ansible-vaultCLI reimplemented in go
ansible-vault is a very powerful tool and we wanted to simplifying the install and management of the tool as a standalone, cross platform tool.
Please see the docs for details on the commands.
Use in place of
ansible-vault. All commands are reimplemented. The tool will default to asking for your Vault password.
$ gwvault -h NAME: gwvault - encryption/decryption utility for Ansible data files USAGE: main [global options] command [command options] [arguments...] COMMANDS: encrypt encrypt file decrypt decrypt file edit edit file and re-encrypt rekey alter encryption password and re-encrypt create create a new encrypted file view view inputs of encrypted file encrypt_string, av_encrypt_string encrypt provided string, output in ansible-vault format install-manpage Generate and install man page version, v Print version info help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --vault-password-file VAULT_PASSWORD_FILE vault password file VAULT_PASSWORD_FILE --new-vault-password-file NEW_VAULT_PASSWORD_FILE new vault password file for rekey NEW_VAULT_PASSWORD_FILE --help, -h show help (default: false)
$ asdf plugin add gwvault
Install the latest version:
$ asdf install gwvault latest
Homebrew (for macOS users)
brew tap GoodwayGroup/gwvault brew install gwvault
$ curl https://i.jpillora.com/GoodwayGroup/gwvault! | bash
The compiled docker images are maintained on GitHub Container Registry (ghcr.io). We maintain the following tags:
edge: Image that is build from the current
HEADof the main line branch.
latest: Image that is built from the latest released version
x.y.z(versions): Images that are build from the tagged versions within Github.
docker pull ghcr.io/goodwaygroup/gwvault docker run -v "$PWD":/workdir ghcr.io/goodwaygroup/gwvault --version
$ gwvault install-manpage
Benchmarking done using
bench. Execute the
benchmark/run.sh script to generate a new benchmark.
As compared to
ansible-vault (v2.9.11 on python v3.8.5), typical actions take a 80% less time to complete.
|encrypt||482 ms||94 ms|
|decrypt||499 ms||96 ms|
|rekey||650 ms||162 ms|
|encrypt_string||429 ms||64 ms|
|encrypt + decrypt||1,087 ms||168 ms|
./benchmark/results.html for a detailed breakdown of the results after running the benchmark.
- go v1.16+
This will update docs, changelog, add the tag, push main and the tag to the repo. The
goreleaser action will publish the binaries to the Github Release.
If you want to simulate the
goreleaser process, run the following command:
$ curl -sL https://git.io/goreleaser | bash -s -- --rm-dist --skip-publish --snapshot
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
- Fork the GoodwayGroup/gwvault repo
go >= 1.16
- Branch & Code
- Run linters :broom:
- The project uses golangci-lint
- Commit with a Conventional Commit
- Open a PR
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE file for details