Last active
June 12, 2024 22:17
-
-
Save chicagobuss/35f717b096116e569598 to your computer and use it in GitHub Desktop.
Trying to get vault and vars to work in templates with Ansible.... colons in file names represent directories
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| fatal: [ge-spark-master1] => {'msg': "AnsibleUndefinedVariable: One or more undefined variables: 'vaulted_access_key' is undefined", 'failed': True} | |
| fatal: [ge-spark-master1] => {'msg': "AnsibleUndefinedVariable: One or more undefined variables: 'vaulted_access_key' is undefined", 'failed': True} | |
| fatal: [ge-spark-master2] => {'msg': "AnsibleUndefinedVariable: One or more undefined variables: 'vaulted_access_key' is undefined", 'failed': True} | |
| fatal: [ge-spark-master2] => {'msg': "AnsibleUndefinedVariable: One or more undefined variables: 'vaulted_access_key' is undefined", 'failed': True} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # file: roles/spark/tasks/main.yml | |
| - include_vars: vault.yml | |
| tags: # These were the lines I was missing | |
| - spark # These were the lines I was missing | |
| - spark-masters # These were the lines I was missing | |
| - spark-workers # These were the lines I was missing | |
| - include_vars: unencrypted.yml | |
| tags: # These were the lines I was missing | |
| - spark # These were the lines I was missing | |
| - spark-masters # These were the lines I was missing | |
| - spark-workers # These were the lines I was missing | |
| - debug: var=vaulted_access_key | |
| - name: Copy stuff with vars | |
| template: src=site.xml dest={{ spark.location }}/conf/site.xml | |
| tags: | |
| - spark | |
| - spark-masters | |
| - spark-workers | |
| - debug: var=vaulted_gcs_access_key | |
| - name: Copy stuff without vars | |
| template: src={{ item }} dest={{ spark.location }}/conf/{{ item }} | |
| with_items: | |
| - spark-env.sh | |
| - spark.properties | |
| - log4j.properties | |
| - metrics.properties | |
| tags: | |
| - spark | |
| - spark-masters | |
| - spark-workers | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ... | |
| <property> | |
| <name>access.key</name> | |
| <value>{{ access_key }}</value> | |
| </property> | |
| <property> | |
| <name>secret.key</name> | |
| <value>{{ secret_key }}</value> | |
| </property> | |
| ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| access_key: "{{ vaulted_access_key }}" | |
| secret_key: "{{ vaulted_secret_key }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vaulted_access_key: ACTUALACCESSKEY | |
| vaulted_secret_key: ACTUALSECRETKEY |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ grep -irI vaulted_access_key | |
| roles/spark_common/tasks/main.yml:- debug: var=vaulted_access_key | |
| roles/spark_common/tasks/main.yml:- debug: var=vaulted_access_key | |
| roles/spark_common/templates/core-site.xml: <value>{{ vaulted_access_key }}</value> | |
| roles/spark_common/vars/vault.yml:vaulted_access_key: ACTUALACCESSKEY | |
| roles/spark_common/vars/unencypted.yml:access_key: "{{ vaulted_access_key }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
you probably need to use :
vars_files: vault.ymlinstead of include_vars.
Or is this working for you?
Unclear what you mean otherwise.