-
Bug
-
Resolution: Done
-
Major
-
6.13.0
Description of problem:
vault_password_file defined in the "/etc/ansible/ansible.cfg" is not honored.
Version-Release number of selected component (if applicable):
6.13
How reproducible:
100%
Steps to Reproduce:
1. Upload an Ansible role where variable values are encrypted with Ansible Vault.
2. Define vault_password_file in the "/etc/ansible/ansible.cfg"
3 set permission of ansible_vault_password password file to foreman-proxy:foreman-proxy
4. Rerun the Ansible role from the Satellite GUI
Actual results:
TASK [Apply roles] *************************************************************
197:
ERROR! Attempting to decrypt but no vault secrets found =====================> Failed to execute the role due to missing secret key.
198:
PLAY RECAP *********************************************************************
199:
client.example.com : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
200:
Exit status: 2
Expected results:
Should execute with out any error.
Additional info:
As I have upgraded from 6.12 to 6.13 so the below file exists:-
/usr/share/foreman-proxy/.ansible.cfg ===> Updating the vault_password_file in this file works.
For new installations, this file(/usr/share/foreman-proxy/.ansible.cfg) does not exist. Moreover as per the comment in the below bug, Satellite 6.13 and above versions use ansible.cfg present in path "/etc/ansible/ansible.cfg". as the config file.
- external trackers
