ANSIBLE_VAULT_PASSWORD related instructions do not seem to work as documented with EE's.

[netopsengineer]

ISSUE TYPE

• Doc issue

SUMMARY

The document section in question: link

I am able to to create the gpg encrypted file, and the shell script, and it does work independently when executed, I do in fact get the password back. However, when executing with the EE as documented, the ENV is inside the EE container, but Ansible seems to simply ignore it:

ANSIBLE_VAULT_PASSWORD="$( ~/bin/vault.sh )" ansible-navigator run (...)

Is the behavior that is expected such that ANSIBLE_VAULT_PASSWORD=my_plain_text_password would be inside the EE? If so, I do see that if I switch run to exec and printenv, but the playbook does not seem to use it, first task executed with something vaulted says there were not credentials available.

A vault password or secret must be specified to decrypt

The previous instructions that revolve around linking the password file or script into the project that are considered the less secure options per the docs, do work for me as documented. I just prefer the newly mentioned method above. FWIW, I am on MacOS 14.4.1, and ansible-navigator 24.2.0.