Facilitate ansible-vaulting of variables from within text editors

Continuing the discussion from Parsing and vaulting yaml the Ansible way with ruamel.yaml:

This code now has a github repo to make collaboration easier. Your participation is welcome.

Here’s an interesting suggestion: When decrypting a previously vaulted value, rather than returning the plain scalar value, stick a YAML “!unvaulted” tag on it. This would enable pre-commit hooks to detect and prevent inadvertent attempts to commit secrets in plain text. The user could easily remove the tag or update and/or re-vault the data. If this is implemented, we should make it possible to “revault” such !unvaulted tagged data without having to remove the tag.

Fun project, fun times!