diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:04:41 +0000 |
commit | 975f66f2eebe9dadba04f275774d4ab83f74cf25 (patch) | |
tree | 89bd26a93aaae6a25749145b7e4bca4a1e75b2be /ansible_collections/community/sops/tests/integration | |
parent | Initial commit. (diff) | |
download | ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.tar.xz ansible-975f66f2eebe9dadba04f275774d4ab83f74cf25.zip |
Adding upstream version 7.7.0+dfsg.upstream/7.7.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/community/sops/tests/integration')
169 files changed, 3302 insertions, 0 deletions
diff --git a/ansible_collections/community/sops/tests/integration/targets/age/aliases b/ansible_collections/community/sops/tests/integration/targets/age/aliases new file mode 100644 index 000000000..3a9daf6c4 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/age/aliases @@ -0,0 +1,8 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd diff --git a/ansible_collections/community/sops/tests/integration/targets/age/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/age/meta/main.yml new file mode 100644 index 000000000..344e8b865 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/age/meta/main.yml @@ -0,0 +1,8 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops + - setup_remote_tmp_dir diff --git a/ansible_collections/community/sops/tests/integration/targets/age/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/age/tasks/main.yml new file mode 100644 index 000000000..a48c847e6 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/age/tasks/main.yml @@ -0,0 +1,87 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Get sops version + command: sops --version + when: sops_installed + register: installed_sops_version + +- name: Determine whether sops, age, and sops with age are supported + set_fact: + supports_sops_and_age: >- + {{ sops_installed and age_installed and (installed_sops_version.stdout | regex_search('sops (\d+\.\d+\.\d+)', '\1') | first) is version('3.7.0', '>=') }} + +- when: supports_sops_and_age + block: + - name: Create local temporary directory + tempfile: + state: directory + suffix: .test + delegate_to: localhost + register: local_tmp_dir + + - name: Record local temporary directory + set_fact: + local_tmp_dir: "{{ local_tmp_dir.path }}" + + - name: Create age keys + command: age-keygen --output {{ local_tmp_dir }}/{{ item }} + delegate_to: localhost + loop: + - identity_1 + - identity_2 + - identity_3 + - identity_4 + + - vars: + identity_files: + - name: identities_all + id_files: + - identity_1 + - identity_2 + - identity_3 + - identity_4 + - name: identities_1_2_3 + id_files: + - identity_1 + - identity_2 + - identity_3 + - name: identities_4 + id_files: + - identity_4 + block: + - name: Create local identity files + copy: + dest: '{{ local_tmp_dir }}/{{ item.name }}' + content: | + {% for id_file in item.id_files %} + {{ lookup('file', local_tmp_dir ~ '/' ~ id_file) }} + {% endfor %} + delegate_to: localhost + loop: '{{ identity_files }}' + + - name: Create remote identity files + copy: + dest: '{{ remote_tmp_dir }}/{{ item.name }}' + content: | + {% for id_file in item.id_files %} + {{ lookup('file', local_tmp_dir ~ '/' ~ id_file) }} + {% endfor %} + loop: '{{ identity_files }}' + + - name: Read identity public keys + set_fact: + identity_1: "{{ lookup('file', local_tmp_dir ~ '/identity_1') | regex_search('public key: ([a-zA-Z0-9]+)', '\\1') | first }}" + identity_2: "{{ lookup('file', local_tmp_dir ~ '/identity_2') | regex_search('public key: ([a-zA-Z0-9]+)', '\\1') | first }}" + identity_3: "{{ lookup('file', local_tmp_dir ~ '/identity_3') | regex_search('public key: ([a-zA-Z0-9]+)', '\\1') | first }}" + identity_4: "{{ lookup('file', local_tmp_dir ~ '/identity_4') | regex_search('public key: ([a-zA-Z0-9]+)', '\\1') | first }}" + + - include_tasks: test.yml + always: + - name: Delete temporary directory + file: + path: '{{ local_tmp_dir }}' + state: absent + delegate_to: localhost diff --git a/ansible_collections/community/sops/tests/integration/targets/age/tasks/test.yml b/ansible_collections/community/sops/tests/integration/targets/age/tasks/test.yml new file mode 100644 index 000000000..85f3cb150 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/age/tasks/test.yml @@ -0,0 +1,122 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Create encrypted files + sops_encrypt: + path: '{{ remote_tmp_dir }}/{{ item.name }}.sops.yaml' + age: '{{ item.identities }}' + age_keyfile: '{{ remote_tmp_dir }}/identities_all' + content_yaml: '{{ item.data }}' + loop: '{{ data }}' + vars: + data: + - name: enc-1 + identities: + - '{{ identity_1 }}' + - '{{ identity_2 }}' + - '{{ identity_3 }}' + - '{{ identity_4 }}' + data: + foo: bar + baz: this is a secret + bam: true + int: 3 + - name: enc-2 + identities: + - '{{ identity_1 }}' + - '{{ identity_2 }}' + - '{{ identity_4 }}' + data: + foo: 19 + bar: this is another secret + - name: enc-3 + identities: + - '{{ identity_4 }}' + data: + foo: 23 + +- name: Copy encrypted files to localhost + fetch: + src: '{{ remote_tmp_dir }}/{{ item }}.sops.yaml' + dest: '{{ local_tmp_dir }}/' + flat: true + loop: + - enc-1 + - enc-2 + - enc-3 + +- name: Decrypt some data + set_fact: + decrypt_1: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identities_all') | from_yaml }}" + decrypt_1_1: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_1') | from_yaml }}" + decrypt_1_2: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_2') | from_yaml }}" + decrypt_1_3: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_3') | from_yaml }}" + decrypt_1_4: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_4') | from_yaml }}" + decrypt_1_1_2_3: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_keyfile=local_tmp_dir ~ '/identities_1_2_3') | from_yaml }}" + decrypt_1b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identities_all')) | from_yaml }}" + decrypt_1_1b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identity_1')) | from_yaml }}" + decrypt_1_2b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identity_2')) | from_yaml }}" + decrypt_1_3b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identity_3')) | from_yaml }}" + decrypt_1_4b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identity_4')) | from_yaml }}" + decrypt_1_1_2_3b: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-1.sops.yaml', age_key=lookup('file', local_tmp_dir ~ '/identities_1_2_3')) | from_yaml }}" + decrypt_2: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identities_all') | from_yaml }}" + decrypt_2_1: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_1') | from_yaml }}" + decrypt_2_2: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_2') | from_yaml }}" + decrypt_2_4: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_4') | from_yaml }}" + decrypt_2_1_2_3: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identities_1_2_3') | from_yaml }}" + decrypt_3: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-3.sops.yaml', age_keyfile=local_tmp_dir ~ '/identities_all') | from_yaml }}" + decrypt_3_4: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-3.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_4') | from_yaml }}" + +- name: Validate decryption + assert: + that: + - decrypt_1.foo == 'bar' + - decrypt_1.baz == 'this is a secret' + - decrypt_1.bam == true + - decrypt_1.int == 3 + - decrypt_1 == decrypt_1_1 + - decrypt_1 == decrypt_1_2 + - decrypt_1 == decrypt_1_3 + - decrypt_1 == decrypt_1_4 + - decrypt_1 == decrypt_1_1_2_3 + - decrypt_1 == decrypt_1b + - decrypt_1 == decrypt_1_1b + - decrypt_1 == decrypt_1_2b + - decrypt_1 == decrypt_1_3b + - decrypt_1 == decrypt_1_4b + - decrypt_1 == decrypt_1_1_2_3b + - decrypt_2.foo == 19 + - decrypt_2.bar == 'this is another secret' + - decrypt_2.bam is undefined + - decrypt_2.int is undefined + - decrypt_2 == decrypt_2_1 + - decrypt_2 == decrypt_2_2 + - decrypt_2 == decrypt_2_4 + - decrypt_2 == decrypt_2_1_2_3 + - decrypt_3.foo == 23 + - decrypt_3.bar is undefined + - decrypt_3.bam is undefined + - decrypt_3.int is undefined + - decrypt_3 == decrypt_3_4 + +- name: Failed encryption 1 + debug: + msg: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-2.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_3') | from_yaml }}" + ignore_errors: true + register: failure_1 + +- name: Failed encryption 2 + debug: + msg: "{{ lookup('community.sops.sops', local_tmp_dir ~ '/enc-3.sops.yaml', age_keyfile=local_tmp_dir ~ '/identity_1') | from_yaml }}" + ignore_errors: true + register: failure_2 + +- name: Validate failed decryption + assert: + that: + - failure_1 is failed + - "'CouldNotRetrieveKey' in failure_1.msg" + - failure_2 is failed + - "'CouldNotRetrieveKey' in failure_2.msg" diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/aliases b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/aliases new file mode 100644 index 000000000..977ec3882 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/aliases @@ -0,0 +1,9 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd +skip/python2.6 # lookups are controller only, and we no longer support Python 2.6 on the controller diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/.sops.yaml new file mode 100644 index 000000000..e28ce962d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/.sops.yaml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +creation_rules: + - pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops new file mode 100644 index 000000000..af344ef2d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:TrEN6YJBOg==,iv:aUozScYsBrM4khbqD2lMbGpEEXXO0Vy8YytBoG4HIf4=,tag:JlLZHqj2fsTi6v1rGeaxWw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-02T18:26:32Z", + "mac": "ENC[AES256_GCM,data:m4PPDNMYOPcDECiKJLF9Hg4jIInHj/xpj5bnGUkQxMm4XO2CDPal9g1FwTzwjOK9rXLUkdhWc8FuRh542EviVV8vOyUkjVAwN0x0bpXodBXB5r/9PPDwtObe/CUWnjo90Ow7IuX/BnQI6lf1sdPHf0MeTjGN9/l7tr6xg+92bIc=,iv:7q+TxZ65n2a+Vdb9KY6ISX92c1lEG2yTpa9KCt/QcUk=,tag:uR1AfcNd1dvH6LZy2oBDiw==,type:str]", + "pgp": [ + { + "created_at": "2020-10-02T18:26:31Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAR4QrVAJ5LhfX41457whWBdB74/O4OEZ76CkUGBvCVkGb\nHjJf9PAHFYH12UVnHEK3ZHKxKrVKPM2Pf3hsMGPuruS2wDuCWLteuMfQtlvCg1Xv\nLxiOfyEUEFc7Rl7uKmvni7XBeexIYN0DpxYa1Paz28ptQJCxZ84FK9y2jrFg2bUF\nq8R1JSTiY+YDXQBKSw3XgdJjjX2Yrpe85BV/l7pgREcwKEG4ZIU8n/zH2mgCObxp\nVfa50dAs5mfooU4g+xF34INhk7L+JPF0EBAbdrPyiw/7220dQSfCW0K3rgQkL1ZE\nB0wjH3S2anRO5t8E4S/YvXerq8LwtpCMczflLsCZ89LgAeStGGLFgZU53ASmq2dt\nqwQw4dCY4CngwuG/PuCt4nYV6VPgz+V+txpuq/aKQvcuFNhGsRtm4oP/vUlhqZQA\nivnqgO/DveCH5MxW9oMGLnYj4Jkbp0gRyALiqwNRz+HfSgA=\n=3dNe\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/binary.sops.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-rep.sh b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-rep.sh new file mode 100755 index 000000000..0c1ab43f3 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-rep.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--keyservice" ] || [ "$2" != "a" ] || [ "$3" != "--keyservice" ] || [ "$4" != "b" ] || [ "$5" != "--input-type" ] || [ "$6" != "yaml" ] || [ "$7" != "--output-type" ] || [ "$8" != "yaml" ] || [ "$9" != "--decrypt" ] || [ "${10}" != "/dev/stdin" ] || [ "${11}" != "" ]; then + echo "Command (fake-sops-rep): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_SESSION_TOKEN}" != "zzz" ]; then + echo "AWS_SESSION_TOKEN is '${AWS_SESSION_TOKEN}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output 3' diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-val.sh b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-val.sh new file mode 100755 index 000000000..6e8b36678 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops-val.