Skip to main content
Glama
deenesjakoruzh
tarnover

MCP SysOperator

by tarnover
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

vault_decrypt_string

Decrypt Ansible Vault encrypted strings using vault ID and password file to access secure configuration data.

Instructions

Decrypt a string encrypted with Ansible Vault

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
stringYes
vault_idNo
vault_password_fileNo

Implementation Reference

  • src/sysoperator/operations/vault.ts:73-112 (handler)
    Implements the core logic for decrypting an Ansible Vault encrypted string using ansible-vault decrypt command, with temporary file handling and error management.
    export async function decryptString(options: VaultDecryptStringOptions): Promise<string> {
  let tempDir: string | undefined;
  try {
    // Create a unique temporary directory
    tempDir = await createTempDirectory('ansible-vault-decrypt');
    
    // Write the encrypted string to a temporary file
    const tempFilePath = await writeTempFile(tempDir, 'encrypted.txt', options.string);

    // Build the decrypt command arguments
    const args = ['decrypt', tempFilePath, '--output=-']; // Output to stdout

    // Add vault ID if specified
    if (options.vault_id) {
      args.splice(1, 0, `--vault-id=${options.vault_id}`); // Insert after 'decrypt'
    }
    
    // Add vault password file if specified
    if (options.vault_password_file) {
      args.splice(1, 0, `--vault-password-file=${options.vault_password_file}`); // Insert after 'decrypt'
    }

    const command = `ansible-vault ${args.join(' ')}`;
    console.error(`Executing: ${command}`);

    // Execute the command asynchronously
    const { stdout, stderr } = await execAsync(command);
    return stdout.trim();

  } catch (error: any) {
    // Handle execution errors
    const errorMessage = error.stderr || error.message || 'Unknown error';
    throw new AnsibleExecutionError(`Error decrypting string: ${errorMessage}`, error.stderr);
  } finally {
    // Ensure cleanup happens even if errors occur
    if (tempDir) {
      await cleanupTempDirectory(tempDir);
    }
  }
}
  • src/sysoperator/common/types.ts:232-238 (schema)
    Zod schema defining the input parameters for the vault_decrypt_string tool: encrypted string (required), optional vault_id and vault_password_file.
    export const VaultDecryptStringSchema = z.object({
  string: z.string().min(1, 'Encrypted string is required'),
  vault_id: z.string().optional(),
  vault_password_file: z.string().optional(),
});

export type VaultDecryptStringOptions = z.infer<typeof VaultDecryptStringSchema>;
  • src/sysoperator/index.ts:85-89 (registration)
    Registers the 'vault_decrypt_string' tool in the toolDefinitions map, linking its description, input schema, and handler function.
    vault_decrypt_string: {
  description: 'Decrypt a string encrypted with Ansible Vault',
  schema: VaultDecryptStringSchema,
  handler: vault.decryptString,
},
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/tarnover/mcp-sysoperator'

If you have feedback or need assistance with the MCP directory API, please join our Discord server