问题描述

在使用 Ansible 时，我尝试使用拱形 vars 文件来存储私有变量，然后在另一个 vars 文件中以相同的角色使用这些变量.(来自Vault 伪叶加密"的想法此处.)

In using Ansible, I'm trying to use a vaulted vars file to store private variables, and then using those in another vars file, in the same role. (The idea from 'Vault Pseudo leaf encryption' here.)

例如我有一个标准的 vars 文件，roles/myrole/vars/main.yml:

e.g. I have one standard vars file, roles/myrole/vars/main.yml:

---
my_variable: '{{ my_variable_vaulted }}'

然后是加密的，roles/myrole/vars/vaulted_vars.yml:

---
my_variable_vaulted: 'SECRET!'

但是当我运行剧本时，我总是得到'"错误！错误！'my_variable_vaulted' 未定义"'.

But when I run the playbook I always get '"ERROR! ERROR! 'my_variable_vaulted' is undefined"'.

我在没有加密第二个文件的情况下进行了尝试，以确保它不是加密问题，并且我遇到了同样的错误.

I've tried it without encrypting the second file, to make sure it's not an issue with encryption, and I'm getting the same error.

推荐答案

my_variable_vaulted 不可用的原因是我没有包含变量文件.我假设角色的 vars/ 目录中的所有文件都被自动拾取，但我认为这只是 vars/main.yml 的情况.

The reason why my_variable_vaulted wasn't available was because I hadn't included the variable file. I'd assumed that all files in a role's vars/ directory were picked up automatically, but I think that's only the case with vars/main.yml.

因此，为了使角色内的所有任务都可以使用 vaulted 变量，在 roles/myrole/tasks/main.yml 中，我在所有任务之前添加了这个:

So, to make the vaulted variables available to all tasks within the role, in roles/myrole/tasks/main.yml I added this before all the tasks:

- include_vars: vars/vaulted_vars.yml

这篇关于在第二个 var 文件中使用一个 Ansible var 文件中的变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！