From d5cd823e5af2f4d0bcb732ba9a399e3802cf85a6 Mon Sep 17 00:00:00 2001
From: uumas <gitcommit@uumas.fi>
Date: Sat, 22 Mar 2025 01:31:24 +0200
Subject: [PATCH] container: Move secrets to its own tasks file

---
 roles/container/tasks/main.yaml    | 10 +++-------
 roles/container/tasks/secrets.yaml |  8 ++++++++
 2 files changed, 11 insertions(+), 7 deletions(-)
 create mode 100644 roles/container/tasks/secrets.yaml

diff --git a/roles/container/tasks/main.yaml b/roles/container/tasks/main.yaml
index 5817a30..9f2f280 100644
--- a/roles/container/tasks/main.yaml
+++ b/roles/container/tasks/main.yaml
@@ -22,13 +22,9 @@
   loop_control:
     loop_var: volume
 
-- name: Create secrets for container {{ container_name }}
-  containers.podman.podman_secret:
-    name: "{{ item.name }}"
-    data: "{{ item.value | default(lookup('community.general.random_string', special=false, length=128)) }}"
-    skip_existing: "{{ item.value is not defined }}"
-  no_log: true
-  loop: "{{ container_secrets }}"
+- name: Create secrets
+  ansible.builtin.include_tasks: secrets.yaml
+  when: container_secrets | length > 0
 
 - name: Create container service {{ container_name }}
   containers.podman.podman_container:
diff --git a/roles/container/tasks/secrets.yaml b/roles/container/tasks/secrets.yaml
new file mode 100644
index 0000000..4cd39fb
--- /dev/null
+++ b/roles/container/tasks/secrets.yaml
@@ -0,0 +1,8 @@
+---
+- name: Create secrets for container {{ container_name }}
+  containers.podman.podman_secret:
+    name: "{{ item.name }}"
+    data: "{{ item.value | default(lookup('community.general.random_string', special=false, length=128)) }}"
+    skip_existing: "{{ item.value is not defined }}"
+  no_log: true
+  loop: "{{ container_secrets }}"