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--config" ] || [ "$2" != "/path/to/asdf" ] || [ "$3" != "--input-type" ] || [ "$4" != "yaml" ] || [ "$5" != "--output-type" ] || [ "$6" != "yaml" ] || [ "$7" != "--decrypt" ] || [ "$8" != "/dev/stdin" ] || [ "$9" != "" ]; then + echo "Command (fake-sops-val): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_SECRET_ACCESS_KEY}" != "yyy" ]; then + echo "AWS_SECRET_ACCESS_KEY is '${AWS_SECRET_ACCESS_KEY}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output 2' diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops.sh b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops.sh new file mode 100755 index 000000000..4c6985d0c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/fake-sops.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--enable-local-keyservice" ] || [ "$2" != "--input-type" ] || [ "$3" != "yaml" ] || [ "$4" != "--output-type" ] || [ "$5" != "yaml" ] || [ "$6" != "--decrypt" ] || [ "$7" != "/dev/stdin" ] || [ "$8" != "" ]; then + echo "Command (fake-sops): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_ACCESS_KEY_ID}" != "xxx" ]; then + echo "AWS_ACCESS_KEY_ID is '${AWS_ACCESS_KEY_ID}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output' diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml new file mode 100644 index 000000000..8ac6f9457 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json new file mode 100644 index 000000000..8ac6f9457 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml new file mode 100644 index 000000000..b61752806 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary-yaml.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-binary.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-json.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml new file mode 100644 index 000000000..d3a52a224 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json new file mode 100644 index 000000000..d3a52a224 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml new file mode 100644 index 000000000..5ae3291d5 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/hidden-yaml.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops new file mode 100644 index 000000000..a704dbad3 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:+x5Q1yGxpgvMQiwwMiCAiU0B5KA7i1eMvuRRxNLpKH0LEEs/7rpOInqKtA==,iv:96ihzWMxW45FqN28BCtX1emDBcXln9FN87Yf8bTlbbA=,tag:a8SiDQjFffOYHwKp5IhU2Q==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-02T18:14:42Z", + "mac": "ENC[AES256_GCM,data:CyLyYbG6rVwT8sRqLxLBuWUrgtUHz8XVwCx7iyiJDL925jzMvkA2ZEYxH6CsiWwc5/7tcFGLDSCjYw3AHD9x42LmsaAefk7F4X55++EI5VZbmSwyHdxCqvMVycKLJm3YXfodos8bbEWDDXhbmMT92uJs7H/IBXywnQHG3qoJWJE=,iv:ljY/d++R5v8VY5Q8nV0lnNwaeuEiKG4VTY8fSgFJD+w=,tag:MEtTIFuiSj8ReQOZNxO1IQ==,type:str]", + "pgp": [ + { + "created_at": "2020-10-02T18:11:54Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAblvrgBIPsg01TJjde7YskLvPKC/1jt1kI/eoOQ/KdemW\ngaJf4PIWGzFUxZEXeRzo70HTS+sPTi0TQDDkwOfcNjlGb3dC1KQdIZ1UiuqhL1//\n1G0doMMztEyZ63SOElv3OaWHjcnvmP224rTuFpO6Pm8HHMKEbaw9N7YHObgSdIpk\nfqEP369xj6bk/yQNEuMbgQOk+7LAYPs8na7oxIrdkWrmIlVj5jEz08lVS/FJecty\nUDalNDBkRrqMgTvSAw0vJTzaPzw/V+6WTrHh/0FRvLKJlKOsesaoxahW2/H1Dxmr\npySYTs2omqOtr3RzkCrUXmHijim9DIwg0JsIjo5xytLgAeSjSr9/W1EucekSGbeM\nmYK+4cN/4ILgRuH75OAw4qu0IgrgWuX6Eo7vO2HPrUiFLA/j+7/Bi+HkBZZuMrlR\njhd7C7MQGuD85NF3TzP2hW895ZiDznjWutHi69caRuEeZQA=\n=Aqvj\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/rstrip.sops.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml new file mode 100644 index 000000000..d7bfc2ea2 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml @@ -0,0 +1,25 @@ +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml.license b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/files/simple.sops.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/meta/main.yml new file mode 100644 index 000000000..b7f89500e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/meta/main.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops diff --git a/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/tasks/main.yml new file mode 100644 index 000000000..450b9209e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/filter_decrypt/tasks/main.yml @@ -0,0 +1,132 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- when: sops_installed + block: + - name: Test bad parameter detection (1/2) + set_fact: + sops_bad_input_type: "{{ 'this-is-not: a sops file' | community.sops.decrypt(input_type='foo') }}" + ignore_errors: true + register: sops_bad_input_type + + - name: Test bad parameter detection (2/2) + set_fact: + sops_bad_output_type: "{{ 'this-is-not: a sops file' | community.sops.decrypt(output_type=23) }}" + ignore_errors: true + register: sops_bad_output_type + + - assert: + that: + - "sops_bad_input_type is failed" + - "'input_type must be one of' in sops_bad_input_type.msg" + - "'; got \"foo\"' in sops_bad_input_type.msg" + - "sops_bad_output_type is failed" + - "'output_type must be one of' in sops_bad_output_type.msg" + - "'; got \"23\"' in sops_bad_output_type.msg" + + - name: Test decrypt of non-sops file + set_fact: + sops_wrong_file: "{{ 'this-is-not: a sops file' | community.sops.decrypt }}" + ignore_errors: true + register: sops_filter_wrong_file + + - assert: + that: + - "sops_filter_wrong_file is failed" + - "'sops metadata not found' in sops_filter_wrong_file.msg" + + - name: Test simple filter + set_fact: + sops_success: "{{ lookup('file', 'simple.sops.yaml') | community.sops.decrypt }}" + register: sops_filter_simple + + - assert: + that: + - "sops_filter_simple is success" + - "sops_success == 'foo: bar'" + + - name: Test rstrip + set_fact: + with_rstrip: "{{ lookup('file', 'rstrip.sops') | community.sops.decrypt(rstrip=true, output_type='binary') }}" + without_rstrip: "{{ lookup('file', 'rstrip.sops') | community.sops.decrypt(rstrip=false, output_type='binary') }}" + default_rstrip: "{{ lookup('file', 'rstrip.sops') | community.sops.decrypt(output_type='binary') }}" + + - assert: + that: + - with_rstrip == 'This file has three newlines at the end.' + - without_rstrip == 'This file has three newlines at the end.\n\n\n' + - default_rstrip == 'This file has three newlines at the end.' + + - name: Test binary + set_fact: + binary_with_rstrip: "{{ lookup('file', 'binary.sops') | community.sops.decrypt(rstrip=true, decode_output=false, output_type='binary') | b64encode }}" + binary_without_rstrip: "{{ lookup('file', 'binary.sops') | community.sops.decrypt(rstrip=false, decode_output=false, output_type='binary') | b64encode }}" + + - assert: + that: + - binary_with_rstrip == 'AQIDAAQ=' + - binary_without_rstrip == 'AQIDAAQgCg==' + + - name: Test hidden binary + set_fact: + hidden_binary: "{{ lookup('file', 'hidden-binary') | community.sops.decrypt(output_type='binary') }}" + hidden_binary__json: "{{ lookup('file', 'hidden-binary.json') | community.sops.decrypt(output_type='binary') }}" + hidden_binary__yaml: "{{ lookup('file', 'hidden-binary.yaml') | community.sops.decrypt(output_type='binary') }}" + hidden_binary_yaml: "{{ lookup('file', 'hidden-binary-yaml') | community.sops.decrypt(input_type='yaml', output_type='binary') }}" + hidden_binary_yaml__json: "{{ lookup('file', 'hidden-binary-yaml.json') | community.sops.decrypt(input_type='yaml', output_type='binary') }}" + hidden_binary_yaml__yaml: "{{ lookup('file', 'hidden-binary-yaml.yaml') | community.sops.decrypt(input_type='yaml', output_type='binary') }}" + hidden_json: "{{ lookup('file', 'hidden-json') | community.sops.decrypt(input_type='json', output_type='json') }}" + hidden_json__json: "{{ lookup('file', 'hidden-json.json') | community.sops.decrypt(input_type='json', output_type='json') }}" + hidden_json__yaml: "{{ lookup('file', 'hidden-json.yaml') | community.sops.decrypt(input_type='json', output_type='json') }}" + hidden_yaml: "{{ lookup('file', 'hidden-yaml') | community.sops.decrypt(input_type='yaml', output_type='yaml') }}" + hidden_yaml__json: "{{ lookup('file', 'hidden-yaml.json') | community.sops.decrypt(input_type='yaml', output_type='yaml') }}" + hidden_yaml__yaml: "{{ lookup('file', 'hidden-yaml.yaml') | community.sops.decrypt(input_type='yaml', output_type='yaml') }}" + hidden_json__as_yaml: "{{ lookup('file', 'hidden-json') | community.sops.decrypt(input_type='json', output_type='yaml') }}" + hidden_json__json__as_yaml: "{{ lookup('file', 'hidden-json.json') | community.sops.decrypt(input_type='json', output_type='yaml') }}" + hidden_json__yaml__as_yaml: "{{ lookup('file', 'hidden-json.yaml') | community.sops.decrypt(input_type='json', output_type='yaml') }}" + hidden_yaml__as_json: "{{ lookup('file', 'hidden-yaml') | community.sops.decrypt(input_type='yaml', output_type='json') }}" + hidden_yaml__json__as_json: "{{ lookup('file', 'hidden-yaml.json') | community.sops.decrypt(input_type='yaml', output_type='json') }}" + hidden_yaml__yaml__as_json: "{{ lookup('file', 'hidden-yaml.yaml') | community.sops.decrypt(input_type='yaml', output_type='json') }}" + + - assert: + that: + - hidden_binary == test_str_abcd + - hidden_binary__json == test_str_abcd + - hidden_binary__yaml == test_str_abcd + - hidden_binary_yaml == test_str_binary_data + - hidden_binary_yaml__json == test_str_binary_data + - hidden_binary_yaml__yaml == test_str_binary_data + - hidden_json == test_dict + - hidden_json__json == test_dict + - hidden_json__yaml == test_dict + - hidden_yaml == test_dict_yaml + - hidden_yaml__json == test_dict_yaml + - hidden_yaml__yaml == test_dict_yaml + - hidden_json__as_yaml == test_dict_yaml + - hidden_json__json__as_yaml == test_dict_yaml + - hidden_json__yaml__as_yaml == test_dict_yaml + - hidden_yaml__as_json == test_dict + - hidden_yaml__json__as_json == test_dict + - hidden_yaml__yaml__as_json == test_dict + vars: + test_dict: + a: b + c: d + test_dict_yaml: + "a: b\nc: d" + test_str_binary_data: This is binary data. + test_str_abcd: a is b, and c is d + + - name: Test fake sops binary + set_fact: + fake_sops_output: "{{ lookup('file', 'simple.sops.yaml') | community.sops.decrypt(sops_binary=role_path ~ '/files/fake-sops.sh', enable_local_keyservice=True, aws_access_key_id='xxx') }}" + fake_sops_output_2: "{{ lookup('file', 'simple.sops.yaml') | community.sops.decrypt(sops_binary=role_path ~ '/files/fake-sops-val.sh', config_path='/path/to/asdf', aws_secret_access_key='yyy') }}" + fake_sops_output_3: "{{ lookup('file', 'simple.sops.yaml') | community.sops.decrypt(sops_binary=role_path ~ '/files/fake-sops-rep.sh', keyservice=['a', 'b'], aws_session_token='zzz') }}" + + - assert: + that: + - fake_sops_output == 'fake sops output' + - fake_sops_output_2 == 'fake sops output 2' + - fake_sops_output_3 == 'fake sops output 3' diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/aliases b/ansible_collections/community/sops/tests/integration/targets/load_vars/aliases new file mode 100644 index 000000000..ba51f5990 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/aliases @@ -0,0 +1,10 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd +skip/python2.6 # lookups are controller only, and we no longer support Python 2.6 on the controller +context/controller diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/load_vars/meta/main.yml new file mode 100644 index 000000000..b7f89500e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/meta/main.