Fix import

Allow remote path for authorized_key
2026-01-12 15:45:20 +01:00 · 2024-09-27 10:12:15 +03:00 · 2024-09-27 09:55:31 +03:00
6 changed files with 21 additions and 22 deletions
--- a/changelogs/fragments/566_bump_version_161.yml
+++ b/changelogs/fragments/566_bump_version_161.yml
@ -1,3 +0,0 @@
---
-trivial:
-  - Bump version to 1.6.1 for next release.
--- a/changelogs/fragments/567_remove_version_added.yml
+++ b/changelogs/fragments/567_remove_version_added.yml
@ -1,3 +0,0 @@
---
-trivial:
-  - mount - remove wrong version_added section from ``opts_no_log``.
--- a/galaxy.yml
+++ b/galaxy.yml
@ -1,7 +1,7 @@
 ---
 namespace: ansible
 name: posix
-version: 1.6.1
+version: 1.6.0
 readme: README.md
 authors:
  - Ansible (github.com/ansible)
@ -10,6 +10,6 @@ license_file: COPYING
 tags: [posix, networking, shell, unix]
 dependencies: {}
 repository: https://github.com/ansible-collections/ansible.posix
-documentation: https://docs.ansible.com/ansible/latest/collections/ansible/posix/
+documentation: https://github.com/ansible-collections/ansible.posix/tree/main/docs
 homepage: https://github.com/ansible-collections/ansible.posix
 issues: https://github.com/ansible-collections/ansible.posix
--- a/plugins/modules/authorized_key.py
+++ b/plugins/modules/authorized_key.py
@ -24,7 +24,7 @@ options:
  key:
    description:
      - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
-      - You can also use V(file://) prefix to search localy or remote for a file with SSH key(s) depending on O(remote_src) value.
+      - You can also use V(file://) prefix to search remote for a file with SSH key(s).
    type: str
    required: true
  path:
@ -81,13 +81,6 @@ options:
      - Follow path symlink instead of replacing it.
    type: bool
    default: false
-  remote_src:
-    description:
-      - Influence whether key needs to be transferred or already is present remotely.
-      - If V(false), it will search for src on the controller node.
-      - If V(true) it will search for src on the managed (remote) node.
-    type: bool
-    default: false
 author: Ansible Core Team
 '''

@ -109,7 +102,6 @@ EXAMPLES = r'''
    user: charlie
    state: present
    key: file:///home/charlie/.ssh/id_rsa.pub
-    remote_src: true

 - name: Set authorized keys taken from url using lookup
  ansible.posix.authorized_key:
@ -569,11 +561,10 @@ def enforce_state(module, params):
    exclusive = params.get("exclusive", False)
    comment = params.get("comment", None)
    follow = params.get('follow', False)
-    remote_src = params.get('remote_src', False)
    error_msg = "Error getting key from: %s"

    # if the key is a url or file, request it and use it as key source
-    if key.startswith("http") or (key.startswith("file") and remote_src):
+    if key.startswith("http"):
        try:
            resp, info = fetch_url(module, key)
            if info['status'] != 200:
@ -586,6 +577,20 @@ def enforce_state(module, params):
        # resp.read gives bytes on python3, convert to native string type
        key = to_native(key, errors='surrogate_or_strict')

+    file_prefix = "file://"
+    if key.startswith(file_prefix):
+        # if the key is an absolute path, check for existense and use it as a key source
+        key_path = key[len(file_prefix):]
+        if not os.path.exists(key_path):
+            module.fail_json(msg="Path to a key file not found: %s" % key_path)
+        if not os.path.isfile(key_path):
+            module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key_path)
+        try:
+            with open(key_path, 'r') as source_fh:
+                key = source_fh.read()
+        except OSError as e:
+            module.fail_json(msg="Failed to read key file %s : %s" % (key_path, to_native(e)))
+
    # extract individual keys into an array, skipping blank lines and comments
    new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]

@ -698,7 +703,6 @@ def main():
            comment=dict(type='str'),
            validate_certs=dict(type='bool', default=True),
            follow=dict(type='bool', default=False),
-            remote_src=dict(type='bool', default=False),
        ),
        supports_check_mode=True,
    )
--- a/plugins/modules/mount.py
+++ b/plugins/modules/mount.py
@ -48,6 +48,7 @@ options:
      - Do not log opts.
    type: bool
    default: false
+    version_added: 1.6.0
  dump:
    description:
      - Dump (see fstab(5)).
--- a/tests/integration/targets/authorized_key/tasks/check_path.yml
+++ b/tests/integration/targets/authorized_key/tasks/check_path.yml
@ -8,7 +8,7 @@
 - name: Add key using path
  ansible.posix.authorized_key:
    user: root
-    key: "{{ key_path }}"
+    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
@ -21,7 +21,7 @@
 - name: Add key using path again
  ansible.posix.authorized_key:
    user: root
-    key: "{{ key_path }}"
+    key: file://{{ key_path }}
    state: present
    path: "{{ output_dir | expanduser }}/authorized_keys"
  register: result
Author	SHA1	Message	Date
Александр Бакановский	d8393d0624	Fix import	2024-09-27 10:12:15 +03:00
Александр Бакановский	424f1b4092	Allow remote path for authorized_key	2024-09-27 09:55:31 +03:00