def main(): config = ConfigManager() username = get_ini_config_value( config._parsers[config._config_file], dict(section='vault', key='username') ) or getpass.getuser() keyname = get_ini_config_value( config._parsers[config._config_file], dict(section='vault', key='keyname') ) or 'ansible' if len(sys.argv) == 2 and sys.argv[1] == 'set': intro = 'Storing password in "{}" user keyring using key name: {}\n' sys.stdout.write(intro.format(username, keyname)) password = getpass.getpass() confirm = getpass.getpass('Confirm password: '******'Passwords do not match\n') sys.exit(1) else: sys.stdout.write('{0}\n'.format(keyring.get_password(keyname, username))) sys.exit(0)
def main(): config = ConfigManager() username = get_ini_config_value( config._parser, dict(section='vault', key='username') ) or getpass.getuser() keyname = get_ini_config_value( config._parser, dict(section='vault', key='keyname') ) or 'ansible' if len(sys.argv) == 2 and sys.argv[1] == 'set': intro = 'Storing password in "{}" user keyring using key name: {}\n' sys.stdout.write(intro.format(username, keyname)) password = getpass.getpass() confirm = getpass.getpass('Confirm password: '******'Passwords do not match\n') sys.exit(1) else: sys.stdout.write('{0}\n'.format(keyring.get_password(keyname, username))) sys.exit(0)
def get_config(parser, section, key, env_var, default_value, value_type=None, expand_relative_paths=False): ''' kept for backwarsd compatibility, but deprecated ''' _deprecated( 'ansible.constants.get_config() is deprecated. There is new config API, see porting docs.' ) value = None # small reconstruction of the old code env/ini/default value = os.environ.get(env_var, None) if value is None: try: value = get_ini_config_value(parser, { 'key': key, 'section': section }) except: pass if value is None: value = default_value value = ensure_type(value, value_type) return value
def get_config(parser, section, key, env_var, default_value, value_type=None, expand_relative_paths=False): ''' kept for backwarsd compatibility, but deprecated ''' _deprecated('ansible.constants.get_config() is deprecated. There is new config API, see porting docs.') value = None # small reconstruction of the old code env/ini/default value = os.environ.get(env_var, None) if value is None: try: value = get_ini_config_value(parser, {'key': key, 'section': section}) except: pass if value is None: value = default_value value = ensure_type(value, value_type) return value
import binascii from ansible import errors from ansible.config.manager import ConfigManager, get_ini_config_value from cryptography.fernet import Fernet, InvalidToken from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC # Section in config file CONFIG_SECTION = 'vault_filter' # Read config values config_manager = ConfigManager() config_parser = config_manager._parsers.values()[0] VAULT_FILTER_KEY = get_ini_config_value( config_parser, dict(section=CONFIG_SECTION, key='key')) or 'vault.key' VAULT_FILTER_SALT = get_ini_config_value( config_parser, dict(section=CONFIG_SECTION, key='salt')) or None VAULT_FILTER_ITERATIONS = get_ini_config_value( config_parser, dict(section=CONFIG_SECTION, key='iterations')) or 1000000 VAULT_FILTER_GENERATE_KEY = get_ini_config_value( config_parser, dict(section=CONFIG_SECTION, key='generate_key')) or False DEFAULT_VAULT_PASSWORD_FILE = config_manager.data.get_setting( 'DEFAULT_VAULT_PASSWORD_FILE').value # Read environment variables VAULT_FILTER_KEY = os.getenv('VAULT_FILTER_KEY', VAULT_FILTER_KEY) VAULT_FILTER_SALT = os.getenv('VAULT_FILTER_SALT', VAULT_FILTER_SALT) VAULT_FILTER_ITERATIONS = os.getenv('VAULT_FILTER_ITERATIONS', VAULT_FILTER_ITERATIONS) VAULT_FILTER_GENERATE_KEY = os.getenv('VAULT_FILTER_GENERATE_KEY',
import binascii from ansible import errors from ansible.config.manager import ConfigManager, get_ini_config_value from cryptography.fernet import Fernet, InvalidToken from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC # Section in config file CONFIG_SECTION = 'vault_filter' # Read config values config_manager = ConfigManager() config_parser = config_manager._parsers.values()[0] VAULT_FILTER_KEY = get_ini_config_value(config_parser, dict(section=CONFIG_SECTION, key='key')) or 'vault.key' VAULT_FILTER_SALT = get_ini_config_value(config_parser, dict(section=CONFIG_SECTION, key='salt')) or None VAULT_FILTER_ITERATIONS = get_ini_config_value(config_parser, dict(section=CONFIG_SECTION, key='iterations')) or 1000000 VAULT_FILTER_GENERATE_KEY = get_ini_config_value(config_parser, dict(section=CONFIG_SECTION, key='generate_key')) or False DEFAULT_VAULT_PASSWORD_FILE = config_manager.data.get_setting('DEFAULT_VAULT_PASSWORD_FILE').value # Read environment variables VAULT_FILTER_KEY = os.getenv('VAULT_FILTER_KEY', VAULT_FILTER_KEY) VAULT_FILTER_SALT = os.getenv('VAULT_FILTER_SALT', VAULT_FILTER_SALT) VAULT_FILTER_ITERATIONS = os.getenv('VAULT_FILTER_ITERATIONS', VAULT_FILTER_ITERATIONS) VAULT_FILTER_GENERATE_KEY = os.getenv('VAULT_FILTER_GENERATE_KEY', VAULT_FILTER_GENERATE_KEY) VAULT_FILTER_KEY = os.path.abspath(VAULT_FILTER_KEY) verbose = True def vault(cipher):