Open olwins opened 3 months ago
Hi
In the' Ansible Resource Model Source' configuration, setting the "Vault Pass Storage Path" field is ignored
If you save the config, you will see the following in the service log when it try to build the rundeck inventory :
PLAY [all] ********************************************************************* ERROR! Attempting to decrypt but no vault secrets found
Setting the "Vault Password" field fix the issue.
Vault Password:•••••••••••• Vault Pass Storage Path:keys/project/TEST/vault
Is that normal ? shouldn't the "Vault Pass Storage Path" field be used if specified to retrieve the vault password ?
N.B : in the playbook, the Vault Pass Storage Path is correctly used. Only the ressouce model seems to ignore it.
Release: Rundeck 5.2.0
To reproduce the issue :
Create a project with 2 file under group_vars/all/ var.yml ansible_become_pass: "{{ vault_ansible_become_pass }}"
ansible_become_pass: "{{ vault_ansible_become_pass }}"
vault.yml ansible_become_pass: XXXX (encrypted)
ansible_become_pass: XXXX
Test playbook :
- name: test hosts: all become: yes gather_facts: true tasks: - name: Display id shell: cmd: id register: id - name: debug debug: var: id
Hi
In the' Ansible Resource Model Source' configuration, setting the "Vault Pass Storage Path" field is ignored
If you save the config, you will see the following in the service log when it try to build the rundeck inventory :
Setting the "Vault Password" field fix the issue.
Vault Password:•••••••••••• Vault Pass Storage Path:keys/project/TEST/vault
Is that normal ? shouldn't the "Vault Pass Storage Path" field be used if specified to retrieve the vault password ?
N.B : in the playbook, the Vault Pass Storage Path is correctly used. Only the ressouce model seems to ignore it.
Release: Rundeck 5.2.0
To reproduce the issue :
Create a project with 2 file under group_vars/all/ var.yml
ansible_become_pass: "{{ vault_ansible_become_pass }}"
vault.yml
ansible_become_pass: XXXX
(encrypted)Test playbook :