mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-24 05:40:23 -07:00
add a vault --encrypt-vault-to specify vault id to use for encrypt (#31067)
Enforce that there can be only one --new-vault-id or --new-vault-password-file and use this instead of --encrypt-vault-id * Add a config option for default vault encrypt id
This commit is contained in:
parent
866239e01a
commit
ffe0ddea96
5 changed files with 110 additions and 19 deletions
|
@ -185,6 +185,13 @@ WRONG_RC=$?
|
|||
echo "rc was $WRONG_RC (1 is expected)"
|
||||
[ $WRONG_RC -eq 1 ]
|
||||
|
||||
# try specifying a --encrypt-vault-id that doesnt exist, should exit with an error indicating
|
||||
# that --encrypt-vault-id and the known vault-ids
|
||||
ansible-vault encrypt "$@" --vault-password-file vault-password --encrypt-vault-id doesnt_exist "${TEST_FILE}" && :
|
||||
WRONG_RC=$?
|
||||
echo "rc was $WRONG_RC (1 is expected)"
|
||||
[ $WRONG_RC -eq 1 ]
|
||||
|
||||
# encrypt it
|
||||
ansible-vault encrypt "$@" --vault-password-file vault-password "${TEST_FILE}"
|
||||
|
||||
|
@ -252,6 +259,12 @@ ansible-vault encrypt "$@" --vault-password-file vault-password "${TEST_FILE}"
|
|||
|
||||
ansible-vault rekey "$@" --vault-password-file vault-password --new-vault-password-file "${NEW_VAULT_PASSWORD}" "${TEST_FILE}"
|
||||
|
||||
# --new-vault-password-file and --new-vault-id should cause options error
|
||||
ansible-vault rekey "$@" --vault-password-file vault-password --new-vault-id=foobar --new-vault-password-file "${NEW_VAULT_PASSWORD}" "${TEST_FILE}" && :
|
||||
WRONG_RC=$?
|
||||
echo "rc was $WRONG_RC (2 is expected)"
|
||||
[ $WRONG_RC -eq 2 ]
|
||||
|
||||
ansible-vault view "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" "${TEST_FILE}"
|
||||
|
||||
# view with old password file and new password file
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue