Jinja expressions are not evaluated in (not only) credential variables

[mordekasg]

OS / Environment

Debian 11

Ansible version

ansible [core 2.14.6]
  config file = /home/test/host/ansible.bs/ansible.cfg
  configured module search path = ['/home/test/host/ansible.bs/local_modules']
  ansible python module location = /home/test/env.ansible.bs/lib/python3.9/site-packages/ansible
  ansible collection location = /home/test/host/ansible.bs/collections:/usr/share/ansible/collections
  executable location = /home/test/env.ansible.bs/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] (/home/test/env.ansible.bs/bin/python)
  jinja version = 3.0.1
  libyaml = True

Environment variables for strategy plugin

ANSIBLE_STRATEGY=mitogen_linear
ANSIBLE_STRATEGY_PLUGINS=/home/test/env.ansible.bs/src/mitogen/ansible_mitogen/plugins/strategy

Mitogen version

master branch

Problem

Jinja expressions are not evaluated by mitogen plugin

How to reproduce

Description

Ansible host: srv1 has credentials configured using Jinja expressions from vault variables.
Ansible host: srv2 has credentials configured directly as host variables.

Vault file

Path: vault.test.yml

ANSIBLE_LOCALHOST_SRVS_USER: "root"
ANSIBLE_LOCALHOST_SRVS_PASSWORD: "okmqwe123"

Inventory file

Path: inventory/local/local.yml

all:
  children:
    test_srvs:
      hosts:
        srv1:
          ansible_host: 127.0.0.1
          ansible_user: "{{ ANSIBLE_LOCALHOST_SRVS_USER }}"
          ansible_password: "{{ ANSIBLE_LOCALHOST_SRVS_PASSWORD }}"
          ansible_ssh_user: "{{ ansible_user }}"
          ansible_ssh_password: "{{ ansible_password }}"
        srv2:
          ansible_host: 127.0.0.1
          ansible_user: root
          ansible_password: okmqwe123
          ansible_ssh_user: root
          ansible_ssh_password: okmqwe123

Command

ansible -e @vault.test.yml -i inventory/local/local.yml -m ping test_srvs

Output

srv2 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
srv1 | UNREACHABLE! => {
    "changed": false,
    "msg": "SSH password is incorrect",
    "unreachable": true
}

Command with verbose

ansible -e @vault.test.yml -i inventory/local/local.yml -m ping test_srvs -vvvv

Output

20240527.ansible.output.txt

[mux 61827] 12:11:10.114341 D mitogen.parent: command line for Connection(None): ssh -o "LogLevel ERROR" -l "{{ ansible_user }}" -o "Compression yes" -o "ServerAliveInterval 30" [...]

[mux 61827] 12:11:10.462665 D mitogen.io: SetupProtocol(ssh.127.0.0.1).on_receive()
{{ ansible_user }}@127.0.0.1's password: rent: ssh.127.0.0.1: (partial):

[mux 61827] 12:11:10.463177 D mitogen.ssh: ssh.127.0.0.1: (password prompt): b"\r**{{ ansible_user }}**@127.0.0.1's password: "

Expected result

srv2 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
srv1 | UNREACHABLE! => {
    "changed": false,
    "ping": "pong"
}

Source of the problem

Ansible: ansible/ansible@6d2d476

Similar issues

Ansible

Paramiko plugin: ansible/ansible#78509
Ansible: ansible/ansible#76590

Mitogen

#905
#978
#1022
#1040
#1079

[mordekasg]

Tested on latest release: 0.3.9.
Result is still the same.

[golebiewsky]

I have the same issue 👍