ansible-vault: handle utf-8 filename in vault (#50341)

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde 2019-02-12 16:13:51 +05:30 committed by GitHub
parent 6afa00eecd
commit 5c992fcc3f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 33 additions and 2 deletions

View file

@ -0,0 +1,3 @@
---
minor_changes:
- Handle vault filename with UTF-8 while decrypting vault file using ansible-vault.

View file

@ -737,7 +737,7 @@ class VaultLib:
file_slug = ''
if filename:
file_slug = ' of "%s"' % filename
display.vvvvv('Decrypt%s successful with secret=%s and vault_id=%s' % (to_text(file_slug), vault_secret, vault_secret_id))
display.vvvvv(u'Decrypt%s successful with secret=%s and vault_id=%s' % (to_text(file_slug), vault_secret, vault_secret_id))
break
except AnsibleVaultFormatError as exc:
msg = "There was a vault format error"

View file

@ -35,7 +35,7 @@ echo "This is a test file for edit3" > "${TEST_FILE_EDIT3}"
# ansible-config view
ansible-config view
# ansisle-config
# ansible-config
ansible-config dump --only-changed
ansible-vault encrypt "$@" --vault-id vault-password "${TEST_FILE_EDIT3}"
# EDITOR=./faux-editor.py ansible-vault edit "$@" "${TEST_FILE_EDIT3}"
@ -266,6 +266,9 @@ echo "rc was $WRONG_RC (2 is expected)"
ansible-vault view "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" "${TEST_FILE}"
# view file with unicode in filename
ansible-vault view "$@" --vault-password-file vault-password vault-café.yml
# view with old password file and new password file
ansible-vault view "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" --vault-password-file vault-password "${TEST_FILE}"
@ -487,3 +490,6 @@ ansible-playbook "$@" -i invalid_format/inventory --vault-id invalid_format/vaul
EXPECTED_ERROR='Vault format unhexlify error: Odd-length string'
ansible-playbook "$@" -i invalid_format/inventory --vault-id invalid_format/vault-secret invalid_format/broken-group-vars-tasks.yml 2>&1 | grep "${EXPECTED_ERROR}"
# Run playbook with vault file with unicode in filename (https://github.com/ansible/ansible/issues/50316)
ansible-playbook -i ../../inventory -v "$@" --vault-password-file vault-password test_utf8_value_in_filename.yml

View file

@ -0,0 +1,16 @@
- name: "Test that the vaulted file with UTF-8 in filename decrypts correctly"
gather_facts: false
hosts: testhost
vars:
expected: "my_secret"
vars_files:
- vault-café.yml
tasks:
- name: decrypt vaulted file with utf8 in filename and show it in debug
debug:
var: vault_string
- name: assert decrypted value matches expected
assert:
that:
- "vault_string == expected"

View file

@ -0,0 +1,6 @@
$ANSIBLE_VAULT;1.1;AES256
63363732353363646661643038636339343263303161346533393636336562336465396265373834
6366313833613236356666646532613636303532366231340a316238666435306332656662613731
31623433613434633539333564613564656439343661363831336364376266653462366161383038
6530386533363933350a336631653833666663643166303932653261323431623333356539666265
37316464303231366163333430346537353631376538393939646362313337363866