I'd like to see the actual git commit changes in the ansible vault file.
Is there an easy way how to achieve this?
So after some digging I constructed the non-trivial solution.
First of all store your vault password into the (.gitignored)
In the following example a
HEAD~2 versions of the file
inventory/group_vars/xyz/vault.yml are vimdiff-ed:
vimdiff \ <(ansible-vault view --vault-password-file=.vault_password \ <(git show HEAD:inventory/group_vars/xyz/vault.yml)) \ <(ansible-vault view --vault-password-file=.vault_password \ <(git show HEAD~2:inventory/group_vars/xyz/vault.yml))