cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

ansible-vault: convert vault_password_files to list to prevent traceback (#57186)

Browse source 
* Convert vault_password_files to a list

* Add changelog and tests
This commit is contained in:
Sam Doran 2019-06-03 06:14:07 -04:00 committed by Martin Krizek
parent 21cd24a0dd
commit 2e0229a4b6
3 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/vault-ensure-vault-password-files-are-list.yaml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- ansible-vault - fix error when multiple vault password files are specified (https://github.com/ansible/ansible/issues/57172)

2
lib/ansible/cli/vault.py
View file

@ -177,7 +177,7 @@ class VaultCLI(CLI):
vault_secrets = \ vault_secrets = \
self.setup_vault_secrets(loader, self.setup_vault_secrets(loader,
vault_ids=vault_ids, vault_ids=vault_ids,
vault_password_files=context.CLIARGS['vault_password_files'], vault_password_files=list(context.CLIARGS['vault_password_files']),
ask_vault_pass=context.CLIARGS['ask_vault_pass'], ask_vault_pass=context.CLIARGS['ask_vault_pass'],
create_new_password=True) create_new_password=True)

4
test/integration/targets/vault/runme.sh
View file

@ -317,6 +317,10 @@ echo "rc was $WRONG_RC (1 is expected)"
ansible-vault encrypt_string "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" "a test string" ansible-vault encrypt_string "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" "a test string"
# Test with multiple vault password files
# https://github.com/ansible/ansible/issues/57172
env ANSIBLE_VAULT_PASSWORD_FILE=vault-password ansible-vault encrypt_string "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" --encrypt-vault-id default "a test string"
ansible-vault encrypt_string "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" --name "blippy" "a test string names blippy" ansible-vault encrypt_string "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" --name "blippy" "a test string names blippy"
ansible-vault encrypt_string "$@" --vault-id "${NEW_VAULT_PASSWORD}" "a test string" ansible-vault encrypt_string "$@" --vault-id "${NEW_VAULT_PASSWORD}" "a test string"