Commit Graph

9 Commits (0acef98dc4425dd5f3f981aac52186d0da1a837a)

Author SHA1 Message Date
Andrew Greenwood 48c7501768 Add vault version 1.2 details (#50958)
Adding some details on the version 1.2 vault format assists in understanding how labelled vault-id works.

+label: docsite_pr
6 years ago
Derrick Johnson 62d3ed0e2f ACI Private_Key String to Allow for Vaulting (#54251)
* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key

* Fixed Issues auto check found

* Provide helpful information while avoiding credential exposure

* Restore original variable name :-)

* Fix a few other things

* Influence the default certificate_name in both cases

* Update documentation

* Add contributed docs

* Fix CI issue
6 years ago
Richlv 4c1476932e add warnings for the stding usage examples (#51859)
* Add a warning about vault leaving secrets in the shell history.
* Add a warning about accidental newlines in vault encrypted strings.

+label: docsite_pr
6 years ago
Ed Costello 0e467be0f1 Update vault docs for client scripts, multiple keys and misc (#43993)
* Fix and update vault docs, add and clarify examples and options, introduce the concept of labeling a vault for clarity even if only a single password is in use for a given run, rework multi-password section to align to these concepts.

* Document -client scripts for ansible vault.

Co-Authored-By: orthanc <orthanc@users.noreply.github.com>
6 years ago
Keith Maxwell 7fbacf920d Remove misleading statement passwords must be same (#49798)
* Remove misleading statement passwords must be same

Since 2.4 Ansible has supported multiple vault passwords:
<https://docs.ansible.com/ansible/latest/user_guide/vault.html#multiple-vault-passwords>

Meaning lines like the following are misleading:

> The password used with vault currently must be the same for all files you wish
> to use together at the same time.

-- `docs/docsite/rst/user_guide/vault.rst`

To demonstrate this with Ansible 2.7, save the following as `example.yaml`:

```
- name: Display output from two vaults with different passwords
  hosts: localhost
  connection: local
  vars_files: [one.yaml, two.yaml]
  tasks:
    - name: View secret from one.yaml vault
      debug: { var: one }
    - name: View secret from two.yaml vault
      debug: { var: two }
```

Then run the three following commands choosing two different passwords:

```
$ echo 'one: 1' | ansible-vault encrypt --vault-id id1@prompt --output=one.yaml
$ echo 'two: 2' | ansible-vault encrypt --vault-id id2@prompt --output=two.yaml
$ ansible-playbook --vault-id id1@prompt --vault-id id2@prompt example.yaml
```

`ansible-vault` stores an ID in plain text in the vault file.

* Remove note about default in Ansible 2.1

As requested by gundalow in https://github.com/ansible/ansible/pull/49798
6 years ago
Brendan Jurd ab96bbdef9 Clean up Vault docs in User Guide. (#46188)
* Fix spelling of 'separate' throughout.

* Various cleanups in the User Guide for Vault.

- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.

* Fix formatting

* Update vault.rst
6 years ago
Toshio Kuratomi 9faf7b949e Fix places in docs that refer to modules without namespace
We've namespaced all plugin docs.  Change the docs to reflect that
7 years ago
Matt Lee 75ab070c63 Update vault.rst (#36328)
hunter2 not hunter42. http://bash.org/?244321
7 years ago
scottb 373b1dcf59
Core Docs Refactor and Redesign (#36067)
* Docs refactor as outlined in https://github.com/ansible/proposals/issues/79. Moves content into 'guides'; refactors TOC; fixes CSS; design tweaks to layout and CSS; fixes generated plugin, CLI and module docs to fix links accodingly; more.

* Adding extra blank line for shippable
7 years ago