Dear colleges,
In our organization we are using string-vaulted inventories in order to keep secure some sensitive information that is applied later during the play-book execution. In one of the steps some configuration files are generated. The configuration files are generated using the Template module and some Jinja2 Templates.
All the text plain variables are replaced correctly in the template. However, the string-vaulted variables are decrypted and replaced with a blank space before the correct value.
The variable vault process has been double-checked and the value provided to the ansible-vault command has no blank spaces.
Is anybody having the same problems when using Ansible Vault and Template Module?
Example:
Clear text inventory section:
communication_ws_adm_password: admin
communication_ws_adm_password: password
Encrypt string:
ansible-vault encrypt_string --name esearch_copla_client_tomcat_server_password m3l0n3sdulc3S --ask-vault
Vaulted inventory section:
communication_ws_adm_password: admin
communication_ws_adm_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
31323731313536653038636138666461363833666137623539636563396337363061333262303333
6332323961633439626562313531333836383266373261300a363966643436306436633432333135
64303333356535353830613037393130313561366561343035636366623063646664313939383037
6532366661643465350a323437633765386163613135373933613165363137666338646165346539
3638
Jinja 2 Template:
adm.username={{ communication_ws_adm_username }}
adm.password={{ communication_ws_adm_password }}
Result after replacement:
adm.username=admin
adm.password= password
Kind regards. David.