a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor

pull/9580/head
Mohammed Babelly 2025-01-20 09:26:59 +04:00
parent 66c807ac74
commit 786d212b28
1 changed files with 26 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
plugins/lookup/onepassword_ssh_key.py
View File

@ -14,12 +14,12 @@ DOCUMENTATION = """
requirements: requirements:
- C(op) 1Password command line utility version 2 or later. - C(op) 1Password command line utility version 2 or later.
short_description: Fetch SSH Keys stored in 1Password short_description: Fetch SSH Keys stored in 1Password
version_added: "10.2.1" version_added: "10.3.0"
description: description:
- P(community.general.onepassword_ssh_key#lookup) wraps C(op) command line utility to fetch ssh keys from 1Password. - P(community.general.onepassword_ssh_key#lookup) wraps C(op) command line utility to fetch ssh keys from 1Password.
notes: notes:
- By default, it returns the private key value in PKCS#8 format, unless 'ssh_format=true' is passed. - By default, it returns the private key value in PKCS#8 format, unless O(ssh_format=true) is passed.
- The pluging works only for 'SSHKEY' type items. - The pluging works only for C(SSHKEY) type items.
- This plugin requires C(op) version 2 or later. - This plugin requires C(op) version 2 or later.
options: options:
@ -86,20 +86,31 @@ class OnePassCLIv2SSHKey(OnePassCLIv2):
return self._run(args) return self._run(args)
def get_ssh_key(self, item_id, vault=None, token=None, ssh_format=False): def get_ssh_key(self, item_id, vault=None, token=None, ssh_format=False):
_, out, _ = self._get_raw(item_id, vault, token) rc, out, err = self._get_raw(item_id, vault, token)
data = json.loads(out) data = json.loads(out)
if data.get("category") != "SSH_KEY": if data.get("category") != "SSH_KEY":
raise AnsibleLookupError(f"Item {item_id} is not SSH Key") raise AnsibleLookupError(f"Item {item_id} is not SSH Key")
for field in data.get("fields", {}): private_key_field = next(
if field.get("id") == "private_key" and field.get("type") == "SSHKEY": (
return ( field
field.get("ssh_formats", {}).get("openssh", {}).get("value", "") for field in data.get("fields", {})
if ssh_format if field.get("id") == "private_key" and field.get("type") == "SSHKEY"
else field.get("value", "") ),
) None,
)
if not private_key_field:
raise AnsibleLookupError(f"No private key found for item {item_id}.")
if ssh_format:
return (
private_key_field.get("ssh_formats", {})
.get("openssh", {})
.get("value", "")
)
return private_key_field.get("value", "")
class LookupModule(LookupBase): class LookupModule(LookupBase):
@ -132,8 +143,6 @@ class LookupModule(LookupBase):
) )
op.assert_logged_in() op.assert_logged_in()
values = [] return [
for term in terms: op._cli.get_ssh_key(term, vault, ssh_format=ssh_format) for term in terms
values.append(op._cli.get_ssh_key(term, vault, ssh_format=ssh_format)) ]
return [values]