1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Add options for password generation in the passwordstore module (#7426)

* feat: Add options for password generation.

* feat: Add documentations for options for password generation.

* fix: Remove newline from the end of the stored raw password

* fix: Define 'msg' variable before the reference inside the condition block

* feat: Add information when the 'timestamp' parameter was added

Co-authored-by: Felix Fontein <felix@fontein.de>

* feat: Add information when the 'preserve' parameter was added

Co-authored-by: Felix Fontein <felix@fontein.de>

* feat: Add changelog fragment for adding new parameters to the 'passwordstore' module

* feat: Change the evaluation of password modification conditions.

* feat: Change version of parameter 'timestamp' from 8.0.0 to 8.0.1

Co-authored-by: Felix Fontein <felix@fontein.de>

* feat: Change version of parameter 'preserve' from 8.0.0 to 8.0.1

Co-authored-by: Felix Fontein <felix@fontein.de>

* fix: Remove newline character from the timestamp message

Co-authored-by: Felix Fontein <felix@fontein.de>

* fix: Add newline character to the end of 'preserve' message.

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Michal Drobny <494056@muni.cz>
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Michal Drobny 2023-11-09 22:21:57 +01:00 committed by GitHub
parent 48e860be20
commit 6a514b6843
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 6 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- passwordstore - adds ``timestamp`` and ``preserve`` parameters to modify the stored password format (https://github.com/ansible-collections/community.general/pull/7426).

View file

@ -129,6 +129,16 @@ DOCUMENTATION = '''
- pass - pass
- gopass - gopass
version_added: 5.2.0 version_added: 5.2.0
timestamp:
description: Add the password generation information to the end of the file.
type: bool
default: true
version_added: 8.1.0
preserve:
description: Include the old (edited) password inside the pass file.
type: bool
default: true
version_added: 8.1.0
notes: notes:
- The lookup supports passing all options as lookup parameters since community.general 6.0.0. - The lookup supports passing all options as lookup parameters since community.general 6.0.0.
''' '''
@ -386,10 +396,12 @@ class LookupModule(LookupBase):
# generate new password, insert old lines from current result and return new password # generate new password, insert old lines from current result and return new password
newpass = self.get_newpass() newpass = self.get_newpass()
datetime = time.strftime("%d/%m/%Y %H:%M:%S") datetime = time.strftime("%d/%m/%Y %H:%M:%S")
msg = newpass + '\n' msg = newpass
if self.passoutput[1:]: if self.paramvals['preserve'] or self.paramvals['timestamp']:
msg += '\n'
if self.paramvals['preserve'] and self.passoutput[1:]:
msg += '\n'.join(self.passoutput[1:]) + '\n' msg += '\n'.join(self.passoutput[1:]) + '\n'
if self.paramvals['backup']: if self.paramvals['timestamp'] and self.paramvals['backup']:
msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime) msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime)
try: try:
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env) check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
@ -402,7 +414,9 @@ class LookupModule(LookupBase):
# use pwgen to generate the password and insert values with pass -m # use pwgen to generate the password and insert values with pass -m
newpass = self.get_newpass() newpass = self.get_newpass()
datetime = time.strftime("%d/%m/%Y %H:%M:%S") datetime = time.strftime("%d/%m/%Y %H:%M:%S")
msg = newpass + '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime) msg = newpass
if self.paramvals['timestamp']:
msg += '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime)
try: try:
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env) check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
except (subprocess.CalledProcessError) as e: except (subprocess.CalledProcessError) as e:
@ -465,6 +479,8 @@ class LookupModule(LookupBase):
'backup': self.get_option('backup'), 'backup': self.get_option('backup'),
'missing': self.get_option('missing'), 'missing': self.get_option('missing'),
'umask': self.get_option('umask'), 'umask': self.get_option('umask'),
'timestamp': self.get_option('timestamp'),
'preserve': self.get_option('preserve'),
} }
def run(self, terms, variables, **kwargs): def run(self, terms, variables, **kwargs):