Open freeeflyer opened 10 months ago
Hi. I bumped into a weird issue.
Trying to decode a vault encrypted yaml file I get this error: AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)
AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)
(I know there is a lot of stuff there)
adm_user@srv-admin ~/selenium-test:\) $ pip list Package Version ------------------------- ---------------- ansible 9.1.0 ansible-base 2.10.8 ansible-compat 4.1.10 ansible-core 2.16.2 ansible-lint 6.22.1 ansible-modules-pm2 0.1.0 ansible-vault 2.1.0 apache-libcloud 3.2.0 apturl 0.5.2 argcomplete 1.8.1 asn1crypto 1.4.0 asttokens 2.4.1 attrs 23.1.0 ayatana-settings 21.1.28 Babel 2.8.0 bcrypt 3.2.0 beautifulsoup4 4.12.2 black 23.12.1 blessed 1.20.0 blinker 1.4 bpython 0.24 bracex 2.4 Brlapi 0.8.3 bs4 0.0.1 cajarename 21.11.24 certifi 2022.6.15 chardet 5.0.0 charset-normalizer 2.1.0 click 8.0.3 colorama 0.4.4 colorlog 6.6.0 configobj 5.0.6 cryptography 3.4.8 cupshelpers 1.0 curtsies 0.4.2 cwcwidth 0.1.9 dbus-python 1.2.18 decorator 5.1.1 defer 1.0.6 defusedxml 0.7.1 deja-dup-caja 0.0.9 distro 1.7.0 distro-info 1.1+ubuntu0.1 dnspython 2.1.0 duplicity 0.8.21 exceptiongroup 1.2.0 executing 2.0.1 fasteners 0.14.1 filelock 3.13.1 folder-color-caja 0.0.86 folder-color-common 0.0.86 future 0.18.2 gpg 1.16.0 greenlet 3.0.3 h11 0.14.0 httplib2 0.20.2 idna 3.3 importlib-metadata 4.6.4 ipython 8.18.1 jedi 0.19.1 jeepney 0.7.1 Jinja2 3.0.3 jmespath 0.10.0 jsonschema 4.20.0 jsonschema-specifications 2023.12.1 keyring 23.5.0 language-selector 0.1 launchpadlib 1.10.16 lazr.restfulclient 0.14.4 lazr.uri 1.0.6 lockfile 0.12.2 louis 3.20.0 Magnus 1.0.3 Mako 1.1.3 markdown-it-py 3.0.0 MarkupSafe 2.0.1 mate-hud 22.4.4 mate-menu 22.4.1 mate-tweak 22.4.8 matplotlib-inline 0.1.6 mdurl 0.1.2 meld 3.20.4 monotonic 1.6 more-itertools 8.10.0 mypy-extensions 1.0.0 netaddr 0.8.0 netifaces 0.11.0 ntlm-auth 1.4.0 oauthlib 3.2.0 olefile 0.46 onboard 1.4.1 outcome 1.3.0.post0 packaging 23.2 paramiko 2.9.3 parso 0.8.3 pathspec 0.12.1 pexpect 4.8.0 Pillow 9.0.1 pip 22.0.2 pip-search 0.0.12 platformdirs 4.1.0 prompt-toolkit 3.0.43 psutil 5.9.0 ptyprocess 0.7.0 pulsemixer 1.5.1 pure-eval 0.2.2 pyasn1 0.4.8 pycairo 1.20.1 pycryptodomex 3.11.0 pycups 2.0.1 Pygments 2.17.2 PyGObject 3.42.1 PyJWT 2.3.0 pymacaroons 0.13.0 PyNaCl 1.5.0 pyparsing 2.4.7 PySocks 1.7.1 python-apt 2.4.0+ubuntu2 python-dateutil 2.8.1 python-debian 0.1.43+ubuntu1.1 python-dotenv 1.0.0 python-xapp 2.2.1 python-xlib 0.29 pytz 2022.1 pyvmomi 6.7.1 pywinrm 0.3.0 pyxattr 0.7.2 pyxdg 0.27 PyYAML 5.4.1 referencing 0.32.0 reportlab 3.6.8 requests 2.31.0 requests-ntlm 1.1.0 requests-toolbelt 0.9.1 resolvelib 1.0.1 rich 13.7.0 rpds-py 0.16.2 ruamel.yaml 0.18.5 ruamel.yaml.clib 0.2.8 SecretStorage 3.3.1 selenium 4.16.0 selinux 3.3 setproctitle 1.2.2 setuptools 59.6.0 simplejson 3.17.6 six 1.16.0 sniffio 1.3.0 sortedcontainers 2.4.0 soupsieve 2.5 stack-data 0.6.3 stormshield.sns.sslclient 1.0.4 subprocess-tee 0.4.1 systemd-python 234 terminator 2.1.1 tomli 2.0.1 traitlets 5.14.0 trio 0.23.2 trio-websocket 0.11.1 typing_extensions 4.9.0 ubuntu-advantage-tools 8001 ubuntu-drivers-common 0.0.0 ufw 0.36.1 unattended-upgrades 0.1 urllib3 1.26.10 wadllib 1.3.6 wcmatch 8.5 wcwidth 0.2.12 webdriver-manager 4.0.1 wheel 0.37.1 wsproto 1.2.0 xdg 5 xkit 0.0.0 xmltodict 0.12.0 yamllint 1.33.0 youtube-dl 2021.12.17 zipp 1.0.0
