From dc4e247418ede86d6b6eddda9d04acf4973885e6 Mon Sep 17 00:00:00 2001 From: Landson Date: Mon, 16 Mar 2020 14:51:22 -0400 Subject: [PATCH] Add TTY check and argument to disable it (#50603) --- lib/ansible/cli/vault.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/ansible/cli/vault.py b/lib/ansible/cli/vault.py index 6ea330ab4ef..16012e2ded7 100644 --- a/lib/ansible/cli/vault.py +++ b/lib/ansible/cli/vault.py @@ -76,6 +76,7 @@ class VaultCLI(CLI): create_parser = subparsers.add_parser('create', help='Create new vault encrypted file', parents=[vault_id, common]) create_parser.set_defaults(func=self.execute_create) create_parser.add_argument('args', help='Filename', metavar='file_name', nargs='*') + create_parser.add_argument('-n','--no-check',default=False, help='skip TTY check', dest='no_check', action='store_true') decrypt_parser = subparsers.add_parser('decrypt', help='Decrypt vault encrypted file', parents=[output, common]) decrypt_parser.set_defaults(func=self.execute_decrypt) @@ -427,8 +428,11 @@ class VaultCLI(CLI): if len(context.CLIARGS['args']) > 1: raise AnsibleOptionsError("ansible-vault create can take only one filename argument") - self.editor.create_file(context.CLIARGS['args'][0], self.encrypt_secret, + if sys.stdout.isatty() or context.CLIARGS['no_check']: + self.editor.create_file(context.CLIARGS['args'][0], self.encrypt_secret, vault_id=self.encrypt_vault_id) + else: + raise AnsibleOptionsError("not a tty, editor cannot be opened") def execute_edit(self): ''' open and decrypt an existing vaulted file in an editor, that will be encrypted again when closed''' @@ -455,3 +459,4 @@ class VaultCLI(CLI): self.new_encrypt_vault_id) display.display("Rekey successful", stderr=True) +