Commit graph

12 commits

Author SHA1 Message Date
CsilLAB
6900378766 [WIP] Tip to see the content of a single encrypted var (#37887)
* Tip to see the content of a single var encrypted with Ansible Vault
2019-05-21 15:37:25 -05:00
tacatac
79198cad7a Clarify the Vault guide and add Vault ID examples (#55111)
updates docs/docsite/rst/user_guide/vault.rst
* Add reference to single variable vault encryption
* rST ref to jump to the section
* Clarify the two targets of vault encryption, with notes about advantages and drawbacks of each
* Add the default form for --vault-id
* Add Vault ID examples for normal operations

Co-Authored-By: tacatac <taca@kadisius.eu>
2019-04-23 16:36:39 -05:00
Matt Martz
db6cc60352
Migrate command line parsing to argparse (#50610)
* Start of migration to argparse

* various fixes and improvements

* Linting fixes

* Test fixes

* Fix vault_password_files

* Add PrependAction for argparse

* A bunch of additional tweak/fixes

* Fix ansible-config tests

* Fix man page generation

* linting fix

* More adhoc pattern fixes

* Add changelog fragment

* Add support for argcomplete

* Enable argcomplete global completion

* Rename PrependAction to PrependListAction to better describe what it does

* Add documentation for installing and configuring argcomplete

* Address rebase issues

* Fix display encoding for vault

* Fix line length

* Address rebase issues

* Handle rebase issues

* Use mutually exclusive group instead of handling manually

* Fix rebase issues

* Address rebase issue

* Update version added for argcomplete support

* -e must be given a value

* ci_complete
2019-04-23 13:54:39 -05:00
Andrew Greenwood
48c7501768 Add vault version 1.2 details (#50958)
Adding some details on the version 1.2 vault format assists in understanding how labelled vault-id works.

+label: docsite_pr
2019-04-02 12:10:07 -04:00
Derrick Johnson
62d3ed0e2f ACI Private_Key String to Allow for Vaulting (#54251)
* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key

* Fixed Issues auto check found

* Provide helpful information while avoiding credential exposure

* Restore original variable name :-)

* Fix a few other things

* Influence the default certificate_name in both cases

* Update documentation

* Add contributed docs

* Fix CI issue
2019-03-27 17:19:50 +01:00
Richlv
4c1476932e add warnings for the stding usage examples (#51859)
* Add a warning about vault leaving secrets in the shell history.
* Add a warning about accidental newlines in vault encrypted strings.

+label: docsite_pr
2019-03-11 15:52:04 -05:00
Ed Costello
0e467be0f1 Update vault docs for client scripts, multiple keys and misc (#43993)
* Fix and update vault docs, add and clarify examples and options, introduce the concept of labeling a vault for clarity even if only a single password is in use for a given run, rework multi-password section to align to these concepts.

* Document -client scripts for ansible vault.

Co-Authored-By: orthanc <orthanc@users.noreply.github.com>
2019-02-22 14:22:18 -06:00
Keith Maxwell
7fbacf920d Remove misleading statement passwords must be same (#49798)
* Remove misleading statement passwords must be same

Since 2.4 Ansible has supported multiple vault passwords:
<https://docs.ansible.com/ansible/latest/user_guide/vault.html#multiple-vault-passwords>

Meaning lines like the following are misleading:

> The password used with vault currently must be the same for all files you wish
> to use together at the same time.

-- `docs/docsite/rst/user_guide/vault.rst`

To demonstrate this with Ansible 2.7, save the following as `example.yaml`:

```
- name: Display output from two vaults with different passwords
  hosts: localhost
  connection: local
  vars_files: [one.yaml, two.yaml]
  tasks:
    - name: View secret from one.yaml vault
      debug: { var: one }
    - name: View secret from two.yaml vault
      debug: { var: two }
```

Then run the three following commands choosing two different passwords:

```
$ echo 'one: 1' | ansible-vault encrypt --vault-id id1@prompt --output=one.yaml
$ echo 'two: 2' | ansible-vault encrypt --vault-id id2@prompt --output=two.yaml
$ ansible-playbook --vault-id id1@prompt --vault-id id2@prompt example.yaml
```

`ansible-vault` stores an ID in plain text in the vault file.

* Remove note about default in Ansible 2.1

As requested by gundalow in https://github.com/ansible/ansible/pull/49798
2019-02-12 10:47:01 -05:00
Brendan Jurd
ab96bbdef9 Clean up Vault docs in User Guide. (#46188)
* Fix spelling of 'separate' throughout.

* Various cleanups in the User Guide for Vault.

- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.

* Fix formatting

* Update vault.rst
2018-09-28 10:16:58 -04:00
Toshio Kuratomi
9faf7b949e Fix places in docs that refer to modules without namespace
We've namespaced all plugin docs.  Change the docs to reflect that
2018-04-18 08:43:34 -07:00
Matt Lee
75ab070c63 Update vault.rst (#36328)
hunter2 not hunter42. http://bash.org/?244321
2018-02-20 12:11:32 -08:00
scottb
373b1dcf59
Core Docs Refactor and Redesign (#36067)
* Docs refactor as outlined in https://github.com/ansible/proposals/issues/79. Moves content into 'guides'; refactors TOC; fixes CSS; design tweaks to layout and CSS; fixes generated plugin, CLI and module docs to fix links accodingly; more.

* Adding extra blank line for shippable
2018-02-13 07:23:55 -08:00
Renamed from docs/docsite/rst/vault.rst (Browse further)