Add back support for vault_password_file config var (#27597)

Got removed in arg parsing updates. Now added back in setup_vault_secrets(). The default value for DEFAULT_VAULT_PASSWORD_FILE was also set to '~' for some reason, change to to no default. Add integration tests.
2025-07-22 21:00:22 -07:00 · 2017-08-01 18:07:33 -04:00 · 2017-08-01 18:07:33 -04:00 · 75a8be9a5d
commit 75a8be9a5d
parent f19ed387a7
3 changed files with 18 additions and 1 deletions
--- a/lib/ansible/cli/init.py
+++ b/lib/ansible/cli/init.py
@ -210,6 +210,11 @@ class CLI(with_metaclass(ABCMeta, object)):
        # we need to show different prompts. This is for compat with older Towers that expect a
        # certain vault password prompt format, so 'promp_ask_vault_pass' vault_id gets the old format.
        prompt_formats = {}
+
+        vault_password_files = vault_password_files or []
+        if C.DEFAULT_VAULT_PASSWORD_FILE:
+            vault_password_files.append(C.DEFAULT_VAULT_PASSWORD_FILE)
+
        if create_new_password:
            prompt_formats['prompt'] = ['New vault password (%(vault_id)s): ',
                                        'Confirm vew vault password (%(vault_id)s): ']
--- a/lib/ansible/config/data/config.yml
+++ b/lib/ansible/config/data/config.yml
@ -1089,7 +1089,7 @@ DEFAULT_VAULT_IDENTITY:
  vars: []
  yaml: {key: defaults.vault_identity}
 DEFAULT_VAULT_PASSWORD_FILE:
-  default: ~
+  default:
  desc: 'TODO: write it'
  env: [{name: ANSIBLE_VAULT_PASSWORD_FILE}]
  ini: