
   ansible.builtin.set_fact:
     _service_container_mounts: []
     _service_container_requires: "{{ service_requires }}"
-    _service_container_secrets: []
-
-- name: Secrets definition for {{ service_name }}
-  ansible.builtin.set_fact:
-    _service_container_secrets: "{{ _service_container_secrets + [secret | combine({'name': service_name ~ '-' ~ secret.name})] }}"
-  no_log: true
-  loop: "{{ service_container_secrets }}"
-  loop_control:
-    loop_var: secret
 
 - name: Databse for {{ service_name }}
   ansible.builtin.include_tasks: database.yaml
diff --git a/roles/service/vars/main.yaml b/roles/service/vars/main.yaml
index c3c21af..2bda011 100644
--- a/roles/service/vars/main.yaml
+++ b/roles/service/vars/main.yaml
@@ -1,3 +1,14 @@
 ---
 _service_template_mounts: "{{ service_container_mounts | selectattr('type', '==', 'template') | list }}"
 _service_host_directory: "/srv/{{ service_name }}"
+
+_service_container_secrets: >
+  {{
+    service_container_secrets
+      | zip(service_container_secrets
+        | map(attribute='name')
+        | map('regex_replace', '^', service_name ~ '-')
+        | map('community.general.dict_kv', 'name')
+        )
+      | map('combine')
+  }}