Abhijit Menon-Sen
e7eebb6954
Implement cat-like filtering behaviour for encrypt/decrypt
...
This allows the following invocations:
# Interactive use, like gpg
ansible-vault encrypt --output x
# Non-interactive, for scripting
echo plaintext|ansible-vault encrypt --output x
# Separate input and output files
ansible-vault encrypt input.yml --output output.yml
# Existing usage (in-place encryption) unchanged
ansible-vault encrypt inout.yml
…and the analogous cases for ansible-vault decrypt as well.
In all cases, the input and output files can be '-' to read from stdin
or write to stdout. This permits sensitive data to be encrypted and
decrypted without ever hitting disk.
2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen
32b38d4e29
Fix add_option indentation for consistency before adding another option
2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen
8fc8bf9439
Simplify VaultEditor methods
...
We don't need to keep creating VaultLibs everywhere, and we don't need
to keep checking for errors because VaultLib does it already.
2015-08-27 22:04:18 +05:30
Abhijit Menon-Sen
e99395f0c0
Don't create a VaultLib in each method; do it in __init__ instead
2015-08-27 22:04:18 +05:30
Brian Coca
b2bfe3502b
make sure delimiter is basestring for cvsfile
...
fixes #12062
2015-08-26 18:38:39 -04:00
James Cammarata
0441a7a217
Finishing off porting of chroot connection plugin
2015-08-26 16:43:06 -04:00
Toshio Kuratomi
017bd7b1cd
Fix synchronize lookup of localhost info
2015-08-26 13:36:50 -07:00
James Cammarata
50448d68e1
Implement max_fail_percentage and any_errors_fatal support
...
Fixes #11997
2015-08-26 12:03:47 -04:00
James Cammarata
af41ba929c
Add float and percent types for FieldAttributes
...
Also sets the max_fail_percentage value to the percent type.
2015-08-26 12:03:47 -04:00
Brian Coca
b2ae6945c4
always load vars plugins
...
fixes #12104
2015-08-26 11:40:53 -04:00
Toshio Kuratomi
111c0cc204
Merge pull request #12106 from amenonsen/vault-cleanups
...
Vault cleanups, pass #1
2015-08-26 07:30:13 -07:00
Abhijit Menon-Sen
b84053019a
Make the filename the first argument to rekey_file
2015-08-26 19:54:59 +05:30
Toshio Kuratomi
5df5a14edc
Merge pull request #12101 from tquenolle/devel
...
Synchronize fix error
2015-08-26 07:03:13 -07:00
Abhijit Menon-Sen
20fd9224bb
Pass the filename to the individual VaultEditor methods, not __init__
...
Now we don't have to recreate VaultEditor objects for each file, and so
on. It also paves the way towards specifying separate input and output
files later.
2015-08-26 19:17:37 +05:30
Brian Coca
82603bb2a0
avoids running abspath on None
2015-08-26 09:28:23 -04:00
Abhijit Menon-Sen
a27c5741a1
Remove inaccurate outdated comment
2015-08-26 18:31:45 +05:30
Abhijit Menon-Sen
f91ad3dabe
Don't pass the cipher around so much
...
It's unused and unnecessary; VaultLib can decide for itself what cipher
to use when encrypting. There's no need (and no provision) for the user
to override the cipher via options, so there's no need for code to see
if that has been done either.
2015-08-26 18:31:45 +05:30
Abhijit Menon-Sen
017566a2d9
Use AES256 if the cipher is not write-whitelisted
2015-08-26 18:09:21 +05:30
Abhijit Menon-Sen
47bcdf5952
Remove incorrect copy-pasted comment
2015-08-26 18:09:21 +05:30
Thomas Quenolle
c948af3b1e
Synchronize fix error
...
Fix the error:
"RuntimeError: dictionary changed size during iteration"
2015-08-26 11:01:00 +02:00
James Cammarata
601a1cc6d9
Multiple fixes for include statements and blocks in general
...
Fixes #11981
Fixes #11995
Fixes #12039
Fixes #12077
2015-08-26 02:23:22 -04:00
Brian Coca
154754ae50
pushed module_loader to task_queue_manager so all cli's can benefit from it
...
also normalized -M option across all cli
fixes #12016
2015-08-25 18:14:03 -04:00
Toshio Kuratomi
d2c948dd6a
Remove decrypted vault temp_file mistakenly left from patch making vault edit idempotent
...
This bug was introduced in commit f8bf2ba
on July 27. Hasn't gone out
in a release yet.
