jeffbrl/ansible-vault-usage-example

## ansible-vault-usage-example
jeffl@ubuntu:~/vault_testing$ cat vars/secrets.yml
---
username: jeffl
password: secretpassword
jeffl@ubuntu:~/vault_testing$

jeffl@ubuntu:~/vault_testing$ echo "my_vault_pass" > vault_pass
jeffl@ubuntu:~/vault_testing$ chmod go-r vault_pass

jeffl@ubuntu:~/vault_testing$ ansible-vault encrypt --vault-id vault_pass vars/secrets.yml
Encryption successful
jeffl@ubuntu:~/vault_testing$ cat !$
cat vars/secrets.yml
$ANSIBLE_VAULT;1.1;AES256
32353463666361373361626431343536313862356430663738306261396337653239326533353439
3336303361643236326562303663663733326537363864320a336332373231303032666261343066
61643565303665616637343437336233366136663265373138616238633333626632343062373738
6631323336373361660a306232653136383539386135663732366632353732313061323637653565
31346565363030323461343937623736623532613232383933373531366362636165306432633632
6434643235623530353333666164383136376239326431643636
jeffl@ubuntu:~/vault_testing$ cat vault_test.yml
---
- name: Test ansible vault functionality
  hosts: 127.0.0.1
  vars_files:
    - vars/secrets.yml

  tasks:
    - name: Print username variable to the screen
      debug:
        var: username
jeffl@ubuntu:~/vault_testing$ ansible-playbook --vault-id vault_pass vault_test.yml
 [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not
match 'all'


PLAY [Test ansible vault functionality] *****************************************************************************

TASK [Gathering Facts] **********************************************************************************************
ok: [127.0.0.1]

TASK [Print username variable to the screen] ************************************************************************
ok: [127.0.0.1] => {
    "username": "jeffl"
}

PLAY RECAP **********************************************************************************************************
127.0.0.1                  : ok=2    changed=0    unreachable=0    failed=0

jeffl@ubuntu:~/vault_testing$
	jeffl@ubuntu:~/vault_testing$ cat vars/secrets.yml
	---
	username: jeffl
	password: secretpassword
	jeffl@ubuntu:~/vault_testing$

	jeffl@ubuntu:~/vault_testing$ echo "my_vault_pass" > vault_pass
	jeffl@ubuntu:~/vault_testing$ chmod go-r vault_pass

	jeffl@ubuntu:~/vault_testing$ ansible-vault encrypt --vault-id vault_pass vars/secrets.yml
	Encryption successful
	jeffl@ubuntu:~/vault_testing$ cat !$
	cat vars/secrets.yml
	$ANSIBLE_VAULT;1.1;AES256
	32353463666361373361626431343536313862356430663738306261396337653239326533353439
	3336303361643236326562303663663733326537363864320a336332373231303032666261343066
	61643565303665616637343437336233366136663265373138616238633333626632343062373738
	6631323336373361660a306232653136383539386135663732366632353732313061323637653565
	31346565363030323461343937623736623532613232383933373531366362636165306432633632
	6434643235623530353333666164383136376239326431643636
	jeffl@ubuntu:~/vault_testing$ cat vault_test.yml
	---
	- name: Test ansible vault functionality
	hosts: 127.0.0.1
	vars_files:
	- vars/secrets.yml

	tasks:
	- name: Print username variable to the screen
	debug:
	var: username
	jeffl@ubuntu:~/vault_testing$ ansible-playbook --vault-id vault_pass vault_test.yml
	[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not
	match 'all'


	PLAY [Test ansible vault functionality] *****************************************************************************

	TASK [Gathering Facts] **********************************************************************************************
	ok: [127.0.0.1]

	TASK [Print username variable to the screen] ************************************************************************
	ok: [127.0.0.1] => {
	"username": "jeffl"
	}

	PLAY RECAP **********************************************************************************************************
	127.0.0.1 : ok=2 changed=0 unreachable=0 failed=0

	jeffl@ubuntu:~/vault_testing$