Add ability to specify vault password and inventory files on commandline.

Dan Ellis · Dan Ellis · commit 2b19d5e3f49c · 2015-06-06T12:49:56.000-07:00
diff --git a/README.md b/README.md
@@ -32,7 +32,14 @@ directory an Ansible Toolkit command is run from.  To override:
     [inventory]
     path = /home/foo/inventory
 
-Usage
+### Optional Arguments ###
+
+If you have multiple Ansible inventories or password files, or for whatever reason do not wish to set up a configuration file, the configuration can be optionally passed on the command line:
+
+    -i, --inventory
+    -p, --vault-password-file
+
+Tools
 -----
 
 ### atk-show-vars ###
@@ -98,6 +105,11 @@ to make it work for more environments.
 Changelog
 ---------
 
+### 1.2.3 ###
+
+Add ability to specify vault password file and inventory file on the command 
+line.
+
 ### 1.2.2 ###
 
 Fix the way newlines are handled in vault decryption.
diff --git a/ansible_toolkit/show_template.py b/ansible_toolkit/show_template.py
@@ -1,17 +1,13 @@
-import ansible.inventory
-import ansible.runner
-import ansible.callbacks
-import ansible.cache
-
 from ansible.runner import Runner
 from ansible.utils.template import template_from_file
 
 from utils import get_inventory
 from utils_ansible import gather_facts as get_gathered_facts
 
 
-def show_template(host, path, gather_facts=True):
-    inventory = get_inventory()
+def show_template(host, path, gather_facts=True,
+                  inventory_file=None, password_file=None):
+    inventory = get_inventory(inventory_file, password_file)
     setup_cache = get_gathered_facts(host, inventory) if gather_facts else {}
 
     # Show the template
diff --git a/ansible_toolkit/show_vars.py b/ansible_toolkit/show_vars.py
@@ -64,8 +64,8 @@ def get_inject_vars(self, host):
     return inject
 
 
-def show_vars(host):
-    inventory = get_inventory()
+def show_vars(host, inventory_file=None, password_file=None):
+    inventory = get_inventory(inventory_file, password_file)
     Runner.get_inject_vars = get_inject_vars
     runner = Runner(inventory=inventory)
     runner.get_inject_vars(host)
diff --git a/ansible_toolkit/utils.py b/ansible_toolkit/utils.py
@@ -28,33 +28,38 @@ def red(text):
 
 # Vault Password
 
-def get_vault_password():
-    try:
-        password_file = config.get('vault', 'password_file')
-        return read_vault_file(password_file)
-    except ConfigParser.NoSectionError:
-        return None
+def get_vault_password(password_file=None):
+    if password_file is None:
+        try:
+            password_file = config.get('vault', 'password_file')
+        except ConfigParser.NoSectionError:
+            return None
+    return read_vault_file(password_file)
 
 
 # Inventory
 
-def get_inventory():
-    try:
-        inventory_path = os.path.expanduser(config.get('inventory', 'path'))
-    except ConfigParser.NoSectionError:
-        inventory_path = 'inventory'
-    return Inventory(inventory_path, vault_password=get_vault_password())
+def get_inventory(inventory_path=None, vault_password_path=None):
+    if inventory_path is None:
+        try:
+            inventory_path = os.path.expanduser(
+                config.get('inventory', 'path'))
+        except ConfigParser.NoSectionError:
+            inventory_path = 'inventory'
+    vault_password = get_vault_password(vault_password_path)
+    return Inventory(inventory_path, vault_password=vault_password)
 
 
 # Filesystem Tools
 
 def mkdir_p(path):
     try:
         os.makedirs(path)
-    except OSError as exc: # Python >2.5
+    except OSError as exc:  # Python >2.5
         if exc.errno == errno.EEXIST and os.path.isdir(path):
             pass
-        else: raise
+        else:
+            raise
 
 
 def split_path(path):
diff --git a/ansible_toolkit/vault.py b/ansible_toolkit/vault.py
@@ -9,13 +9,13 @@
 ATK_VAULT = '.atk-vault'
 
