Add a encode() to AnsibleVaultEncryptedUnicode (#19840)

* Add a encode() to AnsibleVaultEncryptedUnicode

Without it, calling encode() on it results in a bytestring
of the encrypted !vault-encrypted string.

ssh connection plugin triggers this if ansible_password
is from a var using !vault-encrypted. That path ends up
calling .encode() instead of using the __str__.

Fixes #19795

* Fix str.encode() errors on py2.6

py2.6 str.encode() does not take keyword arguments.

2 files changed, 12 insertions, 0 deletions

diff --git a/lib/ansible/parsing/yaml/objects.py b/lib/ansible/parsing/yaml/objects.py
index ea0b274c3d..23a5547f7e 100644
--- a/lib/ansible/parsing/yaml/objects.py
+++ b/lib/ansible/parsing/yaml/objects.py
@@ -132,3 +132,6 @@ class AnsibleVaultEncryptedUnicode(yaml.YAMLObject, AnsibleUnicode):
 
     def __unicode__(self):
         return unicode(self.data)
+
+    def encode(self, encoding=None, errors=None):
+        return self.data.encode(encoding, errors)
diff --git a/test/units/parsing/yaml/test_objects.py b/test/units/parsing/yaml/test_objects.py
index a7af0a19bc..3ef72a3b44 100644
--- a/test/units/parsing/yaml/test_objects.py
+++ b/test/units/parsing/yaml/test_objects.py
@@ -121,6 +121,15 @@ class TestAnsibleVaultEncryptedUnicode(unittest.TestCase, YamlTestUtils):
         avu = self._from_plaintext(seq)
         self.assert_values(avu,seq)
 
+    def test_unicode_from_plaintext_encode(self):
+        seq = u'some text here'
+        avu = self._from_plaintext(seq)
+        b_avu = avu.encode('utf-8', 'strict')
+        self.assertIsInstance(avu, objects.AnsibleVaultEncryptedUnicode)
+        self.assertEquals(b_avu, seq.encode('utf-8', 'strict'))
+        self.assertTrue(avu.vault is self.vault)
+        self.assertIsInstance(avu.vault, vault.VaultLib)
+
     # TODO/FIXME: make sure bad password fails differently than 'thats not encrypted'
     def test_empty_string_wrong_password(self):
         seq = ''