possebon/16-ansible-credential-resolution.md

Created December 19, 2025 17:51

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/possebon/0e6f0d25851ee6d6b47a7749c9b46d66.js"></script>
Save possebon/0e6f0d25851ee6d6b47a7749c9b46d66 to your computer and use it in GitHub Desktop.

Download ZIP

Open Source Infrastructure Stack - 16-ansible-credential-resolution

Raw

16-ansible-credential-resolution.md

Ansible Credential Resolution Pattern

# Dual-mode: Infisical OR environment variable fallback
postgres_password: >-
  {{
    _infisical_global.POSTGRES_PASSWORD | default(None)
    if infisical_enabled | default(false) | bool and _infisical_global is defined
    else lookup('env', 'POSTGRES_PASSWORD') | default('changeme', true)
  }}

This provides:

Infisical-first: When configured, secrets come from Infisical
Graceful fallback: Environment variables work for local development
Safe defaults: Development never breaks due to missing secrets

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment