From 0f01d3ebc7c96265c1a8f304ad72ed5e773b2178 Mon Sep 17 00:00:00 2001
From: Allen Gao <wanlong.gao@easystack.cn>
Date: Wed, 20 Jan 2016 22:02:20 +0800
Subject: [PATCH] Add the keyfile option to decrypt the passwords.yml

The passed keyfile path is used to decrypt the passwords.yml
which encrypted by the ansible vault.

Partially-Implements: blueprint	encrypt-sensitive-info
DocImpact
Change-Id: Ifaebf464478cde99e896c13b375cfaf9282ee576
---
 tools/kolla-ansible | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/tools/kolla-ansible b/tools/kolla-ansible
index 021af79ac9..73d7316f57 100755
--- a/tools/kolla-ansible
+++ b/tools/kolla-ansible
@@ -30,6 +30,7 @@ Usage: $0 COMMAND [options]
 Options:
     --inventory, -i <inventory_path> Specify path to ansible inventory file
     --playbook, -p <playbook_path>   Specify path to ansible playbook file
+    --keyfile, -k <key_file>         Specify path to ansible vault keyfile
     --help, -h                       Show this usage information
     --tags, -t <tags>                Only run plays and tasks tagged with these values
 
@@ -41,9 +42,11 @@ Commands:
 EOF
 }
 
-SHORT_OPTS="hi:p:t:"
-LONG_OPTS="help,inventory:,playbook:,tags:"
+
+SHORT_OPTS="hi:p:t:k:"
+LONG_OPTS="help,inventory:,playbook:,tags:,keyfile:"
 ARGS=$(getopt -o "${SHORT_OPTS}" -l "${LONG_OPTS}" --name "$0" -- "$@") || { usage >&2; exit 2; }
+
 eval set -- "$ARGS"
 
 find_base_dir
@@ -69,6 +72,12 @@ while [ "$#" -gt 0 ]; do
             shift 2
             ;;
 
+    (--keyfile|-k)
+            VAULT_PASS_FILE="$2"
+            EXTRA_OPTS="$EXTRA_OPTS --vault-password-file=$VAULT_PASS_FILE"
+            shift 2
+            ;;
+
     (--help|-h)
             usage
             shift