i’ve encrypted my passphrase and my recovery key with ansible-vault. i’ve a file with my password for ansible-vault.
But i have an issue :
TASK [Passbolt lookup plugin / fetch one] ***********************************************************************************************************************
task path: /home/Ansible/test/play.yml:9
exception during Jinja2 execution: Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/ansible/template/init.py”, line 1032, in _lookup
ran = instance.run(loop_terms, variables=self._available_variables, **kwargs)
File “/home/Ansible/.ansible/collections/ansible_collections/anatomicjc/passbolt/plugins/lookup/passbolt.py”, line 278, in run
self.passbolt_init(variables, kwargs)
File “/home/Ansible/.ansible/collections/ansible_collections/anatomicjc/passbolt/plugins/lookup/passbolt.py”, line 248, in passbolt_init
self.p = PassboltAPI(dict_config=self.dict_config)
File “/usr/local/lib/python3.9/dist-packages/passbolt/init.py”, line 47, in init
self.login()
File “/usr/local/lib/python3.9/dist-packages/passbolt/init.py”, line 158, in login
self.nonce = self.decrypt(self.pgp_message).decode()
File “/usr/local/lib/python3.9/dist-packages/passbolt/init.py”, line 92, in decrypt
with self.key.unlock(self.config.get(“passphrase”)):
File “/usr/lib/python3.9/contextlib.py”, line 117, in enter
return next(self.gen)
File “/usr/local/lib/python3.9/dist-packages/pgpy/pgp.py”, line 1811, in unlock
sk._key.unprotect(passphrase)
File “/usr/local/lib/python3.9/dist-packages/pgpy/packet/packets.py”, line 941, in unprotect
self.keymaterial.decrypt_keyblob(passphrase)
File “/usr/local/lib/python3.9/dist-packages/pgpy/packet/fields.py”, line 1353, in decrypt_keyblob
kb = super(RSAPriv, self).decrypt_keyblob(passphrase)
File “/usr/local/lib/python3.9/dist-packages/pgpy/packet/fields.py”, line 1264, in decrypt_keyblob
raise PGPDecryptionError(“Passphrase was incorrect!”)
pgpy.errors.PGPDecryptionError: Passphrase was incorrect!
fatal: [localhost]: FAILED! => {
“msg”: “An unhandled exception occurred while running the lookup plugin ‘anatomicjc.passbolt.passbolt’. Error was a <class ‘pgpy.errors.PGPDecryptionError’>, original message: Passphrase was incorrect!. Passphrase was incorrect!”
I confirm I haven’t got the issue with my passphrase not encrypted.
with PASSBOLT_PASSPHRASE: “{{ your_passphrase_vault | string }}”, i’ve got the issue too.
i have not try but thanks for your answers.
i didn’t see if we could create directories on Passbolt with your plugin or if we could create the password in a specific directory.
because if yes, i’ve got this error:
fatal: [localhost]: FAILED! => {
“msg”: “An unhandled exception occurred while running the lookup plugin ‘anatomicjc.passbolt.passbolt’. Error was a <class ‘Exception’>, original message: resource [first_data] not found. [first_data] not found”
}
but i’ve had this error :
fatal: [localhost]: FAILED! => {
“msg”: “An unhandled exception occurred while running the lookup plugin ‘anatomicjc.passbolt.passbolt’. Error was a <class ‘Exception’>, original message: resource [first_data] not found. [first_data] not found”
}
i’ve tried to use loop in place of with_items, but that did’nt succeed.
yes, the issue is when ansible is searching first_data. Ansible did’nt find the resource first_data.
fatal: [localhost]: FAILED! => {
“msg”: “An unhandled exception occurred while templating ‘{{ lookup(‘anatomicjc.passbolt.passbolt’, ‘{{item.db}}’, username= ‘{{item.dbu}}’ ).password }}’. Error was a <class ‘ansible.errors.AnsibleError’>, original message: An unhandled exception occurred while running the lookup plugin ‘anatomicjc.passbolt.passbolt’. Error was a <class ‘Exception’>, original message: resource d----------g not found. resource d----------------g not found”
}