cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
15753 commits 47 branches 390 tags 440 MiB
Commit graph

15753 commits

This branch
This branch
All branches
Author SHA1 Message Date
Abhijit Menon-Sen 4afe1cf422 Update ansible-vault manpage to describe new encrypt/decrypt behaviour 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen 090cfc9e03 More helpful prompts from ansible-vault encrypt/decrypt 
Now we issue a "Reading … from stdin" prompt if our input isatty(), as
gpg does. We also suppress the "x successful" confirmation message at
the end if we're part of a pipeline.

(The latter requires that we not close sys.stdout in VaultEditor, and
for symmetry we do the same for sys.stdin, though it doesn't matter in
that case.)
 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen b6de6e69a6 Also support output to stdout with no arguments 
This allows "cat plaintext|ansible-vault encrypt > ciphertext".
 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen e7eebb6954 Implement cat-like filtering behaviour for encrypt/decrypt 
This allows the following invocations:

    # Interactive use, like gpg
    ansible-vault encrypt --output x

    # Non-interactive, for scripting
    echo plaintext|ansible-vault encrypt --output x

    # Separate input and output files
    ansible-vault encrypt input.yml --output output.yml

    # Existing usage (in-place encryption) unchanged
    ansible-vault encrypt inout.yml

…and the analogous cases for ansible-vault decrypt as well.