 
-def backup(path):
+def backup(path, password_file=None):
     """
     Replaces the contents of a file with its decrypted counterpart, storing the
     original encrypted version and a hash of the file contents for later
     retrieval.
     """
-    vault = VaultLib(get_vault_password())
+    vault = VaultLib(get_vault_password(password_file))
     with open(path, 'r') as f:
         encrypted_data = f.read()
 
@@ -41,19 +41,19 @@ def backup(path):
                 f.write(decrypted_data)
 
 
-def backup_all():
+def backup_all(password_file=None):
     for file_ in get_files('.'):
-        backup(file_)
+        backup(file_, password_file)
 
 
-def restore(path):
+def restore(path, password_file=None):
     """
     Retrieves a file from the atk vault and restores it to its original
     location, re-encrypting it if it has changed.
 
     :param path: path to original file
     """
-    vault = VaultLib(get_vault_password())
+    vault = VaultLib(get_vault_password(password_file))
     atk_path = os.path.join(ATK_VAULT, path)
 
     # Load stored data
@@ -82,10 +82,10 @@ def restore(path):
     os.remove(os.path.join(atk_path, 'hash'))
 
 
-def restore_all():
+def restore_all(password_file=None):
     for file_ in get_files(ATK_VAULT):
         if os.path.basename(file_) == 'encrypted':
 
             # Get the path without the atk vault base and encrypted filename
             original_path = os.path.join(*split_path(file_)[1:-1])
-            restore(original_path)
+            restore(original_path, password_file)
diff --git a/bin/atk-show-template b/bin/atk-show-template
@@ -16,8 +16,13 @@ if __name__ == '__main__':
         help="don't gather facts from host for template rendering",
         action="store_true",
     )
+    parser.add_argument('-i', '--inventory', type=str,
+                        help="Path to inventory file")
+    parser.add_argument('-p', '--vault-password-file', type=str,
+                        help="Path to vault password file")
     args = parser.parse_args()
     gather_facts = not args.no_gather_facts
 
     # Render Template
-    show_template(args.host, args.path, gather_facts)
+    show_template(args.host, args.path, gather_facts,
+                  args.inventory, args.vault_password_file)
diff --git a/bin/atk-show-vars b/bin/atk-show-vars
@@ -9,5 +9,9 @@ from ansible_toolkit.show_vars import show_vars
 if __name__ == '__main__':
     parser = argparse.ArgumentParser()
     parser.add_argument('host')
+    parser.add_argument('-i', '--inventory', type=str,
+                        help="Path to inventory file")
+    parser.add_argument('-p', '--vault-password-file', type=str,
+                        help="Path to vault password file")
     args = parser.parse_args()
-    show_vars(args.host)
+    show_vars(args.host, args.inventory, args.vault_password_file)
diff --git a/bin/atk-vault b/bin/atk-vault
@@ -11,13 +11,15 @@ if __name__ == '__main__':
     # Parse Args
     parser = argparse.ArgumentParser()
     parser.add_argument('action', help="open, close")
+    parser.add_argument('-p', '--vault-password-file', type=str,
+                        help="Path to vault password file")
     args = parser.parse_args()
     if args.action not in ['open', 'close']:
         raise RuntimeError(
             "atk-vault command must be either 'open' or 'close'")
 
     # Open / Close Vault
     if args.action == 'open':
-        vault.backup_all()
+        vault.backup_all(args.vault_password_file)
     elif args.action == 'close':
-        vault.restore_all()
+        vault.restore_all(args.vault_password_file)
diff --git a/setup.py b/setup.py
@@ -2,7 +2,7 @@
 
 
 setup(name='ansible-toolkit',
-      version='1.2.2',
+      version='1.2.3',
       description='The missing Ansible tools',
       url='http://github.com/dellis23/ansible-toolkit',
       author='Daniel Ellis',
