Fixes password behavior on Vault module.

This patch fixes handling of password and public_key files, parameter validation depending on vault type, usage of `salt` attribute and data retrieval. Tests were updated to reflect the changes. New example playbooks are added: playbooks/vault/vault-is-present-with-password-file.yml playbooks/vault/vault-is-present-with-public-key-file.yml playbooks/vault/retrive-data-asymmetric-vault.yml playbooks/vault/retrive-data-symmetric-vault.yml
2026-05-14 21:42:17 +00:00 · 2020-05-04 20:48:48 -03:00
parent 55e86c924f
commit 59cb7eebd9
18 changed files with 683 additions and 115 deletions
--- a/playbooks/vault/vault-is-present-with-public-key-file.yml
+++ b/playbooks/vault/vault-is-present-with-public-key-file.yml
@@ -0,0 +1,27 @@
+---
+#
+# Example keys for this playbook were generated with the commands:
+#    $ openssl genrsa -out private.pem 2048
+#    $ openssl rsa -in private.pem -pubout > public.pem
+#
+- name: Tests
+  hosts: ipaserver
+  become: true
+  gather_facts: True
+
+  tasks:
+  - copy:
+      src: "{{ playbook_dir }}/public.pem"
+      dest: "{{ ansible_env.HOME }}/public.pem"
+      owner: "{{ ansible_user }}"
+      group: "{{ ansible_user }}"
+      mode: 0600
+  - ipavault:
+      ipaadmin_password: SomeADMINpassword
+      name: asymvault
+      username: admin
+      vault_type: asymmetric
+      vault_public_key_file: "{{ ansible_env.HOME }}/public.pem"
+  - file:
+      path: "{{ ansible_env.HOME }}/public.pem"
+      state: absent