finish adding terraform and vault archive

tasks/archive/terraform.yml

@@ -1,13 +1,38 @@
+# vim: set filetype=yaml.ansible :
+---
+- name: Check if terraform is already installed
+  register: r_terraform_inst
+  ansible.builtin.stat:
+    path: "{{ terraform.bin }}"
+
+- name: Download and install terraform
+  when:
+    - not r_terraform_inst.stat.exists
+  block:
     - name: Download terraform archive
       ansible.builtin.get_url:
-    dest: "{{ d_tempdir.path }}/{{ terraform.file }}"
+        dest: "{{ d_tempdir.path }}/{{ terraform.archive }}"
-    url: "{{ terraform.url }}/{{ terraform.file }}"
+        url: "{{ terraform.url }}/{{ terraform.archive }}"
-    decompress: false
         mode: '0644'
+        decompress: false
+
+    - name: Ensure vault archive dir exists
+      become: "{{ ext_become }}"
+      ansible.builtin.file:
+        state: directory
+        path: "{{ terraform.path }}"
+        mode: '0755'
 
     - name: Extract terraform archive
       become: "{{ ext_become }}"
       ansible.builtin.unarchive:
-    dest: "{{ path.archive }}/terraform"
+        dest: "{{ terraform.path }}"
-    src: "{{ d_tempdir.path }}/{{ terraform.file }}"
+        src: "{{ d_tempdir.path }}/{{ terraform.archive }}"
         remote_src: true
+
+    - name: Link terraform executable
+      become: "{{ ext_become }}"
+      ansible.builtin.file:
+        state: link
+        src: "{{ terraform.path }}/terraform"
+        path: "{{ terraform.bin }}"

tasks/archive/vault.yml

@@ -0,0 +1,37 @@
+# vim: set filetype=yaml.ansible : ---
+- name: Check if vault is already installed
+  register: r_vault_inst
+  ansible.builtin.stat:
+    path: "{{ vault.bin }}"
+
+- name: Download and install vault
+  when:
+    - not r_vault_inst.stat.exists
+  block:
+    - name: Download vault archive
+      ansible.builtin.get_url:
+        dest: "{{ d_tempdir.path }}/{{ vault.archive }}"
+        url: "{{ vault.url }}/{{ vault.archive }}"
+        mode: '0644'
+        decompress: false
+
+    - name: Ensure vault archive dir exists
+      become: "{{ ext_become }}"
+      ansible.builtin.file:
+        state: directory
+        path: "{{ vault.path }}"
+        mode: '0755'
+
+    - name: Extract vault archive
+      become: "{{ ext_become }}"
+      ansible.builtin.unarchive:
+        dest: "{{ vault.path }}"
+        src: "{{ d_tempdir.path }}/{{ vault.archive }}"
+        remote_src: true
+
+    - name: Link vault executable
+      become: "{{ ext_become }}"
+      ansible.builtin.file:
+        state: link
+        src: "{{ vault.path }}/vault"
+        path: "{{ vault.bin }}"

tasks/config/terraform.yml

@@ -4,6 +4,8 @@
       method: "{{ pkgconfig.terraform.method[ansible_os_family] | default(pkgconfig.terraform.method.default) }}"
 
 - name: Set terraform config
+  when:
+    - terraform.method == 'sys'
   ansible.builtin.set_fact:
     terraform:
       method: "{{ terraform.method }}"
@@ -15,5 +17,7 @@
   ansible.builtin.set_fact:
     terraform:
       method: "{{ terraform.method }}"
+      archive: "terraform_{{ pkgconfig.terraform.version }}_{{ pkgconfig.terraform[sysmap] }}_{{ pkgconfig.terraform[archmap] }}.zip"
       url: "{{ pkgconfig.terraform.archive.baseurl }}/{{ pkgconfig.terraform.version }}"
-      file: "terraform_{{ pkgconfig.terraform.version }}_linux_amd64.zip"
+      path: "{{ path.archive }}/terraform"
+      bin: "{{ path.bin }}/terraform"

tasks/config/vault.yml

@@ -1,4 +1,23 @@
-- name: Set vault config
+- name: Set vault install method
   ansible.builtin.set_fact:
     vault:
+      method: "{{ pkgconfig.vault.method[ansible_os_family] | default(pkgconfig.vault.method.default) }}"
+
+- name: Set vault config {{ vault.method }}
+  when:
+    - vault.method == 'sys'
+  ansible.builtin.set_fact:
+    vault:
+      method: "{{ vault.method }}"
       pkgs: "{{ pkgconfig.vault.pkgs[ansible_system] }}"
+
+- name: Set vault config {{ vault.method }}
+  when:
+    - vault.method == 'archive'
+  ansible.builtin.set_fact:
+    vault:
+      method: "{{ vault.method }}"
+      archive: "vault_{{ pkgconfig.vault.version }}_{{ pkgconfig.vault[ansible_system] }}_{{ pkgconfig.vault[ansible_architecture] }}.zip"
+      url: "{{ pkgconfig.vault.baseurl }}/{{ pkgconfig.vault.version }}"
+      path: "{{ path.arhive }}/vault"
+      bin: "{{ path.bin }}/vault"

tasks/pkgs/vault.yml

@@ -9,6 +9,8 @@
         file: config/vault.yml
 
     - name: Append vault
+      when:
+        - vault.method == 'sys'
       block:
         - name: Append vault to pkg_tap
           when:
@@ -28,6 +30,12 @@
           ansible.builtin.set_fact:
             pkg_sys: "{{ pkg_sys + vault.pkgs }}"
 
+    - name: Append vault to pkg_archive
+      when:
+        - vault.method == 'archive'
+      ansible.builtin.set_fact:
+        pkg_archive: "{{ pkg_archive + ['vault'] }}"
+
     - name: Set vault_configured
       ansible.builtin.set_fact:
         vault_configured: true

vars/pkgs/terraform.yml

@@ -2,11 +2,20 @@ terraform:
   version: 1.11.2
   archive:
     baseurl: https://releases.hashicorp.com/terraform
-  method:
+  sysmap:
-    default: sys
+    Darwin: darwin
-    Alpine: archive
+    Linux: linux
+  archmap:
+    x86_64: amd64
+    arm64: arm64
+    aarch64: arm64
   pkgs:
     Linux:
       - terraform
     Darwin:
       - hashicorp/tap/terraform
+  method:
+    default: sys
+    Alpine: archive
+    RedHat: sys
+    Darwin: sys

vars/pkgs/vault.yml

@@ -1,6 +1,21 @@
 vault:
+  version: 1.19.0
+  archive:
+    baseurl: https://releases.hashicorp.com/vault
+  sysmap:
+    Darwin: darwin
+    Linux: linux
+  archmap:
+    x86_64: amd64
+    arm64: arm64
+    aarch64: arm64
   pkgs:
     Linux:
       - vault
     Darwin:
       - hashicorp/tap/vault
+  method:
+    default: sys
+    Alpine: archive
+    RedHat: sys
+    Darwin: sys