From 3fc87e011b44db815204d11337526de580f2aa83 Mon Sep 17 00:00:00 2001
From: James Tanner <tanner.jc@gmail.com>
Date: Wed, 19 Feb 2014 11:01:21 -0500
Subject: [PATCH] Fix all other calls to yaml

---
 lib/ansible/playbook/play.py                     | 16 ++++++++--------
 .../runner/action_plugins/include_vars.py        |  2 +-
 lib/ansible/utils/vault.py                       |  1 +
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/lib/ansible/playbook/play.py b/lib/ansible/playbook/play.py
index d431ad48e5c..1e1e52dd133 100644
--- a/lib/ansible/playbook/play.py
+++ b/lib/ansible/playbook/play.py
@@ -200,7 +200,7 @@ class Play(object):
             vars = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(role_path, 'vars')))
             vars_data = {}
             if os.path.isfile(vars):
-                vars_data = utils.parse_yaml_from_file(vars)
+                vars_data = utils.parse_yaml_from_file(vars, vault_password=self.vault_password)
                 if vars_data:
                     if not isinstance(vars_data, dict):
                         raise errors.AnsibleError("vars from '%s' are not a dict" % vars)
@@ -208,12 +208,12 @@ class Play(object):
             defaults = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(role_path, 'defaults')))
             defaults_data = {}
             if os.path.isfile(defaults):
-                defaults_data = utils.parse_yaml_from_file(defaults)
+                defaults_data = utils.parse_yaml_from_file(defaults, vault_password=self.vault_password)
             # the meta directory contains the yaml that should
             # hold the list of dependencies (if any)
             meta = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(role_path, 'meta')))
             if os.path.isfile(meta):
-                data = utils.parse_yaml_from_file(meta)
+                data = utils.parse_yaml_from_file(meta, vault_password=self.vault_password)
                 if data:
                     dependencies = data.get('dependencies',[])
                     if dependencies is None:
@@ -223,7 +223,7 @@ class Play(object):
                         (dep_path,dep_vars) = self._get_role_path(dep)
                         meta = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(dep_path, 'meta')))
                         if os.path.isfile(meta):
-                            meta_data = utils.parse_yaml_from_file(meta)
+                            meta_data = utils.parse_yaml_from_file(meta, vault_password=self.vault_password)
                             if meta_data:
                                 allow_dupes = utils.boolean(meta_data.get('allow_duplicates',''))
 
@@ -244,13 +244,13 @@ class Play(object):
                         vars = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(dep_path, 'vars')))
                         vars_data = {}
                         if os.path.isfile(vars):
-                            vars_data = utils.parse_yaml_from_file(vars)
+                            vars_data = utils.parse_yaml_from_file(vars, vault_password=self.vault_password)
                             if vars_data:
                                 dep_vars = utils.combine_vars(vars_data, dep_vars)
                         defaults = self._resolve_main(utils.path_dwim(self.basedir, os.path.join(dep_path, 'defaults')))
                         dep_defaults_data = {}
                         if os.path.isfile(defaults):
-                            dep_defaults_data = utils.parse_yaml_from_file(defaults)
+                            dep_defaults_data = utils.parse_yaml_from_file(defaults, vault_password=self.vault_password)
                         if 'role' in dep_vars:
                             del dep_vars['role']
 
@@ -305,7 +305,7 @@ class Play(object):
         default_vars = {}
         for filename in defaults_files:
             if os.path.exists(filename):
-                new_default_vars = utils.parse_yaml_from_file(filename)
+                new_default_vars = utils.parse_yaml_from_file(filename, vault_password=self.vault_password)
                 if new_default_vars:
                     if type(new_default_vars) != dict:
                         raise errors.AnsibleError("%s must be stored as dictionary/hash: %s" % (filename, type(new_default_vars)))
@@ -718,7 +718,7 @@ class Play(object):
                     sequence.append(filename4)
                     if os.path.exists(filename4):
                         found = True
-                        data = utils.parse_yaml_from_file(filename4)
+                        data = utils.parse_yaml_from_file(filename4, vault_password=self.vault_password)
                         if type(data) != dict:
                             raise errors.AnsibleError("%s must be stored as a dictionary/hash" % filename4)
                         if host is not None:
diff --git a/lib/ansible/runner/action_plugins/include_vars.py b/lib/ansible/runner/action_plugins/include_vars.py
index 6bae4e30065..6c5adac3ee1 100644
--- a/lib/ansible/runner/action_plugins/include_vars.py
+++ b/lib/ansible/runner/action_plugins/include_vars.py
@@ -43,7 +43,7 @@ class ActionModule(object):
             source = utils.path_dwim(self.runner.basedir, source)
 
         if os.path.exists(source):
-            data = utils.parse_yaml_from_file(source)
+            data = utils.parse_yaml_from_file(source, vault_password=self.runner.vault_pass)
             if type(data) != dict:
                 raise errors.AnsibleError("%s must be stored as a dictionary/hash" % source)
             result = dict(ansible_facts=data)
diff --git a/lib/ansible/utils/vault.py b/lib/ansible/utils/vault.py
index b41d0c39886..e8a59e4cf40 100644
--- a/lib/ansible/utils/vault.py
+++ b/lib/ansible/utils/vault.py
@@ -70,6 +70,7 @@ def decrypt(filename, password):
     '''
 
     if password is None:
+        import epdb; epdb.st()
         raise errors.AnsibleError("A vault password must be specified to decrypt %s" % filename)
 
     V = Vault(filename=filename, vault_password=password)