-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from psvmcc/init
init
- Loading branch information
Showing
8 changed files
with
169 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| name: Lint | ||
|
|
||
| on: [push, pull_request] | ||
|
|
||
| jobs: | ||
| lint: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: psf/black@stable | ||
| with: | ||
| options: "--check --verbose" | ||
| src: "./src" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| name: Publish to PyPI.org | ||
| on: | ||
| release: | ||
| types: [published] | ||
| jobs: | ||
| pypi: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - run: python3 -m pip install --upgrade build && python3 -m build | ||
| - name: Publish package | ||
| uses: pypa/gh-action-pypi-publish@release/v1 | ||
| with: | ||
| password: ${{ secrets.PYPI_API_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| dist | ||
| src/ansible_vault_decrypt.egg-info |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,17 @@ | ||
| # ansible-vault-decrypt | ||
| # ansible-vault-decrypt | ||
|
|
||
| ## usage | ||
|
|
||
| ``` | ||
| ansible-vault-decrypt | ||
| positional arguments: | ||
| encrypted_file Path to file to decrypt | ||
| options: | ||
| -h, --help show this help message and exit | ||
| -v, --version | ||
| -d debug mode output | ||
| --vault-password-file VAULT_PASSWORD_FILE | ||
| vault password file | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| [build-system] | ||
| requires = ["setuptools>=45", "setuptools_scm[toml]>=6.2"] | ||
| build-backend = "setuptools.build_meta" | ||
|
|
||
| [tool.setuptools_scm] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| [metadata] | ||
| name = ansible-vault-decrypt | ||
| description = Ansible Vault Decrypt app. | ||
| long_description_content_type = text/markdown | ||
| url = https://github.com/psvmcc/ansible-vault-decrypt | ||
| project_urls = | ||
| Bug Tracker = https://github.com/psvmcc/ansible-vault-decrypt/issues | ||
| Changelog = https://github.com/psvmcc/ansible-vault-decrypt/releases | ||
| classifiers = | ||
| Programming Language :: Python :: 3 | ||
| License :: OSI Approved :: MIT License | ||
| Intended Audience :: Developers | ||
|
|
||
| [options] | ||
| package_dir = | ||
| = src | ||
| packages = find: | ||
| python_requires = >=3.6 | ||
| install_requires = | ||
| ansible-core | ||
|
|
||
| [options.packages.find] | ||
| where = src | ||
|
|
||
| [options.entry_points] | ||
| console_scripts = | ||
| ansible-vault-decrypt = ansible_vault_decrypt.app:entry_point |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| #!/usr/bin/env python3 | ||
|
|
||
| from ansible.parsing.utils.yaml import from_yaml | ||
| from ansible.parsing.vault import VaultSecret | ||
|
|
||
| import argparse | ||
| import os | ||
| from getpass import getpass | ||
| from importlib.metadata import version | ||
|
|
||
|
|
||
| parser = argparse.ArgumentParser(description="ansible-vault-decrypt", add_help=False) | ||
| parser.add_argument( | ||
| "-h", "--help", action="help", help="show this help message and exit" | ||
| ) | ||
| parser.add_argument("-v", "--version", action="store_true") | ||
| parser.add_argument( | ||
| "-d", | ||
| dest="debug", | ||
| help="debug mode output", | ||
| action=argparse.BooleanOptionalAction, | ||
| ) | ||
| parser.add_argument( | ||
| "--vault-password-file", | ||
| dest="vault_password_file", | ||
| help="vault password file", | ||
| default=os.environ.get("ANSIBLE_VAULT_PASSWORD_FILE"), | ||
| ) | ||
| parser.add_argument("encrypted_file", type=str, help="Path to file to decrypt") | ||
|
|
||
| args = parser.parse_args() | ||
|
|
||
|
|
||
| def dict_to_yaml(input_dict, indent=0): | ||
| result = "" | ||
| for key, value in input_dict.items(): | ||
| if isinstance(value, dict): | ||
| result += " " * indent + f"{key}:\n" | ||
| result += dict_to_yaml(value, indent + 2) | ||
| else: | ||
| result += " " * indent + f"{key}: {value}\n" | ||
| return result | ||
|
|
||
|
|
||
| def read_file(file_path): | ||
| try: | ||
| with open(file_path, "r") as file: | ||
| file = file.read() | ||
| return file | ||
| except FileNotFoundError: | ||
| print(f"File not found: {file_path}") | ||
| exit(1) | ||
| except Exception as e: | ||
| print(f"Error reading file: {e}") | ||
| exit(1) | ||
|
|
||
|
|
||
| def main(vault_secret): | ||
| if args.debug: | ||
| print(":: [DEBUG] Vault password: %s" % vault_secret) | ||
| data = read_file(args.encrypted_file) | ||
| output = "" | ||
| try: | ||
| unencrypted = from_yaml( | ||
| data, vault_secrets=[("default", VaultSecret(vault_secret.encode("utf-8")))] | ||
| ) | ||
| output = dict_to_yaml(unencrypted) | ||
| except Exception as e: | ||
| print(":: [ERROR] Decryption failure...") | ||
| if args.debug: | ||
| print(e) | ||
| exit(1) | ||
| print(output) | ||
|
|
||
|
|
||
| if __name__ == "__main__": | ||
| if args.version: | ||
| print(version("ansible-vault-decrypt")) | ||
| exit(0) | ||
| if not args.vault_password_file: | ||
| vault_secret = getpass() | ||
| else: | ||
| vault_secret = read_file(args.vault_password_file).replace("\n", "") | ||
| try: | ||
| main(vault_secret) | ||
| except KeyboardInterrupt: | ||
| print("Interrupted") | ||
| exit(130) |