-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ansible-vault decrypt --output - no longer working in ansible 2.4 #30550
Comments
@jleclanche Greetings! Thanks for taking the time to open this issue. In order for the community to handle your issue effectively, we need a bit more information. Here are the items we could not find in your description:
Please set the description of this issue with this template: |
cc @bcoca because this is a regression due to #29663 (525c318): + # add output if needed
+ if self.action in self.can_output:
+ self.parser.add_option('--output', default=None, dest='output_file',
+ help='output file name for encrypt or decrypt; use - for stdout',
+ action="callback", callback=CLI.unfrack_path, type='string')
+
|
After upgrading PIP package ansible-vault to 1.0.5, this function is no longer working for me. Multiple systems, CentOS and Fedora. Could this be related? >>> from ansible_vault import Vault
>>> dictpass = Vault("passphrase")
>>> nodedict = dictpass.load(open('nodedict.yml').read())
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/site-packages/ansible_vault/api.py", line 18, in load
return yaml.safe_load(self.vault.decrypt(stream))
File "/usr/lib/python2.7/site-packages/ansible/parsing/vault/__init__.py", line 543, in decrypt
_matches = match_secrets(self.secrets, vault_id_matchers)
File "/usr/lib/python2.7/site-packages/ansible/parsing/vault/__init__.py", line 399, in match_secrets
matches = [(vault_id, secret) for vault_id, secret in secrets if vault_id in target_vault_ids]
ValueError: need more than 1 value to unpack |
No that doesn't seem related. You should file a separate issue for that. |
fwiw, 'ansible-vault view example.txt' can be used in lieu of 'ansible-vault decrypt example.txt --output= -' for the time being. |
I thought I had an intg test case for this, but it was slightly different:
But the test doesnt actually check the stdout, so it was passing... fixing both. |
@jleclanche #31066 should fix this. If you can test out the pr I would appreciate it. |
In cli.CLI.unfrack_path callback, special case if the value of '--output' is '-', and avoid expanding it to a full path. vault cli already has special cases for '-', so it just needs to get the original value to work. Fixes #30550
@alikins thanks - sorry i was not able to get back to all this, stuff got in the way :/ |
cherry-pick'ed to stable-2.4 in commit 576e337 |
In cli.CLI.unfrack_path callback, special case if the value of '--output' is '-', and avoid expanding it to a full path. vault cli already has special cases for '-', so it just needs to get the original value to work. Fixes ansible#30550
ANSIBLE VERSION
In ansible 2.3.x, it was possible to do
ansible-vault decrypt example.txt --output -
to get the decrypted output into stdout. In fact, that is advertised inansible-vault decrypt --help
:In Ansible 2.4, this is bugged and results in a file named
-
.The text was updated successfully, but these errors were encountered: