ansible-community · razorworks · Jun 5, 2025 · Jun 5, 2025 · Jun 5, 2025 · Jun 5, 2025
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -37,6 +37,7 @@ vault_start_pause_seconds: 0
 
 # Install method variables
 vault_install_hashi_repo: false
+vault_manage_hashi_repo: true
 vault_install_remotely: false
 vault_privileged_install: false
 

diff --git a/role_variables.md b/role_variables.md
@@ -61,6 +61,11 @@ The role defines variables in `defaults/main.yml`:
   repository used.
 - Default value: *false*
 
+## `vault_manage_hashi_repo`
+
+- Should this role manage the vault repo? Set to `false` if you don't want this role to manage HashiCorp repo on target machine.
+- Default value: `true`
+
 ## `vault_rhsm_repo_id`
 
 - Name of rhsm repo

diff --git a/tasks/install_hashi_repo.yml b/tasks/install_hashi_repo.yml
@@ -2,32 +2,33 @@
 # File: tasks/install_hashi_repo.yml
 #       Install Vault via HashiCorp Linux repository
 
-- name: Add Vault/Hashicorp rpm repo
-  yum_repository:
-    name: hashicorp
-    description: Hashicorp Stable - $basearch
-    baseurl: "{{ vault_repository_url }}"
-    gpgkey: "{{ vault_repository_key_url }}"
-    gpgcheck: true
-    enabled: true
+- name: Manage Vault/Hashicorp repo
+  when: vault_manage_hashi_repo
   become: true
-  when:
-    - ansible_pkg_mgr in ['yum', 'dnf']
-    - not vault_rhsm_repo_id
+  block:
+    - name: Add Vault/Hashicorp rpm repo
+      yum_repository:
+        name: hashicorp
+        description: Hashicorp Stable - $basearch
+        baseurl: "{{ vault_repository_url }}"
+        gpgkey: "{{ vault_repository_key_url }}"
+        gpgcheck: true
+        enabled: true
+      when:
+        - ansible_pkg_mgr in ['yum', 'dnf']
+        - not vault_rhsm_repo_id
 
-- name: Add Vault/Hashicorp apt key
-  apt_key:
-    url: "{{ vault_repository_key_url }}"
-    state: present
-  become: true
-  when: ansible_pkg_mgr == 'apt'
+    - name: Add Vault/Hashicorp apt key
+      apt_key:
+        url: "{{ vault_repository_key_url }}"
+        state: present
+      when: ansible_pkg_mgr == 'apt'
 
-- name: Add Vault/Hashicorp apt repo
-  apt_repository:
-    repo: "deb {{ vault_repository_url }} {{ ansible_distribution_release }} main"
-    state: present
-  become: true
-  when: ansible_pkg_mgr == 'apt'
+    - name: Add Vault/Hashicorp apt repo
+      apt_repository:
+        repo: "deb {{ vault_repository_url }} {{ ansible_distribution_release }} main"
+        state: present
+      when: ansible_pkg_mgr == 'apt'
 
 - name: Attach RHSM subscription / repo
   when: (vault_rhsm_repo_id)