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/load_vars/tasks/main.yml new file mode 100644 index 000000000..8e07f845d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/tasks/main.yml @@ -0,0 +1,126 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- when: sops_installed + block: + - name: Test load_vars with missing option + community.sops.load_vars: + register: load_vars_missing_option + failed_when: load_vars_missing_option is not failed + + - assert: + that: + - '"missing required arguments: file" in load_vars_missing_option.msg' + + - name: Test load_vars with wrong choice value + community.sops.load_vars: + file: a + expressions: invalid value + register: load_vars_invalid_value + failed_when: load_vars_invalid_value is not failed + + - assert: + that: + - '"value of expressions must be one of: ignore, evaluate-on-load, got: invalid value" in load_vars_invalid_value.msg' + + - name: Test load_vars with missing file + community.sops.load_vars: + file: non-existent.sops.yaml + register: load_vars_missing_file + failed_when: load_vars_missing_file is not failed + + - assert: + that: + - | + "Could not find or access 'non-existent.sops.yaml'\n" in load_vars_missing_file.msg + + - name: Test load_vars with non-sops file + community.sops.load_vars: + file: wrong.yaml + register: load_vars_wrong_file + failed_when: load_vars_wrong_file is not failed + + - assert: + that: + - "'sops metadata not found' in load_vars_wrong_file.msg" + + - name: Test load_vars with simple file into variable + community.sops.load_vars: + file: simple.sops.yaml + name: dest_variable + register: load_vars_simple + + - assert: + that: + - load_vars_simple is success + - "load_vars_simple.ansible_facts == {'dest_variable': {'foo': 'bar'}}" + - dest_variable.foo == 'bar' + - foo is undefined + + - name: Test load_vars with empty file + community.sops.load_vars: + file: empty.sops.json + register: load_vars_empty + + - assert: + that: + - load_vars_empty is success + - load_vars_empty.ansible_facts | length == 0 + + - name: Test load_vars with simple file into global namespace + community.sops.load_vars: + file: simple.sops.yaml + register: load_vars_simple_global + + - assert: + that: + - load_vars_simple_global is success + - "load_vars_simple_global.ansible_facts == {'foo': 'bar'}" + - foo == 'bar' + + - name: Test load_vars with expressions ignored + community.sops.load_vars: + file: proper-vars.sops.yaml + expressions: ignore + register: load_vars_expr_ignore + + - assert: + that: + - load_vars_expr_ignore is success + - test1 == '{' ~ '{ bar }' ~ '}' + - test2 == '{' ~ '{ this_will_not_get_evaluated }' ~ '}' + - bar == 'baz' + + - set_fact: + to_be_defined_earlier: something_defined_before + bar_2: baz + + - name: Test load_vars with expressions evaluated now + community.sops.load_vars: + file: proper-vars-2.sops.yaml + expressions: evaluate-on-load + register: load_vars_expr_evaluated_now + + - set_fact: + to_be_defined_earlier: something_else + + - assert: + that: + - load_vars_expr_evaluated_now is success + - test1_2 == 'baz' + - test2_2 == 'something_defined_before' + - test3_2[0] == 'baz' + - test4_2.test_4_2_1 == 'bazbaz' + + - name: Test load_vars with expressions evaluated now (again) + community.sops.load_vars: + file: proper-vars-2.sops.yaml + expressions: evaluate-on-load + register: load_vars_expr_evaluated_now_2 + + - assert: + that: + - load_vars_expr_evaluated_now_2 is success + - test2_2 == 'something_else' diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/.sops.yaml new file mode 100644 index 000000000..e28ce962d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/.sops.yaml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +creation_rules: + - pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json new file mode 100644 index 000000000..82c8cf381 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json @@ -0,0 +1,19 @@ +{ + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-09-21T05:20:22Z", + "mac": "ENC[AES256_GCM,data:/lmY2rbeFuc9D1CvPQVWfgBsMiO9A+xDvUlO5vxovcXTrI+FHV/O8NO0VyCuXxvPpzXpsbJq9g7YjBVyllsH1Y2zveWAPNH7hoPdMTsa7g0D/qANLnkDIkr0Gj5EIi1Pek1CT631u1SPHBih60AinwulkArEWs4Z4Sh9t881jSc=,iv:CSwOl2eqZb+bw53m2GTuWdmvFYOjDlH1um5MHAB1gxg=,tag:IQ3AXbHZ1RYlHjcY0JSr9Q==,type:str]", + "pgp": [ + { + "created_at": "2020-09-21T05:20:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAYKF/spYZXKeQlZ0kl6RiJCcbfbRBL69jQREerUvET78Q\nqystnEdijf3Dhf0i5wrIFdSrN7uxCQISAYaxa/upklsOuoWD5tQQIVctKDfGgrSH\nVcQrcBO19PQaH6ESF0T1udbalqdjWo8UXIbVzi1aLnaPlUYuzlqPzUTbhl9H0EGE\nNThYC3tfqbsM11d/qkRkxhqyVBOlt/tMkIQZqWc3eITs6ilT1PmkBcSUdoUTpVqi\nuxuTVP5DDoMi23/AGLbXowNn36FvcytPNnMFiRQffrFOv2lBkFgfoYOGeenYfPof\nm6A+b08DlPlNJBMhtyVYo0fzWY8uJqO9NtFdxPPaHNLgAeQunj4ltnJ5644D71Tp\nceSH4Rb74ETgqOEU6eD14oSdeIXgIeWG0zzYuaCDGyU9hWLvc3SEBS8/CMMetVvx\nzKMDxxsaM+Bd5J8z8kw/c6LSUGTSaAr55XziFq0PW+Fw/QA=\n=P0+p\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json.license b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/empty.sops.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars-2.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars-2.sops.yaml new file mode 100644 index 000000000..bffe0521f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars-2.sops.yaml @@ -0,0 +1,37 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +test1_2: ENC[AES256_GCM,data:iNGUgLK6RdJZQWA=,iv:FEx7YO17wTadHLcppnpElb5G5UIukfcHDatUkPzZ0rU=,tag:bKx9qwKiirzi7/lR0EQTEA==,type:str] +test2_2: ENC[AES256_GCM,data:4rFASWUQQLqJgLnL3KAYIWpBoMGz38pTt4+w,iv:42avbhH4HzHhsCNdiPvZbowKbaWx76c+OYD8iZMELyk=,tag:9GSsbCYDQHX698S68cZe+g==,type:str] +test3_2: +- ENC[AES256_GCM,data:nna0AD3fT6ySb7o=,iv:oX4yr3haXMCKvPNvbuzbnY1VeJQtT6svyij5IxkM8U4=,tag:T5C0b67m4Gu5OMFQLua7cw==,type:str] +- ENC[AES256_GCM,data:iFsZo/M=,iv:Rt0S7vSQqT9eBt74/xLkUeRu91jLaroPs1oU707dqZ0=,tag:PHE2U6vUjOwc+vuERU5M8A==,type:int] +test4_2: + test_4_2_1: ENC[AES256_GCM,data:PdqR2Sj2YI9YgWxrHd+iLszygZnzLA==,iv:rzY3GH7WH1E56vDirZ820R3oP7GTqjh1h/p0blTOBts=,tag:IDYNvBfTm2iklZVAI5Y4dw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T19:09:46Z' + mac: ENC[AES256_GCM,data:ukYXQmbbOnausOseL6dcmBxZrPE5oHRirIebO8IUorFlas3NTUVFJCPJgJBA6cUa8KhFJDzfv2O+49y5h8j4Xu4w+3EuR42YukATVNbqLR1zQCO3N9fythqWWbxeiTlCXIK+Q+7FhC+UrY0FhFIKDc2iQOWdFYDSeBYg9vx1Spg=,iv:ksQOlDfvr4x25s+bbZywsRqVhvfbe2l81tBKzYVUBwI=,tag:mUD6aR6VbtCSF42dZwwnqg==,type:str] + pgp: + - created_at: '2020-09-20T20:29:09Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAXN27E1QUMoQcdyFW1D/vNJ1B022/1q8Sg+G9FbsXLTBL + XXLRpm+H2R8OEBT9zfW0gTp+RUcffcbEQ4zFPYghXTcfEWB18Dyz4YsemrbjW4NB + oHsto+5sqGAALo7grBnUeNFxp3W263YodUSbRnG8lgQeBHulK4IhOoMBr2JnRDJg + w/qrZBDBKQQjhl1nr6QtnKA/jlckbyw7wbtDxi8b/0w76un1gpgou+dSaF6rWo1R + R7gaCbOzEUm3jdIRARFPeEn7YYgm8Pacxy8krPldjHk1EDuOTL9Ubs2NGHFo2WKo + iZqxTPw8MhrNmWC+y90KKFx1JHmS0KLMvi5x4/cqpNLgAeQEW4NCFfCu7wZ8UvfE + Xcd44dol4ETgmeH8EOAy4kS1MjrgvuWQPrw+f5VRfUpd0F7RcdLmKSSn9yZ4JGoz + eXgIH/SWy+Bu5MgUwqKeFy/Y6BICNKdziLriOvVIYOH4dAA= + =VJGY + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars.sops.yaml new file mode 100644 index 000000000..95f3bbf0d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/proper-vars.sops.yaml @@ -0,0 +1,33 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +test1: ENC[AES256_GCM,data:9Pqw99u2f3qG,iv:AhLP4qOm/OVA2GuRgAxARR8t5tdxjLxU5Cqjq2rSalU=,tag:6mKhNKuv7SQ43SiL1FcrPg==,type:str] +test2: ENC[AES256_GCM,data:hDPhuyLcFDVddSf4V0bCc67AB6Je62EIYhLT3lr6wfL0,iv:RwY/Upk/es5Y5xzCkZawNDp8wjGkS/qzZo9ErKIwYbc=,tag:h73bPO+pYM08q9Wjx/6N2w==,type:str] +bar: ENC[AES256_GCM,data:l4r5,iv:bxtHopVoSImLBY0u+1FUPe5qwJGk9nfy2ODI4vYhgiI=,tag:FjdNMkU0YFisswXbgEjCjA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T18:48:09Z' + mac: ENC[AES256_GCM,data:u4+EQNjFXHsN2nF/WvXXoIkpFgAnagpH+NexBjicZbvAyrWuUgJxKQQxA6RtFdbvf1B3dT5PncPU+FyuUneN4/2ZMgcSGDl0HrA5+C3k7jKWwpk3lRBnkhPth+M4P51ThZ8mZRxRUKoRTivCip6/tL7NDqfCMPUmVG1NplRwhn4=,iv:k79E4eAU7EQLDi840VAPZXbFRmHKlx5HbAyJEBszztM=,tag:kknO0CvGVZaRFLB+plyctg==,type:str] + pgp: + - created_at: '2020-09-20T20:07:20Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAkSnBl8glONDFOH6XOjo9YbfYCf3L/i8aYueZ/O9VlIX8 + uyG5JzSfhQu0Yy9BXwuZfELo54SvxqQvlTIF0lQ3VDjBVcZgosaxN+yvMsB9jn6b + gbdK0nqduXcwuZGUJqcnq8TBixiWQI+oFMSQUsHrA4O0IqDb0UzGcTDMmVv0FqZu + p3C5Femn1z1E/QqLKRU2YGAHbbfBVdNkQiAFAvT6AlchnvNEIyaLeS3D8yueIrBR + B76/YNsjSVUff1ZnHm2B0zn/HnC+vQQuMLDnKrQffXJHRJ2AEt0lls/al+NXLiOm + TlkE0F6/ZGPIfznt9+tpXhUyAXsOpEZXWYPIfrheodLgAeS3rZfS0Ey7RI02QSq0 + Jk/g4dSl4DjgAOGcW+Dl4gnGdMjgUuV1tnG4e5riZleM7a+5TSoWZWIJFJqAXO/6 + EqdSmUvN2uAS5O3DU0mrnMTHTDX4Ghjorh3iPwK2++GT8QA= + =SfPv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/simple.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/simple.sops.yaml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/simple.sops.yaml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/wrong.yaml b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/wrong.yaml new file mode 100644 index 000000000..3f3fff636 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/load_vars/vars/wrong.yaml @@ -0,0 +1,6 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +this-is-not: a sops file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/aliases b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/aliases new file mode 100644 index 000000000..977ec3882 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/aliases @@ -0,0 +1,9 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd +skip/python2.6 # lookups are controller only, and we no longer support Python 2.6 on the controller diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/.sops.yaml new file mode 100644 index 000000000..e28ce962d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/.sops.yaml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +creation_rules: + - pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops new file mode 100644 index 000000000..af344ef2d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:TrEN6YJBOg==,iv:aUozScYsBrM4khbqD2lMbGpEEXXO0Vy8YytBoG4HIf4=,tag:JlLZHqj2fsTi6v1rGeaxWw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-02T18:26:32Z", + "mac": "ENC[AES256_GCM,data:m4PPDNMYOPcDECiKJLF9Hg4jIInHj/xpj5bnGUkQxMm4XO2CDPal9g1FwTzwjOK9rXLUkdhWc8FuRh542EviVV8vOyUkjVAwN0x0bpXodBXB5r/9PPDwtObe/CUWnjo90Ow7IuX/BnQI6lf1sdPHf0MeTjGN9/l7tr6xg+92bIc=,iv:7q+TxZ65n2a+Vdb9KY6ISX92c1lEG2yTpa9KCt/QcUk=,tag:uR1AfcNd1dvH6LZy2oBDiw==,type:str]", + "pgp": [ + { + "created_at": "2020-10-02T18:26:31Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAR4QrVAJ5LhfX41457whWBdB74/O4OEZ76CkUGBvCVkGb\nHjJf9PAHFYH12UVnHEK3ZHKxKrVKPM2Pf3hsMGPuruS2wDuCWLteuMfQtlvCg1Xv\nLxiOfyEUEFc7Rl7uKmvni7XBeexIYN0DpxYa1Paz28ptQJCxZ84FK9y2jrFg2bUF\nq8R1JSTiY+YDXQBKSw3XgdJjjX2Yrpe85BV/l7pgREcwKEG4ZIU8n/zH2mgCObxp\nVfa50dAs5mfooU4g+xF34INhk7L+JPF0EBAbdrPyiw/7220dQSfCW0K3rgQkL1ZE\nB0wjH3S2anRO5t8E4S/YvXerq8LwtpCMczflLsCZ89LgAeStGGLFgZU53ASmq2dt\nqwQw4dCY4CngwuG/PuCt4nYV6VPgz+V+txpuq/aKQvcuFNhGsRtm4oP/vUlhqZQA\nivnqgO/DveCH5MxW9oMGLnYj4Jkbp0gRyALiqwNRz+HfSgA=\n=3dNe\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/binary.sops.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-rep.sh b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-rep.sh new file mode 100755 index 000000000..74f22ac2b --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-rep.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--keyservice" ] || [ "$2" != "a" ] || [ "$3" != "--keyservice" ] || [ "$4" != "b" ] || [ "$5" != "--decrypt" ] || [ "$(basename "$6")" != "simple.sops.yaml" ] || [ "$7" != "" ]; then + echo "Command (fake-sops-rep): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_SESSION_TOKEN}" != "zzz" ]; then + echo "AWS_SESSION_TOKEN is '${AWS_SESSION_TOKEN}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output 3' diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-val.sh b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-val.sh new file mode 100755 index 000000000..f29b9f7e6 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops-val.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--config" ] || [ "$2" != "/path/to/asdf" ] || [ "$3" != "--decrypt" ] || [ "$(basename "$4")" != "simple.sops.yaml" ] || [ "$5" != "" ]; then + echo "Command (fake-sops-val): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_SECRET_ACCESS_KEY}" != "yyy" ]; then + echo "AWS_SECRET_ACCESS_KEY is '${AWS_SECRET_ACCESS_KEY}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output 2' diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops.sh b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops.sh new file mode 100755 index 000000000..0e78b2b01 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/fake-sops.