summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAbhijeet Kasurde <akasurde@redhat.com>2019-02-12 16:13:51 +0530
committerGitHub <noreply@github.com>2019-02-12 16:13:51 +0530
commit5c992fcc3f911d52c9c5512c178bc27e0236e30f (patch)
treecd03d0c9565ba5cf4be1d3cc0b6c0edad1b80e95
parent6afa00eecd29c0937a2677f25a1aef8645539d37 (diff)
downloadansible-5c992fcc3f911d52c9c5512c178bc27e0236e30f.tar.gz
ansible-vault: handle utf-8 filename in vault (#50341)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Diffstat
-rw-r--r--changelogs/fragments/50316-ansible-vault_utf-8_in_vault_filename.yaml3
-rw-r--r--lib/ansible/parsing/vault/__init__.py2
-rwxr-xr-xtest/integration/targets/vault/runme.sh8
-rw-r--r--test/integration/targets/vault/test_utf8_value_in_filename.yml16
-rw-r--r--test/integration/targets/vault/vault-café.yml6
5 files changed, 33 insertions, 2 deletions
diff --git a/changelogs/fragments/50316-ansible-vault_utf-8_in_vault_filename.yaml b/changelogs/fragments/50316-ansible-vault_utf-8_in_vault_filename.yaml
new file mode 100644
index 0000000000..b69a6ef9f1
--- /dev/null
+++ b/changelogs/fragments/50316-ansible-vault_utf-8_in_vault_filename.yaml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+ - Handle vault filename with UTF-8 while decrypting vault file using ansible-vault.
diff --git a/lib/ansible/parsing/vault/__init__.py b/lib/ansible/parsing/vault/__init__.py
index 8aca1cf217..f4057f896e 100644
--- a/lib/ansible/parsing/vault/__init__.py
+++ b/lib/ansible/parsing/vault/__init__.py
@@ -737,7 +737,7 @@ class VaultLib:
file_slug = ''
if filename:
file_slug = ' of "%s"' % filename
- display.vvvvv('Decrypt%s successful with secret=%s and vault_id=%s' % (to_text(file_slug), vault_secret, vault_secret_id))
+ display.vvvvv(u'Decrypt%s successful with secret=%s and vault_id=%s' % (to_text(file_slug), vault_secret, vault_secret_id))
break
except AnsibleVaultFormatError as exc:
msg = "There was a vault format error"
diff --git a/test/integration/targets/vault/runme.sh b/test/integration/targets/vault/runme.sh
index 1dee54a9e5..56a327a523 100755
--- a/test/integration/targets/vault/runme.sh
+++ b/test/integration/targets/vault/runme.sh
@@ -35,7 +35,7 @@ echo "This is a test file for edit3" > "${TEST_FILE_EDIT3}"
# ansible-config view
ansible-config view
-# ansisle-config
+# ansible-config
ansible-config dump --only-changed
ansible-vault encrypt "$@" --vault-id vault-password "${TEST_FILE_EDIT3}"
# EDITOR=./faux-editor.py ansible-vault edit "$@" "${TEST_FILE_EDIT3}"
@@ -266,6 +266,9 @@ echo "rc was $WRONG_RC (2 is expected)"
ansible-vault view "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" "${TEST_FILE}"
+# view file with unicode in filename
+ansible-vault view "$@" --vault-password-file vault-password vault-café.yml
+
# view with old password file and new password file
ansible-vault view "$@" --vault-password-file "${NEW_VAULT_PASSWORD}" --vault-password-file vault-password "${TEST_FILE}"
@@ -487,3 +490,6 @@ ansible-playbook "$@" -i invalid_format/inventory --vault-id invalid_format/vaul
EXPECTED_ERROR='Vault format unhexlify error: Odd-length string'
ansible-playbook "$@" -i invalid_format/inventory --vault-id invalid_format/vault-secret invalid_format/broken-group-vars-tasks.yml 2>&1 | grep "${EXPECTED_ERROR}"
+
+# Run playbook with vault file with unicode in filename (https://github.com/ansible/ansible/issues/50316)
+ansible-playbook -i ../../inventory -v "$@" --vault-password-file vault-password test_utf8_value_in_filename.yml
diff --git a/test/integration/targets/vault/test_utf8_value_in_filename.yml b/test/integration/targets/vault/test_utf8_value_in_filename.yml
new file mode 100644
index 0000000000..9bd394dc1b
--- /dev/null
+++ b/test/integration/targets/vault/test_utf8_value_in_filename.yml
@@ -0,0 +1,16 @@
+- name: "Test that the vaulted file with UTF-8 in filename decrypts correctly"
+ gather_facts: false
+ hosts: testhost
+ vars:
+ expected: "my_secret"
+ vars_files:
+ - vault-café.yml
+ tasks:
+ - name: decrypt vaulted file with utf8 in filename and show it in debug
+ debug:
+ var: vault_string
+
+ - name: assert decrypted value matches expected
+ assert:
+ that:
+ - "vault_string == expected"
diff --git a/test/integration/targets/vault/vault-café.yml b/test/integration/targets/vault/vault-café.yml
new file mode 100644
index 0000000000..0d179aecad
--- /dev/null
+++ b/test/integration/targets/vault/vault-café.yml
@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+63363732353363646661643038636339343263303161346533393636336562336465396265373834
+6366313833613236356666646532613636303532366231340a316238666435306332656662613731
+31623433613434633539333564613564656439343661363831336364376266653462366161383038
+6530386533363933350a336631653833666663643166303932653261323431623333356539666265
+37316464303231366163333430346537353631376538393939646362313337363866
View Lorry Controller Status