We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi. I bumped into a weird issue.
Trying to decode a vault encrypted yaml file I get this error: AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)
AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)
(I know there is a lot of stuff there)
adm_user@srv-admin ~/selenium-test:\) $ pip list Package Version ------------------------- ---------------- ansible 9.1.0 ansible-base 2.10.8 ansible-compat 4.1.10 ansible-core 2.16.2 ansible-lint 6.22.1 ansible-modules-pm2 0.1.0 ansible-vault 2.1.0 apache-libcloud 3.2.0 apturl 0.5.2 argcomplete 1.8.1 asn1crypto 1.4.0 asttokens 2.4.1 attrs 23.1.0 ayatana-settings 21.1.28 Babel 2.8.0 bcrypt 3.2.0 beautifulsoup4 4.12.2 black 23.12.1 blessed 1.20.0 blinker 1.4 bpython 0.24 bracex 2.4 Brlapi 0.8.3 bs4 0.0.1 cajarename 21.11.24 certifi 2022.6.15 chardet 5.0.0 charset-normalizer 2.1.0 click 8.0.3 colorama 0.4.4 colorlog 6.6.0 configobj 5.0.6 cryptography 3.4.8 cupshelpers 1.0 curtsies 0.4.2 cwcwidth 0.1.9 dbus-python 1.2.18 decorator 5.1.1 defer 1.0.6 defusedxml 0.7.1 deja-dup-caja 0.0.9 distro 1.7.0 distro-info 1.1+ubuntu0.1 dnspython 2.1.0 duplicity 0.8.21 exceptiongroup 1.2.0 executing 2.0.1 fasteners 0.14.1 filelock 3.13.1 folder-color-caja 0.0.86 folder-color-common 0.0.86 future 0.18.2 gpg 1.16.0 greenlet 3.0.3 h11 0.14.0 httplib2 0.20.2 idna 3.3 importlib-metadata 4.6.4 ipython 8.18.1 jedi 0.19.1 jeepney 0.7.1 Jinja2 3.0.3 jmespath 0.10.0 jsonschema 4.20.0 jsonschema-specifications 2023.12.1 keyring 23.5.0 language-selector 0.1 launchpadlib 1.10.16 lazr.restfulclient 0.14.4 lazr.uri 1.0.6 lockfile 0.12.2 louis 3.20.0 Magnus 1.0.3 Mako 1.1.3 markdown-it-py 3.0.0 MarkupSafe 2.0.1 mate-hud 22.4.4 mate-menu 22.4.1 mate-tweak 22.4.8 matplotlib-inline 0.1.6 mdurl 0.1.2 meld 3.20.4 monotonic 1.6 more-itertools 8.10.0 mypy-extensions 1.0.0 netaddr 0.8.0 netifaces 0.11.0 ntlm-auth 1.4.0 oauthlib 3.2.0 olefile 0.46 onboard 1.4.1 outcome 1.3.0.post0 packaging 23.2 paramiko 2.9.3 parso 0.8.3 pathspec 0.12.1 pexpect 4.8.0 Pillow 9.0.1 pip 22.0.2 pip-search 0.0.12 platformdirs 4.1.0 prompt-toolkit 3.0.43 psutil 5.9.0 ptyprocess 0.7.0 pulsemixer 1.5.1 pure-eval 0.2.2 pyasn1 0.4.8 pycairo 1.20.1 pycryptodomex 3.11.0 pycups 2.0.1 Pygments 2.17.2 PyGObject 3.42.1 PyJWT 2.3.0 pymacaroons 0.13.0 PyNaCl 1.5.0 pyparsing 2.4.7 PySocks 1.7.1 python-apt 2.4.0+ubuntu2 python-dateutil 2.8.1 python-debian 0.1.43+ubuntu1.1 python-dotenv 1.0.0 python-xapp 2.2.1 python-xlib 0.29 pytz 2022.1 pyvmomi 6.7.1 pywinrm 0.3.0 pyxattr 0.7.2 pyxdg 0.27 PyYAML 5.4.1 referencing 0.32.0 reportlab 3.6.8 requests 2.31.0 requests-ntlm 1.1.0 requests-toolbelt 0.9.1 resolvelib 1.0.1 rich 13.7.0 rpds-py 0.16.2 ruamel.yaml 0.18.5 ruamel.yaml.clib 0.2.8 SecretStorage 3.3.1 selenium 4.16.0 selinux 3.3 setproctitle 1.2.2 setuptools 59.6.0 simplejson 3.17.6 six 1.16.0 sniffio 1.3.0 sortedcontainers 2.4.0 soupsieve 2.5 stack-data 0.6.3 stormshield.sns.sslclient 1.0.4 subprocess-tee 0.4.1 systemd-python 234 terminator 2.1.1 tomli 2.0.1 traitlets 5.14.0 trio 0.23.2 trio-websocket 0.11.1 typing_extensions 4.9.0 ubuntu-advantage-tools 8001 ubuntu-drivers-common 0.0.0 ufw 0.36.1 unattended-upgrades 0.1 urllib3 1.26.10 wadllib 1.3.6 wcmatch 8.5 wcwidth 0.2.12 webdriver-manager 4.0.1 wheel 0.37.1 wsproto 1.2.0 xdg 5 xkit 0.0.0 xmltodict 0.12.0 yamllint 1.33.0 youtube-dl 2021.12.17 zipp 1.0.0
Python is 3.10.12
