Agree with Serge above on "group_vars" being a confusing name for this.
But yes, the fact that a file needs a vault password will be detected at the point that file is read. On Wed, May 21, 2014 at 10:49 AM, Serge van Ginderachter < [email protected]> wrote: > > On 21 May 2014 16:44, James Cammarata <[email protected]> wrote: > >> Inventory variables are resolved after roles are read in, so yes moving >> the vault file to the vars_files section is the correct placement. > > > But having a non-inventory variable file within group_vars is not a good > idea to me ( see also the other thread I just replied on). > > I you happen to have a group 'secret' , thise will also get the secrets, > which might not be what you intended. > > > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAEhzMJAhm06Yc28%2BsuNZaAkM%3D4GWoqHvRhn5g%2BrBV-71%3D%3DGpMg%40mail.gmail.com<https://groups.google.com/d/msgid/ansible-project/CAEhzMJAhm06Yc28%2BsuNZaAkM%3D4GWoqHvRhn5g%2BrBV-71%3D%3DGpMg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgy6Qz1HwLAReSyCsOr83teoAocOeYubsiBURhY4qJavGA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
