This Ansible Action Plugin enables to use you multi-valued Ansible-Vault entries.
Ansible-Vault has support to work with multiple passwords!
This functionality is very useful whenever you are working:
- with multiple Environments (internal, testing, staging, production, ...)
- in bigger teams
- with multiple automation/execution platforms (CICD like GitLab, Ansible AWX, Ansible Molecule)
- ...
But that functionality has a problem:
- You need to add 'switches' between multiple encrypted values on 'user-level' (in Tasks or Playbooks).
In my opinion this switch should be done automatically in the background as Ansible has all the needed knowledge about provided passwords and tags. But for now - this feature will not be implemented.
That's why I implemented it as a plugin.
Action-Plugins seem to be the only kind of plugins that have access to the DataLoader that loads the Ansible-Vault secrets at runtime.
Correct me if I'm wrong.. (;
Either install it using 'ansible-galaxy'
ansible-galaxy collection install superstes.multi_vaultOr download it from GitHub and copy it to your local 'collections' directory:
cd $PLAYBOOK_DIR
mkdir -p collections/ansible_collections/superstes/multi_vault/
cd collections/ansible_collections/superstes/multi_vault/
wget https://github.com/superstes/ansible_multi_vault/archive/refs/heads/latest.zip -O /tmp/multi_vault.zip
unzip -j /tmp/multi_vault.zipSee: Examples