mirror of
https://github.com/ansible-collections/ansible.posix.git
synced 2026-01-13 08:05:19 +01:00
Compare commits
7 commits
eda9009f53
...
fe8e76d568
| Author | SHA1 | Date | |
|---|---|---|---|
|
fe8e76d568 | ||
|
f4baa4c6d8 | ||
|
afa724ba8a | ||
|
|
0821768bcb | ||
|
5f3f8514eb | ||
|
6e7c537956 | ||
|
|
d0ea1143ee |
11 changed files with 97 additions and 13 deletions
3
changelogs/fragments/387_callback_output_header.yml
Normal file
3
changelogs/fragments/387_callback_output_header.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
minor_changes:
|
||||||
|
- callback plugins - Add recap information to timer, profile_roles and profile_tasks callback outputs (https://github.com/ansible-collections/ansible.posix/pull/387).
|
||||||
3
changelogs/fragments/568_update_authorized_key.yml
Normal file
3
changelogs/fragments/568_update_authorized_key.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
minor_changes:
|
||||||
|
- authorized_keys - allow using absolute path to a file as a SSH key(s) source (https://github.com/ansible-collections/ansible.posix/pull/568)
|
||||||
|
|
@ -339,6 +339,8 @@ class ActionModule(ActionBase):
|
||||||
dest = _tmp_args.get('dest', None)
|
dest = _tmp_args.get('dest', None)
|
||||||
if src is None or dest is None:
|
if src is None or dest is None:
|
||||||
return dict(failed=True, msg="synchronize requires both src and dest parameters are set")
|
return dict(failed=True, msg="synchronize requires both src and dest parameters are set")
|
||||||
|
if isinstance(src, str):
|
||||||
|
src = [src]
|
||||||
|
|
||||||
# Determine if we need a user@ and a password
|
# Determine if we need a user@ and a password
|
||||||
user = None
|
user = None
|
||||||
|
|
@ -365,11 +367,11 @@ class ActionModule(ActionBase):
|
||||||
# use the mode to define src and dest's url
|
# use the mode to define src and dest's url
|
||||||
if _tmp_args.get('mode', 'push') == 'pull':
|
if _tmp_args.get('mode', 'push') == 'pull':
|
||||||
# src is a remote path: <user>@<host>, dest is a local path
|
# src is a remote path: <user>@<host>, dest is a local path
|
||||||
src = self._process_remote(_tmp_args, src_host, src, user, inv_port in localhost_ports)
|
src = [self._process_remote(_tmp_args, src_host, e, user, inv_port in localhost_ports) for e in src]
|
||||||
dest = self._process_origin(dest_host, dest, user)
|
dest = self._process_origin(dest_host, dest, user)
|
||||||
else:
|
else:
|
||||||
# src is a local path, dest is a remote path: <user>@<host>
|
# src is a local path, dest is a remote path: <user>@<host>
|
||||||
src = self._process_origin(src_host, src, user)
|
src = [self._process_origin(src_host, e, user) for e in src]
|
||||||
dest = self._process_remote(_tmp_args, dest_host, dest, user, inv_port in localhost_ports)
|
dest = self._process_remote(_tmp_args, dest_host, dest, user, inv_port in localhost_ports)
|
||||||
|
|
||||||
password = dest_host_inventory_vars.get('ansible_ssh_pass', None) or dest_host_inventory_vars.get('ansible_password', None)
|
password = dest_host_inventory_vars.get('ansible_ssh_pass', None) or dest_host_inventory_vars.get('ansible_password', None)
|
||||||
|
|
@ -378,7 +380,7 @@ class ActionModule(ActionBase):
|
||||||
else:
|
else:
|
||||||
# Still need to munge paths (to account for roles) even if we aren't
|
# Still need to munge paths (to account for roles) even if we aren't
|
||||||
# copying files between hosts
|
# copying files between hosts
|
||||||
src = self._get_absolute_path(path=src)
|
