Open markfaine opened 3 years ago
sky-joker
commented
3 years ago Thanks, @markfaine for requesting the new feature.
Sorry, I looked at this late.
If you'd like to use the encryption by Vault, I seem that you should use a file to decrypt.
https://molecule.readthedocs.io/en/stable-1.18/configuration.html?highlight=vault_password_file#ansible-section
bandit420
commented
3 years ago @markfaine
I had a similiar usecase and did use Hashicorp Vault (https://www.vaultproject.io/) with the pip-module "hvac" (https://pypi.org/project/hvac/).
The downside is: this does introduce external dependencies.
There was some work to do because you have to import values on every molecule step. I did not get it working directly using a lookup-plugin in the molecule.yml-file, but just a user, no developer or python expert.
BTW thank to @sky-joker, your module helped me a lot with the vmware part in molecule. :+1:
A way to encrypt the secrets or a way to store them outside of the ansible collection/role source tree and reference them. I don't want to check in molecule.yml with my passwords in it but I do want to check in molec;ule.yml