Merge pull request #349 from rundeck-plugins/RUN-2222

RUN-2222: share the vault storage password with the runner
rundeck-plugins · Mar 20, 2024 · fab01ea · fab01ea
2 parents 5b1dad9 + 34a7330
commit fab01ea
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 6 deletions.
diff --git a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerBuilder.java b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunnerBuilder.java
@@ -396,25 +396,39 @@ public String getBecomePassword()  throws ConfigurationException{
         }
     }
 
-    public String getVaultKey()  throws ConfigurationException{
-        //look for storage option
+    public String  getVaultKeyStoragePath(){
+
         String storagePath = PropertyResolver.resolveProperty(
-        		AnsibleDescribable.ANSIBLE_VAULTSTORE_PATH,
+                AnsibleDescribable.ANSIBLE_VAULTSTORE_PATH,
                 null,
                 getFrameworkProject(),
                 getFramework(),
                 getNode(),
                 getjobConf()
-                );
+        );
 
-        if(null!=storagePath){
-            //look up storage value
+        if(null!=storagePath) {
+            //expand properties in path
             if (storagePath.contains("${")) {
                 storagePath = DataContextUtils.replaceDataReferencesInString(
                         storagePath,
                         context.getDataContext()
                 );
             }
+
+            return storagePath;
+        }
+
+        return null;
+
+    }
+
+    public String getVaultKey()  throws ConfigurationException{
+        //look for storage option
+        String storagePath = getVaultKeyStoragePath();
+
+        if(null!=storagePath){
+            //look up storage value
             Path path = PathUtil.asPath(storagePath);
             try {
                 ResourceMeta contents = context.getStorageTree().getResource(path)

diff --git a/src/main/groovy/com/rundeck/plugins/ansible/util/AnsibleUtil.java b/src/main/groovy/com/rundeck/plugins/ansible/util/AnsibleUtil.java
@@ -73,6 +73,11 @@ public static List<String> getSecretsPath(AnsibleRunnerBuilder builder){
                     builder.getPassphraseStoragePath()
             );
         }
+        if(builder.getVaultKeyStoragePath()!=null){
+            secretPaths.add(
+                    builder.getVaultKeyStoragePath()
+            );
+        }
         return secretPaths;
 
     }