Obviously don't include your AWS key in the defaults or examples, just use dummy values, but it's up to them.
Folks should be aware of ansible-vault and I don't think it's necessary for the galaxy role to remind users to use it, but it's ok if the role did too. Definitely doesn't need to be a list of which variables, etc, as a lot of folks are using private repos and such. On Thu, Aug 28, 2014 at 7:36 AM, Tomasz Kontusz <[email protected]> wrote: > > > Jake Clarkson <[email protected]> napisał: > >Hi all, > > > >I was just wondering what the best practice is for including sensitive > >variables in an Ansible Galaxy role. > > > >For example, if I were to publish a role which required sensitive (i.e. > > > >vault encrypted) data, e.g. an API key, would I just document that this > > > >variable was required in the README.md? > Yes. It's the user that will decide how sensitive that data is to him, and > where to store it :-) > -- > Wysłane za pomocą K-9 Mail. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/a8027ec9-1019-4a46-8b00-adbb4f272ca7%40email.android.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgw7t2U5iK-%2BV_xbN%3D6dhn99gSYPjDOpQDV1md6jsS-bCw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
