Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

variables encrypted successfully but unable to be detected #40659

Closed
huiminzeng opened this issue May 24, 2018 · 2 comments

Comments

@huiminzeng
Copy link

commented May 24, 2018

SUMMARY

Hi all! I was trying to encrypt some user information with ansible vault module. I can encrypt the info successfully, but the encrypted variables couldn't be detected. Is this a bug or i just made some mistakes?

ISSUE TYPE
  • Bug Report
COMPONENT NAME

vault

ANSIBLE VERSION
ansible version: 2.5.3
CONFIGURATION

Default Configuration

OS / ENVIRONMENT

Ubuntu 16.04

STEPS TO REPRODUCE

The original playbook:

---
- name: Token
  hosts: local
  connection: loc
  vars:
    url_base: http://localhost:3000/api/v1
  tasks:
   - name: login
     uri:
       url: "{{ url_base }}/login"
       method: POST
       body: "username=huimin&password=123"
_______________________________________________________________________________________________________________
_______________________________________________________________________________________________________________

But i wanted to encrypt the body, which contains the login information. I ran: ansible-vault create vault.yml. And This was the result: 

vagrant@devvm:~/password/login$ ansible-vault view vault.yml
Vault password:
---
vault_info: "username=huimin&password=123"

vagrant@devvm:~/password/login$ cat vault.yml
$ANSIBLE_VAULT;1.1;AES256
65663261306230626232306161383238316661653530653837363561623737343130396539643536
6265626531666339373762343830616538363566333665620a343061663261666636313031666665
63316662303732353861383030306639663039623834353065343934366438313431616130633439
3636323934653833370a306465383464343833663732626339326464666362643064663663303738
64323036663337363038366530633866383032636630386362383935643030353531653161386466
6264663934386330323864383539346361656263316539343364

_______________________________________________________________________________________________________________
_______________________________________________________________________________________________________________
This is the vars.yml file:
---
info: "{{ vault_info }"
______________________________________________________________________________________________________________________________________________________________________________________________________________________________
This is the new playbook: 
---
- import: secrets
- name: Token
  hosts: local
  connection: loc
  vars:
    url_base: http://localhost:3000/api/v1
  vars_files:
    - vault.yml
    - vars.yml
  tasks:
   - name: login
     uri:
       url: "{{ url_base }}/login"
       method: POST
       body: "{{ info }}"

I thought this could just work fine. But I got this:

ERROR! Attempting to decrypt but no vault secrets found

I can't understand the error, because the password is encrypted. By the way, i tried ansible-vault encrypt_string 'username=huimin&password=123', this worked. 

So could you please help me?

thanks a lot


'''
<!--- You can also paste gist.github.com links for larger files -->

##### EXPECTED RESULTS
<!--- What did you expect to happen when running the steps above? -->
huimin can login
##### ACTUAL RESULTS
<!--- What actually happened? If possible run with extra verbosity (-vvvv) -->
<!--- Paste verbatim command output between quotes below -->

ERROR! Attempting to decrypt but no vault secrets found

@ansibot

This comment has been minimized.

Copy link
Contributor

commented May 24, 2018

Files identified in the description:

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

@sivel

This comment has been minimized.

Copy link
Member

commented May 24, 2018

List Information

Hi!

Thanks very much for your interest in Ansible. It sincerely means a lot to us.

This appears to be a user question, and we'd like to direct these kinds of things to either the mailing list or the IRC channel.

If you can stop by there, we'd appreciate it. This allows us to keep the issue tracker for bugs, pull requests, RFEs and the like.

Thank you once again and we look forward to seeing you on the list or IRC. Thanks!

@sivel sivel closed this May 24, 2018

@sivel sivel removed the needs_triage label May 24, 2018

@ansible ansible locked and limited conversation to collaborators May 24, 2019

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
3 participants
You can’t perform that action at this time.