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +if [ "$1" != "--enable-local-keyservice" ] || [ "$2" != "--decrypt" ] || [ "$(basename "$3")" != "simple.sops.yaml" ] || [ "$4" != "" ]; then + echo "Command (fake-sops): $*" > /dev/stderr + exit 1 +fi +if [ "${AWS_ACCESS_KEY_ID}" != "xxx" ]; then + echo "AWS_ACCESS_KEY_ID is '${AWS_ACCESS_KEY_ID}'" > /dev/stderr + exit 1 +fi +echo 'fake sops output' diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml new file mode 100644 index 000000000..8ac6f9457 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json new file mode 100644 index 000000000..8ac6f9457 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml new file mode 100644 index 000000000..b61752806 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml @@ -0,0 +1,26 @@ +data: ENC[AES256_GCM,data:Mf66wk+/MdrPhiG3WMYkfTcs5Fdl,iv:r/CUJSou0b0w3pF7i3heDecV49jn82pTw2oQrMYModI=,tag:y342mhP4BfgsI5feBsJgoA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:25:54Z' + mac: ENC[AES256_GCM,data:srcP514/YUzHZErkByGupUKTF/QqfbzGkNC4Ojmyks5lHw0yWcz7T0GvuZEvXfrHAKUdBYjgaKvQnmed7CfBg5zlb8PL7Pg8b36WPM27EAJkAJzJG39xBov2u8l6sK7JcXMO31qIgzJDhPGsPfkk8yqs45EQC43DmYKU8dZkVaU=,iv:v8MeNADiPdl4fQPwfMSX12y3M0WoP7+9OXF4BWM8bkM=,tag:bXBIzoRtKydGp56fOTTctQ==,type:str] + pgp: + - created_at: '2020-10-07T20:25:49Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAb66JsAFfpWA1r11UevicTHKtZ6U8aT4wLlOWK9JilyTc + YlS0SfoU8v/CKbTlMndskCQOlhdK7b3LJG294/Gj6+v1bAz/yC9ivxmO/WeLupsl + XlcxrbMJcUASq0qsh4XYOhbNt1p47Ay5to8Ov+K/vPwA1a1QbsO5YbtMVrqQGNor + SoThRkVQ51yaxvIMStHXqPKuq4hdn4//pa+afThvbCCEopyc4SYbKXgNTX7+l7+N + r2LOKzDxg/koVN1HSpQ+kBDXiF4i4zSaBPBXN35Tv1y4vC0KUzdzVWiekMWksOqA + 5ibGSLPhoOzIIz/Vda2t5o2LMeCaa36VXSbcXoL3i9LgAeQuZoNyyhrfwBOhARbi + ge7d4Q+o4ODgOOFSjeCr4msn9j3gCOX4+rKE2e9ZSFmSZzGv2vgWEo+h6qDxN29A + m2vhUzvrd+Br5DZRGB3LtEr3O4/lAN8DfwriyUDGKOEKRgA= + =4sXd + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary-yaml.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml new file mode 100644 index 000000000..5f1a9a9b1 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:oJurKkZjXi4HVqV51shzRbl8,iv:OIg1gqchya6dMQtjYTMBeEfcddQLCtxL+ONnhR0jXEo=,tag:z0toZPLcUG3ZWB/tu59tqQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:46Z", + "mac": "ENC[AES256_GCM,data:fIH8AhiNyca43zDcKRFy5vkTHHY/OyWA1LXRCPRUJyHSFu8TQwJJ+7+5c7F/mI3P3exNjWv+sG53VAcxImqRsrd98QhllLJ6OjnVxpwKFTOjLJWfsvPEmoD+TpCnpuKxZSk303j2jCnIJ2cW0gOpPiUjm6LQ7JroMrBXKki71Ss=,iv:qM2PPktRKd7E5e1xmvmJzRaHnIOFk3dkaQ38Gg8idiw=,tag:ki7fs/rDf6vovyqBknVVHA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:39Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAfr3xj1fG9yF91g+WMV1SG1dA+vR+nDkuGdNq3mn88660\nKiXOkEA8A6FrSpstKqsUb9Q6cotYiq3ld3dGPHve0AP9KzWvZEcogCpuk+CKaTnh\nimswI1Rr7jxZ9DecGn2koS07nGhNCXSdy2eAy0pDHpXbJnmb0CgHMXISeXiBZfs8\n19NtCMpcTbek4uR5jhazd0zSZWf1Gxls6pupBNaapwX0YyY+4cxc9O/spgDBd/R8\nrGNVOlA8svOnBQ8G0Ha+mn4p8ia7diSmPorRw1OGT9fJqnveVGsqk71rwem/5lv0\nEGSdXeYazjMP6Vlx0AaVBJFDNas9ozH3FMX2BRqWJNLgAeQE2dWrcbysQIi+QS6v\nfn3a4XYH4BzgcuHoQuAU4jqpMC3gv+UpiN+WK/Vc4Df/iMWQJB9uUm5iEbPRWwQx\n29a574BPbeBk5FxrDyMROm9YKb9GKa0F6WrimK5sdeF6VgA=\n=lJUR\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-binary.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml new file mode 100644 index 000000000..61dc55e97 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml @@ -0,0 +1,21 @@ +{ + "a": "ENC[AES256_GCM,data:/Q==,iv:q+yypwZjX2frKGNruAFF+XSnmz+IU3AQ5XuUMWhhyhA=,tag:skm5wsq8a3/EESLVic8yKw==,type:str]", + "c": "ENC[AES256_GCM,data:DQ==,iv:JvvR1pXyp6L+i4keXDwLM79oxP6K1nqeGkIC5OgR38c=,tag:QbtjRLx47fN5M4+zaaQBVA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T20:21:33Z", + "mac": "ENC[AES256_GCM,data:rbWY/H6bj2UFpybJHqsS02wjy8VMvNvzQUtd6fBMSsvvv1fYWWoULO32LGA635spoFkVyOpX4hipqVyjRfQ1KyP1rNssggaHMz+nRUUFOmiQAcT9wi/Y0IKWjgN1cjI1stCU10b5cfJZQ0SPi/OFC8KcptMaHpfDVF47ZfnprFs=,iv:rVtp2Ti4xHNOWeS4MKju1jFZ/VyE7oXXdTSpp4jSU34=,tag:kd0IeyLXY598kdvSX0+1DA==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T20:21:18Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAPQ6Bn3MlvYUPs+e0njFUoq4AZAhR38BIWGAzTAMeWfIH\n0JZwol5f1leoyKX5Bmye1S+n72zZz3C4FxhSqh80boxNpHuVyeLrAkzv25AaAS8Q\n/9mSYquvJcIL7nWX/QmgTVTaXrqlxZSVva6Slwf7zlaLBqVJfv1RDwT6JEWDIJig\nJp35PKpwRe70IZDGAelcDtJicmjQrvfVhyb1/0kTTv4JdylixVnQdh9X/zw5ZSBG\nusEW/JG9nZ/xzKsEQpafCBLhP80jx3z37zKbsJ+4K2xsBTGQQdU5KdDSnosw/L/b\nHlOCwaMQgb/dQPA5fpwVyGnVas6GK7gQvzznHAiHc9LgAeT0brybsEaAPOuA94/V\nA/ny4cub4Mzg0eFWf+C94i6lS1/gtuWI2PEva3259aEycV6gpYSOoPh3tYlBoVlM\ntj01l2eYfeBn5MNIWuhqfGTL4mLuzfiYsvnigdvTsOEIwgA=\n=yKCo\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-json.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml new file mode 100644 index 000000000..d3a52a224 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json new file mode 100644 index 000000000..d3a52a224 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml new file mode 100644 index 000000000..5ae3291d5 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml @@ -0,0 +1,27 @@ +a: ENC[AES256_GCM,data:lQ==,iv:8RdyROFAynjfYVNniCd0t8OQrFEboZREoBzAAOSudig=,tag:700olmYZs3sRhqcwnzor9A==,type:str] +c: ENC[AES256_GCM,data:wQ==,iv:11sU7IEMYeDWHwNFsx6CgvUNG8Inc26vujykniuF+dc=,tag:ijRW/zjV+G0w3mwnHp4I8Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + lastmodified: '2020-10-07T20:21:14Z' + mac: ENC[AES256_GCM,data:QHcAe20/paYldZucaM1PN21K0i5ngS0UxMMryReTi9M40x9J18pNXo8TUoQuq/4iWZqgAKph1/m/u5pTU8LyKTeBX/HGlkWLjYUH521OJoBWJ0gDKHcZ01L3djlPi8Gts0w5MW/hrUlVqE3hyccy32VsCseuQckkq6dWnvtOmw4=,iv:dMqoZy2JhitE9dAwDxaI5q0NIo0N+rTiXjlnZBUG06k=,tag:8D9RcA8RGV6pCq/HLayGWw==,type:str] + pgp: + - created_at: '2020-10-07T20:21:08Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgAmsvCa83tx8AfOH2cVM4DMNcFSPeR8hQcrILjkvcWqk5s + dd9YqTo+b6nxbZGcRUcvMmMOUo8OOIjVGyT7Yk6itLm2AFjY4T40wE2UyNEW3Jys + ZG3Tvel28T++FXquMhhs0iqfEOFDwRyOAbW/dDCEfzqmPGnjHNYiiE70EwJ6dlQG + xqhmUQrEgcdgBO9fmCsREA8IJt6z1Le1SGAQPhBAYwJU/Gr8OzI5GvlHj8vdLWmJ + dSPG62Ju6MhGIpOdkKY6zH/XVRFrP1v1LwJ+kigUFNuSORczITHPGFbH8Mpysp2G + uz1y+LX49Ynq1MApJxoCMSapWwYE1nv4w0eDwjLJzdLgAeThTu8/4A029VVXtiu9 + dxtt4V0i4CPgkuFo0eB34hoAk4fgu+Vpe7jKQlaKKDYG0/hDUVcoEA+GBTO1GpKC + I0hrHJt5O+DY5Ecvy/je21+8tQOOfoohMT/i6tB0wuE56wA= + =NXWv + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.6.1 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/hidden-yaml.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops new file mode 100644 index 000000000..a704dbad3 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:+x5Q1yGxpgvMQiwwMiCAiU0B5KA7i1eMvuRRxNLpKH0LEEs/7rpOInqKtA==,iv:96ihzWMxW45FqN28BCtX1emDBcXln9FN87Yf8bTlbbA=,tag:a8SiDQjFffOYHwKp5IhU2Q==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-02T18:14:42Z", + "mac": "ENC[AES256_GCM,data:CyLyYbG6rVwT8sRqLxLBuWUrgtUHz8XVwCx7iyiJDL925jzMvkA2ZEYxH6CsiWwc5/7tcFGLDSCjYw3AHD9x42LmsaAefk7F4X55++EI5VZbmSwyHdxCqvMVycKLJm3YXfodos8bbEWDDXhbmMT92uJs7H/IBXywnQHG3qoJWJE=,iv:ljY/d++R5v8VY5Q8nV0lnNwaeuEiKG4VTY8fSgFJD+w=,tag:MEtTIFuiSj8ReQOZNxO1IQ==,type:str]", + "pgp": [ + { + "created_at": "2020-10-02T18:11:54Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAblvrgBIPsg01TJjde7YskLvPKC/1jt1kI/eoOQ/KdemW\ngaJf4PIWGzFUxZEXeRzo70HTS+sPTi0TQDDkwOfcNjlGb3dC1KQdIZ1UiuqhL1//\n1G0doMMztEyZ63SOElv3OaWHjcnvmP224rTuFpO6Pm8HHMKEbaw9N7YHObgSdIpk\nfqEP369xj6bk/yQNEuMbgQOk+7LAYPs8na7oxIrdkWrmIlVj5jEz08lVS/FJecty\nUDalNDBkRrqMgTvSAw0vJTzaPzw/V+6WTrHh/0FRvLKJlKOsesaoxahW2/H1Dxmr\npySYTs2omqOtr3RzkCrUXmHijim9DIwg0JsIjo5xytLgAeSjSr9/W1EucekSGbeM\nmYK+4cN/4ILgRuH75OAw4qu0IgrgWuX6Eo7vO2HPrUiFLA/j+7/Bi+HkBZZuMrlR\njhd7C7MQGuD85NF3TzP2hW895ZiDznjWutHi69caRuEeZQA=\n=Aqvj\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/rstrip.sops.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml new file mode 100644 index 000000000..d7bfc2ea2 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml @@ -0,0 +1,25 @@ +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/simple.sops.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml new file mode 100644 index 000000000..2df127395 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml @@ -0,0 +1,2 @@ +--- +this-is-not: a sops file diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml.license b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/files/wrong.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/meta/main.yml new file mode 100644 index 000000000..b7f89500e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/meta/main.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops diff --git a/ansible_collections/community/sops/tests/integration/targets/lookup_sops/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/tasks/main.yml new file mode 100644 index 000000000..682de0dfc --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/lookup_sops/tasks/main.yml @@ -0,0 +1,177 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- when: sops_installed + block: + + - name: Test lookup with missing file + set_fact: + sops_file_does_not_exists: "{{ lookup('community.sops.sops', 'file-does-not-exists.sops.yml') }}" + ignore_errors: true + register: sops_lookup_missing_file + + - assert: + that: + - "sops_lookup_missing_file is failed" + - "'could not locate file in lookup: file-does-not-exists.sops.yml' in sops_lookup_missing_file.msg" + + - name: Test lookup with missing file with empty_on_not_exist + set_fact: + sops_file_does_not_exists_empty: "{{ lookup('community.sops.sops', 'file-does-not-exists.sops.yml', empty_on_not_exist=true) }}" + register: sops_lookup_missing_file_empty_on_not_exist + + - assert: + that: + - "sops_lookup_missing_file_empty_on_not_exist is success" + - "sops_file_does_not_exists_empty == ''" + + - name: Test lookup of non-sops file + set_fact: + sops_wrong_file: "{{ lookup('community.sops.sops', 'wrong.yaml') }}" + ignore_errors: true + register: sops_lookup_wrong_file + + - assert: + that: + - "sops_lookup_wrong_file is failed" + - "'sops metadata not found' in sops_lookup_wrong_file.msg" + + - name: Test simple lookup + set_fact: + sops_success: "{{ lookup('community.sops.sops', 'simple.sops.yaml') }}" + register: sops_lookup_simple + + - assert: + that: + - "sops_lookup_simple is success" + - "sops_success == 'foo: bar'" + + - name: Test rstrip + set_fact: + with_rstrip: "{{ lookup('community.sops.sops', 'rstrip.sops', rstrip=true) }}" + without_rstrip: "{{ lookup('community.sops.sops', 'rstrip.sops', rstrip=false) }}" + default_rstrip: "{{ lookup('community.sops.sops', 'rstrip.sops') }}" + + - assert: + that: + - with_rstrip == 'This file has three newlines at the end.' + - without_rstrip == 'This file has three newlines at the end.