|
#!/usr/bin/env python |
|
|
|
# Copyright 2018 Lukasz Szczesny |
|
# |
|
# Licensed under the Apache License, Version 2.0 (the "License"); |
|
# you may not use this file except in compliance with the License. |
|
# You may obtain a copy of the License at |
|
# |
|
# http://www.apache.org/licenses/LICENSE-2.0 |
|
# |
|
# Unless required by applicable law or agreed to in writing, software |
|
# distributed under the License is distributed on an "AS IS" BASIS, |
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
# See the License for the specific language governing permissions and |
|
# limitations under the License. |
|
|
|
import argparse |
|
import collections |
|
import json |
|
import jmespath |
|
import yaml |
|
from ansible import constants as C |
|
from ansible.cli import CLI |
|
from ansible.module_utils.six import PY3 |
|
from ansible.parsing.dataloader import DataLoader |
|
from ansible.parsing.yaml.dumper import AnsibleDumper |
|
from ansible.parsing.yaml.objects import AnsibleVaultEncryptedUnicode |
|
from ansible.parsing.yaml.objects import AnsibleUnicode |
|
|
|
|
|
def dump_vars_file(filename): |
|
|
|
def represent_vault_encrypted_unicodea(self, data): |
|
plaintext = data.vault.decrypt(data._ciphertext).decode() |
|
if "\n" in plaintext: |
|
return self.represent_scalar(u'tag:yaml.org,2002:str', plaintext, |
|
style='|') |
|
if PY3: |
|
return self.represent_str(plaintext) |
|
else: |
|
return self.represent_unicode(plaintext) |
|
|
|
# we want to decrupt all the data so we have to replace |
|
# AnsibleVaultEncryptedUnicode representer |
|
AnsibleDumper.add_representer( |
|
AnsibleVaultEncryptedUnicode, |
|
represent_vault_encrypted_unicodea, |
|
) |
|
|
|
loader = DataLoader() |
|
|
|
if getattr(CLI, '_play_prereqs', False): |
|
vault_secrets = CLI.setup_vault_secrets(loader, |
|
vault_ids=C.DEFAULT_VAULT_IDENTITY_LIST, |
|
vault_password_files=[C.DEFAULT_VAULT_PASSWORD_FILE]) |
|
loader.set_vault_secrets(vault_secrets) |
|
else: |
|
vault_password = CLI.read_vault_password_file(C.DEFAULT_VAULT_PASSWORD_FILE, loader) |
|
loader.set_vault_password(vault_password) |
|
|
|
return loader.load_from_file(filename) |
|
|
|
|
|
def main(): |
|
parser = argparse.ArgumentParser() |
|
parser.add_argument('--format', '-f', default='yaml', choices=['yaml', |
|
'json', |
|
'string'], |
|
help='Output format') |
|
parser.add_argument('--query', '-q', default='.', required=True, |
|
help='Execute a JMESPath on the results') |
|
parser.add_argument('filename', help='Group vars file to query') |
|
|
|
args = parser.parse_args() |
|
|
|
result = jmespath.search(args.query, dump_vars_file(args.filename), |
|
jmespath.Options(dict_cls=collections.OrderedDict)) |
|
|
|
if args.format == 'json': |
|
print(json.dumps(result, sort_keys=True, indent=4)) |
|
elif args.format == 'yaml': |
|
print(yaml.dump(result, Dumper=AnsibleDumper, allow_unicode=True, |
|
default_flow_style=False)) |
|
elif args.format == 'string': |
|
if not isinstance(result, AnsibleUnicode): |
|
raise ValueError('Use string format for strings only.') |
|
print(result) |
|
|
|
|
|
if __name__ == "__main__": |
|
main() |