From 98123601447f4577b279bc93d613a0fd681d16b0 Mon Sep 17 00:00:00 2001
From: Ilari Iso-Junno <iisojunn@users.noreply.github.com>
Date: Wed, 5 Apr 2023 12:00:04 +0300
Subject: [PATCH] enhancement: support ansible-vaulted basic auth passwords

If ansible-vaulted password is passed to password_hash filter, it will throw and error:
'secret must be unicode or bytes, not ansible.parsing.yaml.objects.AnsibleVaultEncryptedUnicode'
Handling the vaulted password with string filter first will avoid the problem.

Signed-off-by: Ilari Iso-Junno <iisojunn@users.noreply.github.com>
---
 roles/mysqld_exporter/templates/web_config.yaml.j2 | 2 +-
 roles/node_exporter/templates/config.yaml.j2       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/mysqld_exporter/templates/web_config.yaml.j2 b/roles/mysqld_exporter/templates/web_config.yaml.j2
index 6be01161e..47185bb4a 100644
--- a/roles/mysqld_exporter/templates/web_config.yaml.j2
+++ b/roles/mysqld_exporter/templates/web_config.yaml.j2
@@ -13,6 +13,6 @@ http_server_config:
 {% if mysqld_exporter_basic_auth_users | length > 0 %}
 basic_auth_users:
 {% for k, v in mysqld_exporter_basic_auth_users.items() %}
-  {{ k }}: {{ v | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }}
+  {{ k }}: {{ v | string | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }}
 {% endfor %}
 {% endif %}
diff --git a/roles/node_exporter/templates/config.yaml.j2 b/roles/node_exporter/templates/config.yaml.j2
index 9013722c6..4dff5111d 100644
--- a/roles/node_exporter/templates/config.yaml.j2
+++ b/roles/node_exporter/templates/config.yaml.j2
@@ -13,6 +13,6 @@ http_server_config:
 {% if node_exporter_basic_auth_users | length > 0 %}
 basic_auth_users:
 {% for k, v in node_exporter_basic_auth_users.items() %}
-  {{ k }}: {{ v | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }}
+  {{ k }}: {{ v | string | password_hash('bcrypt', ('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' | shuffle(seed=inventory_hostname) | join)[:22], rounds=9) }}
 {% endfor %}
 {% endif %}