Обновление проекта

molecule/default/destroy.yml

@@ -18,10 +18,6 @@
         groups: [test]
     kind_clusters: []
     
-    # перечисли файлы/глобы, которые нужно временно расшифровать
-    vault_targets:
-      - /workspace/vault/secrets.yml
-      - /workspace/vault/secret.yml
 
   tasks:
     # =============================================================================
@@ -41,62 +37,6 @@
       when: preset_file is file
       ignore_errors: true
 
-    # =============================================================================
-    # VAULT CLEANUP - Перешифровка файлов перед удалением контейнеров
-    # =============================================================================
-    - name: Vault cleanup operations
-      debug:
-        msg: |
-          ================================================================================
-          VAULT CLEANUP - Перешифровка файлов перед удалением контейнеров
-          ================================================================================
-          Re-encrypting vault files
-          ================================================================================
-
-    - name: Re-encrypt all vault files
-      community.docker.docker_container_exec:
-        container: ansible-controller
-        command: |
-          bash -c '
-          VAULT_TARGETS_JSON="{{ vault_targets | to_json }}"
-          VAULT_PASSWORD_FILE="/workspace/vault/.vault"
-          
-          echo "=== RE-ENCRYPTING ALL VAULT FILES ==="
-          
-          if [ ! -f "$VAULT_PASSWORD_FILE" ]; then
-            echo "Vault password file not found: $VAULT_PASSWORD_FILE"
-            exit 0
-          fi
-          
-          # Парсим JSON массив и перешифровываем каждый файл
-          echo "$VAULT_TARGETS_JSON" | jq -r ".[]" | while read -r target; do
-            echo "Processing target: $target"
-            
-            # Если это glob паттерн, находим файлы
-            if [[ "$target" == *"*"* ]]; then
-              for file in $target; do
-                if [ -f "$file" ] && ! grep -q "ANSIBLE_VAULT" "$file"; then
-                  echo "Re-encrypting file: $file"
-                  ansible-vault encrypt --encrypt-vault-id default --vault-password-file "$VAULT_PASSWORD_FILE" "$file"
-                fi
-              done
-            else
-              # Обычный файл
-              if [ -f "$target" ] && ! grep -q "ANSIBLE_VAULT" "$target"; then
-                echo "Re-encrypting file: $target"
-                ansible-vault encrypt --encrypt-vault-id default --vault-password-file "$VAULT_PASSWORD_FILE" "$target"
-              fi
-            fi
-          done
-          
-          echo "All vault files re-encrypted successfully"
-          
-          # Очистка символических ссылок в vault/
-          echo "Cleaning up vault symlinks..."
-          rm -f /workspace/vault/*.decrypted
-          echo "Vault symlinks cleaned up"
-          '
-      ignore_errors: true
 
     # =============================================================================
     # УДАЛЕНИЕ КОНТЕЙНЕРОВ - Остановка и удаление контейнеров
@@ -176,17 +116,6 @@
       vars:
         # Используем переменную hosts из загруженного пресета
         hosts: "{{ hosts }}"
-    # =============================================================================
-    # ДОПОЛНИТЕЛЬНАЯ ОЧИСТКА - Удаление симлинков vault
-    # =============================================================================
-    - name: Clean up vault symlinks
-      file:
-        path: "{{ item }}"
-        state: absent
-      loop:
-        - /workspace/vault/secrets.yml.decrypted
-        - /workspace/vault/secret.yml.decrypted
-      ignore_errors: true
 
     - name: Display cleanup summary
       debug: