Commit Graph

11 Commits (93f011295325bbb2a8607eea2d537ec6afaa6fd4)

Author SHA1 Message Date
tacatac 79198cad7a Clarify the Vault guide and add Vault ID examples (#55111)
updates docs/docsite/rst/user_guide/vault.rst
* Add reference to single variable vault encryption
* rST ref to jump to the section
* Clarify the two targets of vault encryption, with notes about advantages and drawbacks of each
* Add the default form for --vault-id
* Add Vault ID examples for normal operations

Co-Authored-By: tacatac <taca@kadisius.eu>
6 years ago
Matt Martz db6cc60352
Migrate command line parsing to argparse (#50610)
* Start of migration to argparse

* various fixes and improvements

* Linting fixes

* Test fixes

* Fix vault_password_files

* Add PrependAction for argparse

* A bunch of additional tweak/fixes

* Fix ansible-config tests

* Fix man page generation

* linting fix

* More adhoc pattern fixes

* Add changelog fragment

* Add support for argcomplete

* Enable argcomplete global completion

* Rename PrependAction to PrependListAction to better describe what it does

* Add documentation for installing and configuring argcomplete

* Address rebase issues

* Fix display encoding for vault

* Fix line length

* Address rebase issues

* Handle rebase issues

* Use mutually exclusive group instead of handling manually

* Fix rebase issues

* Address rebase issue

* Update version added for argcomplete support

* -e must be given a value

* ci_complete
6 years ago
Andrew Greenwood 48c7501768 Add vault version 1.2 details (#50958)
Adding some details on the version 1.2 vault format assists in understanding how labelled vault-id works.

+label: docsite_pr
6 years ago
Derrick Johnson 62d3ed0e2f ACI Private_Key String to Allow for Vaulting (#54251)
* Allows the use of Private_Keys to be entered as a string instead of just a file. Making it possible to use VAULT to encrypt the key

* Fixed Issues auto check found

* Provide helpful information while avoiding credential exposure

* Restore original variable name :-)

* Fix a few other things

* Influence the default certificate_name in both cases

* Update documentation

* Add contributed docs

* Fix CI issue
6 years ago
Richlv 4c1476932e add warnings for the stding usage examples (#51859)
* Add a warning about vault leaving secrets in the shell history.
* Add a warning about accidental newlines in vault encrypted strings.

+label: docsite_pr
6 years ago
Ed Costello 0e467be0f1 Update vault docs for client scripts, multiple keys and misc (#43993)
* Fix and update vault docs, add and clarify examples and options, introduce the concept of labeling a vault for clarity even if only a single password is in use for a given run, rework multi-password section to align to these concepts.

* Document -client scripts for ansible vault.

Co-Authored-By: orthanc <orthanc@users.noreply.github.com>
6 years ago
Keith Maxwell 7fbacf920d Remove misleading statement passwords must be same (#49798)
* Remove misleading statement passwords must be same

Since 2.4 Ansible has supported multiple vault passwords:
<https://docs.ansible.com/ansible/latest/user_guide/vault.html#multiple-vault-passwords>

Meaning lines like the following are misleading:

> The password used with vault currently must be the same for all files you wish
> to use together at the same time.

-- `docs/docsite/rst/user_guide/vault.rst`

To demonstrate this with Ansible 2.7, save the following as `example.yaml`:

```
- name: Display output from two vaults with different passwords
  hosts: localhost
  connection: local
  vars_files: [one.yaml, two.yaml]
  tasks:
    - name: View secret from one.yaml vault
      debug: { var: one }
    - name: View secret from two.yaml vault
      debug: { var: two }
```

Then run the three following commands choosing two different passwords:

```
$ echo 'one: 1' | ansible-vault encrypt --vault-id id1@prompt --output=one.yaml
$ echo 'two: 2' | ansible-vault encrypt --vault-id id2@prompt --output=two.yaml
$ ansible-playbook --vault-id id1@prompt --vault-id id2@prompt example.yaml
```

`ansible-vault` stores an ID in plain text in the vault file.

* Remove note about default in Ansible 2.1

As requested by gundalow in https://github.com/ansible/ansible/pull/49798
6 years ago
Brendan Jurd ab96bbdef9 Clean up Vault docs in User Guide. (#46188)
* Fix spelling of 'separate' throughout.

* Various cleanups in the User Guide for Vault.

- Fix spelling of 'algorithm'
- Fix indentation of nested list in payload format
- Fix mysterious refernce to 'b_pkey1'.
- Fix reference to newline as '\n': the backslash is lost when rendered
to the docs website. Specify the hex value for newline instead of the
backslash escape.

* Fix formatting

* Update vault.rst
6 years ago
Toshio Kuratomi 9faf7b949e Fix places in docs that refer to modules without namespace
We've namespaced all plugin docs.  Change the docs to reflect that
7 years ago
Matt Lee 75ab070c63 Update vault.rst (#36328)
hunter2 not hunter42. http://bash.org/?244321
7 years ago
scottb 373b1dcf59
Core Docs Refactor and Redesign (#36067)
* Docs refactor as outlined in https://github.com/ansible/proposals/issues/79. Moves content into 'guides'; refactors TOC; fixes CSS; design tweaks to layout and CSS; fixes generated plugin, CLI and module docs to fix links accodingly; more.

* Adding extra blank line for shippable
7 years ago