\n\n\n' + - default_rstrip == 'This file has three newlines at the end.' + + - name: Test binary + set_fact: + binary_with_rstrip: "{{ lookup('community.sops.sops', 'binary.sops', rstrip=true, base64=true) }}" + binary_without_rstrip: "{{ lookup('community.sops.sops', 'binary.sops', rstrip=false, base64=true) }}" + + - assert: + that: + - binary_with_rstrip == 'AQIDAAQ=' + - binary_without_rstrip == 'AQIDAAQgCg==' + + - name: Test hidden binary + set_fact: + hidden_binary: "{{ lookup('community.sops.sops', 'hidden-binary', output_type='binary') }}" + hidden_binary__json: "{{ lookup('community.sops.sops', 'hidden-binary.json', output_type='binary') }}" + hidden_binary__yaml: "{{ lookup('community.sops.sops', 'hidden-binary.yaml', output_type='binary') }}" + hidden_binary_yaml: "{{ lookup('community.sops.sops', 'hidden-binary-yaml', input_type='yaml', output_type='binary') }}" + hidden_binary_yaml__json: "{{ lookup('community.sops.sops', 'hidden-binary-yaml.json', input_type='yaml', output_type='binary') }}" + hidden_binary_yaml__yaml: "{{ lookup('community.sops.sops', 'hidden-binary-yaml.yaml', input_type='yaml', output_type='binary') }}" + hidden_json: "{{ lookup('community.sops.sops', 'hidden-json', input_type='json', output_type='json') }}" + hidden_json__json: "{{ lookup('community.sops.sops', 'hidden-json.json', input_type='json', output_type='json') }}" + hidden_json__yaml: "{{ lookup('community.sops.sops', 'hidden-json.yaml', input_type='json', output_type='json') }}" + hidden_yaml: "{{ lookup('community.sops.sops', 'hidden-yaml', input_type='yaml', output_type='yaml') }}" + hidden_yaml__json: "{{ lookup('community.sops.sops', 'hidden-yaml.json', input_type='yaml', output_type='yaml') }}" + hidden_yaml__yaml: "{{ lookup('community.sops.sops', 'hidden-yaml.yaml', input_type='yaml', output_type='yaml') }}" + hidden_json__as_yaml: "{{ lookup('community.sops.sops', 'hidden-json', input_type='json', output_type='yaml') }}" + hidden_json__json__as_yaml: "{{ lookup('community.sops.sops', 'hidden-json.json', input_type='json', output_type='yaml') }}" + hidden_json__yaml__as_yaml: "{{ lookup('community.sops.sops', 'hidden-json.yaml', input_type='json', output_type='yaml') }}" + hidden_yaml__as_json: "{{ lookup('community.sops.sops', 'hidden-yaml', input_type='yaml', output_type='json') }}" + hidden_yaml__json__as_json: "{{ lookup('community.sops.sops', 'hidden-yaml.json', input_type='yaml', output_type='json') }}" + hidden_yaml__yaml__as_json: "{{ lookup('community.sops.sops', 'hidden-yaml.yaml', input_type='yaml', output_type='json') }}" + + - assert: + that: + - hidden_binary == test_str_abcd + - hidden_binary__json == test_str_abcd + - hidden_binary__yaml == test_str_abcd + - hidden_binary_yaml == test_str_binary_data + - hidden_binary_yaml__json == test_str_binary_data + - hidden_binary_yaml__yaml == test_str_binary_data + - hidden_json == test_dict + - hidden_json__json == test_dict + - hidden_json__yaml == test_dict + - hidden_yaml == test_dict_yaml + - hidden_yaml__json == test_dict_yaml + - hidden_yaml__yaml == test_dict_yaml + - hidden_json__as_yaml == test_dict_yaml + - hidden_json__json__as_yaml == test_dict_yaml + - hidden_json__yaml__as_yaml == test_dict_yaml + - hidden_yaml__as_json == test_dict + - hidden_yaml__json__as_json == test_dict + - hidden_yaml__yaml__as_json == test_dict + vars: + test_dict: + a: b + c: d + test_dict_yaml: + "a: b\nc: d" + test_str_binary_data: This is binary data. + test_str_abcd: a is b, and c is d + + - name: Test fake sops binary (lookup parameters) + set_fact: + fake_sops_output: "{{ lookup('community.sops.sops', 'simple.sops.yaml', sops_binary=role_path ~ '/files/fake-sops.sh', enable_local_keyservice=True, aws_access_key_id='xxx') }}" + fake_sops_output_2: "{{ lookup('community.sops.sops', 'simple.sops.yaml', sops_binary=role_path ~ '/files/fake-sops-val.sh', config_path='/path/to/asdf', aws_secret_access_key='yyy') }}" + fake_sops_output_3: "{{ lookup('community.sops.sops', 'simple.sops.yaml', sops_binary=role_path ~ '/files/fake-sops-rep.sh', keyservice=['a', 'b'], aws_session_token='zzz') }}" + + - assert: + that: + - fake_sops_output == 'fake sops output' + - fake_sops_output_2 == 'fake sops output 2' + - fake_sops_output_3 == 'fake sops output 3' + + - name: Work around Ansible bug for next test + # https://github.com/ansible/ansible/issues/73268 + set_fact: + sops_binary: "{{ role_path }}/files/fake-sops.sh" + - name: Test fake sops binary (Ansible variables, 1/3) + set_fact: + fake_sops_output: "{{ lookup('community.sops.sops', 'simple.sops.yaml') }}" + vars: + # sops_binary: "{{ role_path }}/files/fake-sops.sh" + sops_enable_local_keyservice: true + sops_aws_access_key_id: xxx + + - name: Work around Ansible bug for next test + # https://github.com/ansible/ansible/issues/73268 + set_fact: + sops_binary: "{{ role_path }}/files/fake-sops-val.sh" + - name: Test fake sops binary (Ansible variables, 2/3) + set_fact: + fake_sops_output_2: "{{ lookup('community.sops.sops', 'simple.sops.yaml') }}" + vars: + # sops_binary: "{{ role_path }}/files/fake-sops-val.sh" + sops_config_path: /path/to/asdf + sops_aws_secret_access_key: yyy + + - name: Work around Ansible bug for next test + # https://github.com/ansible/ansible/issues/73268 + set_fact: + sops_binary: "{{ role_path }}/files/fake-sops-rep.sh" + - name: Test fake sops binary (Ansible variables, 3/3) + set_fact: + fake_sops_output_3: "{{ lookup('community.sops.sops', 'simple.sops.yaml') }}" + vars: + # sops_binary: "{{ role_path }}/files/fake-sops-rep.sh" + sops_keyservice: + - a + - b + sops_session_token: zzz + + - assert: + that: + - fake_sops_output == 'fake sops output' + - fake_sops_output_2 == 'fake sops output 2' + - fake_sops_output_3 == 'fake sops output 3' diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_latest/aliases b/ansible_collections/community/sops/tests/integration/targets/role_install_latest/aliases new file mode 100644 index 000000000..9493a6ee0 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_latest/aliases @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/install/3 diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_latest/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/role_install_latest/tasks/main.yml new file mode 100644 index 000000000..97011dffb --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_latest/tasks/main.yml @@ -0,0 +1,21 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Install latest sops + include_role: + name: community.sops.install + vars: + sops_version: latest + sops_github_token: "{{ github_token | default('') }}" + sops_github_latest_detection: "{{ github_latest_detection | default('auto') }}" + +- name: Figure out sops version + command: + cmd: sops --version + register: output + +- name: Print sops version + debug: + msg: '{{ output.stdout_lines | first }}' diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/aliases b/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/aliases new file mode 100644 index 000000000..c8f115fa0 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/aliases @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/install/2 diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/tasks/main.yml new file mode 100644 index 000000000..2e8360382 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_localhost_remote/tasks/main.yml @@ -0,0 +1,39 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Install sops 3.7.3 on localhost + include_role: + name: community.sops.install + vars: + sops_version: 3.7.3 + sops_install_on_localhost: true + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Install sops 3.7.0 on remote + include_role: + name: community.sops.install + vars: + sops_version: 3.7.0 + sops_install_on_localhost: false + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Figure out sops version on localhost + command: + cmd: sops --version + delegate_to: localhost + register: output_localhost + +- name: Figure out sops version on remote host + command: + cmd: sops --version + register: output_remote + +- name: Check sops version + assert: + that: + - >- + 'sops 3.7.3' in output_localhost.stdout + - >- + 'sops 3.7.0' in output_remote.stdout diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_version/aliases b/ansible_collections/community/sops/tests/integration/targets/role_install_version/aliases new file mode 100644 index 000000000..eb3fa263d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_version/aliases @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/install/1 diff --git a/ansible_collections/community/sops/tests/integration/targets/role_install_version/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/role_install_version/tasks/main.yml new file mode 100644 index 000000000..037a13b58 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/role_install_version/tasks/main.yml @@ -0,0 +1,40 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Install sops 3.7.3 + include_role: + name: community.sops.install + vars: + sops_version: 3.7.3 + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Figure out sops version + command: + cmd: sops --version + register: output + +- name: Check sops version + assert: + that: + - >- + 'sops 3.7.3' in output.stdout + +- name: Install sops 3.7.0 + include_role: + name: community.sops.install + vars: + sops_version: 3.7.0 + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Figure out sops version + command: + cmd: sops --version + register: output + +- name: Check sops version + assert: + that: + - >- + 'sops 3.7.0' in output.stdout diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml new file mode 100644 index 000000000..f1c55b04f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/handlers/main.yml @@ -0,0 +1,10 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: delete temporary directory + include_tasks: default-cleanup.yml + +- name: delete temporary directory (windows) + include_tasks: windows-cleanup.yml diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default-cleanup.yml b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default-cleanup.yml new file mode 100644 index 000000000..cc74b70af --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default-cleanup.yml @@ -0,0 +1,10 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: delete temporary directory + file: + path: "{{ remote_tmp_dir }}" + state: absent + no_log: true diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default.yml b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default.yml new file mode 100644 index 000000000..c9d871c69 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/default.yml @@ -0,0 +1,16 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: create temporary directory + tempfile: + state: directory + suffix: .test + register: remote_tmp_dir + notify: + - delete temporary directory + +- name: record temporary directory + set_fact: + remote_tmp_dir: "{{ remote_tmp_dir.path }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/main.yml new file mode 100644 index 000000000..babbdad05 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_remote_tmp_dir/tasks/main.yml @@ -0,0 +1,20 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +#################################################################### +# WARNING: These are designed specifically for Ansible tests # +# and should not be used as examples of how to write Ansible roles # +#################################################################### + +- name: make sure we have the ansible_os_family and ansible_distribution_version facts + setup: + gather_subset: distribution + when: ansible_facts == {} + +- include_tasks: "{{ lookup('first_found', files)}}" + vars: + files: + - "{{ ansible_os_family | lower }}.yml" + - "default.yml" diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/install.yml b/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/install.yml new file mode 100644 index 000000000..29ff98e18 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/install.yml @@ -0,0 +1,51 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Install sops on localhost + include_role: + name: community.sops.install + vars: + sops_install_on_localhost: true + sops_version: '{{ override_sops_version | default("latest") }}' + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Install age on localhost + include_role: + name: community.sops._install_age + vars: + sops_install_on_localhost: true + +- name: Download sops test GPG key on localhost + get_url: + url: https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc + dest: /tmp/sops_functional_tests_key.asc + delegate_to: localhost + +- name: Import sops test GPG key on localhost + command: gpg --import /tmp/sops_functional_tests_key.asc + failed_when: false + delegate_to: localhost + +# --------------------------------------------------------------------------- + +- name: Install sops on remote + include_role: + name: community.sops.install + vars: + sops_version: '{{ override_sops_version | default("latest") }}' + sops_github_token: "{{ github_token | default('') | string }}" + +- name: Install age on