Use vault-id (#1749)

Author: sensei100

.github/.vault

@@ -14,13 +14,11 @@ concurrency:
 
 env:
   COB_DATAPIPELINE_BRANCH: ${{ github.ref_name }}
+  ANSIBLE_VAULT_PASSWORD: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
 
 jobs:
   prod-deploy:
     runs-on: ubuntu-latest
-    env:
-      ANSIBLE_VAULT_PASSWORD: ${{ vars.ANSIBLE_VAULT_PASSWORD }}
-
     timeout-minutes: 30
     strategy:
       matrix:
@@ -53,6 +51,4 @@ jobs:
         working-directory: ansible-playbook-airflow
         run: |
           pipenv run ansible-galaxy install -r requirements.yml
-          cp "${GITHUB_WORKSPACE}/.github/.vault" "${HOME}/.vault"
-          chmod +x ~/.vault
-          pipenv run ansible-playbook -i inventory/prod playbook.yml --tags "jumphost,role::airflow::dags" --vault-password-file=~/.vault -e 'ansible_ssh_port=9229' -e cob_datapipeline_branch=$COB_DATAPIPELINE_BRANCH
+          pipenv run ansible-playbook -i inventory/prod playbook.yml --tags "jumphost,role::airflow::dags" --vault-id @env:ANSIBLE_VAULT_PASSWORD -e 'ansible_ssh_port=9229' -e cob_datapipeline_branch=$COB_DATAPIPELINE_BRANCH

.github/workflows/prod-deploy.yml

@@ -16,7 +16,7 @@ jobs:
   qa-deploy:
     runs-on: ubuntu-latest
     env:
-      ANSIBLE_VAULT_PASSWORD: ${{ vars.ANSIBLE_VAULT_PASSWORD }}
+      ANSIBLE_VAULT_PASSWORD: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
 
     timeout-minutes: 30
     strategy:
@@ -50,6 +50,4 @@ jobs:
         working-directory: ansible-playbook-airflow
         run: |
           pipenv run ansible-galaxy install -r requirements.yml
-          cp "${GITHUB_WORKSPACE}/.github/.vault" "${HOME}/.vault"
-          chmod +x ~/.vault
-          pipenv run ansible-playbook -i inventory/qa playbook.yml --tags "jumphost,role::airflow::dags" --vault-password-file=~/.vault -e 'ansible_ssh_port=9229'
+          pipenv run ansible-playbook -i inventory/qa playbook.yml --tags "jumphost,role::airflow::dags" --vault-id @env:ANSIBLE_VAULT_PASSWORD -e 'ansible_ssh_port=9229'