I have a question. I prompt for the vault password with "vars_prompt". I
then pass this variable to every role I use so I can use it to
encrypt/decrypt. When I do:
- name: Test a static file decrypt
delegate_to: localhost
copy:
content: "{{ lookup('ansible.builtin.file', '/home/ansible/<blah
blah blah>/test.txt') | ansible.builtin.unvault(vault_passwd) }}"
dest: "/home/ansible/test.txt"
I get the following error:
"Attempting to decrypt but no vault secrets found"
I tried adding "decrypt: no" to the copy module, as I figured that the copy
module tried to decrypt the file even though that should already been done
via ansible.builtin.unvault, but it changes nothing.
Still get the same error. I tested that the vault_password variable does
indeed carry the password.
On Thursday, April 18, 2019 at 12:14:06 PM UTC-4 Brian Coca wrote:
> No, inventory scripts cannot use vault features, they are an 'external
> script' Ansible runs.
>
> Inventory plugins can by default, they will automatically unvault
> their inventory source file, since these are plugins that run
> internally in Ansible.
>
> -
> ----------
> Brian Coca
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/6a3c0141-e45e-4ab8-9c9e-a4bf32479962n%40googlegroups.com.
