Skip to content

Commit 2b19d5e

Browse files
author
Dan Ellis
committed
Add ability to specify vault password and inventory files on commandline.
1 parent 78f7845 commit 2b19d5e

File tree

9 files changed

+61
-37
lines changed

9 files changed

+61
-37
lines changed

README.md

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,14 @@ directory an Ansible Toolkit command is run from. To override:
3232
[inventory]
3333
path = /home/foo/inventory
3434

35-
Usage
35+
### Optional Arguments ###
36+
37+
If you have multiple Ansible inventories or password files, or for whatever reason do not wish to set up a configuration file, the configuration can be optionally passed on the command line:
38+
39+
-i, --inventory
40+
-p, --vault-password-file
41+
42+
Tools
3643
-----
3744

3845
### atk-show-vars ###
@@ -98,6 +105,11 @@ to make it work for more environments.
98105
Changelog
99106
---------
100107

108+
### 1.2.3 ###
109+
110+
Add ability to specify vault password file and inventory file on the command
111+
line.
112+
101113
### 1.2.2 ###
102114

103115
Fix the way newlines are handled in vault decryption.

ansible_toolkit/show_template.py

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,13 @@
1-
import ansible.inventory
2-
import ansible.runner
3-
import ansible.callbacks
4-
import ansible.cache
5-
61
from ansible.runner import Runner
72
from ansible.utils.template import template_from_file
83

94
from utils import get_inventory
105
from utils_ansible import gather_facts as get_gathered_facts
116

127

13-
def show_template(host, path, gather_facts=True):
14-
inventory = get_inventory()
8+
def show_template(host, path, gather_facts=True,
9+
inventory_file=None, password_file=None):
10+
inventory = get_inventory(inventory_file, password_file)
1511
setup_cache = get_gathered_facts(host, inventory) if gather_facts else {}
1612

1713
# Show the template

ansible_toolkit/show_vars.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,8 +64,8 @@ def get_inject_vars(self, host):
6464
return inject
6565

6666

67-
def show_vars(host):
68-
inventory = get_inventory()
67+
def show_vars(host, inventory_file=None, password_file=None):
68+
inventory = get_inventory(inventory_file, password_file)
6969
Runner.get_inject_vars = get_inject_vars
7070
runner = Runner(inventory=inventory)
7171
runner.get_inject_vars(host)

ansible_toolkit/utils.py

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -28,33 +28,38 @@ def red(text):
2828

2929
# Vault Password
3030

31-
def get_vault_password():
32-
try:
33-
password_file = config.get('vault', 'password_file')
34-
return read_vault_file(password_file)
35-
except ConfigParser.NoSectionError:
36-
return None
31+
def get_vault_password(password_file=None):
32+
if password_file is None:
33+
try:
34+
password_file = config.get('vault', 'password_file')
35+
except ConfigParser.NoSectionError:
36+
return None
37+
return read_vault_file(password_file)
3738

3839

3940
# Inventory
4041

41-
def get_inventory():
42-
try:
43-
inventory_path = os.path.expanduser(config.get('inventory', 'path'))
44-
except ConfigParser.NoSectionError:
45-
inventory_path = 'inventory'
46-
return Inventory(inventory_path, vault_password=get_vault_password())
42+
def get_inventory(inventory_path=None, vault_password_path=None):
43+
if inventory_path is None:
44+
try:
45+
inventory_path = os.path.expanduser(
46+
config.get('inventory', 'path'))
47+
except ConfigParser.NoSectionError:
48+
inventory_path = 'inventory'
49+
vault_password = get_vault_password(vault_password_path)
50+
return Inventory(inventory_path, vault_password=vault_password)
4751

4852

4953
# Filesystem Tools
5054

5155
def mkdir_p(path):
5256
try:
5357
os.makedirs(path)
54-
except OSError as exc: # Python >2.5
58+
except OSError as exc: # Python >2.5
5559
if exc.errno == errno.EEXIST and os.path.isdir(path):
5660
pass
57-
else: raise
61+
else:
62+
raise
5863

