ceph-ansible/roles/ceph-fetch-keys/tasks/main.yml

---
- name: Lookup keys in /etc/ceph
  ansible.builtin.shell: ls -1 /etc/ceph/*.keyring
  changed_when: false
  register: ceph_keys

- name: Create a local fetch directory if it does not exist
  ansible.builtin.file:
    path: "{{ fetch_directory }}"
    state: directory
    mode: "0755"
  delegate_to: localhost
  become: false

- name: Copy ceph user and bootstrap keys to the ansible server
  ansible.builtin.fetch:
    src: "{{ item }}"
    dest: "{{ fetch_directory }}/{{ fsid }}/{{ item }}"
    flat: true
    fail_on_missing: false
  run_once: true
  with_items:
    - "{{ ceph_keys.stdout_lines }}"
    - "/var/lib/ceph/bootstrap-osd/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-rgw/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-mds/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-rbd/{{ cluster }}.keyring"
    - "/var/lib/ceph/bootstrap-mgr/{{ cluster }}.keyring"