ansible-vault view - new command
This commit is contained in:
parent
783a1e3dfc
commit
58feee0f45
2 changed files with 42 additions and 1 deletions
|
@ -37,7 +37,7 @@ from optparse import OptionParser
|
||||||
# Utility functions for parsing actions/options
|
# Utility functions for parsing actions/options
|
||||||
#-------------------------------------------------------------------------------------
|
#-------------------------------------------------------------------------------------
|
||||||
|
|
||||||
VALID_ACTIONS = ("create", "decrypt", "edit", "encrypt", "rekey")
|
VALID_ACTIONS = ("create", "decrypt", "edit", "view", "encrypt", "rekey")
|
||||||
|
|
||||||
def build_option_parser(action):
|
def build_option_parser(action):
|
||||||
"""
|
"""
|
||||||
|
@ -67,6 +67,8 @@ def build_option_parser(action):
|
||||||
parser.set_usage("usage: %prog decrypt [options] file_name")
|
parser.set_usage("usage: %prog decrypt [options] file_name")
|
||||||
elif action == "edit":
|
elif action == "edit":
|
||||||
parser.set_usage("usage: %prog edit [options] file_name")
|
parser.set_usage("usage: %prog edit [options] file_name")
|
||||||
|
elif action == "view":
|
||||||
|
parser.set_usage("usage: %prog view [options] file_name")
|
||||||
elif action == "encrypt":
|
elif action == "encrypt":
|
||||||
parser.set_usage("usage: %prog encrypt [options] file_name")
|
parser.set_usage("usage: %prog encrypt [options] file_name")
|
||||||
elif action == "rekey":
|
elif action == "rekey":
|
||||||
|
@ -160,6 +162,22 @@ def execute_edit(args, options, parser):
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
this_editor = VaultEditor(cipher, password, f)
|
||||||
this_editor.edit_file()
|
this_editor.edit_file()
|
||||||
|
|
||||||
|
def execute_view(args, options, parser):
|
||||||
|
|
||||||
|
if len(args) > 1:
|
||||||
|
raise errors.AnsibleError("view does not accept more than one filename")
|
||||||
|
|
||||||
|
if not options.password_file:
|
||||||
|
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True)
|
||||||
|
else:
|
||||||
|
password = _read_password(options.password_file)
|
||||||
|
|
||||||
|
cipher = None
|
||||||
|
|
||||||
|
for f in args:
|
||||||
|
this_editor = VaultEditor(cipher, password, f)
|
||||||
|
this_editor.view_file()
|
||||||
|
|
||||||
def execute_encrypt(args, options, parser):
|
def execute_encrypt(args, options, parser):
|
||||||
|
|
||||||
if not options.password_file:
|
if not options.password_file:
|
||||||
|
|
|
@ -254,6 +254,22 @@ class VaultEditor(object):
|
||||||
# and restore the old umask
|
# and restore the old umask
|
||||||
os.umask(old_mask)
|
os.umask(old_mask)
|
||||||
|
|
||||||
|
def view_file(self):
|
||||||
|
|
||||||
|
if not HAS_AES or not HAS_COUNTER or not HAS_PBKDF2 or not HAS_HASH:
|
||||||
|
raise errors.AnsibleError(CRYPTO_UPGRADE)
|
||||||
|
|
||||||
|
# decrypt to tmpfile
|
||||||
|
tmpdata = self.read_data(self.filename)
|
||||||
|
this_vault = VaultLib(self.password)
|
||||||
|
dec_data = this_vault.decrypt(tmpdata)
|
||||||
|
_, tmp_path = tempfile.mkstemp()
|
||||||
|
self.write_data(dec_data, tmp_path)
|
||||||
|
|
||||||
|
# drop the user into vim on the tmp file
|
||||||
|
call(self._pager_shell_command(tmp_path))
|
||||||
|
os.remove(tmp_path)
|
||||||
|
|
||||||
def encrypt_file(self):
|
def encrypt_file(self):
|
||||||
|
|
||||||
if not HAS_AES or not HAS_COUNTER or not HAS_PBKDF2 or not HAS_HASH:
|
if not HAS_AES or not HAS_COUNTER or not HAS_PBKDF2 or not HAS_HASH:
|
||||||
|
@ -317,6 +333,13 @@ class VaultEditor(object):
|
||||||
|
|
||||||
return editor
|
return editor
|
||||||
|
|
||||||
|
def _pager_shell_command(self, filename):
|
||||||
|
PAGER = os.environ.get('PAGER','less')
|
||||||
|
pager = shlex.split(PAGER)
|
||||||
|
pager.append(filename)
|
||||||
|
|
||||||
|
return pager
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
# CIPHERS #
|
# CIPHERS #
|
||||||
########################################
|
########################################
|
||||||
|
|
Loading…
Reference in a new issue