Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env bash
- function usage(){
- echo "Usage:"
- echo " $(basename $0) path/to/keyvault.yml 'thepassword'"
- }
- [ $# -ne 2 ] && usage && exit;
- [ ! -f $1 ] && echo "$file not found!" && exit
- file=$(realpath $1)
- password=$2
- outfile="${file%.*}[decrypted].${file##*.}"
- tmpfile=$(mktemp)
- item=''
- skip=false
- s='[[:space:]]*' w='[a-zA-Z0-9_\.]*' c='^[[:space:]]*#'
- IFS=''
- while read -r line; do
- if [[ -z "${line// }" ]] || [[ $line =~ $w: ]]; then
- skip=false
- fi
- if [[ ! $line =~ $c ]] && [[ $line =~ $w: ]]; then
- skip=true
- var=$(echo $line | sed "s|^\($s.*\):.*|\1|")
- val=$(echo $line | sed "s|^$s.*:$s\(.*\)$s\$|\1|")
- if [[ $var =~ ^$w$ ]]; then
- item=''
- fi
- if [[ -z $val ]]; then
- echo -e "$line" >> $tmpfile
- item+=$var.
- else
- echo -e "$var: {{ $item$(echo $var | xargs) }}" >> $tmpfile
- fi
- elif [[ "$skip" = false ]]; then
- echo -e "$line" >> $tmpfile
- fi
- done <$file
- playbook="---
- - hosts: localhost
- gather_facts: no
- tasks:
- - include_vars: $file
- - template:
- src: $tmpfile
- dest: $outfile
- "
- ansible-playbook --vault-password-file <(echo $password) <(echo -e $playbook) >/dev/null 2>&1
- [ $? -ne 0 ] && echo Failed! && exit 1
- rm -f $tmpfile
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement