However it seems the execpted vars are not set (the vault lookup supports vars such as ansible_hashi_vault_url, but i don’t think these are set.
The error is Required option url was not set… Required option url was not set
i also tried "{{ lookup('community.hashi_vault.hashi_vault', 'cloud/hetzner/hrobot/webservice_password',url=extra_vars.ansible_hashi_vault_url, token=extra_vars.ansible_hashi_vault_token) }}", which also did not work.
Using env in the custom credential does not work either, because i am not allowed to use ANSIBLE_* env vars.
How does one use custom credentials in an inventory yaml file?
It looks like a bug in the inventory plugin. It does not use the extra vars. Changing this line from self.templar = Templar(loader=loader) to self.templar = Templar(loader=loader, variables=self._vars) may fix it (untested).
We have been trying the patch you mentioned. However, the vars such as ansible_hashi_vault_addr are still not available in the yaml file. We tried prefixing with extra_vars. (such as extra_vars.ansible_hashi_vault_addr), but that also resulted in undefined-errors.
Glad you found a solution. I’d still consider that the plugin doesn’t support extra vars a bug, here’s an example of how it should work (using a different inventory plugin, which has an option to enable --extra-vars).
# test_constructed.yml
plugin: ansible.builtin.constructed
strict: true # give an error for undefined variables
compose:
test_var: extra_vars.foo
use_extra_vars: true
# extra_vars.yml
extra_vars:
foo: bar
File-based extra vars need to be passed to --extra-vars with a @ prefix: