Go-ansible is a Go package that enables the execution of ansible-playbook or ansible commands directly from Golang applications. It supports a wide range of options for each command, enabling smooth integration of Ansible functionality into your projects.
That feature intends to solve the problem of how to pass to vaulted variables through extra-vars.
Ansible can read vaulted variables from a file however it does not provide a straightforward solution to pass vaulted data through an extra-vars.
To achieve that you need to generate an encrypted string and prepare a JSON with the ansible-vault result. That JSON can be passed as an extra-var.
Here you have an example of that JSONed vaulted variable.
The AnsiblePlaybookCmd and AnsibleAdhocCmd would need a vault generator that could accept multi-password readers: such as text, file or environment variables.
Generate vaulted extra-vars
That feature intends to solve the problem of how to pass to vaulted variables through extra-vars. Ansible can read vaulted variables from a file however it does not provide a straightforward solution to pass vaulted data through an extra-vars.
To achieve that you need to generate an encrypted string and prepare a JSON with the ansible-vault result. That JSON can be passed as an extra-var.
Here you have an example of that JSONed vaulted variable.
The proposal is to add a method with that signature:
Which returns the extra-var parameter having a variable vaulted in JSON format:
How to achieve the vault string
The
AnsiblePlaybookCmdandAnsibleAdhocCmdwould need a vault generator that could accept multi-password readers: such as text, file or environment variables.The library https://github.com/sosedoff/ansible-vault-go can be used to achieve that.