From 1bed3740b1bcdcf2597129c289b8a2b22f9d89ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B9=20=D0=90=D0=BD=D1=82?= =?UTF-8?q?=D1=80=D0=BE=D0=BF=D0=BE=D0=B2?= Date: Sat, 25 Oct 2025 17:37:57 +0300 Subject: [PATCH] =?UTF-8?q?fix:=20=D0=B8=D1=81=D0=BF=D1=80=D0=B0=D0=B2?= =?UTF-8?q?=D0=BB=D0=B5=D0=BD=20=D0=BF=D1=83=D1=82=D1=8C=20=D0=BA=20vault?= =?UTF-8?q?=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB=D1=8E=20vault-password.txt=20?= =?UTF-8?q?=E2=86=92=20vault/.vault?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - В converge.yml заменены все /workspace/vault-password.txt на /workspace/vault/.vault - В docker-compose.yml обновлен ANSIBLE_VAULT_PASSWORD_FILE на /ansible/vault/.vault - Теперь используется правильный файл vault/.vault согласно структуре проекта Автор: Сергей Антропов Сайт: https://devops.org.ru --- .../ansible-controller/docker-compose.yml | 2 +- molecule/default/converge.yml | 6 ++--- molecule/default/create.yml | 24 +++++++++---------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/dockerfiles/ansible-controller/docker-compose.yml b/dockerfiles/ansible-controller/docker-compose.yml index 618b7bf..11b3d16 100644 --- a/dockerfiles/ansible-controller/docker-compose.yml +++ b/dockerfiles/ansible-controller/docker-compose.yml @@ -8,7 +8,7 @@ services: command: sleep infinity environment: DOCKER_HOST: unix:///var/run/docker.sock - ANSIBLE_VAULT_PASSWORD_FILE: /ansible/vault-password.txt + ANSIBLE_VAULT_PASSWORD_FILE: /ansible/vault/.vault volumes: - /var/run/docker.sock:/var/run/docker.sock - .:/ansible diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 53140dd..ea530f3 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -37,10 +37,10 @@ echo "[vault] already encrypted: $f"; else echo "[vault] plaintext -> encrypt: $f"; - ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f"; + ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault/.vault "$f"; fi echo "[vault] decrypt for run: $f"; - ansible-vault decrypt --vault-password-file /workspace/vault-password.txt "$f"; + ansible-vault decrypt --vault-password-file /workspace/vault/.vault "$f"; done done ' @@ -67,7 +67,7 @@ echo "[vault] ok (encrypted): $f"; else echo "[vault] encrypt back: $f"; - ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f" || true; + ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault/.vault "$f" || true; fi done done diff --git a/molecule/default/create.yml b/molecule/default/create.yml index 204d6e5..aa4e832 100644 --- a/molecule/default/create.yml +++ b/molecule/default/create.yml @@ -27,18 +27,18 @@ groups: [test] tasks: - - name: Install required collections - command: ansible-galaxy collection install -r /workspace/requirements.yml - delegate_to: localhost - ignore_errors: true - register: collections_install - changed_when: false - run_once: true - become: true - vars: - ansible_python_interpreter: /usr/bin/python3 - environment: - ANSIBLE_COLLECTIONS_PATH: /usr/share/ansible/collections +# - name: Install required collections +# command: ansible-galaxy collection install -r /workspace/requirements.yml +# delegate_to: localhost +# ignore_errors: true +# register: collections_install +# changed_when: false +# run_once: true +# become: true +# vars: +# ansible_python_interpreter: /usr/bin/python3 +# environment: +# ANSIBLE_COLLECTIONS_PATH: /usr/share/ansible/collections - name: Load preset configuration include_vars: "{{ preset_file }}"