This allows the following invocations:
# Interactive use, like gpg
ansible-vault encrypt --output x
# Non-interactive, for scripting
echo plaintext|ansible-vault encrypt --output x
# Separate input and output files
ansible-vault encrypt input.yml --output output.yml
# Existing usage (in-place encryption) unchanged
ansible-vault encrypt inout.yml
…and the analogous cases for ansible-vault decrypt as well.
In all cases, the input and output files can be '-' to read from stdin
or write to stdout. This permits sensitive data to be encrypted and
decrypted without ever hitting disk.
The --new-vault-password-file option works the same as
--vault-password-file but applies only to rekeying (when
--vault-password-file sets the old password). Also update the manpage
to document these options more fully.
Without at least one worker process, things break:
Traceback (most recent call last):
File "/home/ams/extern/ansible/ansible/lib/ansible/executor/process/result.py", line 103, in run
result = self._read_worker_result()
File "/home/ams/extern/ansible/ansible/lib/ansible/executor/process/result.py", line 69, in _read_worker_result
(worker_prc, main_q, rslt_q) = self._workers[self._cur_worker]
IndexError: list index out of range
Abhijit Menon-Sen
Brian Coca
Richard Poole
James Cammarata
Toshio Kuratomi
soarpenguin
Matt Martz