Ansible project linting / CI

[LTSCommerce]

We need a way to enforce at CI level that environments never share vaulted secrets

this is as simple as parsing out vaulted variables and then comparing the encrytped strings - we don't need to decrypt necessarily

Suggest that this should use yq for this, as used here: https://github.com/LongTermSupport/ansible-role-vault-scripts/blob/master/shellscripts/rekeyVaultFile.bash#L57-L61

Note - we are creating a helper to use in projects that use these scripts and so we need to also provide some documentation, maybe a template github action as well, or a standlone github action repo that uses this

We should try to be CI system agnostic and so the bulk of the work should be handled with a standalone script that a CI system can then call to

[mhitza]

this is as simple as parsing out vaulted variables and then comparing the encrytped strings - we don't need to decrypt necessarily

We will decrypt the strings when doing the check, as with good practices the keys will differ between environments and the encrypted strings will differ.