Created
August 19, 2016 04:59
-
-
Save hayajo/78d70f0046646ccfb84d059a6338c5e1 to your computer and use it in GitHub Desktop.
AnsibleでAnsible-Vaultで暗号化したバイナリファイルの内容を利用する
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: all | |
| connection: local | |
| gather_facts: no | |
| sudo: no | |
| vars: | |
| # インベントリに指定するディレクトリでステージごとにファイルを切り替える。他にもinventory_hostnameやgroup_nameなどのマジック変数を利用してファイルを切り替える。 | |
| - decrypted: "{{ lookup('pipe', 'ansible-vault view --vault-password-file=/path/to/password/file /path/to/secret/{{ inventory_dir | default(\".\", true) | basename }}/file') }}" | |
| tasks: | |
| - debug: > | |
| msg="{{ decrypted }}" | |
| - copy: > | |
| content="{{ decrypted }}" | |
| dest=/tmp/output | |
| mode=0666 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment