Merge "Extract cephx keys from vault encrypted files"

ansible/roles/nova-cell/tasks/external_ceph.yml

@@ -79,26 +79,26 @@
     - Restart nova-libvirt container
 
 - name: Extract nova key from file
-  local_action: shell cat "{{ nova_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }'
+  set_fact:
+    nova_cephx_raw_key: "{{ lookup('file', nova_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
   changed_when: false
   run_once: True
-  register: nova_cephx_raw_key
   when:
     - nova_backend == "rbd"
     - external_ceph_cephx_enabled | bool
 
 - name: Extract cinder key from file
-  local_action: shell cat "{{ cinder_cephx_keyring_file.stat.path }}" | grep -E 'key\s*=' | awk '{ print $3 }'
+  set_fact:
+    cinder_cephx_raw_key: "{{ lookup('file', cinder_cephx_keyring_file.stat.path) | regex_search('key\\s*=.*$', multiline=True) | regex_replace('key\\s*=\\s*(.*)\\s*', '\\1') }}"
   changed_when: false
   run_once: True
-  register: cinder_cephx_raw_key
   when:
     - cinder_backend_ceph | bool
     - external_ceph_cephx_enabled | bool
 
 - name: Pushing secrets key for libvirt
   copy:
-    content: "{{ item.result.stdout }}"
+    content: "{{ item.result }}"
     dest: "{{ node_config_directory }}/nova-libvirt/secrets/{{ item.uuid }}.base64"
     mode: "0600"
   become: true