From 161f45698e467f160206cf7fe315e750a587924e Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 17 Jan 2019 20:34:50 +0100
Subject: only activate environment if we can read the passphrase

---
 common/utils.sh | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'common')

diff --git a/common/utils.sh b/common/utils.sh
index 3e31c568..262926c7 100644
--- a/common/utils.sh
+++ b/common/utils.sh
@@ -69,6 +69,12 @@ vault_environment__activate() {
     fi
   done
 
+  err_out=$(("gpg/get-vault-pass-$1" > /dev/null) 2>&1)
+  if [ -n "$err_out" ]; then
+    print_error "failed to activate environment: '$1' .. reading passphrase from 'gpg/get-vault-pass-$1' returned an error"
+    return 1
+  fi
+
   if [ -z "${ANSIBLE_VAULT_IDENTITY_LIST}" ]; then
     export ANSIBLE_VAULT_IDENTITY_LIST="$1@gpg/get-vault-pass-$1"
   else
-- 
cgit v1.2.3