remote + include_role: + name: community.sops._install_age + +- name: Download sops test GPG key on remote + get_url: + url: https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc + dest: /tmp/sops_functional_tests_key.asc + +- name: Import sops test GPG key on remote + command: gpg --import /tmp/sops_functional_tests_key.asc + failed_when: false diff --git a/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/main.yml new file mode 100644 index 000000000..f40ecd1c2 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/main.yml @@ -0,0 +1,28 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Test whether sops is installed + command: sops --help + failed_when: false + changed_when: false + register: sops_help_command + +- name: Install sops + include_tasks: install.yml + when: sops_help_command.rc != 0 + +- name: Skip sops installation + when: sops_help_command.rc == 0 + block: + - name: Test whether age is installed + command: age --version + failed_when: false + changed_when: false + register: age_version_command + + - name: Set results + set_fact: + sops_installed: true + age_installed: '{{ age_version_command.rc == 0 }}' diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/aliases b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/aliases new file mode 100644 index 000000000..3a9daf6c4 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/aliases @@ -0,0 +1,8 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/.sops.yaml new file mode 100644 index 000000000..e28ce962d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/.sops.yaml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +creation_rules: + - pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml new file mode 100644 index 000000000..d6d7f7f2c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml @@ -0,0 +1,20 @@ +{ + "data": "ENC[AES256_GCM,data:Gw==,iv:zVZEcknNNtMsjB7jLYUZglzdLIrHS658uwjOD4Kth6A=,tag:gzP41dCGjBAedV+XiQFepw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-10-07T19:25:02Z", + "mac": "ENC[AES256_GCM,data:KnhqQH9rRqJ0XC40qhI79WtNBSiE9ym3SO58Bw09Bev9kq6uMVxAm9iOZvjQazOupELHaJiLO6fWT3FCoZfiU0IJBkN8JzFsKr2C59UH4B8f0RJZhNrAJ3AriBFPateFneDbrwjld0xEhP+2f286yIFv/xc/DEEPduIKRvkVN4I=,iv:yg06T0+gQ4j+bF3NAxQqwwPlJGBCcHTV6APzKT1x334=,tag:cVQ7oAh0HJ2rM8b6gVpdUg==,type:str]", + "pgp": [ + { + "created_at": "2020-10-07T19:24:59Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgApb3VzPV0KmRyGRSiqPVRaM0cBthJtHu9H22QGXFAb8X/\nBLPXFBlFoFKbg9eUzG0EfKDzF1f5Aeeme3Fq6cGjmtU1oyynQLFtb3369zAC+Itf\nZo3u8pjC8YDPg2NpEFrAg4YZgVIr56UdEjjC4CDvzgYd08WCIYABIO6iedSneTh2\nBcqCDc5WY5vzUnon29kUnpolOPHXjDE3PHCynbdoELrlYY3lmw4ymD0sBdtcBDER\nAtM4s3Xz7C5XhF134GmxMdQ5P/QdxSR2L1vgludDs8/Q62OxSGw3vnLXFXkHmaBQ\nxYrt+0ehNAreL/TaR5em0Bu3Bk00RxmQnrUFLc1G2dLgAeRUspltx0tjMT7eiBxx\nwQ0I4W5u4PvgVOGSG+Bp4uin1nXgduUcQnRT3Dmr1EpBbDAhZ9ldlthrxk7Ir15H\ndEJxe7jtsOAk5HlYOWliZOyFb2JtqtNqMGjimD4JPeEXOgA=\n=eh24\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml.license b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/broken-json-yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/wrong.yaml b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/wrong.yaml new file mode 100644 index 000000000..3f3fff636 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/files/wrong.yaml @@ -0,0 +1,6 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +this-is-not: a sops file diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/meta/main.yml new file mode 100644 index 000000000..344e8b865 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/meta/main.yml @@ -0,0 +1,8 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops + - setup_remote_tmp_dir diff --git a/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/tasks/main.yml b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/tasks/main.yml new file mode 100644 index 000000000..6d843153e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/sops_encrypt/tasks/main.yml @@ -0,0 +1,408 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- when: sops_installed + block: + - name: Place .sops.yaml + copy: + src: ".sops.yaml" + dest: "{{ remote_tmp_dir }}/.sops.yaml" + + - name: Define test objects + set_fact: + text_value_1: This is a text. + text_value_2: |+ + This is another text! + + it has two newlines at the end. + + binary_value_1_b64: 'AQIDAAQ=' + binary_value_2_b64: 'AQIDAAQgCg==' + json_value_1: + key1: value1 + key2: + - value2.1 + - value2.2 + json_value_2: + key1: value1 + key3: + - value3.1 + - value3.2 + - value3.3 + - value3.4 + + # Invalid Base64 + + - name: Create binary file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_bad_base64" + content_binary: This is not Base64 + register: result_not_base64 + failed_when: result_not_base64 is not failed + + - assert: + that: + - '"Cannot decode Base64 encoded data" in result_not_base64.msg' + + # Broken file overwrite + + - name: Place broken file + copy: + dest: "{{ remote_tmp_dir }}/broken" + content: I'm not sops encrypted + + - name: Cannot decode existing file (overwrite, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/broken" + content_text: Test + register: result_cannot_decode_check + failed_when: result_cannot_decode_check is not failed + check_mode: true + + - name: Cannot decode existing file (overwrite) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/broken" + content_text: Test + register: result_cannot_decode + failed_when: result_cannot_decode is not failed + + - name: Cannot decode existing file (force, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/broken" + content_text: Test + force: true + register: result_cannot_decode_force_check + check_mode: true + + - name: Cannot decode existing file (force) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/broken" + content_text: Test + force: true + register: result_cannot_decode_force + + - slurp: + src: "{{ remote_tmp_dir ~ '/broken' }}" + register: slurp + - set_fact: + value: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=False, output_type='binary') }}" + + - assert: + that: + - result_cannot_decode_force_check is changed + - result_cannot_decode_force is changed + - value == 'Test' + + # Text content + + - name: Create text file (check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_1 }}" + check_mode: true + register: result_check + + - name: Create text file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_1 }}" + register: result + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_text' }}" + register: slurp + - set_fact: + value_1: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=False, output_type='binary') }}" + + - name: Create text file (idempotency, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_1 }}" + check_mode: true + register: result_idempotent_check + + - name: Create text file (idempotency) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_1 }}" + register: result_idempotent + + - name: Create text file (change, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_2 }}" + check_mode: true + register: result_change_check + + - name: Create text file (change) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_text" + content_text: "{{ text_value_2 }}" + register: result_change + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_text' }}" + register: slurp + - set_fact: + value_2: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=false, output_type='binary') }}" + + - assert: + that: + - result_check is changed + - result is changed + - value_1 == text_value_1 + - result_idempotent_check is not changed + - result_idempotent is not changed + - result_change_check is changed + - result_change is changed + - value_2 == text_value_2 + + # Binary content + + - name: Create binary file (check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_1_b64 }}" + check_mode: true + register: result_check + + - name: Create binary file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_1_b64 }}" + register: result + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_binary' }}" + register: slurp + - set_fact: + value_1: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=False, output_type='binary') | b64encode }}" + + - name: Create binary file (idempotency, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_1_b64 }}" + check_mode: true + register: result_idempotent_check + + - name: Create binary file (idempotency) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_1_b64 }}" + register: result_idempotent + + - name: Create binary file (change, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_2_b64 }}" + check_mode: true + register: result_change_check + + - name: Create binary file (change) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_binary" + content_binary: "{{ binary_value_2_b64 }}" + register: result_change + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_binary' }}" + register: slurp + - set_fact: + value_2: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=false, output_type='binary') | b64encode }}" + + - assert: + that: + - result_check is changed + - result is changed + - value_1 == binary_value_1_b64 + - result_idempotent_check is not changed + - result_idempotent is not changed + - result_change_check is changed + - result_change is changed + - value_2 == binary_value_2_b64 + + # JSON content + + - name: Create JSON file (check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_1 }}" + check_mode: true + register: result_check + + - name: Create JSON file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_1 }}" + register: result + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_json' }}" + register: slurp + - set_fact: + value_1_raw: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='json') | b64encode }}" + value_1: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='json') | from_json }}" + + - name: Create JSON file (idempotency, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_1 }}" + check_mode: true + register: result_idempotent_check + + - name: Create JSON file (idempotency) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_1 }}" + register: result_idempotent + + - name: Create JSON file (change, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_2 }}" + check_mode: true + register: result_change_check + + - name: Create JSON file (change) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json" + content_json: "{{ json_value_2 }}" + register: result_change + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_json' }}" + register: slurp + - set_fact: + value_2: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='json') | from_json }}" + + - name: Place broken JSON file + copy: + src: "broken-json-yaml" + dest: "{{ remote_tmp_dir }}/test_json_broken" + + - name: Update broken JSON file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_json_broken" + content_json: "{{ json_value_1 }}" + register: result_broken_change + + - assert: + that: + - result_check is changed + - result is changed + - (value_1_raw | b64decode).startswith('{') + - value_1 == json_value_1 + - result_idempotent_check is not changed + - result_idempotent is not changed + - result_change_check is changed + - result_change is changed + - value_2 == json_value_2 + - result_broken_change is changed + + # YAML content + + - name: Create YAML file (check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_1 }}" + check_mode: true + register: result_check + + - name: Create YAML file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_1 }}" + register: result + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_yaml' }}" + register: slurp + - set_fact: + value_1_raw: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='yaml') | b64encode }}" + value_1: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='yaml') | from_yaml }}" + + - name: Create YAML file (idempotency, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_1 }}" + check_mode: true + register: result_idempotent_check + + - name: Create YAML file (idempotency) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_1 }}" + register: result_idempotent + + - name: Create YAML file (change, check mode) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_2 }}" + check_mode: true + register: result_change_check + + - name: Create YAML file (change) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml" + content_yaml: "{{ json_value_2 }}" + register: result_change + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_yaml' }}" + register: slurp + - set_fact: + value_2: "{{ slurp.content | b64decode | community.sops.decrypt(output_type='yaml') | from_yaml }}" + + - name: Place broken YAML file + copy: + src: "broken-json-yaml" + dest: "{{ remote_tmp_dir }}/test_yaml_broken" + + - name: Update broken YAML file + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_yaml_broken" + content_json: "{{ json_value_1 }}" + register: result_broken_change + + - assert: + that: + - result_check is changed + - result is changed + - not (value_1_raw | b64decode).startswith('{') + - value_1 == json_value_1 + - result_idempotent_check is not changed + - result_idempotent is not changed + - result_change_check is changed + - result_change is changed + - value_2 == json_value_2 + - result_broken_change is changed + + # Output type JSON + + - name: Create text file with output type JSON + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_output_type.json" + content_text: "{{ text_value_1 }}" + register: result + + - slurp: + src: "{{ remote_tmp_dir ~ '/test_output_type.json' }}" + register: slurp + - set_fact: + value_1: "{{ slurp.content | b64decode | community.sops.decrypt(rstrip=False, output_type='json') | from_json }}" + value_2: "{{ slurp.content | b64decode }}" + + - name: Create text file with output type JSON (idempotency) + community.sops.sops_encrypt: + path: "{{ remote_tmp_dir }}/test_output_type.json" + content_text: "{{ text_value_1 }}" + register: result_idem + + - assert: + that: + - result_idem is not changed + - value_1.data == text_value_1 + - '"data" in value_2' + - value_2.data.startswith('ENC[') diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/.gitignore b/ansible_collections/community/sops/tests/integration/targets/var_sops/.gitignore new file mode 100644 index 000000000..d35533bf2 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/.gitignore @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +*/out diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/.sops.yaml b/ansible_collections/community/sops/tests/integration/targets/var_sops/.sops.yaml new file mode 100644 index 000000000..e28ce962d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/.sops.yaml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +creation_rules: + - pgp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/README.md b/ansible_collections/community/sops/tests/integration/targets/var_sops/README.md new file mode 100644 index 000000000..38a3cfaa5 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/README.md @@ -0,0 +1,26 @@ +<!-- +Copyright (c) Ansible Project +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +--> + +## How the tests work + +`ansible-test integration --docker ubuntu1804 -v var_sops` essentially executes `runme.sh`. That script does: + +1. Make sure it isn't run for Ansible 2.9 (which does not support vars plugins); +2. Use the `setup.yml` playbook to install the requirements (sops); +3. Look at all subdirectories called `test-*`, and for each of them: + 1. Execute the playbook `playbook.yml` in it; + 2. Call `validate.sh` in it with parameters `<exit_code> <path_to_captured_output>`; + 3. If `validate.sh` exists with an exit code not equal to 0, the test has failed. + +## Adding more tests + +If possible, extend an existing test. If that's not possible, or if you are afraid to pollute one's test environment with more data, create a new one: + +1. Create a subdirectory `test-<name_of_your_test>`; +2. Create a `playbook.yml` and `validate.sh` in there (copy from a similar test and adjust); +3. Create subdirectories `group_vars` and/or `host_vars` and fill them as needed. + +For creating sops encrypted files, use the private GPG keys from https://raw.githubusercontent.com/mozilla/sops/master/pgp/sops_functional_tests_key.asc. There is a `.sops.yaml` file in this directory which makes sure that sops automatically uses the correct one of the keys provided in that file. diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/aliases b/ansible_collections/community/sops/tests/integration/targets/var_sops/aliases new file mode 100644 index 000000000..977ec3882 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/aliases @@ -0,0 +1,9 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +gha/main +skip/aix +skip/osx +skip/freebsd +skip/python2.6 # lookups are controller only, and we no longer support Python 2.6 on the controller diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/meta/main.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/meta/main.yml new file mode 100644 index 000000000..b7f89500e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/meta/main.yml @@ -0,0 +1,7 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +dependencies: + - setup_sops diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/runme.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/runme.sh new file mode 100755 index 000000000..2b9e6ee21 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/runme.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +# Don't run this on Ansible 2.9 +if (ansible --version | grep '^ansible 2\.9\.'); then + # Ansible 2.9 doesn't know about var plugins + exit +fi + +# Install sops +ANSIBLE_ROLES_PATH=.. ansible-playbook setup.yml + +if [ "$(command -v sops)" == "" ]; then + # sops was not installed + exit +fi + +for TEST in $(find . -maxdepth 1 -type d -name 'test-*' | sort); do + ( + cd "${TEST}" + if [ -x "setup.sh" ]; then + ./setup.sh + fi + if [ -x "run.sh" ]; then + ANSIBLE_VARS_ENABLED=host_group_vars,community.sops.sops ./run.sh "$@" 2>&1 | tee out + RESULT=${PIPESTATUS[0]} + else + ANSIBLE_VARS_ENABLED=host_group_vars,community.sops.sops ansible-playbook playbook.yml -i hosts -v "$@" 2>&1 | tee out + RESULT=${PIPESTATUS[0]} + fi + ./validate.sh "${RESULT}" out + ) +done diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/setup.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/setup.yml new file mode 100644 index 000000000..d1a658218 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/setup.yml @@ -0,0 +1,10 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + tasks: + - name: Setup sops + import_role: + name: setup_sops diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/group_vars/all.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/group_vars/all.sops.yml new file mode 100644 index 000000000..3f3fff636 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/group_vars/all.sops.yml @@ -0,0 +1,6 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +this-is-not: a sops file diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/playbook.yml new file mode 100644 index 000000000..b53291656 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/playbook.yml @@ -0,0 +1,14 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was found + debug: + msg: '{{ foo }}' + - name: Make sure group_vars/all/test.sops.yaml was found + debug: + msg: '{{ bar }}' diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/validate.sh new file mode 100755 index 000000000..4e21434cd --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-bad-file/validate.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 4 ]; then + exit 1 +fi + +grep -F "ERROR! error with file" "$2" +grep "sops metadata not found" "$2" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all/test.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all/test.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/group_vars/all/test.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/playbook.yml new file mode 100644 index 000000000..12de052bf --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/playbook.yml @@ -0,0 +1,11 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was not loaded. + debug: + msg: '{{ foo }}' # Will throw an undefined error. diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/run.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/run.sh new file mode 100755 index 000000000..db5635757 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/run.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e +SOPS_ANSIBLE_AWX_DISABLE_VARS_PLUGIN_TEMPORARILY=true \ +ansible-playbook playbook.yml -i hosts -v "$@" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/validate.sh new file mode 100755 index 000000000..ecd1625b8 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-disable-sops/validate.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 2 ]; then + exit 1 +fi + +grep -F "The error was: 'foo' is undefined" "$2" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/group_vars b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/group_vars new file mode 100644 index 000000000..6ffd5ab02 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/group_vars @@ -0,0 +1,3 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/playbook.yml new file mode 100644 index 000000000..814477e3b --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/playbook.yml @@ -0,0 +1,11 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Idle + debug: + msg: '' diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/validate.sh new file mode 100755 index 000000000..bc3804f55 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-not-dir/validate.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi + +grep -F "[WARNING]: Found group_vars that is not a directory, skipping:" "$2" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/.gitignore b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/.gitignore new file mode 100644 index 000000000..c93c36810 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/.gitignore @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +group_vars/ diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/1.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/1.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/1.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/2.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/2.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/2.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/playbook.yml new file mode 100644 index 000000000..183263897 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/playbook.yml @@ -0,0 +1,22 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was loaded + assert: + that: + - foo is defined + - bar is not defined + - name: Replace group_vars/all.sops.yaml + copy: + src: 2.sops.yml + dest: group_vars/all.sops.yaml + - name: Make sure that updated group_vars/all.sops.yaml was not loaded + assert: + that: + - foo is defined + - bar is not defined diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/run.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/run.sh new file mode 100755 index 000000000..f05dbab32 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/run.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e +ANSIBLE_VARS_SOPS_PLUGIN_STAGE=inventory \ +ANSIBLE_VARS_SOPS_PLUGIN_CACHE=true \ +ansible-playbook playbook.yml -i hosts -v "$@" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/setup.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/setup.sh new file mode 100755 index 000000000..e4448001f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/setup.