Add TTY check and argument to disable it (#50603)

6 years ago · dc4e247418
parent 4e8b240b8b
commit dc4e247418
1 changed files with 6 additions and 1 deletions
--- a/lib/ansible/cli/vault.py
+++ b/lib/ansible/cli/vault.py
@ -76,6 +76,7 @@ class VaultCLI(CLI):
        create_parser = subparsers.add_parser('create', help='Create new vault encrypted file', parents=[vault_id, common])
        create_parser.set_defaults(func=self.execute_create)
        create_parser.add_argument('args', help='Filename', metavar='file_name', nargs='*')
+        create_parser.add_argument('-n','--no-check',default=False, help='skip TTY check', dest='no_check', action='store_true')

        decrypt_parser = subparsers.add_parser('decrypt', help='Decrypt vault encrypted file', parents=[output, common])
        decrypt_parser.set_defaults(func=self.execute_decrypt)
@ -427,8 +428,11 @@ class VaultCLI(CLI):
        if len(context.CLIARGS['args']) > 1:
            raise AnsibleOptionsError("ansible-vault create can take only one filename argument")

-        self.editor.create_file(context.CLIARGS['args'][0], self.encrypt_secret,
+        if sys.stdout.isatty() or context.CLIARGS['no_check']:
+            self.editor.create_file(context.CLIARGS['args'][0], self.encrypt_secret,
                                vault_id=self.encrypt_vault_id)
+        else:
+            raise AnsibleOptionsError("not a tty, editor cannot be opened")

    def execute_edit(self):
        ''' open and decrypt an existing vaulted file in an editor, that will be encrypted again when closed'''
@ -455,3 +459,4 @@ class VaultCLI(CLI):
                                   self.new_encrypt_vault_id)

        display.display("Rekey successful", stderr=True)
+