hashi_vault returns Fatal error when the secret does not exist
Closed this issue · 2 comments
michalmedvecky commented
ISSUE TYPE
- Bug Report
COMPONENT NAME
lookup/hashi_vault.py
ANSIBLE VERSION
latest dev
OS / ENVIRONMENT
N/A
SUMMARY
When you lookup a nonexistent secret, lookup() function returns a fatal error.
STEPS TO REPRODUCE
set_fact:
secret: "{{ lookup('hashi_vault', 'secret=secret/path/to/nonexistent:key') }}"
The actual code in hashi_vault.py
:
if data is None:
raise AnsibleError("The secret %s doesn't seem to exist" % self.secret)
EXPECTED RESULTS
lookup()
shouldn't crash the playbook; one might want to continue the play even if the secret does not exist.
ACTUAL RESULTS
TASK [set_fact] ****************************************************************
fatal: [localhost]: FAILED! => {"failed": true, "msg": "An unhandled exception occurred while running the lookup plugin 'hashi_vault'. Error was a <class 'ansible.errors.AnsibleError'>, original message: The secret secret/path/to/nonexistent doesn't seem to exist"}
to retry, use: --limit @/home/ubuntu/devel/roles/test.retry
michalmedvecky commented
I suggest using skip
parameter as in first_found.py
module.
michalmedvecky commented
Meh, this can be simply workaround by using ignore_errors: yes