In all cases, the input and output files can be '-' to read from stdin
or write to stdout. This permits sensitive data to be encrypted and
decrypted without ever hitting disk.
 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen 32b38d4e29 Fix add_option indentation for consistency before adding another option 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen 8fc8bf9439 Simplify VaultEditor methods 
We don't need to keep creating VaultLibs everywhere, and we don't need
to keep checking for errors because VaultLib does it already.
 2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen e99395f0c0 Don't create a VaultLib in each method; do it in __init__ instead 2015-08-27 22:04:18 +05:30
Brian Coca ef594f708c remove old dead code 2015-08-27 12:27:38 -04:00
Chrrrles Paul 5ba3452b7e merged vmware_: vmkernel_ip_config, dvswitch, host, vmkernel, and dvs_portgroup 2015-08-26 18:33:49 -05:00
Brian Coca b2bfe3502b make sure delimiter is basestring for cvsfile 
fixes #12062
 2015-08-26 18:38:39 -04:00
James Cammarata 0441a7a217 Finishing off porting of chroot connection plugin 2015-08-26 16:43:06 -04:00
Toshio Kuratomi 017bd7b1cd Fix synchronize lookup of localhost info 2015-08-26 13:36:50 -07:00
James Cammarata 50448d68e1 Implement max_fail_percentage and any_errors_fatal support 
Fixes #11997
 2015-08-26 12:03:47 -04:00
James Cammarata af41ba929c Add float and percent types for FieldAttributes 
Also sets the max_fail_percentage value to the percent type.
 2015-08-26 12:03:47 -04:00
Brian Coca 9f95720ef7 Merge pull request #12109 from docschick/devel 
ansible-lockdown added, minor editing
 2015-08-26 12:01:58 -04:00
Sandra Wills c752149fe7 ansible-lockdown added, minor editing 
added info/link for ansible-lockdown to mailing list section, minor editing
(can't help myself it seems) to the paragraph about subscribing from a non-google account
 2015-08-26 11:51:17 -04:00
Brian Coca b2ae6945c4 always load vars plugins 
fixes #12104
 2015-08-26 11:40:53 -04:00
Toshio Kuratomi 111c0cc204 Merge pull request #12106 from amenonsen/vault-cleanups 
Vault cleanups, pass #1
 2015-08-26 07:30:13 -07:00
Abhijit Menon-Sen b84053019a Make the filename the first argument to rekey_file 2015-08-26 19:54:59 +05:30
Abhijit Menon-Sen c4b2540ecc Update tests for VaultEditor API changes 2015-08-26 19:52:20 +05:30
Toshio Kuratomi 5df5a14edc Merge pull request #12101 from tquenolle/devel 
Synchronize fix error
 2015-08-26 07:03:13 -07:00
Abhijit Menon-Sen 20fd9224bb Pass the filename to the individual VaultEditor methods, not __init__ 
Now we don't have to recreate VaultEditor objects for each file, and so
on. It also paves the way towards specifying separate input and output
files later.
 2015-08-26 19:17:37 +05:30
Brian Coca 82603bb2a0 avoids running abspath on None 2015-08-26 09:28:23 -04:00
Abhijit Menon-Sen a27c5741a1 Remove inaccurate outdated comment 2015-08-26 18:31:45 +05:30
Abhijit Menon-Sen f91ad3dabe Don't pass the cipher around so much 
It's unused and unnecessary; VaultLib can decide for itself what cipher
to use when encrypting. There's no need (and no provision) for the user
to override the cipher via options, so there's no need for code to see
if that has been done either.
 2015-08-26 18:31:45 +05:30
Abhijit Menon-Sen 017566a2d9 Use AES256 if the cipher is not write-whitelisted 2015-08-26 18:09:21 +05:30
Abhijit Menon-Sen 47bcdf5952 Remove incorrect copy-pasted comment 2015-08-26 18:09:21 +05:30
Brian Coca a391857013 added a few cloud modules to changelog 2015-08-26 07:50:24 -04:00
Thomas Quenolle c948af3b1e Synchronize fix error 
Fix the error:
 "RuntimeError: dictionary changed size during iteration"
 2015-08-26 11:01:00 +02:00
James Cammarata 601a1cc6d9 Multiple fixes for include statements and blocks in general 
Fixes #11981
Fixes #11995
Fixes #12039
Fixes #12077
 2015-08-26 02:23:22 -04:00
Toshio Kuratomi 9f9891df2c Add unicode characters to the data that we're testing that ansible-vault can decrypt 2015-08-25 15:14:43 -07:00
Toshio Kuratomi c81cff1977 Add docker connection plugin to changelog 2015-08-25 15:14:43 -07:00
Brian Coca 154754ae50 pushed module_loader to task_queue_manager so all cli's can benefit from it 
also normalized -M option across all cli
fixes #12016
 2015-08-25 18:14:03 -04:00
Toshio Kuratomi d2c948dd6a Remove decrypted vault temp_file mistakenly left from patch making vault edit idempotent 
This bug was introduced in commit f8bf2ba on July 27.  Hasn't gone out
in a release yet.
 2015-08-25 14:51:32 -07:00
Toshio Kuratomi 56ae3a032f Merge pull request #12075 from ansible/fix-vault-unicode 
Unicode and other fixes for vault
 2015-08-25 14:49:15 -07:00
Toshio Kuratomi a3fd4817ef Unicode and other fixes for vault 2015-08-25 12:43:09 -07:00
Toshio Kuratomi 16e8a7dd67 Merge pull request #11767 from amenonsen/vault-new-password-file 
add option to ansible-vault to read new password from file for rekey
 2015-08-25 10:15:27 -07:00
Toshio Kuratomi 156feec264 Merge pull request #11650 from objectified/feature-docker-connection 
allow ansible to connect to docker containers (without using ssh)
 2015-08-25 09:28:25 -07:00
Richard Poole 3090a45891 add option to ansible-vault to read new password from file for rekey 
The --new-vault-password-file option works the same as
--vault-password-file but applies only to rekeying (when
--vault-password-file sets the old password). Also update the manpage
to document these options more fully.
 2015-08-25 21:14:49 +05:30
Brian Coca 846f0b0510 changed no_log expected type to new value 2015-08-25 10:20:47 -04:00
Brian Coca ae91cdfc98 fixed environment inheritance 2015-08-25 10:15:32 -04:00
Brian Coca 8aa732e0a4 allow for lists, sets and dicts to default to None, now return empty type in post processing 
remove defaults from inhertiable fieldattributes to allow for proper detection and override
 2015-08-25 10:14:28 -04:00
Brian Coca 3e13dfd7e8 used stdoutlines list to avoid string mismatches 
added block environment test
 2015-08-25 10:06:24 -04:00
Brian Coca 079a1c843d Merge pull request #12082 from mgedmin/be-faster 
Speed up execution
 2015-08-25 10:04:43 -04:00
Marius Gedminas 44c94328c8 Speed up execution 
`if method in dir(self):` is very inefficient:

- it must construct a list object listing all the object attributes & methods
- it must then perform a O(N) linear scan of that list

Replace it with the idiomatic `if hasattr(self, method):`, which is a
O(1) expected time hash lookup.

Should fix #11981.
 2015-08-25 16:07:21 +03:00
objectified b1785a0361 replace compare_versions() with distutils.version 2015-08-25 02:18:37 -04:00
objectified c39fb43ad9 added Maintainer comment header 2015-08-25 02:06:01 -04:00
Brian Coca efa005c228 added names to assert tasks for easier debugging 2015-08-24 22:57:56 -04:00
Brian Coca d6a1cbeefb corrected varname that started with number and broke templating 2015-08-24 22:44:12 -04:00
Brian Coca 104b8a9a7b avoid hostvars which is not a dict 2015-08-24 22:44:12 -04:00