Skip to content

variables encrypted successfully but unable to be detected #40659

@huiminzeng

Description

@huiminzeng
SUMMARY

Hi all! I was trying to encrypt some user information with ansible vault module. I can encrypt the info successfully, but the encrypted variables couldn't be detected. Is this a bug or i just made some mistakes?

ISSUE TYPE
  • Bug Report
COMPONENT NAME

vault

ANSIBLE VERSION
ansible version: 2.5.3
CONFIGURATION

Default Configuration

OS / ENVIRONMENT

Ubuntu 16.04

STEPS TO REPRODUCE

The original playbook:

---
- name: Token
  hosts: local
  connection: loc
  vars:
    url_base: http://localhost:3000/api/v1
  tasks:
   - name: login
     uri:
       url: "{{ url_base }}/login"
       method: POST
       body: "username=huimin&password=123"
_______________________________________________________________________________________________________________
_______________________________________________________________________________________________________________

But i wanted to encrypt the body, which contains the login information. I ran: ansible-vault create vault.yml. And This was the result: 

vagrant@devvm:~/password/login$ ansible-vault view vault.yml
Vault password:
---
vault_info: "username=huimin&password=123"

vagrant@devvm:~/password/login$ cat vault.yml
$ANSIBLE_VAULT;1.1;AES256
65663261306230626232306161383238316661653530653837363561623737343130396539643536
6265626531666339373762343830616538363566333665620a343061663261666636313031666665
63316662303732353861383030306639663039623834353065343934366438313431616130633439
3636323934653833370a306465383464343833663732626339326464666362643064663663303738
64323036663337363038366530633866383032636630386362383935643030353531653161386466
6264663934386330323864383539346361656263316539343364

_______________________________________________________________________________________________________________
_______________________________________________________________________________________________________________
This is the vars.yml file:
---
info: "{{ vault_info }"
______________________________________________________________________________________________________________________________________________________________________________________________________________________________
This is the new playbook: 
---
- import: secrets
- name: Token
  hosts: local
  connection: loc
  vars:
    url_base: http://localhost:3000/api/v1
  vars_files:
    - vault.yml
    - vars.yml
  tasks:
   - name: login
     uri:
       url: "{{ url_base }}/login"
       method: POST
       body: "{{ info }}"

I thought this could just work fine. But I got this:

ERROR! Attempting to decrypt but no vault secrets found

I can't understand the error, because the password is encrypted. By the way, i tried ansible-vault encrypt_string 'username=huimin&password=123', this worked. 

So could you please help me?

thanks a lot


'''
<!--- You can also paste gist.github.com links for larger files -->

##### EXPECTED RESULTS
<!--- What did you expect to happen when running the steps above? -->
huimin can login
##### ACTUAL RESULTS
<!--- What actually happened? If possible run with extra verbosity (-vvvv) -->
<!--- Paste verbatim command output between quotes below -->

ERROR! Attempting to decrypt but no vault secrets found

Activity

ansibot

ansibot commented on May 24, 2018

@ansibot
Contributor

Files identified in the description:

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

added
affects_2.5This issue/PR affects Ansible v2.5
bugThis issue/PR relates to a bug.
needs_triageNeeds a first human triage before being processed.
support:coreThis issue/PR relates to code supported by the Ansible Engineering Team.
on May 24, 2018
sivel

sivel commented on May 24, 2018

@sivel
Member

List Information

Hi!

Thanks very much for your interest in Ansible. It sincerely means a lot to us.

This appears to be a user question, and we'd like to direct these kinds of things to either the mailing list or the IRC channel.

If you can stop by there, we'd appreciate it. This allows us to keep the issue tracker for bugs, pull requests, RFEs and the like.

Thank you once again and we look forward to seeing you on the list or IRC. Thanks!

removed
needs_triageNeeds a first human triage before being processed.
on May 24, 2018
locked and limited conversation to collaborators on May 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    affects_2.5This issue/PR affects Ansible v2.5bugThis issue/PR relates to a bug.support:coreThis issue/PR relates to code supported by the Ansible Engineering Team.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @sivel@ansibot@huiminzeng

        Issue actions

          variables encrypted successfully but unable to be detected · Issue #40659 · ansible/ansible