From f1e6fe7c0f33f8fd7b8faaffb84581e125ccdeb9 Mon Sep 17 00:00:00 2001 From: MorganGeek Date: Wed, 24 Jun 2020 16:59:50 +0200 Subject: [PATCH] git alias and ansible-vault hack - git alias to push to all remote whatever their name is - ansible-vault hack to print all secret strings from a ansible file with a mix of secrets and cleartext informations --- dot_zsh_aliases | 5 +++-- dot_zsh_functions | 15 ++++++++++++++- dot_zshrc | 1 + 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/dot_zsh_aliases b/dot_zsh_aliases index adf066e..a178ef1 100644 --- a/dot_zsh_aliases +++ b/dot_zsh_aliases @@ -13,6 +13,7 @@ alias lzd='lazydocker' alias setorigin='grset origin' alias neworigin='setorigin' alias origin='setorigin' +alias gpar='gitpushallremote' # Jira alias jirasearch='issues' @@ -73,8 +74,8 @@ alias m='mgmt' alias tunnel='ssh -D 8000 -N $(whoami)@$PROXY_HOST -i ~/.ssh/id_ed25519' alias sshpub='cat ~/.ssh/id_ed25519.pub' alias ssla="openssl x509 -alias -noout -in" # Usage : ssla -alias encrypt='ansible-vault encrypt **/vault.yml --vault-password-file=~/.vaultpass' -alias decrypt='ansible-vault decrypt **/vault.yml --vault-password-file=~/.vaultpass' +alias encrypt='ansible-vault encrypt **/vault.yml --vault-password-file=$VAULT_PASSWORD_FILE' +alias decrypt='ansible-vault decrypt **/vault.yml --vault-password-file=$VAULT_PASSWORD_FILE' alias newpass='bw generate --special --uppercase --lowercase --number --length 30' # Network diff --git a/dot_zsh_functions b/dot_zsh_functions index f8bc0f4..cddf1d1 100644 --- a/dot_zsh_functions +++ b/dot_zsh_functions @@ -283,7 +283,20 @@ function passwords { bw list items --search "$1" | jq -c '.[] | .name + " " + .login.username + ":" + .login.password + " " + .login.uris[0].uri' } function password { - bw get password "$1" + bw get password "$1" +} +function vaultgetsecret { + local secret=$(grep -A 500 "ANSIBLE_VAULT" "$1" | awk '{$1=$1;print}' | \grep -Eo "^[0-9a-z^ ]+$") + local secret_string=$(echo "\$ANSIBLE_VAULT;1.1;AES256\n$secret") + echo "$secret_string" | awk '{$1=$1;print}' | ansible-vault decrypt --vault-password-file=$VAULT_PASSWORD_FILE +} +function gitpushallremote { + grv + grv | grep push | awk '{print $1}' | while read -r remote + do + echo "$remote" + git push --all "$remote" + done } function colorpic { local picture_url="$1" diff --git a/dot_zshrc b/dot_zshrc index 1e82cb9..8fab469 100644 --- a/dot_zshrc +++ b/dot_zshrc @@ -130,6 +130,7 @@ export JENKINS_SECRET="" export JIRA_URL="" export PROXY_HOST="" export COLORPIC_APIKEY="" +export VAULT_PASSWORD_FILE="" if test -f "$HOME/.secrets"; then chmod +x "$HOME/.secrets"