From 2ef52cdf56b9d6ae39d5750b6233651e51afdf8b Mon Sep 17 00:00:00 2001
From: "Christian M. Adams" <chadams@redhat.com>
Date: Thu, 11 Jan 2024 21:12:53 -0500
Subject: [PATCH] Account for corner case where pre-existing generated secret
 exists - If a secret by the name awx-secret-key exists in the namespace   and
 a custom secret_key_secret is specified, the secret name set will   be
 incorrect, resulting in an incorrect status.

Signed-off-by: Christian M. Adams <chadams@redhat.com>
---
 roles/installer/tasks/admin_password_configuration.yml     | 6 ++++--
 .../installer/tasks/broadcast_websocket_configuration.yml  | 6 ++++--
 roles/installer/tasks/database_configuration.yml           | 7 ++++---
 roles/installer/tasks/secret_key_configuration.yml         | 6 ++++--
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/roles/installer/tasks/admin_password_configuration.yml b/roles/installer/tasks/admin_password_configuration.yml
index 4896d1f2eb..30d6c74c36 100644
--- a/roles/installer/tasks/admin_password_configuration.yml
+++ b/roles/installer/tasks/admin_password_configuration.yml
@@ -40,7 +40,7 @@
 
 - name: Set admin password secret
   set_fact:
-    __admin_password_secret: '{{ _generated_admin_password["resources"] | default([]) | length | ternary(_generated_admin_password, _admin_password_secret) }}'
+    __admin_password_secret: "{{ admin_password_secret | length | ternary(_admin_password_secret, _generated_admin_password) }}"
   no_log: "{{ no_log }}"
 
 - name: Store admin password
@@ -58,4 +58,6 @@
         namespace: "{{ ansible_operator_meta.namespace }}"
         ownerReferences: null
   no_log: "{{ no_log }}"
-  when: not garbage_collect_secrets | bool
+  when:
+    - not garbage_collect_secrets | bool
+    - _generated_admin_password["resources"] | default([]) | length
diff --git a/roles/installer/tasks/broadcast_websocket_configuration.yml b/roles/installer/tasks/broadcast_websocket_configuration.yml
index 221b928c89..cc966cedd0 100644
--- a/roles/installer/tasks/broadcast_websocket_configuration.yml
+++ b/roles/installer/tasks/broadcast_websocket_configuration.yml
@@ -42,7 +42,7 @@
 - name: Set broadcast websocket secret
   set_fact:
     # yamllint disable-line rule:line-length
-    __broadcast_websocket_secret: '{{ _generated_broadcast_websocket["resources"] | default([]) | length | ternary(_generated_broadcast_websocket, _broadcast_websocket_secret)  }}'  # noqa 204
+    __broadcast_websocket_secret: "{{ broadcast_websocket_secret | length | ternary(_broadcast_websocket_secret, _generated_broadcast_websocket) }}"
   no_log: "{{ no_log }}"
 
 - name: Store broadcast websocket secret name
@@ -60,4 +60,6 @@
         namespace: "{{ ansible_operator_meta.namespace }}"
         ownerReferences: null
   no_log: "{{ no_log }}"
-  when: not garbage_collect_secrets | bool
+  when:
+    - not garbage_collect_secrets | bool
+    - _generated_broadcast_websocket["resources"] | default([]) | length
diff --git a/roles/installer/tasks/database_configuration.yml b/roles/installer/tasks/database_configuration.yml
index 4ae8e88257..eb46bb79b6 100644
--- a/roles/installer/tasks/database_configuration.yml
+++ b/roles/installer/tasks/database_configuration.yml
@@ -85,7 +85,7 @@
 
 - name: Set PostgreSQL Configuration
   set_fact:
-    pg_config: '{{ _generated_pg_config_resources["resources"] | default([]) | length | ternary(_generated_pg_config_resources, _pg_config) }}'
+    pg_config: "{{ postgres_configuration_secret | length | ternary(_pg_config, _generated_pg_config_resources) }}"
   no_log: "{{ no_log }}"
 
 - name: Set actual postgres configuration secret used
@@ -102,8 +102,9 @@
         namespace: "{{ ansible_operator_meta.namespace }}"
         ownerReferences: null
   no_log: "{{ no_log }}"
-  when: not garbage_collect_secrets | bool
-
+  when:
+    - not garbage_collect_secrets | bool
+    - _generated_pg_config_resources["resources"] | default([]) | length
 - name: Store Database Configuration
   set_fact:
     awx_postgres_user: "{{ pg_config['resources'][0]['data']['username'] | b64decode }}"
diff --git a/roles/installer/tasks/secret_key_configuration.yml b/roles/installer/tasks/secret_key_configuration.yml
index 153ba9a780..0170ddf98e 100644
--- a/roles/installer/tasks/secret_key_configuration.yml
+++ b/roles/installer/tasks/secret_key_configuration.yml
@@ -40,7 +40,7 @@
 
 - name: Set secret key secret
   set_fact:
-    secret_key: '{{ _generated_secret_key["resources"] | default([]) | length | ternary(_generated_secret_key, _secret_key_secret)  }}'
+    secret_key: "{{ secret_key_secret | length | ternary(_secret_key_secret, _generated_secret_key) }}"
   no_log: "{{ no_log }}"
 
 - name: Store secret key secret name
@@ -58,4 +58,6 @@
         namespace: "{{ ansible_operator_meta.namespace }}"
         ownerReferences: null
   no_log: "{{ no_log }}"
-  when: not garbage_collect_secrets | bool
+  when:
+    - not garbage_collect_secrets | bool
+    - _generated_secret_key["resources"] | default([]) | length