richfromm
commented
7 years ago This is the last of my planned changes to the actual code.
I have updated README.md to cumulatively reflect all of my edits, including this. I will generate a new and separate pull request for that once this pull request has been resolved.
jhaals
This is a replacement for #23
The idea is that vault_addr, vault_cacert, and vault_capath can be set as Ansible variables, as an alternative to using the corresponding environment variables. If both are set, the environment variable takes precedence.
Note that vault_token is explicitly left out of this. Setting this to a fixed value checked into revision control and available for all to see would be a bad security practice. (Note that #25 already provides an alternative to the environment variable for that.)