Before decrypting check if vault password is set or error early

Fixes #8926
This commit is contained in:
James Cammarata 2014-09-19 15:08:38 -05:00
parent 5850467bc1
commit 9d45f3a65e

View file

@ -738,6 +738,11 @@ def parse_yaml_from_file(path, vault_password=None):
vault = VaultLib(password=vault_password)
if vault.is_encrypted(data):
# if the file is encrypted and no password was specified,
# the decrypt call would throw an error, but we check first
# since the decrypt function doesn't know the file name
if vault_password is None:
raise errors.AnsibleError("A vault password must be specified to decrypt %s" % path)
data = vault.decrypt(data)
show_content = False