Howto read variables from an vaut encrypted file
1,680 views
Skip to first unread message
necc...@gmail.com
Mar 7, 2018, 4:07:53 PM3/7/18
to Ansible Project
Hi all,
the following task may sound easy but actually it fails all the time ...
I want to store my password in a variable and put it into an ansible-vault encrypted file.
The content of this file will look like this:
Now my check.yml shall read the encrypted file, get the password and login
But the login fails with:
FAILED! => {
"msg": "The field 'become_pass' has an invalid value, which includes an undefined variable. The error was: {{ Test1234 }}: 'TesT1234' is undefined\nexception type: <class 'ansible.errors.AnsibleUndefinedVariable'>\nexception: {{ TesT1234 }}: 'TesT1234' is undefined"
}
So it looks like ansible is unable to get the variable out of the encrypted file ... but WHY ?
the following task may sound easy but actually it fails all the time ...
I want to store my password in a variable and put it into an ansible-vault encrypted file.
The content of this file will look like this:
---
root_pass_sirius: "{{ TesT1234 }}"Now my check.yml shall read the encrypted file, get the password and login
---
- hosts: sirius
remote_user: ansible
# gather_facts: no
become: yes
become_method: su
vars_files:
- enc_vars.yml
vars:
ansible_become_pass: '{{ root_pass_sirius }}'
But the login fails with:
FAILED! => {
"msg": "The field 'become_pass' has an invalid value, which includes an undefined variable. The error was: {{ Test1234 }}: 'TesT1234' is undefined\nexception type: <class 'ansible.errors.AnsibleUndefinedVariable'>\nexception: {{ TesT1234 }}: 'TesT1234' is undefined"
}
So it looks like ansible is unable to get the variable out of the encrypted file ... but WHY ?
Brian Coca
Mar 7, 2018, 7:13:24 PM3/7/18
to Ansible Project
Ansilbe reads the 'root_pass_sirus' variable fine, the problem is that
'TesT1234' variable isn't defined anywhere.
--
----------
Brian Coca
'TesT1234' variable isn't defined anywhere.
--
----------
Brian Coca
necc...@gmail.com
Mar 8, 2018, 1:06:06 AM3/8/18
to Ansible Project
Hi Brian,
of course not. it's supposed to be the value of 'root_pass_sirus' ...
of course not. it's supposed to be the value of 'root_pass_sirus' ...
Richard Sobey
Mar 8, 2018, 6:31:07 AM3/8/18
to Ansible Project
My limited understanding is that this:
root_pass_sirius: "{{ TesT1234 }}"
..is definting another variable called "TesT1234" rather than assigning the literal "TesT1234" to the variable "root_pass_sirius" like:
root_pass_sirius: "TesT1234"
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fb17c895-772f-4e03-a8fe-dc41cdf7b8e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
necc...@gmail.com
Mar 8, 2018, 5:13:09 PM3/8/18
to Ansible Project
unbeliveable ... but that was it !!
Thanks a lot :)
Thanks a lot :)
Michael-John Turner
Mar 19, 2018, 4:54:42 PM3/19/18
to ansible...@googlegroups.com
On Wed, Mar 07, 2018 at 09:07:53PM +0000, necc...@gmail.com wrote:
>So it looks like ansible is unable to get the variable out of the
>encrypted
>file ... but WHY ?
Brian provided a clue in his answer, but to make it more explicit:
>So it looks like ansible is unable to get the variable out of the
>encrypted
>file ... but WHY ?
root_pass_sirius is not correctly declared.
Instead of:
root_pass_sirius: "{{ TesT1234 }}"
it should be:
root_pass_sirius: "TesT1234"
You want the password to have the value "TesT1234" - in the incorrect
declaration, it's being set to the value of a variable called TesT1234,
which doesn't exist. Remove the {{ }} and it'll work.
Cheers, MJ
--
Michael-John Turner * m...@mjturner.net * http://mjturner.net/
Reply all
Reply to author
Forward
0 new messages