ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity
community.general/plugins/lookup
History
Mike Hume 1a13287788
Add sops lookup plugin (#374) 
* add sops lookup plugin

* fix pylint

* fix undefined encrypted_file variable

* decode sops output as text by default

* add variable to control decrypted content print in logs

* use Sops class decryption method

* lookup should return text, use appropriate ansible facility

* use ansible.module_utils._text.to_native

As required by Ansible documentation on [raising errors][raising-errors]
from plugins, use to_native to wrap errors to ensure string compatibility
between Python versions.

[raising-errors]: https://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html#id3

* use with_items instead of with_file in sops lookup documentation

[with_file][with-file], per Ansible documentation, returns the content of
the file. As sops is not able to decrypt a string by itself but requires
the file is passed as argument, passing the content breaks the lookup
plugin as reported by [here][bug-report].

[with_items][with-items] should be used instead.

[with-file]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#looping-over-files
[with-items]: https://docs.ansible.com/ansible/2.4/playbooks_loops.html#standard-loops
[bug-report]: https://github.com/ansible/ansible/pull/59639#issuecomment-540803722

* uniform sops exception handling between plugins

* Apply suggestions from code review

Co-Authored-By: Felix Fontein <felix@fontein.de>

* remove sops lookup plugin print option

Is no longer possible to print the decrypted secrets directly from this
plugin, but `debug` module can be used instead.

* add github handle to author

* add setup_sops integration target

* extract sops module

* add lookup_sops integration tests

* use sops module

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/module_utils/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/files/simple.sops.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Adding aliases file

* Emtpy spaces

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/lookup/sops.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update test/integration/targets/lookup_sops/tasks/ubuntu.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* gpg -> gnupg2

* with_items -> loop

* Move error logic to module_utils.

* Make Sops.decrypt() also handle errors and decode output.

* Improve error handling.

* Improve example formatting.

* Reorganize tests.

* Add test.

* Remove version_added.

Co-authored-by: Edoardo Tenani <edoardo.tenani@protonmail.com>
Co-authored-by: Edoardo Tenani <edoardo.tenani@gmail.com>
Co-authored-by: Edoardo T <endorama@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2020-06-06 21:36:28 +02:00
..
__init__.py Initial commit 2020-03-09 09:11:07 +00:00
cartesian.py Fix example since lookup/query is not filter (#55) 2020-03-26 13:24:06 +00:00
chef_databag.py Initial commit 2020-03-09 09:11:07 +00:00
conjur_variable.py Remove ANSIBLE_METADATA (#339) 2020-05-14 14:03:42 +01:00
consul_kv.py Remove ANSIBLE_METADATA (#339) 2020-05-14 14:03:42 +01:00
credstash.py Initial commit 2020-03-09 09:11:07 +00:00
cyberarkpassword.py Initial commit 2020-03-09 09:11:07 +00:00
dig.py Fix the docs for dig and nios. 2020-05-20 13:16:51 -07:00
dnstxt.py Initial commit 2020-03-09 09:11:07 +00:00
etcd.py Initial commit 2020-03-09 09:11:07 +00:00
etcd3.py Remove ANSIBLE_METADATA (#339) 2020-05-14 14:03:42 +01:00
filetree.py Initial commit 2020-03-09 09:11:07 +00:00
flattened.py Initial commit 2020-03-09 09:11:07 +00:00
gcp_storage_file.py gcp_storage_file: error gracefully when google.cloud is not there (#372) 2020-05-19 23:06:40 +02:00
hashi_vault.py hashi_vault refresh - Add AWS login methods, bugfixes, cleanup (#23) 2020-04-28 11:27:37 +00:00
hiera.py Initial commit 2020-03-09 09:11:07 +00:00
keyring.py Initial commit 2020-03-09 09:11:07 +00:00
lastpass.py Initial commit 2020-03-09 09:11:07 +00:00
lmdb_kv.py Initial commit 2020-03-09 09:11:07 +00:00
manifold.py Initial commit 2020-03-09 09:11:07 +00:00
nios.py Fix the docs for dig and nios. 2020-05-20 13:16:51 -07:00
nios_next_ip.py Initial commit 2020-03-09 09:11:07 +00:00
nios_next_network.py Initial commit 2020-03-09 09:11:07 +00:00
onepassword.py Remove ANSIBLE_METADATA (#339) 2020-05-14 14:03:42 +01:00
onepassword_raw.py Remove ANSIBLE_METADATA (#339) 2020-05-14 14:03:42 +01:00
passwordstore.py passwordstore: Honor equal sign in userpass (#19) 2020-03-17 14:20:39 +00:00
redis.py Initial commit 2020-03-09 09:11:07 +00:00
shelvefile.py Initial commit 2020-03-09 09:11:07 +00:00
sops.py Add sops lookup plugin (#374) 2020-06-06 21:36:28 +02:00