Sometimes we have several encryption keys for several projects.
Take a look at your /etc/ansible/ansible.cfg
# find this line
vault_identity_list = default@/home/dude/vault_password,
admin@/home/dude/admin_pass, project@/home/dude/project
If you only have 1 encryption key to work with, then it's the default, it'd
look like /home/dude/file_containing_the_key
/Max
On Tuesday, February 18, 2020 at 12:56:23 PM UTC+1, haohao qiang wrote:
>
> Hello, i have the same issue, did you resolved? How to make it work!
>
> On Thursday, March 8, 2018 UTC + 8 at 9:03:18 PM, JiElPe-Fr38 wrote:
>>
>> Thanks for the idea...
>> In fact, I already used the verbose mode, so yes I can confirm that it
>> uses the awaited config file.
>> Which is not a good news, because it would have been a good reason for
>> the problem.
>>
>> J-L
>>
>> Le jeudi 8 mars 2018 11:49:16 UTC+1, JiElPe-Fr38 a écrit :
>>>
>>> Dear all,
>>>
>>> I am "auto learning" ansible and currently try to understand how to use
>>> vault.
>>> To summarize things, I have created a vault.yml file in the vars
>>> directory, and included it in the main.yml task. Then, I put the vault
>>> password within a .vault_passwd file created at the same level than
>>> ansible.cfg.
>>>
>>> When I run :
>>> ansible-playbook with --vault-password-file .vault_passwd
>>>
>>> It is ok.
>>>
>>> So, I tried to put the vault password file path within ansible.cfg as
>>> follows :
>>> vault_password_file = .vault_passwd
>>>
>>> When running the playbook (without --vault-password-file ), it fails
>>> with :
>>> fatal: [ci-server]: FAILED! => {
>>> "ansible_facts": {},
>>> "ansible_included_var_files": [],
>>> "changed": false,
>>> "message": "Attempting to decrypt but no vault secrets found"
>>> }
>>>
>>> at the line were the vault.yml file is imported. So, it looks like if it
>>> does not find the vault password file to decrypt the vault file.
>>>
>>> I can't understand why, and have already tried with the aboslute path,
>>> or changing _ with -, just in case documentation had a typo... but without
>>> any success.
>>>
>>> If someone could have an idea to help, I would be glad.
>>>
>>> Have a nice day!
>>>
>>> J-L
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/75c180b8-84b9-41de-b0aa-6b6512293669%40googlegroups.com.
