我有一个Jenkins文件试图启动一个Ansible playbook,它引用了一个存储在Ansible库加密文件中的参数 .
Ansible安装在2.4.0.0版本中
这是我的jenkins文件的片段:
withCredentials([[$class: 'StringBinding', credentialsId: 'vault_token', variable: 'VAULT_TOKEN']]) {
ansiblePlaybook(
playbook: "./ansible/playbooks/deploy.yml",
inventory: "./ansible/hosts/hosts",
credentialsId: "$VAULT_TOKEN"
}
还有剧本:
---
- hosts: managers
become: true
tasks:
- include_vars: ../vaults/passwords.yml
- name: Log into Docker repository
docker_login:
registry: my.registry.org
username: "{{ reg_user }}"
password: "{{ reg_password }}"
此剧集包括包含加密值的Vault文件 . 当Jenkins执行Jenkins文件时,我收到以下错误: Attempting to decrypt but no vault secrets found
为什么ansible不使用我在Jenkins文件中传递给他的credentialId,传递这个凭证的好方法是什么?
2 回答
尝试以下方法
你需要添加
并将credentialsId留空 .
请使用'vaultCredentialsId'而不是'credentialsId'作为保险库令牌 .
删除'withCredentials'部分并直接写入类似于VaultCredentialsId:'vault_token' Ansible Plugin link