Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Config via Ansible vars not resolving templating #443

Open
onefourfive opened this issue Jul 24, 2024 · 1 comment
Open

Config via Ansible vars not resolving templating #443

onefourfive opened this issue Jul 24, 2024 · 1 comment

Comments

@onefourfive
Copy link

onefourfive commented Jul 24, 2024

SUMMARY

When I set ansible_hashi_vault_ variables as below, they are taken literally and not templated:

ansible_hashi_vault_url: "{{ vault_fqdn }}"
ansible_hashi_vault_token_path: "{{ lookup('env', 'HOME') }}/.vault-ansible/"
ansible_hashi_vault_token_file: "token-{{ zone }}"

In a case where all but url is specified as lookup keywords, and we intentionally omit the scheme, you can see the templating makes it into the error message:

localhost | FAILED! => {
    "msg": "An unhandled exception occurred while running the lookup plugin 'community.hashi_vault.hashi_vault'. 
Error was a <class 'requests.exceptions.MissingSchema'>, original message: 
Invalid URL '{{ vault_fqdn }}/v1/internal/data/tf': No scheme supplied. Perhaps you meant https://{{ vault_fqdn }}/v1/internal/data/tf?. 
Invalid URL '{{ vault_fqdn }}/v1/internal/data/tf': No scheme supplied. Perhaps you meant https://{{ vault_fqdn }}/v1/internal/data/tf?"
}
ISSUE TYPE
  • Bug Report
COMPONENT NAME

hashi_vault

ANSIBLE VERSION
ansible [core 2.17.1]
  config file = /home/iivv/vault-tools/vault-ansible/ansible.cfg
  configured module search path = ['/home/iivv/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/iivv/.virtualenvs/vault-ansible/lib/python3.12/site-packages/ansible
  ansible collection location = /home/iivv/vault-tools/vault-ansible/collections
  executable location = /home/iivv/.virtualenvs/vault-ansible/bin/ansible
  python version = 3.12.3 (main, Apr 10 2024, 05:33:47) [GCC 13.2.0] (/home/iivv/.virtualenvs/vault-ansible/bin/python)
  jinja version = 3.1.4
  libyaml = True
COLLECTION VERSION
Collection            Version
--------------------- -------
community.hashi_vault 6.2.0 
CONFIGURATION
n/a
OS / ENVIRONMENT

n/a

STEPS TO REPRODUCE
  1. Create a vars file specifying config with templating.
  2. Try to perform a lookup without specifying config keywords.
EXPECTED RESULTS

Templating should work so that I can work with different vault clusters and configs in a playbook run as necessary.

ACTUAL RESULTS

Errors result from template attempts. Only literal values are used.

localhost | FAILED! => {
    "msg": "An unhandled exception occurred while running the lookup plugin 'community.hashi_vault.hashi_vault'. Error was a <class 'requests.exceptions.MissingSchema'>, original message: Invalid URL '{{ vault_fqdn }}/v1/internal/data/tf': No scheme supplied. Perhaps you meant https://{{ vault_fqdn }}/v1/internal/data/tf?. Invalid URL '{{ vault_fqdn }}/v1/internal/data/tf': No scheme supplied. Perhaps you meant https://{{ vault_fqdn }}/v1/internal/data/tf?"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants