Ansible-rulebook run with ansible.cfg or vault secret

Jonny · August 12, 2025, 3:32pm

Hello,

I’m currently using ansible-rulebook for an automation task. I may have overlooked something in the documentation, but I wanted to ask:

Is it possible to include an ansible.cfg file in the run?
Additionally, how can I specify a vault file to be used throughout the entire execution?

I’m encountering two issues while working with ansible-rulebook:

I’m unable to access secrets defined in the rulebook run from the imported playbook. It seems the vault file isn’t being applied as expected.
I’d like to use a custom ansible.cfg to reference my own collections and roles located in the playbook directory (./collections). I’ve already set collections_path and roles_path in my configuration file, but it doesn’t seem to take effect during the rulebook execution.

I created a simple rulebook.yml, just run every 30 seconds.

## rulebook.yml
---
- name: Check remote file existence
  hosts: vm01
  sources:
    - ansible.eda.tick:
        delay: 30  # Check every 30 seconds
  rules:
    - name: Check if remote file exists
      condition: true
      action:
        run_playbook:
          name: "/eda/playbooks/eda_playbook.yml"

My rulebook triggers a playbook what will check for a file, if its exist, and run another playbooks site.yml.

## eda_playbook.yml 
--- 
- name: Test playbook
  hosts: vm01
  gather_facts: false
  tasks:     
    - name: Recursively find folder       
      ansible.builtin.find:         
        paths: "/home/user01/eda_test/query"
        recurse: true         
        file_type: file       
      register: __get_filename

    - name: Run create proxmox VM   
      ansible.builtin.import_playbook: "/eda/site.yml"

## site.yml
---
- name: Create VM
  ansible.builtin.import_playbook: "create_proxmox_vm.yml"
  tags:
    - create_proxmox
    - create

## create_proxmox_vm.yml
---
- name: Create new VM and wait for connection
  hosts: managed_vms
  gather_facts: false
  serial: 1
  roles:
    - role: proxmox
      role_state: create
      when: cluster_type == "proxmox"
      delegate_to: localhost

ansible-rulebook -r ./extensions/eda/rulebook.yml -i ./inventories/inventory.ini --vault-password-file .vault-password

ERROR! Attempting to decrypt but no vault secrets found
2025-08-12 15:09:21,840 - ansible_rulebook.action.run_playbook - ERROR - ERROR! Attempting to decrypt but no vault secrets found

Thanks in advance for your help! If you need any additional details, feel free to ask.

Jonny · August 13, 2025, 6:24am

A new day, with a fresh mind !! I found a solution.

I put my ansible.cfg to /etc/ansible and it worked with the right settings. I forgot to say yesterday i got a container environment.

On a control node is it not the best solution, i think. Maybe someone had another solution for the problems.

Jonny · August 14, 2025, 11:12am

Hello, one more question is it possible to use two inventory files. One ini with one host and for my playbook take a dynamic inventory, Whats build inside of a playbook. ?

Topic		Replies	Views
How to include a variable vault in inventory.ini or ansible.cfg Get Help rhel9 , ansible-vault	7	910	January 8, 2025
Problem with ansible.cfg file provided by repository Ansible Project	2	15	July 6, 2015
Ansible Vault needs an .ansible.cfg entry Ansible Developer	5	7	May 21, 2014
ansible-test : ansible vault Ansible Project	0	6	October 6, 2021
The vault password file /home/user./vault was not found Ansible Project	2	509	June 10, 2020

Ansible-rulebook run with ansible.cfg or vault secret

Related topics