ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-08-22 14:01:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix 'vault rekey' with vault secret env var

Browse source 
if ANSIBLE_VAULT_PASSWORD_FILE is set, 'ansible-vault rekey myvault.yml'
will fail to prompt for the new vault password file, and will use
None.

Fix is to split out 'ask_vault_passwords' into 'ask_vault_passwords'
and 'ask_new_vault_passwords' to make the logic simpler. And then
make sure new_vault_pass is always set for 'rekey', and if not, then
call ask_new_vault_passwords() to set it.

ask_vault_passwords() would return values for vault_pass and new
vault_pass, and vault cli previously would not prompt for new_vault_pass
if there was a vault_pass set via a vault password file.

Fixes #18247
This commit is contained in:
Adrian Likins 2016-10-31 12:56:18 -04:00 committed by Brian Coca
commit 309f54b709
5 changed files with 32 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/ansible/cli/playbook.py
View file

@ -116,7 +116,7 @@ class PlaybookCLI(CLI):
vault_pass = CLI.read_vault_password_file(self.options.vault_password_file, loader=loader)
loader.set_vault_password(vault_pass)
elif self.options.ask_vault_pass:
vault_pass = self.ask_vault_passwords()[0]
vault_pass = self.ask_vault_passwords()
loader.set_vault_password(vault_pass)
# create the variable manager, which will be shared throughout