Skip to content
/ python-ansible-vault-rotate Public

Advanced Python CLI to rotate the secret used for ansible vault inline secrets and files in a project

pypi.org/project/ansible-vault-rotate/

License

MIT license
21 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

trustedshops-public/python-ansible-vault-rotate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

71 Commits

.circleci

.circleci

 
 

.github

.github

 
 

.idea

.idea

 
 

ansible_vault_rotate

ansible_vault_rotate

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

.releaserc.json

.releaserc.json

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

codecov.yml

codecov.yml

 
 

poetry.lock

poetry.lock

 
 

pyproject.toml

pyproject.toml

 
 

renovate.json

renovate.json

 
 

Repository files navigation

python-ansible-vault-rotate

GitHub License pre-commit CircleCI PyPI version codecov Quality Gate Status Maintainability Rating Security Rating

Advanced Python CLI to rotate the secret used for ansible vault inline secrets and files in a project

Features

  • Reencrypt vault files
  • Reencrypt inline vaulted secrets

Installation

It is strongly recommended to use pipx instead of pip if possible:

pipx install ansible-vault-rotate

Otherwise you can also use plain pip, but be warned that this might collide with your ansible installation globally!

pip install ansible-vault-rotate

Usage

Rekey given vault secret with new secret specified on CLI

ansible-vault-rotate --old-vault-secret-source file://my-vault-password \
                     --new-vault-secret-source my-new-secret \
                     --update-source-secret

Rekey only specific files (e.g. when using multiple keys per stage)

ansible-vault-rotate --old-vault-secret-source file://my-vault-password-<stage> \
                     --new-vault-secret-source my-new-secret \
                     --file-glob-pattern group_vars/<stage>/*.yml \
                     --update-source-secret

Getting help about all args

ansible-vault-rotate --help

Development

For development, you will need:

  • Python 3.9 or greater
  • Poetry

Install

poetry install

Run tests

poetry run pytest

About

Advanced Python CLI to rotate the secret used for ansible vault inline secrets and files in a project

pypi.org/project/ansible-vault-rotate/

Topics

python cli ansible rotation ansible-vault tsansible tppython-ansible

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

21 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 5

2.0.0 Latest
May 2, 2023
+ 4 releases

Contributors 5

Languages