From 161f45698e467f160206cf7fe315e750a587924e Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 17 Jan 2019 20:34:50 +0100 Subject: only activate environment if we can read the passphrase --- common/utils.sh | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'common') diff --git a/common/utils.sh b/common/utils.sh index 3e31c568..262926c7 100644 --- a/common/utils.sh +++ b/common/utils.sh @@ -69,6 +69,12 @@ vault_environment__activate() { fi done + err_out=$(("gpg/get-vault-pass-$1" > /dev/null) 2>&1) + if [ -n "$err_out" ]; then + print_error "failed to activate environment: '$1' .. reading passphrase from 'gpg/get-vault-pass-$1' returned an error" + return 1 + fi + if [ -z "${ANSIBLE_VAULT_IDENTITY_LIST}" ]; then export ANSIBLE_VAULT_IDENTITY_LIST="$1@gpg/get-vault-pass-$1" else -- cgit v1.2.3