mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Add options for password generation in the passwordstore module (#7426)
* feat: Add options for password generation. * feat: Add documentations for options for password generation. * fix: Remove newline from the end of the stored raw password * fix: Define 'msg' variable before the reference inside the condition block * feat: Add information when the 'timestamp' parameter was added Co-authored-by: Felix Fontein <felix@fontein.de> * feat: Add information when the 'preserve' parameter was added Co-authored-by: Felix Fontein <felix@fontein.de> * feat: Add changelog fragment for adding new parameters to the 'passwordstore' module * feat: Change the evaluation of password modification conditions. * feat: Change version of parameter 'timestamp' from 8.0.0 to 8.0.1 Co-authored-by: Felix Fontein <felix@fontein.de> * feat: Change version of parameter 'preserve' from 8.0.0 to 8.0.1 Co-authored-by: Felix Fontein <felix@fontein.de> * fix: Remove newline character from the timestamp message Co-authored-by: Felix Fontein <felix@fontein.de> * fix: Add newline character to the end of 'preserve' message. Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Michal Drobny <494056@muni.cz> Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
48e860be20
commit
6a514b6843
2 changed files with 24 additions and 6 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- passwordstore - adds ``timestamp`` and ``preserve`` parameters to modify the stored password format (https://github.com/ansible-collections/community.general/pull/7426).
|
|
@ -129,6 +129,16 @@ DOCUMENTATION = '''
|
||||||
- pass
|
- pass
|
||||||
- gopass
|
- gopass
|
||||||
version_added: 5.2.0
|
version_added: 5.2.0
|
||||||
|
timestamp:
|
||||||
|
description: Add the password generation information to the end of the file.
|
||||||
|
type: bool
|
||||||
|
default: true
|
||||||
|
version_added: 8.1.0
|
||||||
|
preserve:
|
||||||
|
description: Include the old (edited) password inside the pass file.
|
||||||
|
type: bool
|
||||||
|
default: true
|
||||||
|
version_added: 8.1.0
|
||||||
notes:
|
notes:
|
||||||
- The lookup supports passing all options as lookup parameters since community.general 6.0.0.
|
- The lookup supports passing all options as lookup parameters since community.general 6.0.0.
|
||||||
'''
|
'''
|
||||||
|
@ -386,11 +396,13 @@ class LookupModule(LookupBase):
|
||||||
# generate new password, insert old lines from current result and return new password
|
# generate new password, insert old lines from current result and return new password
|
||||||
newpass = self.get_newpass()
|
newpass = self.get_newpass()
|
||||||
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
|
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
|
||||||
msg = newpass + '\n'
|
msg = newpass
|
||||||
if self.passoutput[1:]:
|
if self.paramvals['preserve'] or self.paramvals['timestamp']:
|
||||||
msg += '\n'.join(self.passoutput[1:]) + '\n'
|
msg += '\n'
|
||||||
if self.paramvals['backup']:
|
if self.paramvals['preserve'] and self.passoutput[1:]:
|
||||||
msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime)
|
msg += '\n'.join(self.passoutput[1:]) + '\n'
|
||||||
|
if self.paramvals['timestamp'] and self.paramvals['backup']:
|
||||||
|
msg += "lookup_pass: old password was {0} (Updated on {1})\n".format(self.password, datetime)
|
||||||
try:
|
try:
|
||||||
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
|
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
|
||||||
except (subprocess.CalledProcessError) as e:
|
except (subprocess.CalledProcessError) as e:
|
||||||
|
@ -402,7 +414,9 @@ class LookupModule(LookupBase):
|
||||||
# use pwgen to generate the password and insert values with pass -m
|
# use pwgen to generate the password and insert values with pass -m
|
||||||
newpass = self.get_newpass()
|
newpass = self.get_newpass()
|
||||||
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
|
datetime = time.strftime("%d/%m/%Y %H:%M:%S")
|
||||||
msg = newpass + '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime)
|
msg = newpass
|
||||||
|
if self.paramvals['timestamp']:
|
||||||
|
msg += '\n' + "lookup_pass: First generated by ansible on {0}\n".format(datetime)
|
||||||
try:
|
try:
|
||||||
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
|
check_output2([self.pass_cmd, 'insert', '-f', '-m', self.passname], input=msg, env=self.env)
|
||||||
except (subprocess.CalledProcessError) as e:
|
except (subprocess.CalledProcessError) as e:
|
||||||
|
@ -465,6 +479,8 @@ class LookupModule(LookupBase):
|
||||||
'backup': self.get_option('backup'),
|
'backup': self.get_option('backup'),
|
||||||
'missing': self.get_option('missing'),
|
'missing': self.get_option('missing'),
|
||||||
'umask': self.get_option('umask'),
|
'umask': self.get_option('umask'),
|
||||||
|
'timestamp': self.get_option('timestamp'),
|
||||||
|
'preserve': self.get_option('preserve'),
|
||||||
}
|
}
|
||||||
|
|
||||||
def run(self, terms, variables, **kwargs):
|
def run(self, terms, variables, **kwargs):
|
||||||
|
|
Loading…
Reference in a new issue