src = [self._get_absolute_path(path=e) for e in src]
|
||||||
dest = self._get_absolute_path(path=dest)
|
dest = self._get_absolute_path(path=dest)
|
||||||
|
|
||||||
_tmp_args['_local_rsync_password'] = password
|
_tmp_args['_local_rsync_password'] = password
|
||||||
|
|
|
||||||
|
|
@ -128,7 +128,10 @@ class CallbackModule(CallbackBase):
|
||||||
self._display_tasktime()
|
self._display_tasktime()
|
||||||
|
|
||||||
def playbook_on_stats(self, stats):
|
def playbook_on_stats(self, stats):
|
||||||
self._display_tasktime()
|
# Align summary report header with other callback plugin summary
|
||||||
|
self._display.banner("ROLES RECAP")
|
||||||
|
|
||||||
|
self._display.display(tasktime())
|
||||||
self._display.display(filled("", fchar="="))
|
self._display.display(filled("", fchar="="))
|
||||||
|
|
||||||
timestamp(self)
|
timestamp(self)
|
||||||
|
|
|
||||||
|
|
@ -193,7 +193,10 @@ class CallbackModule(CallbackBase):
|
||||||
self._display_tasktime()
|
self._display_tasktime()
|
||||||
|
|
||||||
def playbook_on_stats(self, stats):
|
def playbook_on_stats(self, stats):
|
||||||
self._display_tasktime()
|
# Align summary report header with other callback plugin summary
|
||||||
|
self._display.banner("TASKS RECAP")
|
||||||
|
|
||||||
|
self._display.display(tasktime())
|
||||||
self._display.display(filled("", fchar="="))
|
self._display.display(filled("", fchar="="))
|
||||||
|
|
||||||
timestamp(self)
|
timestamp(self)
|
||||||
|
|
|
||||||
|
|
@ -46,4 +46,6 @@ class CallbackModule(CallbackBase):
|
||||||
def v2_playbook_on_stats(self, stats):
|
def v2_playbook_on_stats(self, stats):
|
||||||
end_time = datetime.utcnow()
|
end_time = datetime.utcnow()
|
||||||
runtime = end_time - self.start_time
|
runtime = end_time - self.start_time
|
||||||
self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds" % (self.days_hours_minutes_seconds(runtime)))
|
# Align summary report header with other callback plugin summary
|
||||||
|
self._display.banner("PLAYBOOK RECAP")
|
||||||
|
self._display.display("Playbook run took %s days, %s hours, %s minutes, %s seconds\n\r" % (self.days_hours_minutes_seconds(runtime)))
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,7 @@ options:
|
||||||
key:
|
key:
|
||||||
description:
|
description:
|
||||||
- The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
|
- The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
|
||||||
|
- You can also use V(file://) prefix to search remote for a file with SSH key(s).
|
||||||
type: str
|
type: str
|
||||||
required: true
|
required: true
|
||||||
path:
|
path:
|
||||||
|
|
@ -96,6 +97,12 @@ EXAMPLES = r'''
|
||||||
state: present
|
state: present
|
||||||
key: https://github.com/charlie.keys
|
key: https://github.com/charlie.keys
|
||||||
|
|
||||||
|
- name: Set authorized keys taken from path on controller node
|
||||||
|
ansible.posix.authorized_key:
|
||||||
|
user: charlie
|
||||||
|
state: present
|
||||||
|
key: file:///home/charlie/.ssh/id_rsa.pub
|
||||||
|
|
||||||
- name: Set authorized keys taken from url using lookup
|
- name: Set authorized keys taken from url using lookup
|
||||||
ansible.posix.authorized_key:
|
ansible.posix.authorized_key:
|
||||||
user: charlie
|
user: charlie
|
||||||
|
|
@ -223,6 +230,7 @@ from operator import itemgetter
|
||||||
from ansible.module_utils._text import to_native
|
from ansible.module_utils._text import to_native
|
||||||
from ansible.module_utils.basic import AnsibleModule
|
from ansible.module_utils.basic import AnsibleModule
|
||||||
from ansible.module_utils.urls import fetch_url
|
from ansible.module_utils.urls import fetch_url
|
||||||
|
from ansible.module_utils.six.moves.urllib.parse import urlparse
|
||||||
|
|
||||||
|
|
||||||
class keydict(dict):
|
class keydict(dict):
|
||||||
|
|
@ -556,7 +564,7 @@ def enforce_state(module, params):
|
||||||
follow = params.get('follow', False)
|
follow = params.get('follow', False)
|
||||||
error_msg = "Error getting key from: %s"
|
error_msg = "Error getting key from: %s"
|
||||||
|
|
||||||
# if the key is a url, request it and use it as key source
|
# if the key is a url or file, request it and use it as key source
|
||||||
if key.startswith("http"):
|
if key.startswith("http"):
|
||||||
try:
|
try:
|
||||||
resp, info = fetch_url(module, key)
|
resp, info = fetch_url(module, key)
|
||||||
|
|
@ -570,6 +578,19 @@ def enforce_state(module, params):
|
||||||
# resp.read gives bytes on python3, convert to native string type
|
# resp.read gives bytes on python3, convert to native string type
|
||||||
key = to_native(key, errors='surrogate_or_strict')
|
key = to_native(key, errors='surrogate_or_strict')
|
||||||
|
|
||||||
|
if key.startswith("file"):
|
||||||
|
# if the key is an absolute path, check for existense and use it as a key source
|
||||||
|
key_path = urlparse(key).path
|
||||||
|
if not os.path.exists(key_path):
|
||||||
|
module.fail_json(msg="Path to a key file not found: %s" % key_path)
|
||||||
|
if not os.path.isfile(key_path):
|
||||||
|
module.fail_json(msg="Path to a key is a directory and must be a file: %s" % key_path)
|
||||||
|
try:
|
||||||
|
with open(key_path, 'r') as source_fh:
|
||||||
|
key = source_fh.read()
|
||||||
|
except OSError as e:
|
||||||
|
module.fail_json(msg="Failed to read key file %s : %s" % (key_path, to_native(e)))
|
||||||
|
|
||||||
# extract individual keys into an array, skipping blank lines and comments
|
# extract individual keys into an array, skipping blank lines and comments
|
||||||
new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
|
new_keys = [s for s in key.splitlines() if s and not s.startswith('#')]
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -361,6 +361,17 @@ EXAMPLES = r'''
|
||||||
src: /tmp/localpath/
|
src: /tmp/localpath/
|
||||||
dest: /tmp/remotepath
|
dest: /tmp/remotepath
|
||||||
rsync_path: /usr/gnu/bin/rsync
|
rsync_path: /usr/gnu/bin/rsync
|
||||||
|
|
||||||
|
# Source files from multiple folders and merge them on the remote
|
||||||
|
# Files of the same name in /tmp/path_c/ will take precedence over those in /tmp/path_b/, and same for path_b to path_a
|
||||||
|
- name: Copy files from multiple folders and merge them into dest
|
||||||
|
ansible.posix.synchronize:
|
||||||
|
src:
|
||||||
|
- /tmp/path_a/
|
||||||
|
- /tmp/path_b/
|
||||||
|
- /tmp/path_c/
|
||||||
|
dest: /tmp/dest/
|
||||||
|
recursive: True
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -396,9 +407,9 @@ def substitute_controller(path):
|
||||||
|
|
||||||
|
|
||||||
def is_rsh_needed(source, dest):
|
def is_rsh_needed(source, dest):
|
||||||
if source.startswith('rsync://') or dest.startswith('rsync://'):
|
if all(e.startswith('rsync://') for e in source) or dest.startswith('rsync://'):
|
||||||
return False
|
return False
|
||||||
if ':' in source or ':' in dest:
|
if any(':' in e for e in source) or ':' in dest:
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
@ -406,7 +417,7 @@ def is_rsh_needed(source, dest):
|
||||||
def main():
|
def main():
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