5964

6065
def split_path(path):

ansible_toolkit/vault.py

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -9,13 +9,13 @@
99
ATK_VAULT = '.atk-vault'
1010

1111

12-
def backup(path):
12+
def backup(path, password_file=None):
1313
"""
1414
Replaces the contents of a file with its decrypted counterpart, storing the
1515
original encrypted version and a hash of the file contents for later
1616
retrieval.
1717
"""
18-
vault = VaultLib(get_vault_password())
18+
vault = VaultLib(get_vault_password(password_file))
1919
with open(path, 'r') as f:
2020
encrypted_data = f.read()
2121

@@ -41,19 +41,19 @@ def backup(path):
4141
f.write(decrypted_data)
4242

4343

44-
def backup_all():
44+
def backup_all(password_file=None):
4545
for file_ in get_files('.'):
46-
backup(file_)
46+
backup(file_, password_file)
4747

4848

49-
def restore(path):
49+
def restore(path, password_file=None):
5050
"""
5151
Retrieves a file from the atk vault and restores it to its original
5252
location, re-encrypting it if it has changed.
5353
5454
:param path: path to original file
5555
"""
56-
vault = VaultLib(get_vault_password())
56+
vault = VaultLib(get_vault_password(password_file))
5757
atk_path = os.path.join(ATK_VAULT, path)
5858

5959
# Load stored data
@@ -82,10 +82,10 @@ def restore(path):
8282
os.remove(os.path.join(atk_path, 'hash'))
8383

8484

85-
def restore_all():
85+
def restore_all(password_file=None):
8686
for file_ in get_files(ATK_VAULT):
8787
if os.path.basename(file_) == 'encrypted':
8888

8989
# Get the path without the atk vault base and encrypted filename
9090
original_path = os.path.join(*split_path(file_)[1:-1])
91-
restore(original_path)
91+
restore(original_path, password_file)

bin/atk-show-template

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,13 @@ if __name__ == '__main__':
1616
help="don't gather facts from host for template rendering",
1717
action="store_true",
1818
)
19+
parser.add_argument('-i', '--inventory', type=str,
20+
help="Path to inventory file")
21+
parser.add_argument('-p', '--vault-password-file', type=str,
22+
help="Path to vault password file")
1923
args = parser.parse_args()
2024
gather_facts = not args.no_gather_facts
2125

2226
# Render Template
23-
show_template(args.host, args.path, gather_facts)
27+
show_template(args.host, args.path, gather_facts,
28+
args.inventory, args.vault_password_file)

bin/atk-show-vars

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,9 @@ from ansible_toolkit.show_vars import show_vars
99
if __name__ == '__main__':
1010
parser = argparse.ArgumentParser()
1111
parser.add_argument('host')
12+
parser.add_argument('-i', '--inventory', type=str,
13+
help="Path to inventory file")
14+
parser.add_argument('-p', '--vault-password-file', type=str,
15+
help="Path to vault password file")
1216
args = parser.parse_args()
13-
show_vars(args.host)
17+
show_vars(args.host, args.inventory, args.vault_password_file)

bin/atk-vault

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,15 @@ if __name__ == '__main__':
1111
# Parse Args
1212
parser = argparse.ArgumentParser()
1313
parser.add_argument('action', help="open, close")
14+
parser.add_argument('-p', '--vault-password-file', type=str,
15+
help="Path to vault password file")
1416
args = parser.parse_args()
1517
if args.action not in ['open', 'close']:
1618
raise RuntimeError(
1719
"atk-vault command must be either 'open' or 'close'")
1820

1921
# Open / Close Vault
2022
if args.action == 'open':
21-
vault.backup_all()
23+
vault.backup_all(args.vault_password_file)
2224
elif args.action == 'close':
23-
vault.restore_all()
25+
vault.restore_all(args.vault_password_file)

setup.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33

44
setup(name='ansible-toolkit',
5-
version='1.2.2',
5+
version='1.2.3',
66
description='The missing Ansible tools',
77
url='http://github.com/dellis23/ansible-toolkit',
88
author='Daniel Ellis',

0 commit comments

Comments
 (0)