Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ansible Vault - Slightly better example? #256

Closed
geerlingguy opened this issue Apr 29, 2020 · 1 comment
Closed

Ansible Vault - Slightly better example? #256

geerlingguy opened this issue Apr 29, 2020 · 1 comment

Comments

@geerlingguy
Copy link
Owner

geerlingguy commented Apr 29, 2020

To show how you can take a playbook that has a plaintext API key and encrypt it with vault, maybe a playbook that runs on localhost and just echoes the API_KEY. Start with it unencrypted, then encrypt (similar to current playbook, but actually runnable on the host machine):

---
- hosts: localhost
  connection: local
  gather_facts: no

  vars_files:
    - vars/api_key.yml

  tasks:
    - name: Echo the API key which was injected into the env.
      shell: echo $API_KEY
      environment:
        API_KEY: "{{ myapp_api_key }}"
      register: echo_result

    - name: Show the result.
      debug: var=echo_result.stdout

And in vars/api_key.yml:

---
myapp_api_key: "l9bTqfBlbXTQiDaJMqgPJ1VdeFLfId98"
@geerlingguy
Copy link
Owner Author

geerlingguy commented Jul 28, 2020

Updated this example in the book.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant