[vault] Enable "/" segmentation in the vault

vars_plugins/pass.py

@@ -45,7 +45,7 @@ class VarsModule(BaseVarsPlugin):
         if crans_submodule:
             password_store /= config.get('pass', 'crans_password_store_submodule',
                     fallback=os.getenv('CRANS_PASSWORD_STORE_SUBMODULE', 'crans'))
-        full_command = ['gpg', '-d', password_store / f'{name}.gpg']
+        full_command = ['gpg', '-q', '-d', password_store / f'{name}.gpg']
         proc = subprocess.run(full_command, capture_output=True, close_fds=True)
         clear_text = proc.stdout.decode('UTF-8')
         sys.stderr.write(proc.stderr.decode('UTF-8'))
@@ -109,12 +109,17 @@ class VarsModule(BaseVarsPlugin):
             # Load vault passwords
             if entity.get_name() == 'all':
                 passwords['vault'] = {}
-                # Backward compatibility with old ansible_vault
-                passwords['vault'] = loader.load(
-                        VarsModule.decrypt_password('ansible_vault', True))
                 for file in files:
-                    passwords['vault'][file.removeprefix('ansible/')] = loader.load(
-                            VarsModule.decrypt_password(file, True))
+                    paths = file.removeprefix('ansible/').split('/')
+                    d = passwords['vault']
+                    for path in paths[:-1]:
+                        if path not in d:
+                            d[path] = {}
+                        d = d[path]
+                    try:
+                        d[paths[-1]] = loader.load(VarsModule.decrypt_password(file, True))
+                    except Exception as e:
+                        print(file)
 
             # Load become password
             become_password = VarsModule.become_password(entity)