jdog jdog - 4 months ago 68
YAML Question

Encode slash / in Ansible YAML file

When storing randomly generated passwords in an Ansible vault, I have no problems unless the password contains a / (slash, forward slash)

According to Yaml Spec 1.2, when looking at printable ascii characters, I should escape double quote, backslash and forward slash with a backslash.

I've tried this, but I get a parse error.

Line from vault file

test: "a<>?x\/x.,:;'-=_+b*()c&d{}\"e^f[]!@g%h\\i$j"


Error:

fatal: [127.0.0.1]: FAILED! => {"failed": true, "msg": "Syntax Error while loading YAML.\n\n\nThe error appears to have been in 'False': line 14, column 13, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\n(could not open file to display line)"}

Answer

Ansible is Python and therefore uses PyYaml. PyYaml implements YAML 1.1, not 1.2. In YAML 1.1, the forward slash is not an escapable character (while it is in 1.2).

Do not escape the forward slash. It is not a special character in YAML and therefore does not need escaping. YAML 1.2 only added an escape sequence for it because of JSON compatibility.

If you want to escape the nasty escaping questions alltogether, use block scalars:

test: |-
  a<>?x/x.,:;'-=_+b*()c&d{}"e^f[]!@g%h\i$j

You do not need to escape anything in there.