Docker and Ansible Vault: An insecure match?

142 views

Skip to first unread message

Mahmoud Saada

unread,

Jul 14, 2015, 9:59:18 PM7/14/15

to ansible...@googlegroups.com

Ansible Vault requires to prompt the user for a password or a file containing the password. But if I'm running Ansible inside of a container, I cannot prompt the user for a password.

How can I run a playbook using vars encrypted by Vault during a Docker build?
How can I do it without exposing a password file?
Is there a best practice?

Paul Tötterman

unread,

Jul 15, 2015, 3:55:57 AM7/15/15

to ansible...@googlegroups.com

How can I run a playbook using vars encrypted by Vault during a Docker build?

Don't

How can I do it without exposing a password file?
Is there a best practice?

Give sensitive information to the docker container as environment values. See e.g. https://registry.hub.docker.com/_/postgres/ and POSTGRES_PASSWORD

Cheers,
Paul

Reply all

Reply to author

Forward

0 new messages