Python is 3.10.12
adm_user@srv-admin ~/selenium-test:\) $ cat toto.yml soft: user: toto password: rototo adm_user@srv-admin ~/selenium-test:\) $ echo -n "toto" > password adm_user@srv-admin ~/selenium-test:\) $ cat password totoadm_user@srv-admin ~/selenium-test:\) $ adm_user@srv-admin ~/selenium-test:\) $ ansible-vault encrypt toto.yml --vault-password-file password Encryption successful adm_user@srv-admin ~/selenium-test:\) $ cat toto.yml $ANSIBLE_VAULT;1.1;AES256 32353335396261646339343466646261306239633333366365663862353062653632653633656162 6464663731366136633131646531303063366332633734370a653464373830666666343930393564 39393162396564356336336339666666383432323738376566626434393461376334656664396339 6461363530383238340a376333306631383762323134303931393938653837633263386664633830 61383664303562386131306234333238396434316636343230633231386138613264383566363432 6165626266626437653735383835663564313162633265643964 adm_user@srv-admin ~/selenium-test:\) $
Now to python:
adm_user@srv-admin ~/selenium-test:\) $ ipython Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] Type 'copyright', 'credits' or 'license' for more information IPython 8.18.1 -- An enhanced Interactive Python. Type '?' for help. In [1]: from ansible_vault import Vault In [2]: vault = Vault(open('password').read()) In [3]: data = vault.load(open('toto.yml').read()) --------------------------------------------------------------------------- AnsibleVaultError Traceback (most recent call last) Cell In[3], line 1 ----> 1 data = vault.load(open('toto.yml').read()) File ~/.local/lib/python3.10/site-packages/ansible_vault/api.py:53, in Vault.load(self, stream) 51 def load(self, stream): 52 """Read vault steam and return python object.""" ---> 53 return yaml.safe_load(self.load_raw(stream)) File ~/.local/lib/python3.10/site-packages/ansible_vault/api.py:41, in Vault.load_raw(self, stream) 39 def load_raw(self, stream): 40 """Read vault stream and return raw data.""" ---> 41 return self.vault.decrypt(stream) File ~/.local/lib/python3.10/site-packages/ansible_vault/parsing.py:47, in AnsibleVaultLib.decrypt(self, vaulttext) 46 def decrypt(self, vaulttext): ---> 47 return self.vault.decrypt(vaulttext) File ~/.local/lib/python3.10/site-packages/ansible/parsing/vault/__init__.py:644, in VaultLib.decrypt(self, vaulttext, filename, obj) 633 def decrypt(self, vaulttext, filename=None, obj=None): 634 '''Decrypt a piece of vault encrypted data. 635 636 :arg vaulttext: a string to decrypt. Since vault encrypted data is an (...) 642 643 ''' --> 644 plaintext, vault_id, vault_secret = self.decrypt_and_get_vault_id(vaulttext, filename=filename, obj=obj) 645 return plaintext File ~/.local/lib/python3.10/site-packages/ansible/parsing/vault/__init__.py:751, in VaultLib.decrypt_and_get_vault_id(self, vaulttext, filename, obj) 749 if filename: 750 msg += " on %s" % to_native(filename) --> 751 raise AnsibleVaultError(msg) 753 if b_plaintext is None: 754 msg = "Decryption failed" AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt) In [4]:
Hi. I bumped into a weird issue.
Trying to decode a vault encrypted yaml file I get this error:
AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)Versions of installed packages
(I know there is a lot of stuff there)
Python is 3.10.12
Steps to reproduce
Now to python: