Re: [ansible-devel] Why not environment variable to store vault secrets ?
> > That's pretty much it: we don't want to encourage folks to store passwords > in environment variables. > The question is - why? Obviously env var is more secure than plain text file, which is current default for ansible. Of course its not the best available option, but still - better than now. -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-devel/824533da-c90a-4a84-b5a4-7ff301d5d09a%40googlegroups.com.
Re: [ansible-devel] Why not environment variable to store vault secrets ?
Gabriel, > Maybe the developpers fear that some users could do things like : > export VAULT_PASSWORD="MYPASSWORD" > ansible-playbook ... > > which is of course a bad idea because the password is written in shell > history... That's pretty much it: we don't want to encourage folks to store passwords in environment variables. --- Sam -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-devel/96342B07-6229-4C48-AE3C-1E1122E84639%40redhat.com.