The Ansible Vault VS Code Extension simplifies the encryption and decryption of Ansible Vault files within the Visual Studio Code environment. This extension empowers users to encrypt and decrypt text selections or entire files effortlessly, manage vault identities, and configure encryption settings directly within VS Code.
- Toggle Encryption/Decryption: Encrypt or decrypt selected text or entire files with ease using a single command.
- Automatic Vault Configuration: Automatically detects and utilizes Ansible configuration settings (e.g., vault password file, vault identity list) from
ansible.cfg. - Custom Vault Configuration: Allows users to specify custom vault settings directly within VS Code configuration.
- Manage Vault Identities: Easily choose and manage vault identities for encryption and decryption.
- Open a file in Visual Studio Code.
- Select the text you want to encrypt or decrypt, or leave it blank to encrypt/decrypt the entire file.
- Utilize the available commands in the command palette or toolbar to perform encryption or decryption.
This extension only requires Visual Studio Code. It does not rely on Python or Ansible local packages for encryption and decryption.
- Open Visual Studio Code.
- Navigate to the Extensions view (
Ctrl+Shift+X). - Search for "Ansible Vault" and install the extension.
Customize the behavior of the Ansible Vault extension by configuring the following properties in your settings.json:
- ansibleVault.keyPass: Set the ansible-vault password text.
- ansibleVault.keyFile: Specify the path to the ansible-vault password file or vault-identity-list.
- ansibleVault.encryptVaultId: Define the ansible-vault vault ID for encryption.
Access the following commands from the Command Palette:
- Ansible Vault - Encrypt & Decrypt: Encrypt and decrypt Ansible vault files.
- Remember vault ID for encryption with ansible-vault: Remember the vault ID for encryption.
- Reset vault ID setting for ansible-vault: Reset the vault ID setting.
The extension adds options to the context menus in the Explorer and Editor views and provides keybindings for quick access to Ansible Vault commands.
Inline helpers are available when you vault is encrypted. Your editor language bust be YAML or Ansible (provided by official Ansible extension).
The extension locates ansible.cfg files in the project workspace and its parent directories to extract configuration settings related to Ansible Vault. It scans these files to find vault_password_file and vault_identity_list settings, which are then utilized for encryption and decryption.
If the extension cannot find the specified path for the Ansible Vault password file, it will use on POSIX the following default paths:
~/.ansible.cfg/etc/ansible.cfg
The extension employs a path search algorithm that starts from the current file's directory and traverses upwards until it finds an ansible.cfg file. This algorithm ensures compatibility with both POSIX and Windows file paths.
Once an ansible.cfg file is found, the extension extracts relevant configuration settings such as vault_password_file and vault_identity_list. These settings are then used to determine the password file and vault identities needed for encryption and decryption.
- Ansible® is a registered trademark of RedHat®.
- This extension was forked from Wolfmah / vscode-ansible-vault-inline.
This project is licensed under the MIT License - see the LICENSE.md file for details.