Vault Editor
Encrypt, decrypt and diff files with Ansible Vault.
How It Works
The extension will use the path provided in the vaultEditor.keysRoot setting to look for your encryption key files. By default, it will look for files ending with .key. You can change this with the vaultEditor.keyExtension setting.
A .key file will only be used if its name (excluding the file extension) is included in the name of the file that you're editing.
If your vaultEditor.keysRoot contains subdirectories, you may have multiple .key files with a matching name. In this case, it will try to find one whose directory name matches the directory name of the file you're editing. If that fails, it will use the first one it found.
Example
Let's say you've opened ~/myProject/app1Secrets/developmentVault.yml and run the Vault: Decrypt File command while your vaultEditor.keysRoot looks like this:
keysRoot
│ development.key
│
└────app1Secrets
│ │ development.key
│
└────app2Secrets
│ qa.key
In this example, it would find both keysRoot/development.key and keysRoot/app1Secrets/development.key because "development" is included in the name of the opened file, developmentVault.yml. But it would use keysRoot/app1Secrets/development.key because the opened file also lives within a directory called app1Secrets.
Commands
Vault: Edit File: Decrypt a file and encrypt it again once you save it.
Vault: Encrypt File: Encrypt a file.
Vault: Decrypt File: Decrypt a file.
Vault: Diff File: View the difference between an encrypted file and the corresponding encrypted file on another branch.
Vault: View File: View the decrypted version of the encrypted file.
Extension Settings
Required Settings
vaultEditor.keysRoot: Set the root directory of your encryption keys.
Optional Settings
vaultEditor.decryptOnOpen: Automatically decrypt text editors when they are opened and output the result to the Vault Editor output channel. The default is true.
vaultEditor.decryptOnStartup: Automatically decrypt text editors that are open when VsCode is started and output the result to the Vault Editor output channel. The default is true.
vaultEditor.keyExtension: The file extension to use when searching for encryption key files. The default is key.
vaultEditor.diff.branch: Automatically use this branch to compare with instead of selecting one when running the diff command. The default is null.
vaultEditor.tmpPath: Location of where to put the temporary (decrypted) files. The default is ./tmp.
Source Code
You can find the source code here.