src=dict(type='path', required=True),
|
src=dict(type='list', required=True),
|
||||||
dest=dict(type='path', required=True),
|
dest=dict(type='path', required=True),
|
||||||
dest_port=dict(type='int'),
|
dest_port=dict(type='int'),
|
||||||
delete=dict(type='bool', default=False),
|
delete=dict(type='bool', default=False),
|
||||||
|
|
@ -540,11 +551,10 @@ def main():
|
||||||
if dirs:
|
if dirs:
|
||||||
cmd.append('--dirs')
|
cmd.append('--dirs')
|
||||||
|
|
||||||
if source.startswith('rsync://') and dest.startswith('rsync://'):
|
if all(e.startswith('rsync://') for e in source) and dest.startswith('rsync://'):
|
||||||
module.fail_json(msg='either src or dest must be a localhost', rc=1)
|
module.fail_json(msg='either src or dest must be a localhost', rc=1)
|
||||||
|
|
||||||
if is_rsh_needed(source, dest):
|
if is_rsh_needed(source, dest):
|
||||||
|
|
||||||
# https://github.com/ansible/ansible/issues/15907
|
# https://github.com/ansible/ansible/issues/15907
|
||||||
has_rsh = False
|
has_rsh = False
|
||||||
for rsync_opt in rsync_opts:
|
for rsync_opt in rsync_opts:
|
||||||
|
|
@ -600,7 +610,7 @@ def main():
|
||||||
changed_marker = '<<CHANGED>>'
|
changed_marker = '<<CHANGED>>'
|
||||||
cmd.append('--out-format=%s' % shlex_quote(changed_marker + '%i %n%L'))
|
cmd.append('--out-format=%s' % shlex_quote(changed_marker + '%i %n%L'))
|
||||||
|
|
||||||
cmd.append(shlex_quote(source))
|
[cmd.append(shlex_quote(e)) for e in source]
|
||||||
cmd.append(shlex_quote(dest))
|
cmd.append(shlex_quote(dest))
|
||||||
cmdstr = ' '.join(cmd)
|
cmdstr = ' '.join(cmd)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -35,3 +35,5 @@ multiple_keys_comments: |
|
||||||
ssh-rsa DATA_BASIC 1@testing
|
ssh-rsa DATA_BASIC 1@testing
|
||||||
# I like adding comments yo-dude-this-is-not-a-key INVALID_DATA 2@testing
|
# I like adding comments yo-dude-this-is-not-a-key INVALID_DATA 2@testing
|
||||||
ecdsa-sha2-nistp521 ECDSA_DATA 4@testing
|
ecdsa-sha2-nistp521 ECDSA_DATA 4@testing
|
||||||
|
|
||||||
|
key_path: /tmp/id_rsa.pub
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
- name: Create key file for test
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: "{{ key_path }}"
|
||||||
|
content: "{{ rsa_key_basic }}"
|
||||||
|
mode: "0600"
|
||||||
|
|
||||||
|
- name: Add key using path
|
||||||
|
ansible.posix.authorized_key:
|
||||||
|
user: root
|
||||||
|
key: file://{{ key_path }}
|
||||||
|
state: present
|
||||||
|
path: "{{ output_dir | expanduser }}/authorized_keys"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Assert that the key was added
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.changed == true
|
||||||
|
|
||||||
|
- name: Add key using path again
|
||||||
|
ansible.posix.authorized_key:
|
||||||
|
user: root
|
||||||
|
key: file://{{ key_path }}
|
||||||
|
state: present
|
||||||
|
path: "{{ output_dir | expanduser }}/authorized_keys"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Assert that no changes were applied
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.changed == false
|
||||||
|
|
@ -31,3 +31,6 @@
|
||||||
|
|
||||||
- name: Test for the management of comments with key
|
- name: Test for the management of comments with key
|
||||||
ansible.builtin.import_tasks: comments.yml
|
ansible.builtin.import_tasks: comments.yml
|
||||||
|
|
||||||
|
- name: Test for specifying key as a path
|
||||||
|
ansible.builtin.import_tasks: check_path.yml
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue