diff options
author | Adrian Likins <alikins@redhat.com> | 2017-09-20 10:31:36 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-20 10:31:36 -0400 |
commit | 174cb1f33cdac126adc11dea81043914e8b127e0 (patch) | |
tree | 026b0545754341407b8d64034f1f504142289d8e /lib/ansible/cli/vault.py | |
parent | 18582295e315e5648dcc947baa14db28da6bbc8c (diff) | |
download | ansible-174cb1f33cdac126adc11dea81043914e8b127e0.tar.gz |
Check number of vault secrets after setup. (#30520)
This is to catch vault secrets from config and
cli. Previously vault_password_file in config was
missed since it was added by setup_vault_secrets,
so check after setup_vault_secrets.
Diffstat (limited to 'lib/ansible/cli/vault.py')
-rw-r--r-- | lib/ansible/cli/vault.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/ansible/cli/vault.py b/lib/ansible/cli/vault.py index 762ba82b98..29b5404974 100644 --- a/lib/ansible/cli/vault.py +++ b/lib/ansible/cli/vault.py @@ -184,6 +184,10 @@ class VaultCLI(CLI): vault_password_files=self.options.vault_password_files, ask_vault_pass=self.options.ask_vault_pass, create_new_password=True) + + if len(vault_secrets) > 1: + raise AnsibleOptionsError("Only one --vault-id can be used for encryption. This includes passwords from configuration and cli.") + if not vault_secrets: raise AnsibleOptionsError("A vault password is required to use Ansible's Vault") |