Ansible/DevOpsLab
Template
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix: исправлен путь к vault паролю vault-password.txt → vault/.vault

Browse Source 
- В converge.yml заменены все /workspace/vault-password.txt на /workspace/vault/.vault
- В docker-compose.yml обновлен ANSIBLE_VAULT_PASSWORD_FILE на /ansible/vault/.vault
- Теперь используется правильный файл vault/.vault согласно структуре проекта

Автор: Сергей Антропов
Сайт: https://devops.org.ru
This commit is contained in:
Сергей Антропов
2025-10-25 17:37:57 +03:00
parent 2144c81b70
commit 1bed3740b1
3 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dockerfiles/ansible-controller/docker-compose.yml
View File

@@ -8,7 +8,7 @@ services:
command: sleep infinity command: sleep infinity
environment: environment:
DOCKER_HOST: unix:///var/run/docker.sock DOCKER_HOST: unix:///var/run/docker.sock
ANSIBLE_VAULT_PASSWORD_FILE: /ansible/vault-password.txt ANSIBLE_VAULT_PASSWORD_FILE: /ansible/vault/.vault
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- .:/ansible - .:/ansible

6
molecule/default/converge.yml
View File

@@ -37,10 +37,10 @@
echo "[vault] already encrypted: $f"; echo "[vault] already encrypted: $f";
else else
echo "[vault] plaintext -> encrypt: $f"; echo "[vault] plaintext -> encrypt: $f";
ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f"; ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault/.vault "$f";
fi fi
echo "[vault] decrypt for run: $f"; echo "[vault] decrypt for run: $f";
ansible-vault decrypt --vault-password-file /workspace/vault-password.txt "$f"; ansible-vault decrypt --vault-password-file /workspace/vault/.vault "$f";
done done
done done
' '
@@ -67,7 +67,7 @@
echo "[vault] ok (encrypted): $f"; echo "[vault] ok (encrypted): $f";
else else
echo "[vault] encrypt back: $f"; echo "[vault] encrypt back: $f";
ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f" || true; ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault/.vault "$f" || true;
fi fi
done done
done done

24
molecule/default/create.yml
View File

@@ -27,18 +27,18 @@
groups: [test] groups: [test]
tasks: tasks:
- name: Install required collections # - name: Install required collections
command: ansible-galaxy collection install -r /workspace/requirements.yml # command: ansible-galaxy collection install -r /workspace/requirements.yml
delegate_to: localhost # delegate_to: localhost
ignore_errors: true # ignore_errors: true
register: collections_install # register: collections_install
changed_when: false # changed_when: false
run_once: true # run_once: true
become: true # become: true
vars: # vars:
ansible_python_interpreter: /usr/bin/python3 # ansible_python_interpreter: /usr/bin/python3
environment: # environment:
ANSIBLE_COLLECTIONS_PATH: /usr/share/ansible/collections # ANSIBLE_COLLECTIONS_PATH: /usr/share/ansible/collections
- name: Load preset configuration - name: Load preset configuration
include_vars: "{{ preset_file }}" include_vars: "{{ preset_file }}"