adm_user@srv-admin ~/selenium-test:\) $ cat toto.yml soft: user: toto password: rototo adm_user@srv-admin ~/selenium-test:\) $ echo -n "toto" > password adm_user@srv-admin ~/selenium-test:\) $ cat password totoadm_user@srv-admin ~/selenium-test:\) $ adm_user@srv-admin ~/selenium-test:\) $ ansible-vault encrypt toto.yml --vault-password-file password Encryption successful adm_user@srv-admin ~/selenium-test:\) $ cat toto.yml $ANSIBLE_VAULT;1.1;AES256 32353335396261646339343466646261306239633333366365663862353062653632653633656162 6464663731366136633131646531303063366332633734370a653464373830666666343930393564 39393162396564356336336339666666383432323738376566626434393461376334656664396339 6461363530383238340a376333306631383762323134303931393938653837633263386664633830 61383664303562386131306234333238396434316636343230633231386138613264383566363432 6165626266626437653735383835663564313162633265643964 adm_user@srv-admin ~/selenium-test:\) $
Now to python:
adm_user@srv-admin ~/selenium-test:\) $ ipython Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] Type 'copyright', 'credits' or 'license' for more information IPython 8.18.1 -- An enhanced Interactive Python. Type '?' for help. In [1]: from ansible_vault import Vault In [2]: vault = Vault(open('password').read()) In [3]: data = vault.load(open('toto.yml').read()) --------------------------------------------------------------------------- AnsibleVaultError Traceback (most recent call last) Cell In[3], line 1 ----> 1 data = vault.load(open('toto.yml').read()) File ~/.local/lib/python3.10/site-packages/ansible_vault/api.py:53, in Vault.load(self, stream) 51 def load(self, stream): 52 """Read vault steam and return python object.""" ---> 53 return yaml.safe_load(self.load_raw(stream)) File ~/.local/lib/python3.10/site-packages/ansible_vault/api.py:41, in Vault.load_raw(self, stream) 39 def load_raw(self, stream): 40 """Read vault stream and return raw data.""" ---> 41 return self.vault.decrypt(stream) File ~/.local/lib/python3.10/site-packages/ansible_vault/parsing.py:47, in AnsibleVaultLib.decrypt(self, vaulttext) 46 def decrypt(self, vaulttext): ---> 47 return self.vault.decrypt(vaulttext) File ~/.local/lib/python3.10/site-packages/ansible/parsing/vault/__init__.py:644, in VaultLib.decrypt(self, vaulttext, filename, obj) 633 def decrypt(self, vaulttext, filename=None, obj=None): 634 '''Decrypt a piece of vault encrypted data. 635 636 :arg vaulttext: a string to decrypt. Since vault encrypted data is an (...) 642 643 ''' --> 644 plaintext, vault_id, vault_secret = self.decrypt_and_get_vault_id(vaulttext, filename=filename, obj=obj) 645 return plaintext File ~/.local/lib/python3.10/site-packages/ansible/parsing/vault/__init__.py:751, in VaultLib.decrypt_and_get_vault_id(self, vaulttext, filename, obj) 749 if filename: 750 msg += " on %s" % to_native(filename) --> 751 raise AnsibleVaultError(msg) 753 if b_plaintext is None: 754 msg = "Decryption failed" AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt) In [4]:
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi.
I bumped into a weird issue.
Trying to decode a vault encrypted yaml file I get this error:
AnsibleVaultError: Decryption failed (no vault secrets were found that could decrypt)Versions of installed packages
(I know there is a lot of stuff there)
Python is 3.10.12
Steps to reproduce
Now to python:
The text was updated successfully, but these errors were encountered: