Fix using vault encrypted data with jinja2_native (#49025)
Fixes #48950
(cherry picked from commit d4568d97d4
)
This commit is contained in:
parent
4b3244427e
commit
660f46be13
5 changed files with 28 additions and 1 deletions
|
@ -0,0 +1,2 @@
|
|||
bugfixes:
|
||||
- Fix using vault encrypted data with jinja2_native (https://github.com/ansible/ansible/issues/48950)
|
|
@ -12,6 +12,8 @@ import types
|
|||
|
||||
from jinja2._compat import text_type
|
||||
|
||||
from ansible.parsing.yaml.objects import AnsibleVaultEncryptedUnicode
|
||||
|
||||
|
||||
def ansible_native_concat(nodes):
|
||||
"""Return a native Python type from the list of compiled nodes. If the
|
||||
|
@ -30,8 +32,13 @@ def ansible_native_concat(nodes):
|
|||
|
||||
if len(head) == 1:
|
||||
out = head[0]
|
||||
|
||||
# TODO send unvaulted data to literal_eval?
|
||||
if isinstance(out, AnsibleVaultEncryptedUnicode):
|
||||
return out.data
|
||||
|
||||
# short circuit literal_eval when possible
|
||||
if not isinstance(out, list): # FIXME is this needed?
|
||||
if not isinstance(out, list):
|
||||
return out
|
||||
else:
|
||||
if isinstance(nodes, types.GeneratorType):
|
||||
|
|
|
@ -3,3 +3,4 @@
|
|||
set -eux
|
||||
|
||||
ANSIBLE_JINJA2_NATIVE=1 ansible-playbook -i inventory.jinja2_native_types runtests.yml -v "$@"
|
||||
ANSIBLE_JINJA2_NATIVE=1 ansible-playbook -i inventory.jinja2_native_types --vault-password-file test_vault_pass test_vault.yml -v "$@"
|
||||
|
|
16
test/integration/targets/jinja2_native_types/test_vault.yml
Normal file
16
test/integration/targets/jinja2_native_types/test_vault.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
- hosts: localhost
|
||||
gather_facts: no
|
||||
vars:
|
||||
# ansible-vault encrypt_string root
|
||||
# vault_password_file = test_vault_pass
|
||||
vaulted_root_string: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
39333565666430306232343266346635373235626564396332323838613063646132653436303239
|
||||
3133363232306334393863343563366131373565616338380a666339383162333838653631663131
|
||||
36633637303862353435643930393664386365323164643831363332666435303436373365393162
|
||||
6535383134323539380a613663366631626534313837313565666665336164353362373431666366
|
||||
3464
|
||||
tasks:
|
||||
- name: make sure group root exists
|
||||
group:
|
||||
name: "{{ vaulted_root_string }}"
|
|
@ -0,0 +1 @@
|
|||
test
|
Loading…
Reference in a new issue