Vh ddlmZmZmZeZdZdZdZddl Z ddl Z ddl Z ddl Z ddl mZmZddlmZddlmZdd lmZmZmZ ddlZdZd Zd Zd ZdZdZ e!dk(re yy#e$re j8Zd ZdZY6wxYw))absolute_importdivisionprint_functiona_ author: Felix Fontein (@felixfontein) module: sops_encrypt short_description: Encrypt data with SOPS version_added: '0.1.0' description: - Allows to encrypt binary data (Base64 encoded), text data, JSON or YAML data with SOPS. options: path: description: - The SOPS encrypt file. type: path required: true force: description: - Force rewriting the encrypted file. type: bool default: false content_text: description: - The data to encrypt. Must be a Unicode text. - Please note that the module might not be idempotent if the text can be parsed as JSON or YAML. - Exactly one of O(content_text), O(content_binary), O(content_json), and O(content_yaml) must be specified. type: str content_binary: description: - The data to encrypt. Must be L(Base64 encoded,https://en.wikipedia.org/wiki/Base64) binary data. - Please note that the module might not be idempotent if the data can be parsed as JSON or YAML. - Exactly one of O(content_text), O(content_binary), O(content_json), and O(content_yaml) must be specified. type: str content_json: description: - The data to encrypt. Must be a JSON dictionary. - Exactly one of O(content_text), O(content_binary), O(content_json), and O(content_yaml) must be specified. type: dict content_yaml: description: - The data to encrypt. Must be a YAML dictionary. - Please note that Ansible only allows to pass data that can be represented as a JSON dictionary. - Exactly one of O(content_text), O(content_binary), O(content_json), and O(content_yaml) must be specified. type: dict extends_documentation_fragment: - ansible.builtin.files - community.sops.sops - community.sops.sops.encrypt_specific - community.sops.attributes - community.sops.attributes.files attributes: check_mode: support: full diff_mode: support: none safe_file_operations: support: full idempotent: support: full seealso: - plugin: community.sops.sops plugin_type: lookup description: The sops lookup can be used decrypt SOPS-encrypted files. a --- - name: Encrypt a secret text community.sops.sops_encrypt: path: text-data.sops content_text: This is a secret text. - name: Encrypt the contents of a file community.sops.sops_encrypt: path: binary-data.sops content_binary: "{{ lookup('ansible.builtin.file', '/path/to/file', rstrip=false) | b64encode }}" - name: Encrypt some datastructure as YAML community.sops.sops_encrypt: path: stuff.sops.yaml content_yaml: "{{ result }}" #N) AnsibleModulemissing_required_lib)to_text) write_file)Sops SopsErrorget_sops_argument_specTFc|jdy|jdy|jdy|jdy|jd y) N content_textbinarycontent_binary content_jsonjson content_yamlyaml$Internal error: unknown content typemsg)params fail_json)modules o/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/sops/plugins/modules/sops_encrypt.py get_data_typerts] }}^$0 }}%&2 }}^$0 }}^$0 ?@c|jd!||jdjdk(S|jd||k(S|jd& tj||jdk(S|jd& t j ||jdk(S|jdy#t$rYywxYw#t$rYywxYw) Nrutf-8rrFrrr)rencoderloads Exceptionr safe_loadr)r binary_datacontents rcompare_encoded_contentr's }}^$0&--7>>wGGG }}%&2+%% }}^$0 ::g&&--*GG G}}^$0 >>'*fmmN.KK K ?@    s$$C $C C C CCc|jd d|jdjdfS|jdd|fS|jd3dtj|jdjdfS|jd3dt j |jdjdfS|j d y) Nrrr rrrrrrr)rr!rdumpsr safe_dumpr)rr%s rget_encoded_type_contentr+s }}^$0~6==gFFF }}%&2$$ }}^$0tzz&--"?@GGPPP }}^$0t~~fmmN&CDKKGTTT ?@rc  ttddtddtddtddtd dtd d }|jtd t|d gd gdd  jd&t s j tdtd} jd# tj jd} jd}tjj|xsd}d} fd} jdstjj!|sd}n3t#j$|dt' d| }t) ||sd}|r j*st- |\}} d} |j/drd} n|j/drd} t#j0| ||| | tjj3||n|| } t5 |  j; j} j=| |} j?|y#t$r,} j dj|Yd}~d}~wwxYw#t6$r%} j t9|Yd}~d}~wwxYw)NpathT)typerequiredboolF)r.defaultstr)r.no_logdict)r-forcerrrr)add_encrypt_specific)rrrr) argument_specmutually_exclusiverequired_one_ofsupports_check_modeadd_file_common_argsrpyyaml)r exceptionrz&Cannot decode Base64 encoded data: {0}rc:jj|S)N)rget) argument_namers rget_option_valuezmain..get_option_values}}  //rr5) decode_output output_typerstriprArz.jsonr)z.ymlz.yamlr)datacwd input_typerCfilenamerAr)changed) r4updater rrHAS_YAMLrr YAML_IMP_ERRbase64 b64decoder#formatosr-dirnameexistsr decryptrr' check_moder+endswithencryptrelpathr r r load_file_common_argumentsset_fs_attributes_if_different exit_json)r7r%er- directoryrIrAdecrypted_contentrG input_datarCrE file_argsrs @rmainr`s v -.uT2t4vd3vd3 M/TJK # N  O !! F}}^$01(;|TK }}%&2 U **6==9I+JKK == D%-IG0) == !)=G!% E}V7LUZ!1&! +6;@QR 6,,%=fk%R "J K}}W%$ 01$ <<Y:S^=F=Ry9X\!1&D vt $11&--@I33IwGG W%U U   !I!P!PQR!S  T T UH )WQZ(()s1 "I%C4J J"!J  J J?J::J?__main__)" __future__rrrr. __metaclass__ DOCUMENTATIONEXAMPLESRETURNrMrrP tracebackansible.module_utils.basicrr+ansible.module_utils.common.text.convertersr :ansible_collections.community.sops.plugins.module_utils.ior rpsA@ < | $  J?QppLH AA, AI&X zFA'9'')LH DsA$$BB