cli: Only ignore empty vault filenames

This effectively reverts 98eaa3d0fd.

changelogs/fragments/82721-vault-empty.yml

@@ -1,4 +1,4 @@
 ---
 bugfixes:
   - passing a directory as vault password file now raises a meaningful error (https://github.com/ansible/ansible/pull/82721).
-  - empty vault ids are now silently ignored (https://github.com/ansible/ansible/pull/82721).
+  - empty vault filenames are now silently ignored (https://github.com/ansible/ansible/pull/82721).

lib/ansible/cli/__init__.py

@@ -254,10 +254,6 @@ class CLI(ABC):
 
         last_exception = found_vault_secret = None
         for vault_id_slug in vault_ids:
-            if not vault_id_slug:
-                # silently ignore empty values
-                continue
-
             vault_id_name, vault_id_value = CLI.split_vault_id(vault_id_slug)
             if vault_id_value in ['prompt', 'prompt_ask_vault_pass']:
 
@@ -288,6 +284,10 @@ class CLI(ABC):
                 loader.set_vault_secrets(vault_secrets)
                 continue
 
+            if not vault_id_value:
+                # silently ignore empty filenames
+                continue
+
             # assuming anything else is a password file
             display.vvvvv('Reading vault password file: %s' % vault_id_value)
             # read vault_pass from a file

test/units/cli/test_cli.py

@@ -359,19 +359,21 @@ class TestCliSetupVaultSecrets(unittest.TestCase):
         match = vault.match_secrets(res, ['some_vault_id'])[0][1]
         self.assertEqual(match.bytes, b'prompt1_password')
 
-    def test_empty_id(self):
+    def test_empty_slug(self):
         res = cli.CLI.setup_vault_secrets(loader=self.fake_loader,
                                           vault_ids=[''])
         self.assertIsInstance(res, list)
         self.assertEqual(0, len(res))
 
-    @patch('ansible.cli.get_file_vault_secret')
-    def test_empty_file_part(self, mock_file_secret):
-        mock_file_secret.side_effect = AnsibleError('There is something wrong with your vault file')
-
+    def test_empty_name_part(self):
         self.assertRaisesRegex(AnsibleError,
-                               '.*There is something wrong with your vault file.*',
+                               '.*The vault password file .*/foo was not found.*',
                                cli.CLI.setup_vault_secrets,
                                loader=self.fake_loader,
-                               vault_ids=['foo@'])
-        mock_file_secret.assert_called_once()
+                               vault_ids=['@foo'])
+
+    def test_empty_value_part(self):
+        res = cli.CLI.setup_vault_secrets(loader=self.fake_loader,
+                                          vault_ids=['foo@'])
+        self.assertIsInstance(res, list)
+        self.assertEqual(0, len(res))