I need to encrypt a file using ansible-vault
. I would like to perform the encryption only if the file is not already encrypted by ansible vault. I am trying to use this task in my Ansible playbook:
- local_action: command
ansible-vault encrypt path/to/file
when: <when file is not already encrypted by ansible-vault>
Is there a logic to use in the conditional statement that will check if a file is already encrypted by ansible-vault
?
There is likely a myriad of ways to do it, all having little to do with Ansible and Ansible Vault itself. Here's one:
- local_action: shell
head -1 {{ file }} | grep -v -q \$ANSIBLE_VAULT && ansible-vault encrypt {{ file }}
You'll also need --vault-password-file
otherwise Ansible will stop processing and wait on prompt.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.