1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Clarify Error message when bitwarden vault not unlocked (#5811)

* Clarify Error message when vault not unlocked

You can be logged into the Bitwarden-CLI, but it can still be locked. This took me several hours to debug, since every time I ran 'bw login' it told me, that I am already logged in.
If you run 'bw unlock' without being logged in, you are prompted to log in. 
This clarifies the Error occurring and can drastically reduce debugging time, since you don't have to look into the source code to get an understanding of whats wrong.

* RM: negation

Nobody needs negation

* Update function name

* FIX: tests

* ADD: changelog

* Update changelogs/fragments/5811-clarify-bitwarden-error.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Christoph 2023-01-22 17:29:11 +01:00 committed by GitHub
parent 6781dd1918
commit bf117c839c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 6 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- bitwarden lookup plugin - clarify what to do, if the bitwarden vault is not unlocked (https://github.com/ansible-collections/community.general/pull/5811).

View file

@ -83,7 +83,7 @@ class Bitwarden(object):
return self._cli_path return self._cli_path
@property @property
def logged_in(self): def unlocked(self):
out, err = self._run(['status'], stdin="") out, err = self._run(['status'], stdin="")
decoded = AnsibleJSONDecoder().raw_decode(out)[0] decoded = AnsibleJSONDecoder().raw_decode(out)[0]
return decoded['status'] == 'unlocked' return decoded['status'] == 'unlocked'
@ -135,8 +135,8 @@ class LookupModule(LookupBase):
self.set_options(var_options=variables, direct=kwargs) self.set_options(var_options=variables, direct=kwargs)
field = self.get_option('field') field = self.get_option('field')
search_field = self.get_option('search') search_field = self.get_option('search')
if not _bitwarden.logged_in: if not _bitwarden.unlocked:
raise AnsibleError("Not logged into Bitwarden. Run 'bw login'.") raise AnsibleError("Bitwarden Vault locked. Run 'bw unlock'.")
return [_bitwarden.get_field(field, term, search_field) for term in terms] return [_bitwarden.get_field(field, term, search_field) for term in terms]

View file

@ -111,7 +111,7 @@ MOCK_RECORDS = [
class MockBitwarden(Bitwarden): class MockBitwarden(Bitwarden):
logged_in = True unlocked = True
def _get_matches(self, search_value, search_field="name"): def _get_matches(self, search_value, search_field="name"):
return list(filter(lambda record: record[search_field] == search_value, MOCK_RECORDS)) return list(filter(lambda record: record[search_field] == search_value, MOCK_RECORDS))
@ -119,7 +119,7 @@ class MockBitwarden(Bitwarden):
class LoggedOutMockBitwarden(MockBitwarden): class LoggedOutMockBitwarden(MockBitwarden):
logged_in = False unlocked = False
class TestLookupModule(unittest.TestCase): class TestLookupModule(unittest.TestCase):
@ -155,7 +155,7 @@ class TestLookupModule(unittest.TestCase):
self.lookup.run(['a_test'])[0]) self.lookup.run(['a_test'])[0])
@patch('ansible_collections.community.general.plugins.lookup.bitwarden._bitwarden', LoggedOutMockBitwarden()) @patch('ansible_collections.community.general.plugins.lookup.bitwarden._bitwarden', LoggedOutMockBitwarden())
def test_bitwarden_plugin_logged_out(self): def test_bitwarden_plugin_unlocked(self):
record = MOCK_RECORDS[0] record = MOCK_RECORDS[0]
record_name = record['name'] record_name = record['name']
with self.assertRaises(AnsibleError): with self.assertRaises(AnsibleError):