Merge branch 'vars_prompt_encrypt' of https://github.com/cocoy/ansible into devel
This commit is contained in:
commit
05d6e74cce
4 changed files with 67 additions and 8 deletions
|
@ -33,6 +33,14 @@
|
|||
prompt: "Product release version"
|
||||
private: False
|
||||
|
||||
- name: "my_password2"
|
||||
prompt: "Enter password2"
|
||||
private: True
|
||||
encrypt: "md5_crypt"
|
||||
confirm: True
|
||||
salt_size: 7
|
||||
salt: "foo"
|
||||
|
||||
# this is just a simple example to show that vars_prompt works, but
|
||||
# you might ask for a tag to use with the git module or perhaps
|
||||
# a package version to use with the yum module.
|
||||
|
|
|
@ -380,15 +380,32 @@ class PlaybookCallbacks(object):
|
|||
msg = "NOTIFIED: [%s]" % name
|
||||
print banner(msg)
|
||||
|
||||
def on_vars_prompt(self, varname, private=True, prompt=None):
|
||||
def on_vars_prompt(self, varname, private=True, prompt=None, encrypt=None, confirm=False, salt_size=None, salt=None):
|
||||
|
||||
if prompt:
|
||||
msg = prompt
|
||||
else:
|
||||
msg = 'input for %s: ' % varname
|
||||
if private:
|
||||
return getpass.getpass(msg)
|
||||
return raw_input(msg)
|
||||
|
||||
def prompt(prompt, private):
|
||||
if private:
|
||||
return getpass.getpass(prompt)
|
||||
return raw_input(prompt)
|
||||
|
||||
|
||||
if confirm:
|
||||
while True:
|
||||
result = prompt(msg, private)
|
||||
second = prompt("confirm " + msg, private)
|
||||
if result == second: break
|
||||
print "***** VALUES ENTERED DO NOT MATCH ****"
|
||||
else:
|
||||
result = prompt(msg, private)
|
||||
|
||||
if encrypt:
|
||||
result = utils.do_encrypt(result,encrypt,salt_size,salt)
|
||||
|
||||
return result
|
||||
|
||||
def on_setup(self):
|
||||
|
||||
|
|
|
@ -159,14 +159,23 @@ class Play(object):
|
|||
for var in self.vars_prompt:
|
||||
if not 'name' in var:
|
||||
raise errors.AnsibleError("'vars_prompt' item is missing 'name:'")
|
||||
|
||||
vname = var['name']
|
||||
prompt = "%s: " % var.get("prompt", vname)
|
||||
private = var.get("private", True)
|
||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt)
|
||||
|
||||
confirm = var.get("confirm", False)
|
||||
encrypt = var.get("encrypt", None)
|
||||
salt_size = var.get("salt_size", None)
|
||||
salt = var.get("salt", None)
|
||||
|
||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, private, prompt,encrypt, confirm, salt_size, salt)
|
||||
|
||||
elif type(self.vars_prompt) == dict:
|
||||
for (vname, prompt) in self.vars_prompt.iteritems():
|
||||
prompt = "%s: " % prompt
|
||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(vname, False, prompt)
|
||||
prompt_msg = "%s: " % prompt
|
||||
vars[vname] = self.playbook.callbacks.on_vars_prompt(varname=vname, private=False, prompt=prompt_msg)
|
||||
|
||||
else:
|
||||
raise errors.AnsibleError("'vars_prompt' section is malformed, see docs")
|
||||
|
||||
|
|
|
@ -42,6 +42,15 @@ try:
|
|||
except ImportError:
|
||||
from md5 import md5 as _md5
|
||||
|
||||
# vars_prompt_encrypt
|
||||
PASSLIB_AVAILABLE = False
|
||||
|
||||
try:
|
||||
import passlib.hash
|
||||
PASSLIB_AVAILABLE = True
|
||||
except:
|
||||
pass
|
||||
|
||||
###############################################################
|
||||
# UTILITY FUNCTIONS FOR COMMAND LINE TOOLS
|
||||
###############################################################
|
||||
|
@ -383,5 +392,21 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, asyn
|
|||
|
||||
return parser
|
||||
|
||||
def do_encrypt(result, encrypt, salt_size=None, salt=None):
|
||||
if PASSLIB_AVAILABLE:
|
||||
try:
|
||||
crypt = getattr(passlib.hash, encrypt)
|
||||
except:
|
||||
raise errors.AnsibleError("passlib does not support '%s' algorithm" % encrypt)
|
||||
|
||||
if salt_size:
|
||||
result = crypt.encrypt(result, salt_size=salt_size)
|
||||
elif salt:
|
||||
result = crypt.encrypt(result, salt=salt)
|
||||
else:
|
||||
result = crypt.encrypt(result)
|
||||
else:
|
||||
raise errors.AnsibleError("passlib must be installed to encrypt vars_prompt values")
|
||||
|
||||
return result
|
||||
|
||||
|
|
Loading…
Reference in a new issue