diff --git a/apps/accounts/automations/change_secret/database/mysql/main.yml b/apps/accounts/automations/change_secret/database/mysql/main.yml index a423064d3..f36eff171 100644 --- a/apps/accounts/automations/change_secret/database/mysql/main.yml +++ b/apps/accounts/automations/change_secret/database/mysql/main.yml @@ -3,7 +3,7 @@ vars: ansible_python_interpreter: /opt/py3/bin/python db_name: "{{ jms_asset.spec_info.db_name }}" - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Test MySQL connection @@ -12,10 +12,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version register: db_info @@ -29,10 +29,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" name: "{{ account.username }}" password: "{{ account.secret }}" host: "%" @@ -46,8 +46,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version diff --git a/apps/accounts/automations/gather_accounts/database/mysql/main.yml b/apps/accounts/automations/gather_accounts/database/mysql/main.yml index 4b77359fc..e36925209 100644 --- a/apps/accounts/automations/gather_accounts/database/mysql/main.yml +++ b/apps/accounts/automations/gather_accounts/database/mysql/main.yml @@ -2,7 +2,7 @@ gather_facts: no vars: ansible_python_interpreter: /opt/py3/bin/python - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Get info @@ -11,10 +11,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: users register: db_info diff --git a/apps/accounts/automations/push_account/database/mysql/main.yml b/apps/accounts/automations/push_account/database/mysql/main.yml index a423064d3..f36eff171 100644 --- a/apps/accounts/automations/push_account/database/mysql/main.yml +++ b/apps/accounts/automations/push_account/database/mysql/main.yml @@ -3,7 +3,7 @@ vars: ansible_python_interpreter: /opt/py3/bin/python db_name: "{{ jms_asset.spec_info.db_name }}" - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Test MySQL connection @@ -12,10 +12,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version register: db_info @@ -29,10 +29,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" name: "{{ account.username }}" password: "{{ account.secret }}" host: "%" @@ -46,8 +46,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version diff --git a/apps/accounts/automations/verify_account/database/mysql/main.yml b/apps/accounts/automations/verify_account/database/mysql/main.yml index 91de7fc9f..e2768d2c2 100644 --- a/apps/accounts/automations/verify_account/database/mysql/main.yml +++ b/apps/accounts/automations/verify_account/database/mysql/main.yml @@ -2,7 +2,7 @@ gather_facts: no vars: ansible_python_interpreter: /opt/py3/bin/python - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Verify account @@ -11,8 +11,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version diff --git a/apps/assets/automations/gather_facts/database/mysql/main.yml b/apps/assets/automations/gather_facts/database/mysql/main.yml index 06c6c9bd4..348a2150d 100644 --- a/apps/assets/automations/gather_facts/database/mysql/main.yml +++ b/apps/assets/automations/gather_facts/database/mysql/main.yml @@ -2,7 +2,7 @@ gather_facts: no vars: ansible_python_interpreter: /opt/py3/bin/python - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Get info @@ -11,10 +11,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version register: db_info diff --git a/apps/assets/automations/ping/database/mysql/main.yml b/apps/assets/automations/ping/database/mysql/main.yml index f24c95233..f99333bdb 100644 --- a/apps/assets/automations/ping/database/mysql/main.yml +++ b/apps/assets/automations/ping/database/mysql/main.yml @@ -2,7 +2,7 @@ gather_facts: no vars: ansible_python_interpreter: /opt/py3/bin/python - jms_use_ssl: "{{ jms_asset.spec_info.use_ssl }}" + check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" tasks: - name: Test MySQL connection @@ -11,8 +11,8 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" - check_hostname: "{{ omit if not jms_use_ssl else jms_asset.spec_info.allow_invalid_cert }}" - ca_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.ca_cert }}" - client_cert: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_cert }}" - client_key: "{{ omit if not jms_use_ssl else jms_asset.secret_info.client_key }}" + check_hostname: "{{ check_ssl if check_ssl else omit }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert | default(omit) if check_ssl else omit }}" + client_cert: "{{ jms_asset.secret_info.client_cert | default(omit) if check_ssl else omit }}" + client_key: "{{ jms_asset.secret_info.client_key | default(omit) if check_ssl else omit }}" filter: version