---
- hosts: localhost
connection: local
gather_facts: False
vars:
encrypt_string_var: "lqRASnvmGsj*MJ7A"
vault_pass: "/tmp/mypass"
tasks:
- name: "Encrypt my plain text string"
shell:
cmd: "ansible-vault encrypt_string {{ encrypt_string_var }} --vault-password-file={{ vault_pass }} | sed -e 's/^ *//' | sed -e '1,1d'"
register: enc_string
no_log: True
- set_fact:
val: "{{ enc_string.stdout }}"
no_log: True
- name: "Decrypt the latest encrypted string"
shell:
cmd: "echo '{{ val }}' | ansible-vault decrypt --vault-password-file={{ vault_pass }}"
register: dec_string
no_log: false
- name:
debug:
msg: "Decrypted string : {{ dec_string.stdout }}"
- set_stats:
data:
key: "{{ val }}"
No comments:
Post a Comment