1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/test/integration/targets/vault
Adrian Likins 6e737c8cb6
Fix 'New Vault password' on vault 'edit' (#35923)
* Fix 'New Vault password' on vault 'edit'

ffe0ddea96 introduce a
change on 'ansible-vault edit' that tried to check
for --encrypt-vault-id in that mode. But '--encrypt-vault-id'
is not intended for 'edit' since the 'edit' should always
reuse the vault secret that was used to decrypt the text.

Change cli to not check for --encrypt-vault-id on 'edit'.

VaultLib.decrypt_and_get_vault_id() was change to return
the vault secret used to decrypt (in addition to vault_id
and the plaintext).

VaultEditor.edit_file() will now use 'vault_secret_used'
as returned from decrypt_and_get_vault_id() so that
an edited file always gets reencrypted with the same
secret, regardless of any vault id configuration or
cli options.

Fixes #35834
2018-03-27 14:12:21 -04:00
..
invalid_format Better handling of malformed vault data envelope (#32515) 2017-11-10 14:24:56 -05:00
roles
aliases
empty-password
encrypted-vault-password Support using vault password files that are themselves vault encrypted (#27668) 2018-01-20 14:56:18 -05:00
encrypted_file_encrypted_var_password
example1_password
example2_password
example3_password
faux-editor.py
format_1_0_AES.yml
format_1_1_AES.yml
format_1_1_AES256.yml
format_1_2_AES256.yml
password-script.py
runme.sh Fix 'New Vault password' on vault 'edit' (#35923) 2018-03-27 14:12:21 -04:00
runme_change_pip_installed.sh
test-vault-client.py Vault secrets script client inc new 'keyring' client (#27669) 2017-10-13 15:23:08 -04:00
test_vault.yml
test_vault_embedded.yml
test_vault_embedded_ids.yml
test_vault_file_encrypted_embedded.yml
test_vaulted_inventory.yml
test_vaulted_template.yml
vault-password
vault-password-ansible
vault-password-wrong
vault-secret.txt
vaulted.inventory