Add ~/.config/validated-patterns in the secret search path

mbaldessari · mbaldessari · commit 5585af0508e2 · 2023-09-05T08:10:30.000+02:00
diff --git a/ansible/roles/vault_utils/README.md b/ansible/roles/vault_utils/README.md
@@ -42,10 +42,16 @@ This relies on [kubernetes.core](https://docs.ansible.com/ansible/latest/collect
 
 ## Values secret file format
 
-Currently this role supports two formats: version 1.0 (which is the assumed default when not specified) and version 2.0.
-The latter is more fatureful and supports generating secrets directly into the vault and also prompting the user for a secret.
-By default, the first file that will looked up is `~/.config/hybrid-cloud-patterns/values-secret-<patternname>.yaml`, then
-`~/values-secret-<patternname>.yaml` and should that not exist it will look for `~/values-secret.yaml`.
+Currently this role supports two formats: version 1.0 (which is the assumed
+default when not specified) and version 2.0. The latter is more fatureful and
+supports generating secrets directly into the vault and also prompting the user
+for a secret.
+
+By default, the first file that will looked up is
+`~/.config/hybrid-cloud-patterns/values-secret-<patternname>.yaml`, then
+`~/.config/validated-patterns/values-secret-<patternname>.yaml`,
+`~/values-secret-<patternname>.yaml` and should that not exist it will look for
+`~/values-secret.yaml`.
 The paths can be overridden by setting the environment variable `VALUES_SECRET` to the path of the
 secret file.
 
diff --git a/ansible/roles/vault_utils/tasks/push_secrets.yaml b/ansible/roles/vault_utils/tasks/push_secrets.yaml
@@ -66,6 +66,7 @@
   vars:
     findme:
       - "~/.config/hybrid-cloud-patterns/values-secret-{{ pattern_name }}.yaml"
+      - "~/.config/validated-patterns/values-secret-{{ pattern_name }}.yaml"
       - "~/values-secret-{{ pattern_name }}.yaml"
       - "~/values-secret.yaml"
       - "{{ pattern_dir }}/values-secret.yaml.template"