2015-08-25 14:51:32 -07:00
Toshio Kuratomi
56ae3a032f
Merge pull request #12075 from ansible/fix-vault-unicode
...
Unicode and other fixes for vault
2015-08-25 14:49:15 -07:00
Toshio Kuratomi
a3fd4817ef
Unicode and other fixes for vault
2015-08-25 12:43:09 -07:00
Toshio Kuratomi
16e8a7dd67
Merge pull request #11767 from amenonsen/vault-new-password-file
...
add option to ansible-vault to read new password from file for rekey
2015-08-25 10:15:27 -07:00
Toshio Kuratomi
156feec264
Merge pull request #11650 from objectified/feature-docker-connection
...
allow ansible to connect to docker containers (without using ssh)
2015-08-25 09:28:25 -07:00
Richard Poole
3090a45891
add option to ansible-vault to read new password from file for rekey
...
The --new-vault-password-file option works the same as
--vault-password-file but applies only to rekeying (when
--vault-password-file sets the old password). Also update the manpage
to document these options more fully.
2015-08-25 21:14:49 +05:30
Brian Coca
ae91cdfc98
fixed environment inheritance
2015-08-25 10:15:32 -04:00
Brian Coca
8aa732e0a4
allow for lists, sets and dicts to default to None, now return empty type in post processing
...
remove defaults from inhertiable fieldattributes to allow for proper detection and override
2015-08-25 10:14:28 -04:00
Marius Gedminas
44c94328c8
Speed up execution
...
`if method in dir(self):` is very inefficient:
- it must construct a list object listing all the object attributes & methods
- it must then perform a O(N) linear scan of that list
Replace it with the idiomatic `if hasattr(self, method):`, which is a
O(1) expected time hash lookup.
Should fix #11981 .
2015-08-25 16:07:21 +03:00
objectified
b1785a0361
replace compare_versions() with distutils.version
2015-08-25 02:18:37 -04:00
objectified
c39fb43ad9
added Maintainer comment header
2015-08-25 02:06:01 -04:00
Toshio Kuratomi
1f7b0fee0a
Fixes #12076
2015-08-24 19:07:04 -07:00
Brian Coca
17060f9849
remove +1 from size that was cutting off first char of copied files when a recursive dir
...
fixes #12055
2015-08-24 21:10:03 -04:00
Toshio Kuratomi
6e107d2f22
Comments pointing the way towards substituting cryptography for pycrypto
2015-08-24 15:50:37 -07:00
Brian Coca
16f3f8e244
now does not error out when notes are not included in module
2015-08-24 13:24:58 -04:00
objectified
d9723069c5
align exec_command() definition with local.py
2015-08-24 12:32:11 -04:00
objectified
3a5522a22c
fake being connected for logging purposes
2015-08-24 12:32:11 -04:00
objectified
8f2a6a9fae
use docker cp when docker >=1.8.0
2015-08-24 12:32:11 -04:00
objectified
2de773477f
allow ansible to connect to docker containers
2015-08-24 12:32:11 -04:00
James Cammarata
21e421ce53
Validate required list items are not None or empty strings
...
Fixes #12011
2015-08-24 11:44:28 -04:00
James Cammarata
db65503778
Revert "Add PowerShell exception handling and turn on strict mode."
2015-08-23 21:09:16 -04:00
Abhijit Menon-Sen
3aedc0bca9
Don't insist on ansible-vault taking only one filename parameter
...
Apart from ansible-vault create, every vault subcommand is happy to deal
with multiple filenames, so we can check that there's at least one, and
make create check separately that there aren't any extra.
2015-08-23 17:52:51 -04:00
Brian Coca
f1b8323b62
fixed host/group var loading when inventory is a directory
2015-08-23 17:51:47 -04:00
Brian Coca
af06a97f17
kept vars as alias to hostvars[inventory_hostname] and avoid subtrees into themselves
2015-08-23 17:51:47 -04:00
Brian Coca
3ccfebc9f7
Merge pull request #12047 from cchurch/powershell_common_cleanup
...
Add PowerShell exception handling and turn on strict mode.
2015-08-23 14:08:18 -04:00
Brian Coca
a4ffa09414
Merge pull request #11880 from bcoca/configurable_squash
...
made squashable with_ plugin list configurable
2015-08-23 13:32:15 -04:00
Abhijit Menon-Sen
09e4eac2e5
Use rsplit(':',1) for clarity; no functional changes
2015-08-23 22:52:35 +05:30
Ryan Petrello
1886307845
Fix a parsing bug that prevents IPv6 addresses from being used with add_host
...
Closes #8682
2015-08-23 22:50:47 +05:30