Ansible Vault Support

Problem:

AFAIK, Ansible vaults aren’t supported OTB.

Expected outcome:

You can store sensitive credentials in vaults that are protected by a password.

Foreman and Proxy versions:

1.20.0-RC2

Foreman and Proxy plugin versions:

foreman-tasks 0.14.2
foreman_ansible 2.2.9
foreman_cockpit 2.0.3
foreman_column_view 0.4.0
foreman_hooks 0.3.15
foreman_memcache 0.1.1
foreman_remote_execution 1.6.4

Other relevant data:

As a workaround, you should be able to use the DEFAULT_VAULT_PASSWORD_FILE environment variable:

The vault password file to use. Equivalent to –vault-password-file or –vault-id

Just FYI, this is more of a “if you run into this issue, this is a possible workaround” post. No support needed (unless there’s a better way to do this). I also think I saw a ticket for this FR.

You can also configure this setting via an ansible.cfg file under the defaults section:

...
vault_password_file = ~/.ansible_vault_password
...