version: 3

tasks:
  vault: ansible-vault edit vault.yml {{.CLI_ARGS}}
  tf:apply: ansible-playbook playbooks/provision.yml {{.CLI_ARGS}}
  tf:destroy: ansible-playbook playbooks/destroy.yml {{.CLI_ARGS}}

  enter:
    cmd: ssh -i {{.KEY}} -p 22 root@{{.IP}}
    vars:
      KEY: { sh: ansible-vault view vault.yml | yq -r .secret.private_key_file }
      IP: { sh: "cat secrets/tf_outputs.yml | jq -r '.nat-public-ip.value'" }