Node discovery with vault broken

[jijojv]

Hi,

None of the vault options settings seem to be getting used for initial node discovery using libext/rundeck-ansible-plugin-2.3.0.jar

I see them correctly referenced in

2018-06-27 12:41:47,434 INFO  ProjectNodeSupport - Source #2 (com.batix.rundeck.plugins.AnsibleResourceModelSourceFactory): loading with properties:
....
ansible-become=false, ansible-ignore-errors=true, ansible-gather-facts=true, ansible-vault-storage-path=keys/ansible/vault, ansible-inventory=
...
ansible-vault-path=/tmp/foo/asdf
.....

But not actually getting used.

2018-06-27 13:07:25,351 DEBUG JarPluginProviderLoader - Succeeded loading plugin com.batix.rundeck.plugins.AnsibleResourceModelSourceFactory for service: ResourceModelSource

PLAY [all] ********************************************************************* ERROR! Attempting to decrypt but no vault secrets found

---

I don't know much java but I would have expected throw new ResourceModelSourceException("Could not read vault file " + vaultFile,e); to show up if i gave a fake ansible-vault-path

---

The workaround i found was to rely on $ANSIBLE_VAULT_PASSWORD_FILE environment variable.

[mcassaniti]

Reading through the code, it seems that:

• The file contents is read
• The contents is stored in a temporary file (probably something like /tmp/ansible-runner...vault)
• The command line option --vault-password-file is added with the appropriate path to the file above

Can you confirm my assumptions? If the vault file is created and has the contents you expect, I'd say something else is wrong.