fix encryptExtraVarsKey

move file copier clean to a finally block

src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java

@@ -424,7 +424,7 @@ public int run() throws Exception {
                 String addeExtraVars = extraVars;
 
                 if (encryptExtraVars && useAnsibleVault) {
-                    addeExtraVars = encryptExtraVarsKey(extraVars, tempInternalVaultFile);
+                    addeExtraVars = encryptExtraVarsKey(extraVars);
                 }
 
                 tempVarsFile = AnsibleUtil.createTemporaryFile("extra-vars", addeExtraVars);
@@ -462,7 +462,7 @@ public int run() throws Exception {
                 String finalextraVarsPassword = extraVarsPassword;
 
                 if(useAnsibleVault){
-                    finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword, tempInternalVaultFile);
+                    finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword);
                 }
 
                 tempSshVarsFile = AnsibleUtil.createTemporaryFile("ssh-extra-vars", finalextraVarsPassword);
@@ -481,7 +481,7 @@ public int run() throws Exception {
                     String finalextraVarsPassword = extraVarsPassword;
 
                     if (useAnsibleVault) {
-                        finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword, tempInternalVaultFile);
+                        finalextraVarsPassword = encryptExtraVarsKey(extraVarsPassword);
                     }
 
                     tempBecameVarsFile = AnsibleUtil.createTemporaryFile("become-extra-vars", finalextraVarsPassword);
@@ -696,22 +696,13 @@ public boolean registerKeySshAgent(String keyPath) throws Exception {
     }
 
 
-    public String encryptExtraVarsKey(String extraVars, File vaultPasswordFile) throws Exception {
-        Map<String, String> extraVarsMap = null;
+    public String encryptExtraVarsKey(String extraVars) throws Exception {
+        Map<String, String> extraVarsMap = new HashMap<>();
         Map<String, String> encryptedExtraVarsMap = new HashMap<>();
         try {
             extraVarsMap = mapperYaml.readValue(extraVars, new TypeReference<Map<String, String>>() {
             });
 
-            for (Map.Entry<String, String> entry : extraVarsMap.entrySet()) {
-                String key = entry.getKey();
-                String value = entry.getValue();
-                String encryptedKey = ansibleVault.encryptVariable(key, value);
-                if (encryptedKey != null) {
-                    encryptedExtraVarsMap.put(key, encryptedKey);
-                }
-            }
-
         } catch (Exception e) {
             try {
                 extraVarsMap = mapperJson.readValue(extraVars, new TypeReference<Map<String, String>>() {
@@ -722,6 +713,15 @@ public String encryptExtraVarsKey(String extraVars, File vaultPasswordFile) thro
             }
         }
 
+        for (Map.Entry<String, String> entry : extraVarsMap.entrySet()) {
+            String key = entry.getKey();
+            String value = entry.getValue();
+            String encryptedKey = ansibleVault.encryptVariable(key, value);
+            if (encryptedKey != null) {
+                encryptedExtraVarsMap.put(key, encryptedKey);
+            }
+        }
+
         StringBuilder stringBuilder = new StringBuilder();
         encryptedExtraVarsMap.forEach((key, value) -> {
             stringBuilder.append(key).append(":");

src/main/groovy/com/rundeck/plugins/ansible/plugin/AnsibleFileCopier.java

@@ -157,10 +157,10 @@ private String doFileCopy(
           runner.run();
     } catch (Exception e) {
           throw new FileCopierException("Error running Ansible.", AnsibleFailureReason.AnsibleError, e);
+    }finally {
+        contextBuilder.cleanupTempFiles();
     }
 
-    contextBuilder.cleanupTempFiles();
-
     return destinationPath;
   }