blob: 5956e1f42b544fcbc873018f227568c7937c2ac0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
#!/usr/bin/env bash
set -eux -o pipefail
echo "single file include"
ansible testhost -i ../../inventory -m include_vars -a 'dir/inc.yml' -vvv 2>&1 | grep -q 'porter.*cable'
echo "single file encrypted include"
ansible testhost -i ../../inventory -m include_vars -a 'dir/encrypted.yml' -vvv --vault-password-file vaultpass > output.txt 2>&1
echo "directory include with encrypted"
ansible testhost -i ../../inventory -m include_vars -a 'dir=dir' -vvv --vault-password-file vaultpass >> output.txt 2>&1
grep -q 'output has been hidden' output.txt
# all content should be masked if any file is encrypted
if grep -e 'i am a secret' -e 'porter.*cable' output.txt; then
echo "FAIL: vault masking failed"
exit 1
fi
echo PASS
|
