Merge pull request #12572 from amenonsen/vault-pager

Make ansible-vault view not write plaintext to a tempfile

lib/ansible/cli/vault.py

@@ -138,7 +138,7 @@ class VaultCLI(CLI):
     def execute_view(self):
 
         for f in self.args:
-            self.editor.view_file(f)
+            self.pager(self.editor.plaintext(f))
 
     def execute_rekey(self):
         for f in self.args:

lib/ansible/parsing/vault/__init__.py

@@ -300,20 +300,14 @@ class VaultEditor:
         else:
             self._edit_file_helper(filename, existing_data=plaintext, force_save=False)
 
-    def view_file(self, filename):
+    def plaintext(self, filename):
 
         check_prereqs()
 
-        # FIXME: Why write this to a temporary file at all? It would be safer
-        # to feed it to the PAGER on stdin.
-        _, tmp_path = tempfile.mkstemp()
         ciphertext = self.read_data(filename)
         plaintext = self.vault.decrypt(ciphertext)
-        self.write_data(plaintext, tmp_path)
 
-        # drop the user into pager on the tmp file
+        return plaintext
-        call(self._pager_shell_command(tmp_path))
-        os.remove(tmp_path)
 
     def rekey_file(self, filename, new_password):
 
@@ -361,13 +355,6 @@ class VaultEditor:
 
         return editor
 
-    def _pager_shell_command(self, filename):
-        PAGER = os.environ.get('PAGER','less')
-        pager = shlex.split(PAGER)
-        pager.append(filename)
-
-        return pager
-
 class VaultFile(object):
 
     def __init__(self, password, filename):