Fixing up vault variables

roles/etcd/tasks/gen_certs_vault.yml

@@ -31,12 +31,18 @@
   register: etcd_vault_login_result
   when: inventory_hostname == groups.etcd|first
 
+- name: gen_certs_vault | Set fact for vault_client_token
+  set_fact:
+    vault_client_token:  "{{ etcd_vault_login_result.get('json', {}).get('auth', {}).get('client_token') }}"
+  delegate_to: "{{ groups['etcd'][0] }}"
+
 - name: gen_certs_vault | Set fact for Vault API token
   set_fact:
     etcd_vault_headers:
         Accept: application/json
         Content-Type: application/json
-        X-Vault-Token: "{{ hostvars[groups.etcd|first]['etcd_vault_login_result']['json']['auth']['client_token'] }}"
+        X-Vault-Token: "{{ vault_client_token }}"
+  when: vault_client_token != ""
 
 # Issue master certs to Etcd nodes
 - include: ../../vault/tasks/shared/issue_cert.yml