From 8193b1c7f925df54b4f6c1c4b0efadfd2fcd4ed4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jarom=C3=ADr=20Hradil?= <jaromir.hradil@cesnet.cz>
Date: Thu, 29 Aug 2024 11:27:58 +0200
Subject: [PATCH] Refactoring REST path joining

---
 cesnet-central/playbooks/repository-nexus.yaml | 11 +++++++----
 cesnet-mcc/playbooks/gateway.yaml              |  2 +-
 common/playbooks/k8s.yaml                      |  2 +-
 common/playbooks/notebooks.yaml                |  2 +-
 common/playbooks/security-assets.yaml          |  2 +-
 common/playbooks/security-logs.yaml            |  2 +-
 6 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/cesnet-central/playbooks/repository-nexus.yaml b/cesnet-central/playbooks/repository-nexus.yaml
index 96c9cfb..34cb18e 100644
--- a/cesnet-central/playbooks/repository-nexus.yaml
+++ b/cesnet-central/playbooks/repository-nexus.yaml
@@ -3,11 +3,14 @@
   hosts: master
   vars:
     nexus_url: "https://{{ nexus_hostname }}/service/rest/v1"
-    nexus_admin_password: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/nexus_admin_password:value', token_validate=false) }}"
-    nexus_binder_password: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/nexus_binder_password:value', token_validate=false) }}"
-    nexus_notebooks_password: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/nexus_notebooks_password:value',
+    nexus_admin_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_admin_password:value') | join('/'),
+      token_validate=false) }}"
+    nexus_binder_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_binder_password:value') | join('/'),
+      token_validate=false) }}"
+    nexus_notebooks_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_notebooks_password:value') | join('/'),
+      token_validate=false) }}"
+    nexus_writer_password: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'nexus_writer_password:value') | join('/'),
       token_validate=false) }}"
-    nexus_writer_password: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/nexus_writer_password:value', token_validate=false) }}"
     nexus_blobstore_name: default
     nexus_blobstore_type: file
     nexus_repository_name: container-notebooks
diff --git a/cesnet-mcc/playbooks/gateway.yaml b/cesnet-mcc/playbooks/gateway.yaml
index b538b6e..decd33c 100644
--- a/cesnet-mcc/playbooks/gateway.yaml
+++ b/cesnet-mcc/playbooks/gateway.yaml
@@ -10,7 +10,7 @@
       vars:
         name: cesnet-mcc
       set_fact:
-        secrets: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/gateway-' + name, token_validate=false) }}"
+        secrets: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'gateway-' + name) | join('/'), token_validate=false) }}"
     - name: Enterprise Gateway Configuration
       copy:
         dest: /tmp/gateway.yaml
diff --git a/common/playbooks/k8s.yaml b/common/playbooks/k8s.yaml
index 31d9f19..9573b95 100644
--- a/common/playbooks/k8s.yaml
+++ b/common/playbooks/k8s.yaml
@@ -50,7 +50,7 @@
         mode: 0644
     - name: Mails settings
       vars:
-        fip_hostname: "{{ lookup('dig', groups['fip'][0] + '/PTR') | regex_replace('\\.$', '') }}"
+        fip_hostname: "{{ lookup('dig', (groups['fip'][0], 'PTR') | join('/')) | regex_replace('\\.$', '') }}"
       block:
         - name: Global postfix settings
           set_fact:
diff --git a/common/playbooks/notebooks.yaml b/common/playbooks/notebooks.yaml
index 6b068de..4e78571 100644
--- a/common/playbooks/notebooks.yaml
+++ b/common/playbooks/notebooks.yaml
@@ -14,7 +14,7 @@
       vars:
         name: "{{ item | basename | splitext | first }}"
       set_fact:
-        secrets: "{{ secrets|default({}) | combine({name: lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/deployment-' + name,
+        secrets: "{{ secrets|default({}) | combine({name: lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'deployment-' + name)  | join('/'),
           token_validate=false)}) }}"
       with_fileglob:
         - "../deployments/*.yaml"
diff --git a/common/playbooks/security-assets.yaml b/common/playbooks/security-assets.yaml
index d6b041e..8c90747 100644
--- a/common/playbooks/security-assets.yaml
+++ b/common/playbooks/security-assets.yaml
@@ -18,7 +18,7 @@
   tasks:
     - name: Get Secrets From Vault
       set_fact:
-        secret: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/site-' + site_name, token_validate=false) }}"
+        secret: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'site-' + site_name) | join('/'), token_validate=false) }}"
     - name: Debug Secrets
       debug:
         msg: "{{ item.key }} = {{ item.value }}"
diff --git a/common/playbooks/security-logs.yaml b/common/playbooks/security-logs.yaml
index a424e42..ce71315 100644
--- a/common/playbooks/security-logs.yaml
+++ b/common/playbooks/security-logs.yaml
@@ -46,7 +46,7 @@
       when: "'fluent' not in ansible_local.helm_repos | map(attribute='name') | list"
     - name: Get Secrets from Vault
       set_fact:
-        secrets: "{{ lookup('community.hashi_vault.hashi_vault', vault_mount_point + '/site-' + site_name,
+        secrets: "{{ lookup('community.hashi_vault.hashi_vault', (vault_mount_point, 'site-' + site_name) | join('/'),
           token_validate=false) }}"
     - name: Debug Secrets
       debug:
-- 
GitLab