From a6460aa617352d9a46aeac4335df9b082990e370 Mon Sep 17 00:00:00 2001
From: Alexandre Chapellon <alexandre.chapellon@hyland.com>
Date: Sun, 2 Apr 2023 18:05:55 +0200
Subject: [PATCH] remove yaml dodgy chars

---
 .github/workflows/community.yml |  2 +-
 playbooks/secrets-init.yml      | 11 +++++++++++
 scripts/generate-secret.sh      |  4 +++-
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/community.yml b/.github/workflows/community.yml
index 295deb990..b22fc428a 100644
--- a/.github/workflows/community.yml
+++ b/.github/workflows/community.yml
@@ -32,7 +32,7 @@ jobs:
           - name: tomcat
           - name: transformers
     env:
-      PY_COLORS: 1
+      PY_COLORS: 0
       PYTHONUNBUFFERED: 1
     steps:
       - name: Checkout
diff --git a/playbooks/secrets-init.yml b/playbooks/secrets-init.yml
index 164fa444d..6dab46479 100644
--- a/playbooks/secrets-init.yml
+++ b/playbooks/secrets-init.yml
@@ -24,6 +24,10 @@
         quiet: yes
         msg: "Vault file can't be changed by this playbook once encrypted"
 
+    - name: Debug file content
+      debug:
+        var: lookup('file', '../vars/secrets.yml')
+
     - name: Handle secret variables generation
       block:
         - name: Preload secrets as localhost hostvars
@@ -47,6 +51,9 @@
           when: vault_init | default('') == 'plugin'
 
         - name: Populate secrets.yml with missing secrets
+          environment:
+            ANSIBLE_NOCOLOR: True
+            PYCOLORS: False
           ansible.builtin.shell: "{{ base_folder }}/scripts/generate-secret.sh -s {{ item }} -m {{ gs_mode }} >> {{ secrets_file }}"
           when: not lookup('vars', item, default=False)
           loop:
@@ -62,6 +69,10 @@
           ansible.builtin.command: ansible-vault encrypt {{ secrets_file }}
           when: vault_init | default('') == 'encrypted_file'
 
+    - name: Debug file content
+      debug:
+        var: lookup('file', '../vars/secrets.yml')
+
     - name: Load secrets as localhost hostvars
       ansible.builtin.include_vars:
         file: ../vars/secrets.yml
diff --git a/scripts/generate-secret.sh b/scripts/generate-secret.sh
index 449985834..c67291dea 100755
--- a/scripts/generate-secret.sh
+++ b/scripts/generate-secret.sh
@@ -22,8 +22,10 @@ if [ -z "${SECRET_KEY}" ]; then
 fi
 
 RANDOM_STRING=$(\
+    ANSIBLE_FORCE_COLOR=False \
+    ANSIBLE_NOCOLOR=True \
     ansible -m ansible.builtin.command \
-    -a "echo {{ lookup('password','/dev/null',chars=['ascii_letters','digits','+$?/&\,;()[]:_='],length=33) }}" \
+    -a "echo {{ lookup('password','/dev/null',chars=['ascii_letters','digits','+$?/,;()[]_='],length=33) }}" \
     localhost -o 2>/dev/null \
     | awk '{print $NF}' \
 )