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +rm -rf group_vars/ +mkdir -p group_vars/ +cp 1.sops.yml group_vars/all.sops.yaml diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/validate.sh new file mode 100755 index 000000000..bbd8c591d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-cache/validate.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/.gitignore b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/.gitignore new file mode 100644 index 000000000..c93c36810 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/.gitignore @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +group_vars/ diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/1.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/1.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/1.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/2.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/2.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/2.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/playbook.yml new file mode 100644 index 000000000..183263897 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/playbook.yml @@ -0,0 +1,22 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was loaded + assert: + that: + - foo is defined + - bar is not defined + - name: Replace group_vars/all.sops.yaml + copy: + src: 2.sops.yml + dest: group_vars/all.sops.yaml + - name: Make sure that updated group_vars/all.sops.yaml was not loaded + assert: + that: + - foo is defined + - bar is not defined diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/run.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/run.sh new file mode 100755 index 000000000..fd848bdcf --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/run.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e +ANSIBLE_VARS_SOPS_PLUGIN_STAGE=inventory \ +ANSIBLE_VARS_SOPS_PLUGIN_CACHE=false \ +ansible-playbook playbook.yml -i hosts -v "$@" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/setup.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/setup.sh new file mode 100755 index 000000000..e4448001f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/setup.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +rm -rf group_vars/ +mkdir -p group_vars/ +cp 1.sops.yml group_vars/all.sops.yaml diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/validate.sh new file mode 100755 index 000000000..bbd8c591d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-inv-no-cache/validate.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/.gitignore b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/.gitignore new file mode 100644 index 000000000..c93c36810 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/.gitignore @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +group_vars/ diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/1.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/1.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/1.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/2.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/2.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/2.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/playbook.yml new file mode 100644 index 000000000..183263897 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/playbook.yml @@ -0,0 +1,22 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was loaded + assert: + that: + - foo is defined + - bar is not defined + - name: Replace group_vars/all.sops.yaml + copy: + src: 2.sops.yml + dest: group_vars/all.sops.yaml + - name: Make sure that updated group_vars/all.sops.yaml was not loaded + assert: + that: + - foo is defined + - bar is not defined diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/run.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/run.sh new file mode 100755 index 000000000..4fcc013bc --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/run.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e +ANSIBLE_VARS_SOPS_PLUGIN_STAGE=task \ +ANSIBLE_VARS_SOPS_PLUGIN_CACHE=true \ +ansible-playbook playbook.yml -i hosts -v "$@" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/setup.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/setup.sh new file mode 100755 index 000000000..e4448001f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/setup.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +rm -rf group_vars/ +mkdir -p group_vars/ +cp 1.sops.yml group_vars/all.sops.yaml diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/validate.sh new file mode 100755 index 000000000..bbd8c591d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-cache/validate.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/.gitignore b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/.gitignore new file mode 100644 index 000000000..c93c36810 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/.gitignore @@ -0,0 +1,5 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +group_vars/ diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/1.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/1.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/1.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/2.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/2.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/2.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/playbook.yml new file mode 100644 index 000000000..f654090d0 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/playbook.yml @@ -0,0 +1,22 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was loaded + assert: + that: + - foo is defined + - bar is not defined + - name: Replace group_vars/all.sops.yaml + copy: + src: 2.sops.yml + dest: group_vars/all.sops.yaml + - name: Make sure that updated group_vars/all.sops.yaml was loaded + assert: + that: + - foo is not defined + - bar is defined diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/run.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/run.sh new file mode 100755 index 000000000..4b6fa33f5 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/run.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e +ANSIBLE_VARS_SOPS_PLUGIN_STAGE=task \ +ANSIBLE_VARS_SOPS_PLUGIN_CACHE=false \ +ansible-playbook playbook.yml -i hosts -v "$@" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/setup.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/setup.sh new file mode 100755 index 000000000..e4448001f --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/setup.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +rm -rf group_vars/ +mkdir -p group_vars/ +cp 1.sops.yml group_vars/all.sops.yaml diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/validate.sh new file mode 100755 index 000000000..bbd8c591d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-stage-task-no-cache/validate.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all.sops.yml new file mode 100644 index 000000000..02ad8294c --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +foo: ENC[AES256_GCM,data:a25L,iv:X8ILHZr+YiyLWa90Y+cwoMD1nVuel7JyTs0A5+oiOOo=,tag:GbBtp+Yqx1KEjdyztqS4EQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-02-20T10:44:32Z' + mac: ENC[AES256_GCM,data:BAwQqD9sHgHkmlxPQLKq28Xy48qPp1B/+GDLEsIxir6WNhZgw8OgjVF1u/wCAad6qHkmN02Bwenr+aay6uKfCuOEsTRSvZ7v80yAU+h0wL3zJ/KMkRsE3QP3CWxcLQxInt+YaBjR+Q0IUjDXKm3u6ZomixZe5F5pwWr36ErV6Y0=,iv:e/iiyXQiCh8C2w/bc8mr/Psv+ehmqEMqEC1/bbGFHpY=,tag:NSDo2HISIBJhYvsqrU0mSA==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all/test.sops.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all/test.sops.yml new file mode 100644 index 000000000..8d9120d2e --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/group_vars/all/test.sops.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +bar: ENC[AES256_GCM,data:UGteX9JKWhU=,iv:hgH8BeRf2W4gY4FSyXR/VKR879piGW2MSKJIppFgIJo=,tag:2XKpN3jGGEBBXiJPHi93ew==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + lastmodified: '2020-09-01T16:17:15Z' + mac: ENC[AES256_GCM,data:jw/wSpkqwN1Nun1VGLecyJy/yZLtyB57kmoODRhK9/c7nZU8pgTfcATfysyUq0YXWGvpy3mxvlGhaMrHu0DzNCGlsic6OXWDJBPVX3xYeeiUw5KmLxbYPpIXXLYfyu/mWDrToY2o1rpGzJqT7SuZwfFIEX1gZMFnATdROXwVKBU=,iv:ZrgM8BoaLHh4knvJlTqsycOdHNt2oqiFCl/81fr9zP0=,tag:UfhMIr1ByFQhY9B9GpYAmQ==,type:str] + pgp: + - created_at: '2020-02-20T10:44:32Z' + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMAyUpShfNkFB/AQgALJTUwdx6rAPckJ+reP5TEq+lXzHI1Zi7aHYOqZQBnA2s + z8h1gRce/fn7RPkmdsjsdSYmxGGKqwDXxUYsbN1aWXk6mb4Juktdvjl/GndF6PkU + TiN/l1GM6upgS+GPxA01NKsGkVmEtKR5NhsNEnE6OzY29+PFLsBX2vO1Zfg7kzBz + cDl6PT8fbFTEaFeyuYl9IslIV8yYsj1oHL3CF76RjCP6b18NSOHM23ytlH+KVaBV + ntoSVkTyWDx5o9iEHBEWSEGNpaCWWiEgkDEkA1VqMHdUlsW+IjZ8ggg5NJbcVtrG + YkN8rlGsNEzx+g4O4b1160A2K6AdTBcoGHwHD3u3XdLgAeTqT1ekE2N3yNT6w4sm + 6uET4eTS4Cvg1OFCgOC34uUzlY3gbuVy20h8RNyQoAfhSN4DD2MexKqcMMCVCtn0 + OhRMTP2jjOCe5Ex3/p3awcVxwx7qeJ26Vnfiwtg6ueFI5AA= + =tcnq + -----END PGP MESSAGE----- + fp: FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4 + unencrypted_suffix: _unencrypted + version: 3.4.0 diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json new file mode 100644 index 000000000..f2b777a53 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json @@ -0,0 +1,19 @@ +{ + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "lastmodified": "2020-09-21T05:55:39Z", + "mac": "ENC[AES256_GCM,data:Igq1Of0up5cBLd4blecOJSeSqSc+qExqlcEmgaHbhL88e+YxfOd0HxIELYd4SuEAnzYxroQDop741frXLm3RbkFGJuoyW8Ur/GHHx/0e1GsNHGWJL3yfI5NKt0zb3D/pxLP0MrKmsdqlnEnewxeCb5M0xRDJqtRSLP4X4VHOop0=,iv:wzYu6PJsY1FtxuQnNhxDivCCUwfciZpBT232TS/qXZI=,tag:wg8Ijf3mqkfnt7BZ3DSBWQ==,type:str]", + "pgp": [ + { + "created_at": "2020-09-21T05:55:37Z", + "enc": "-----BEGIN PGP MESSAGE-----\n\nwcBMAyUpShfNkFB/AQgAY4Sok1zPyUO/sm8PcSWii6QDoOKkLB0LYNaCtJXcGttx\nenLAYAQtNKb4OgeSr2mrgUi5ceyMDAWME9xA0MQSHqU6IrTDRnBOM57wJb+4f029\nbh2PaPuwONcS6jZm+PobJ4sXbKrzigqF6NYdCHjc+3QSWuC2cklKWm1bX5Z0dBwu\nW+7pap7Ol+DCaWmrPx8qjZFR/E0aKcWQGuSryCfZNa6lXXlRxBB/47EBybG6Juks\nyGQBYDLyLxXsd4f0qVRs+A4ra5MkKF5UdAXjrBt5CgUjx2HVSqCD0ScQVwHuiC7L\n2hz3u2EDTB18kf87MFEs7M0Ef9+flJPozPw0Hjih4dLgAeSyNr8t/mZriYpTRIGg\nm1Ll4WKY4A7gkeHcfuA94oS488TgkuUeLeFnZyjEyWGNS8jcgcEXUQKtGKWm4DKk\nD73Cf7UUJOAu5Gdwq+SSwwXZLf1GkX3HSJzieu937OHvEwA=\n=ruyt\n-----END PGP MESSAGE-----", + "fp": "FBC7B9E2A4F9289AC0C1D4843D16CEE4A27381B4" + } + ], + "unencrypted_suffix": "_unencrypted", + "version": "3.6.1" + } +}
\ No newline at end of file diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json.license b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json.license new file mode 100644 index 000000000..edff8c768 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/host_vars/localhost.sops.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/hosts b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/hosts new file mode 100644 index 000000000..f43ae7905 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/hosts @@ -0,0 +1,6 @@ +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +[all] +localhost ansible_connection=local ansible_python_interpreter="{{ ansible_playbook_python }}" diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/playbook.yml b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/playbook.yml new file mode 100644 index 000000000..b53291656 --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/playbook.yml @@ -0,0 +1,14 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- hosts: localhost + gather_facts: false + tasks: + - name: Make sure group_vars/all.sops.yaml was found + debug: + msg: '{{ foo }}' + - name: Make sure group_vars/all/test.sops.yaml was found + debug: + msg: '{{ bar }}' diff --git a/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/validate.sh b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/validate.sh new file mode 100755 index 000000000..bbd8c591d --- /dev/null +++ b/ansible_collections/community/sops/tests/integration/targets/var_sops/test-success/validate.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +set -eux + +if [ "$1" != 0 ]; then + exit 1 +fi |