Make randomly generated secret length configurable

2025-04-04 21:21:42 +03:00
parent 335656a166
commit 9bb2b24948
3 changed files with 11 additions and 1 deletions
--- a/roles/container/meta/argument_specs.yaml
+++ b/roles/container/meta/argument_specs.yaml
@@ -93,6 +93,11 @@ argument_specs:
              - If the value is not explicitly set, it will not be changed if the secret already exists.
            type: str
            required: false
+          length:
+            description: Length of randomly generated string
+            type: int
+            required: false
+            defalut: 128

      container_env:
        description: A dict of environment variables for the container
--- a/roles/container/tasks/secrets.yaml
+++ b/roles/container/tasks/secrets.yaml
@@ -2,7 +2,7 @@
 - name: Create secrets for container {{ container_name }}
  containers.podman.podman_secret:
    name: "{{ item.name }}"
-    data: "{{ item.value | default(lookup('community.general.random_string', special=false, length=128)) }}"
+    data: "{{ item.value | default(lookup('community.general.random_string', special=false, length=item.length | default(128))) }}"
    skip_existing: "{{ item.value is not defined }}"
  no_log: true
  loop: "{{ container_secrets }}"
--- a/roles/service/meta/argument_specs.yaml
+++ b/roles/service/meta/argument_specs.yaml
@@ -110,6 +110,11 @@ argument_specs:
              - If the value is not explicitly set, it will not be changed if the secret already exists.
            type: str
            required: false
+          length:
+            description: Length of randomly generated string
+            type: int
+            required: false
+            default: 128
      service_container_env:
        description: A dict of environment variables for the service container(s)
        type: dict