Onepassword document fixes (#51527)

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This commit is contained in:
Abhijeet Kasurde 2019-01-31 20:18:55 +05:30 committed by Sam Doran
parent 2a432a093b
commit 67f95cb499
2 changed files with 24 additions and 22 deletions

View file

@ -1,22 +1,24 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# (c) 2018, Scott Buchanan <sbuchanan@ri.pn> # Copyright: (c) 2018, Scott Buchanan <sbuchanan@ri.pn>
# (c) 2016, Andrew Zenk <azenk@umn.edu> (lastpass.py used as starting point) # Copyright: (c) 2016, Andrew Zenk <azenk@umn.edu> (lastpass.py used as starting point)
# (c) 2018, Ansible Project # Copyright: (c) 2018, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1', ANSIBLE_METADATA = {
'status': ['preview'], 'metadata_version': '1.1',
'supported_by': 'community'} 'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = """ DOCUMENTATION = """
lookup: onepassword lookup: onepassword
author: author:
- Scott Buchanan <sbuchanan@ri.pn> - Scott Buchanan (@scottsb)
- Andrew Zenk <azenk@umn.edu> - Andrew Zenk (@azenk)
- Sam Doran<sdoran@redhat.com> - Sam Doran (@samdoran)
version_added: "2.6" version_added: "2.6"
requirements: requirements:
- C(op) 1Password command line utility. See U(https://support.1password.com/command-line/) - C(op) 1Password command line utility. See U(https://support.1password.com/command-line/)
@ -25,10 +27,10 @@ DOCUMENTATION = """
- C(onepassword) wraps the C(op) command line utility to fetch specific field values from 1Password. - C(onepassword) wraps the C(op) command line utility to fetch specific field values from 1Password.
options: options:
_terms: _terms:
description: identifier(s) (UUID, name, or subdomain; case-insensitive) of item(s) to retrieve description: identifier(s) (UUID, name, or subdomain; case-insensitive) of item(s) to retrieve.
required: True required: True
field: field:
description: field to return from each matching item (case-insensitive) description: field to return from each matching item (case-insensitive).
default: 'password' default: 'password'
master_password: master_password:
description: The password used to unlock the specified vault. description: The password used to unlock the specified vault.
@ -49,14 +51,14 @@ DOCUMENTATION = """
description: The secret key used when performing an initial sign in. description: The secret key used when performing an initial sign in.
version_added: '2.7' version_added: '2.7'
vault: vault:
description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults.
default: None default: None
notes: notes:
- This lookup will use an existing 1Password session if one exists. If not, and you have already - This lookup will use an existing 1Password session if one exists. If not, and you have already
performed an initial sign in (meaning C(~/.op/config exists)), then only the C(master_password) is required. performed an initial sign in (meaning C(~/.op/config exists)), then only the C(master_password) is required.
You may optionally specify C(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op). You may optionally specify C(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
- This lookup can perform an initial login by providing C(subdomain), C(username), C(secret_key), and C(master_password). - This lookup can perform an initial login by providing C(subdomain), C(username), C(secret_key), and C(master_password).
- Due to the B(very) sensitive nature of these credentials, it is B(highly) recommeneded that you only pass in the minial credentials - Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
to the 1Password master password. to the 1Password master password.
- This lookup stores potentially sensitive data from 1Password as Ansible facts. - This lookup stores potentially sensitive data from 1Password as Ansible facts.

View file

@ -1,7 +1,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# (c) 2018, Scott Buchanan <sbuchanan@ri.pn> # Copyright: (c) 2018, Scott Buchanan <sbuchanan@ri.pn>
# (c) 2016, Andrew Zenk <azenk@umn.edu> (lastpass.py used as starting point) # Copyright: (c) 2016, Andrew Zenk <azenk@umn.edu> (lastpass.py used as starting point)
# (c) 2018, Ansible Project # Copyright: (c) 2018, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
@ -14,9 +14,9 @@ ANSIBLE_METADATA = {'metadata_version': '1.1',
DOCUMENTATION = """ DOCUMENTATION = """
lookup: onepassword_raw lookup: onepassword_raw
author: author:
- Scott Buchanan <sbuchanan@ri.pn> - Scott Buchanan (@scottsb)
- Andrew Zenk <azenk@umn.edu> - Andrew Zenk (@azenk)
- Sam Doran <sdoran@redhat.com> - Sam Doran (@samdoran)
version_added: "2.6" version_added: "2.6"
requirements: requirements:
- C(op) 1Password command line utility. See U(https://support.1password.com/command-line/) - C(op) 1Password command line utility. See U(https://support.1password.com/command-line/)
@ -25,7 +25,7 @@ DOCUMENTATION = """
- C(onepassword_raw) wraps C(op) command line utility to fetch an entire item from 1Password - C(onepassword_raw) wraps C(op) command line utility to fetch an entire item from 1Password
options: options:
_terms: _terms:
description: identifier(s) (UUID, name, or domain; case-insensitive) of item(s) to retrieve description: identifier(s) (UUID, name, or domain; case-insensitive) of item(s) to retrieve.
required: True required: True
master_password: master_password:
description: The password used to unlock the specified vault. description: The password used to unlock the specified vault.
@ -46,14 +46,14 @@ DOCUMENTATION = """
description: The secret key used when performing an initial sign in. description: The secret key used when performing an initial sign in.
version_added: '2.7' version_added: '2.7'
vault: vault:
description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults description: Vault containing the item to retrieve (case-insensitive). If absent will search all vaults.
default: None default: None
notes: notes:
- This lookup will use an existing 1Password session if one exists. If not, and you have already - This lookup will use an existing 1Password session if one exists. If not, and you have already
performed an initial sign in (meaning C(~/.op/config exists)), then only the C(master_password) is required. performed an initial sign in (meaning C(~/.op/config exists)), then only the C(master_password) is required.
You may optionally specify C(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op). You may optionally specify C(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
- This lookup can perform an initial login by providing C(subdomain), C(username), C(secret_key), and C(master_password). - This lookup can perform an initial login by providing C(subdomain), C(username), C(secret_key), and C(master_password).
- Due to the B(very) sensitive nature of these credentials, it is B(highly) recommeneded that you only pass in the minial credentials - Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
to the 1Password master password. to the 1Password master password.
- This lookup stores potentially sensitive data from 1Password as Ansible facts. - This lookup stores potentially sensitive data from 1Password as Ansible facts.