fix issue with password with especial character

ltamaster · ltamaster · commit 22d8b74ada07 · 2026-01-08T12:14:45.000-03:00
diff --git a/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java b/src/main/groovy/com/rundeck/plugins/ansible/ansible/AnsibleRunner.java
@@ -552,7 +552,11 @@ public int run() throws Exception {
             }
 
             if (sshUsePassword) {
-                String extraVarsPassword = "ansible_password: " + sshPass;
+                // Escape special characters in the password to prevent YAML parsing errors
+                String escapedPassword = escapePasswordForYaml(sshPass);
+
+                // Wrap in quotes to preserve special characters
+                String extraVarsPassword = "ansible_password: \"" + escapedPassword + "\"";
                 String finalextraVarsPassword = extraVarsPassword;
 
                 if(useAnsibleVault){
@@ -571,7 +575,11 @@ public int run() throws Exception {
                 procArgs.add("--become");
 
                 if (becomePassword != null && !becomePassword.isEmpty()) {
-                    String extraVarsPassword = "ansible_become_password: " + becomePassword;
+                    // Escape special characters in the password to prevent YAML parsing errors
+                    String escapedPassword = escapePasswordForYaml(becomePassword);
+
+                    // Wrap in quotes to preserve special characters
+                    String extraVarsPassword = "ansible_become_password: \"" + escapedPassword + "\"";
                     String finalextraVarsPassword = extraVarsPassword;
 
                     if (useAnsibleVault) {
@@ -981,6 +989,22 @@ String escapeYamlValue(String value) {
         return value;
     }
 
+    /**
+     * Escapes a password value for safe use in YAML.
+     * Always wraps the password in quotes and escapes special characters to prevent YAML parsing errors.
+     *
+     * @param password The password to escape
+     * @return Escaped and quoted password safe for YAML
+     */
+    String escapePasswordForYaml(String password) {
+        // Escape special characters in the password to prevent YAML parsing errors
+        return password
+            .replace("\\", "\\\\")
+            .replace("\"", "\\\"")
+            .replace("\n", "\\n")
+            .replace("\r", "\\r");
+    }
+
     /**
      * Validates that a string is in proper Ansible vault format.
      * Expected format: "!vault |\n" followed by vault-encrypted content
